itamae-secrets

Release 0.2.3

Encrypted Data Bag for itamae

Homepage Rubygems Ruby Documentation Download

Keywords
infrastructure-as-code, itamae, security
License
MIT
Install
gem install itamae-secrets -v 0.2.3

Documentation

Itamae::Secrets - Encrypted Data Bag for Itamae

This is itamae plugin that provides store for secrets, like encrypted data bag in chef.

Installation

gem 'itamae-secrets'

or

$ gem install itamae-secrets

Basic

  • itamae-secrets command for storing data or manually reading
  • Itamae::Secrets interface for itamae recipes
  • Data are stored in base directory.
    • You must avoid ${base}/keys from checked into VCS. (.gitignore it!)

Walkthrough

Generate a key

randomly
$ itamae-secrets newkey --base=./secret --method=aes-random
from passphrase
$ itamae-secrets newkey --base=./secret --method=aes-passphrase

Both generates ./secret/keys/default. Make sure ./secret/keys be excluded from VCS.

Store value

$ itamae-secrets set --base=./secret awesome_secret value

(when omit value, it'll read from STDIN until EOF. You can also use --noecho if you want hide value in your terminal's buffer completely.)

Reading data from itamae

on your itamae recipe, do:

require 'itamae/secrets'
node[:secrets] = Itamae::Secrets(File.join(__dir__, 'secrets'))

# Use it
p node[:secrets][:awesome_secret]

Reading data from CLI

$ itamae-secrets get --base=./secret awesome_secret

Remembering --base 

$ echo 'base: ./secret' >> .itamae-secrets.yml

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake rspec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/sorah/itamae-secrets.

Security issues? Send me directly at security@sorah.jp. My GPG key is available here: http://sorah.jp/id.html (SSL)

License

The gem is available as open source under the terms of the MIT License.

To-dos

  • Missing test :(

Stats

Dependencies
1
Dependent packages
1
Dependent repositories
8
Total releases
5
Latest release
First release
Stars
75
Forks
6
Watchers
7
Contributors
3
Repository size
25.4 KB
SourceRank
10

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.3
0.2.2
0.2.1
0.2.0
0.1.0

Maintainers

sorah

Contributors

Sorah Fukumori Kohei Suzuki Scott Leggett


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2024-04-05 16:53:39 UTC

Login to resync this project