Mr F

For british eyes only

A libary for uploading gpg secrets with capistrano.

put your secrets in a gpg encrypted file. In rails the default is config/secrets.{{Rails.env}}.yml.gpg

Then add mrf to you deploy script like this

require 'mrf/capistrano'

after "deploy", "mrf:upload_secrets"

This will upload the files listed in secrets to the same folder as your secrets file but on the server.

A Example secrets file

database.yml:
  production:
    adapter: mysql
    database: my_db
    username: 0a1cd3bc-96fa-71d1-4338-27092ca4cfa5
    password: 070f1f0b-2454-3ffa-4aa2-d6e0652d03fe

other_service.yml:
  production:
    password: 115024d2-7c74-326e-c9ec-064f42d08b31
    username: 1e27a053-60a4-af61-f38d-9f1f123740d6

Configuration

The above example is the default behavior but you can configure it with MrF::Project.configure

MrF::Project.configure do |project|
  project.project_root = Rails.root
  project.gpg_passphrase = '1234' # default is to ask you for it with the console
  project.env = 'sandbox' # default is to use MRF_ENV or RAILS_ENV
end

Running the specs

bundle install # install deps
./scripts/import_test_keys
rake # runs the tests