{"id":18436461,"url":"https://github.com/autolist/sekreto","last_synced_at":"2025-04-07T20:33:14.089Z","repository":{"id":48342199,"uuid":"130910699","full_name":"autolist/sekreto","owner":"autolist","description":"Use AWS Secrets Manager from Ruby, with rails support","archived":false,"fork":false,"pushed_at":"2021-07-31T03:13:05.000Z","size":145,"stargazers_count":36,"open_issues_count":13,"forks_count":4,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-03-20T22:50:44.202Z","etag":null,"topics":["aws","aws-secrets-manager","rails","rails-gem","ruby-gem","security"],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/autolist.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-24T20:35:06.000Z","updated_at":"2022-06-26T05:27:16.000Z","dependencies_parsed_at":"2022-08-19T07:21:06.076Z","dependency_job_id":null,"html_url":"https://github.com/autolist/sekreto","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/autolist%2Fsekreto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/autolist%2Fsekreto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/autolist%2Fsekreto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/autolist%2Fsekreto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/autolist","download_url":"https://codeload.github.com/autolist/sekreto/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247725668,"owners_count":20985744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-secrets-manager","rails","rails-gem","ruby-gem","security"],"created_at":"2024-11-06T06:11:37.422Z","updated_at":"2025-04-07T20:33:09.070Z","avatar_url":"https://github.com/autolist.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sekreto\n\n[![Gem Version](https://badge.fury.io/rb/sekreto.svg)](https://badge.fury.io/rb/sekreto)\n[![Build Status](https://travis-ci.org/autolist/sekreto.svg?branch=master)](https://travis-ci.org/autolist/sekreto)\n[![Maintainability](https://api.codeclimate.com/v1/badges/3f03647e9b305f1626de/maintainability)](https://codeclimate.com/github/autolist/sekreto/maintainability)\n[![Test Coverage](https://api.codeclimate.com/v1/badges/3f03647e9b305f1626de/test_coverage)](https://codeclimate.com/github/autolist/sekreto/test_coverage)\n[![Dependabot Status](https://api.dependabot.com/badges/status?host=github\u0026repo=autolist/sekreto)](https://dependabot.com)\n\nUse AWS Secrets Manager from Ruby, with rails support\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'sekreto'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install sekreto\n\n## Usage\n\n### Configuration\n\nConfiguration will happen automatically in a Rails environment to set defaults\nthat make integrating easy. The defaults look like\n\n```ruby\nSekreto.setup do |setup|\n  # Default secrets manager is a new client\n  setup.secrets_manager = Aws::SecretsManager::Client.new\n\n  # Prefix of secrets set to Rails app name and RAILS_ENV\n  setup.prefix = 'railsappname-staging'\n\n  # Allowed environments to use secrets is set to production/staging\n  # Any block can be given that responds to #call and returns a true or false\n  # that will use secrets calls if allowed and use the fallback if not\n  setup.is_allowed_env = -\u003e { %w[production staging].include?(::Rails.env) }\n\n  # Default fallback is to look up the secret in the ENV if it is not an\n  # allowed env to use the secret manager\n  setup.fallback_lookup = -\u003e(secret_id) { ENV[secret_id] }\nend\n```\n\nYou can use an initializer to customize any of the defaults\n\n_config/initializers/sekreto.rb_\n```ruby\nSekreto.setup do |setup|\n  setup.secrets_manager = Aws::SecretsManager::Client.new\n  setup.prefix = 'some/other/prefix'\n  setup.is_allowed_env = -\u003e { ENV.fetch('USE_SECRETS', false) }\n  setup.fallback_lookup = -\u003e(secret_id) { Secrets.where(name: secret_id).pluck(:value).first }\nend\n```\n\n### Retrieving Secrets\n\nGetting plain text secrets:\n\n```ruby\n# Will query for \"#{prefix}/my-secret\"\nsecret = Sekreto.get_value('my-secret')\nputs secret\n# Output: asdf124asdf134asdf1243asdf\n```\n\nGetting JSON secrets will return the parsed value\n\n```ruby\n# Will query for \"#{prefix}/my-secret-config\"\nsecret = Sekreto.get_json_value('my-secret-config')\nputs secret\n# Output: { some: 'json', data: 'here' }\n```\n\nGetting secrets with a custom prefix. Useful for shared secrets or secrets\nacross apps, namespaces, etc.\n\n```ruby\n# Will query for \"shared-secrets/MY-SECRET-CONFIG\"\nsecret = Sekreto.get_json_value('MY-SECRET-CONFIG', 'shared-secrets')\nputs secret\n# Output: { some: 'json', data: 'here' }\n```\n\nIf you want to skip prefixes all together you can pas `false` to either\nget value methods. **Not recommended**\n\n```ruby\n# Will query for \"MY-SECRET-CONFIG\"\nsecret = Sekreto.get_json_value('MY-SECRET-CONFIG', false)\nputs secret\n# Output: { some: 'json', data: 'here' }\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/autolist/sekreto. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the Sekreto project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/sekreto/blob/master/CODE_OF_CONDUCT.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautolist%2Fsekreto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fautolist%2Fsekreto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautolist%2Fsekreto/lists"}