{"id":24518002,"url":"https://github.com/getdutchie/secretsmanager","last_synced_at":"2025-04-14T09:43:17.064Z","repository":{"id":35119611,"uuid":"209115530","full_name":"GetDutchie/SecretsManager","owner":"GetDutchie","description":"Ruby + AWS Secrets Manager","archived":false,"fork":false,"pushed_at":"2023-08-23T22:05:02.000Z","size":27,"stargazers_count":5,"open_issues_count":4,"forks_count":3,"subscribers_count":40,"default_branch":"master","last_synced_at":"2024-10-30T01:04:37.085Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GetDutchie.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-09-17T17:23:04.000Z","updated_at":"2024-05-14T15:33:05.000Z","dependencies_parsed_at":"2025-01-22T01:37:37.554Z","dependency_job_id":"4ec4a8c1-d6df-4caf-a450-e8c3de58363c","html_url":"https://github.com/GetDutchie/SecretsManager","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GetDutchie%2FSecretsManager","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GetDutchie%2FSecretsManager/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GetDutchie%2FSecretsManager/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GetDutchie%2FSecretsManager/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GetDutchie","download_url":"https://codeload.github.com/GetDutchie/SecretsManager/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248856265,"owners_count":21172730,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-22T01:37:27.544Z","updated_at":"2025-04-14T09:43:17.042Z","avatar_url":"https://github.com/GetDutchie.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SecretsManager.rb\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'secrets-manager'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install secrets-manager\n\n## Usage\n\nTo use this gem, you must have an AWS account and permissions to setup secret values using [Secrets Manager](https://aws.amazon.com/secrets-manager/)\n\nThis gem makes assumptions and has requirements about how you should be storing your secrets.\n\n### Path Name\nThis gem uses the concept of env specific secrets within the same account. While separate AWS accounts can be used to maintain separation, it can be desirable to use a single account.\n\nThe path format is as follows: `{{secret_env}}/{{secret_path}}`. When using this gem you would leave the `secret_env` out of your request.\n\nFor example, to access the secret `twlio-key`, `$secrets.fetch('twilio-key')`. This would be stored in AWS SM as `dev/twilio-key`.\n\nIf you would like to define a secret that is available in all envs, you can prefix your lookup with `global` and the `secret_env` will not be prependded to the request.\n\nFor example: to access the secret `global/config/foo`, `$secrets.fetch('global/config/foo')`. This would be stored in AWS SM as `global/config/foo`.\n\n### Payload\nThis gem expects your secret value to be a JSON object. The only required key is `value`. The following keys are optional:\n* `ttl` - Time to live in seconds. Describes how long the secret should live in in-memory cache.\n* `encoding` - Currently, only `base64` is supported as a value. If your `value` is base64 encoded, this will result in a returned secret that is base64 decoded.\n* `type` - Currently, only `json` is supported as a value. If your `value` is valid JSON, this will result in a returned secret that is symbolified ruby hash.\n\nExample:\n```\n{\"value\": \"secretvalue\", \"ttl\": 60} // Will live in cache for 60 seconds.\n```\n\n```\n{\"value\": \"c2VjcmV0dmFsdWU=\", \"ttl\": 60, \"encoding\": \"base64\"} // Will live in cache for 60 seconds and is base64 encoded. Result will be \"secretvalue\"\n```\n\n### Configuration\nThe follow ENV vars are expected:\n* `AWS_SECRETS_ENV` - preceeds all path lookups, ex: `dev`, `staging`, `qa`, `production`\n* `AWS_SECRETS_KEY` - AWS IAM access key\n* `AWS_SECRETS_SECRET` - AWS IAM access secret\n\nThe manager should be created at boot time, in an initializer for example, and stored as a constant or global.\n```\n$secrets = SecretsManager.new\n```\n\n### Lookup\n```\n$secrets.fetch('services/twilio/api-key')\n$secrets['services/twilio/api-key']\n```\n\nTo use a secret that is available in all envs, prepend the secret name with `global`\n```\n$secrets['global/config/api-key']\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/secrets-manager.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetdutchie%2Fsecretsmanager","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgetdutchie%2Fsecretsmanager","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetdutchie%2Fsecretsmanager/lists"}