{"id":18103940,"url":"https://github.com/svoop/bridgetown_credentials","last_synced_at":"2025-07-22T06:03:55.979Z","repository":{"id":65141268,"uuid":"579070291","full_name":"svoop/bridgetown_credentials","owner":"svoop","description":"Rails-like encrypted credentials for Bridgetown","archived":false,"fork":false,"pushed_at":"2024-12-26T19:01:29.000Z","size":891,"stargazers_count":9,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-17T23:15:49.136Z","etag":null,"topics":["bridgetown-plugin","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/svoop.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"svoop","custom":"https://donorbox.org/bitcetera"}},"created_at":"2022-12-16T15:27:43.000Z","updated_at":"2025-03-09T21:59:31.000Z","dependencies_parsed_at":"2024-03-26T17:24:44.821Z","dependency_job_id":"080ed4df-8ce8-4975-8b83-a507f2592049","html_url":"https://github.com/svoop/bridgetown_credentials","commit_stats":{"total_commits":22,"total_committers":1,"mean_commits":22.0,"dds":0.0,"last_synced_commit":"215c36208a5c65aad17045408795ecf15b1af663"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/svoop/bridgetown_credentials","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/svoop%2Fbridgetown_credentials","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/svoop%2Fbridgetown_credentials/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/svoop%2Fbridgetown_credentials/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/svoop%2Fbridgetown_credentials/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/svoop","download_url":"https://codeload.github.com/svoop/bridgetown_credentials/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/svoop%2Fbridgetown_credentials/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265897280,"owners_count":23845617,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bridgetown-plugin","ruby"],"created_at":"2024-10-31T22:13:34.552Z","updated_at":"2025-07-22T06:03:55.951Z","avatar_url":"https://github.com/svoop.png","language":"Ruby","funding_links":["https://github.com/sponsors/svoop","https://donorbox.org/bitcetera"],"categories":[],"sub_categories":[],"readme":"[![Version](https://img.shields.io/gem/v/bridgetown_credentials.svg?style=flat)](https://rubygems.org/gems/bridgetown_credentials)\n[![Tests](https://img.shields.io/github/actions/workflow/status/svoop/bridgetown_credentials/test.yml?style=flat\u0026label=tests)](https://github.com/svoop/bridgetown_credentials/actions?workflow=Test)\n[![Code Climate](https://img.shields.io/codeclimate/maintainability/svoop/bridgetown_credentials.svg?style=flat)](https://codeclimate.com/github/svoop/bridgetown_credentials/)\n[![GitHub Sponsors](https://img.shields.io/github/sponsors/svoop.svg)](https://github.com/sponsors/svoop)\n\n# Credentials for Bridgetown\n\nThis plugin adds Rails-like encrypted credentials to Bridgetown.\n\nCredentials like passwords, access tokens and other secrets are often passed to sites each by its own ENV variable. This is both uncool, non-atomic and therefore unreliable. Use this plugin to store your credentials in encrypted YAML files which you can safely commit to your source code repository. In order to use all of them in Bridgetown, you have to set or pass exactly one ENV variable holding the key to decrypt.\n\n* [Homepage](https://github.com/svoop/bridgetown_credentials)\n* [API](https://www.rubydoc.info/gems/bridgetown_credentials)\n* Author: [Sven Schwyn - Bitcetera](https://bitcetera.com)\n\nThank you for supporting free and open-source software by sponsoring on [GitHub](https://github.com/sponsors/svoop) or on [Donorbox](https://donorbox.com/bitcetera). Any gesture is appreciated, from a single Euro for a ☕️ cup of coffee to 🍹 early retirement.\n\n## Installation\n\nFirst add this gem to your bundle:\n\n```shell\n$ bundle add bridgetown_credentials\n```\n\nThen enable it in `config/initializers.rb`:\n\n```ruby\ninit :bridgetown_credentials\n```\n\nFor the time being, it's necessary to [require this gem early in the boot process](https://www.bridgetownrb.com/docs/plugins/commands) for the commands to be picked up. Add `config/boot.rb` to your site reading:\n\n```ruby\nBundler.setup(:default, Bridgetown.env)\nrequire \"bridgetown_credentials\"\n```\n\n## Update from 0.x.x to 1.x.x\n\nFrom version 1.0.0 upwards, this gem uses [Dry::Credentials](https://rubygems.org/gems/dry-credentials) instead of ActiveSupport (which is planned to be ditched from Bridgetown at some point in the future). This requires you to take some additional steps:\n\n1. Backup the decrypted credentials for every environment:\u003cbr\u003e`bin/bridgetown credentials edit -e ENVIRONMENT`\n2. Delete (or move elsewhere) your old encrypted credentials files:\u003cbr\u003e`rm config/credentials/*`\n3. Update this gem to a version \u003e= 1:\u003cbr\u003e`bundle update bridgetown_credentials`\n4. Create new encrypted credentials files for every environment:\u003cbr\u003e`bin/bridgetown credentials edit -e ENVIRONMENT`\n5. Step 4 prints the new ENV variable which contains the private key required whenever you edit or query credentials. Example: For the development environment, the new ENV variable `DEVELOPMENT_CREDENTIALS_KEY` replaces the old ENV variable `BRIDGETOWN_DEVELOPMENT_KEY`.\n\nPlease note that Dry::Credentials does not support unified environments (one `config/credentials.yml.enc` for both development and production) anymore!\n\nAlso, nested credentials have to be queried differently now and thus you might have to update your Bridgetown site accordingly. Given the example credentials from the [Usage section](#usage) below:\n\n```ruby\n# Queries on version 0.x.x\nBridgetown.credentials.foo                            # =\u003e \"bar\"\nBridgetown.credentials.aws[:access_key_id]            # =\u003e \"awsXid\"\nBridgetown.credentials.google.dig((:maps, :api_key)   # =\u003e \"goomXkey\"\n\n# Queries on version 1.x.x\nBridgetown.credentials.foo                            # =\u003e \"bar\"\nBridgetown.credentials.aws.access_key_id              # =\u003e \"awsXid\"\nBridgetown.credentials.google.maps.api_key            # =\u003e \"goomXkey\"\n```\n\n## Usage\n\n### First Time\n\nMake sure you have set the `EDITOR` variable to your favourite editor and then create a new credentials file:\n\n```shell\necho $EDITOR\nbin/bridgetown credentials edit\n```\n\nYou might want to add something along the lines of:\n\n```yml\nfoo: bar\naws:\n  access_key_id: awsXid\n  secret_access_key: awsXsecret\ngoogle:\n  maps:\n    api_key: goomXkey\n  places:\n    api_key: goopXkey\n```\n\nAfter saving, the private key required to encrypt/decrypt the credentials is printed this first time only. Make sure you store this information in a safe place, you will need it in the future.\n\nThe credentials you've edited above has been written to `config/credentials/development.yml.enc` and will be loaded when Bridgetown is in `development` mode.\n\nTo edit the credentials for `production` mode:\n\n```shell\nbin/bridgetown credentials edit -e production\n```\n\nTo edit or query credentials from now on, the corresponding ENV variable with the private key has to be set:\n\n```shell\nexport DEVELOPMENT_CREDENTIALS_KEY=\"4c87...af93\"\nexport PRODUCTION_CREDENTIALS_KEY=\"92bb...820f\"\n```\n\n### Edit\n\nThe command is the same as the first time:\n\n```\nbin/bridgetown credentials edit\nbin/bridgetown credentials edit -e production\n```\n\n### Query\n\nThroughout the Bridgetown stack, you can now use the credentials as follows:\n\n```ruby\nBridgetown.credentials.foo                   # =\u003e \"bar\"\nBridgetown.credentials.aws.access_key_id     # =\u003e \"awsXid\"\nBridgetown.credentials.google.maps.api_key   # =\u003e \"goomXkey\"\n```\n\n## Tests\n\n* `bundle exec rake test` to run the test suite\n* `script/cibuild` to validate with Rubocop and Minitest together\n\n## Development\n\nYou're welcome to [submit issues](https://github.com/svoop/bridgetown_credentials/issues) and contribute code by [forking the project and submitting pull requests](https://docs.github.com/en/get-started/quickstart/fork-a-repo).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsvoop%2Fbridgetown_credentials","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsvoop%2Fbridgetown_credentials","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsvoop%2Fbridgetown_credentials/lists"}