Module: GoogleCloudEnvSecrets
- Defined in:
- lib/google_cloud_env_secrets/config.rb,
lib/google_cloud_env_secrets/railtie.rb,
lib/google_cloud_env_secrets/secrets.rb,
lib/google_cloud_env_secrets/version.rb
Defined Under Namespace
Classes: Configuration, Railtie
Constant Summary
collapse
- VERSION =
"1.0.0"
Class Attribute Summary collapse
Class Method Summary
collapse
Class Attribute Details
.configuration ⇒ Object
Returns the value of attribute configuration.
18
19
20
|
# File 'lib/google_cloud_env_secrets/config.rb', line 18
def configuration
@configuration
end
|
Class Method Details
.all ⇒ Object
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# File 'lib/google_cloud_env_secrets/secrets.rb', line 2
def self.all
@secrets = nil unless self.configuration.cache_secrets
@secrets ||= begin
if self.configuration.credentials.nil? && Google::Cloud.env.project_id.nil?
return {}
end
Google::Cloud::SecretManager.configure do |config|
config.credentials = self.configuration.credentials
end
client = Google::Cloud::SecretManager.secret_manager_service
pool = Concurrent::FixedThreadPool.new(Concurrent.processor_count * 4)
secrets = Concurrent::Hash.new
client.list_secrets(parent: "projects/" + self.configuration.project).each do |secret|
pool.post(secret) do |secret|
name = secret.name.split("/").last
if self.configuration.prefix
next unless name.start_with? self.configuration.prefix
name.delete_prefix! self.configuration.prefix
name.sub! /^[^a-z0-9]+/i, ""
end
secrets[name] = client.access_secret_version(name: secret.name + "/versions/latest").payload.data
end
end
pool.shutdown
pool.wait_for_termination
secrets
end
@secrets || {}
end
|
21
22
23
24
|
# File 'lib/google_cloud_env_secrets/config.rb', line 21
def self.configure
self.configuration ||= Configuration.new
yield(configuration)
end
|
.exists?(name) ⇒ Boolean
54
55
56
|
# File 'lib/google_cloud_env_secrets/secrets.rb', line 54
def self.exists?(name)
self.all.has_key?(name.to_s)
end
|
.find(name) ⇒ Object
50
51
52
|
# File 'lib/google_cloud_env_secrets/secrets.rb', line 50
def self.find(name)
self.all[name.to_s]
end
|
.inject_env!(secrets = {}, overload = true, env = ENV) ⇒ Object
58
59
60
61
62
63
64
65
66
67
|
# File 'lib/google_cloud_env_secrets/secrets.rb', line 58
def self.inject_env!(secrets = {}, overload = true, env = ENV)
secrets.each do |name, value|
name = name.to_s
if overload
env[name] = value
else
env[name] ||= value
end
end
end
|
.load ⇒ Object
load Google Secrets into ENV
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# File 'lib/google_cloud_env_secrets/railtie.rb', line 15
def self.load
GoogleCloudEnvSecrets.configure do |config|
config.credentials = ENV["GOOGLE_APPLICATION_CREDENTIALS"] || nil
config.project = ENV["GOOGLE_PROJECT"] || GoogleCloudEnvSecrets.parse_project_from_credentials(config.credentials) || Google::Cloud.env.project_id
config.prefix = ENV["GOOGLE_SECRETS_PREFIX"] || nil
if ENV.has_key?("GOOGLE_SECRETS_OVERLOAD")
config.overload = ENV["GOOGLE_SECRETS_OVERLOAD"]&.to_s&.downcase == "true"
end
end
secrets = GoogleCloudEnvSecrets.all
GoogleCloudEnvSecrets.inject_env!(secrets, GoogleCloudEnvSecrets.configuration.overload)
end
|
.parse_project_from_credentials(credentials) ⇒ Object
26
27
28
29
30
31
|
# File 'lib/google_cloud_env_secrets/config.rb', line 26
def self.parse_project_from_credentials(credentials)
j = JSON.load(File.open(credentials))
j["project_id"]
rescue
nil
end
|