https://github.com/mattes/rails_google_cloud_env_secrets

Load Google Cloud Secrets into ENV.
https://github.com/mattes/rails_google_cloud_env_secrets

google-cloud google-cloud-secrets-manager rails ruby ruby-on-rails

Last synced: 21 days ago
JSON representation

Load Google Cloud Secrets into ENV.

• Host: GitHub
• URL: https://github.com/mattes/rails_google_cloud_env_secrets
• Owner: mattes
• License: mit
• Created: 2020-10-09T08:16:48.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2020-10-11T01:19:12.000Z (over 4 years ago)
• Last Synced: 2024-04-24T13:45:03.183Z (9 months ago)
• Topics: google-cloud, google-cloud-secrets-manager, rails, ruby, ruby-on-rails
• Language: Ruby
• Homepage:
• Size: 45.9 KB
• Stars: 1
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Google Cloud ENV Secrets

Load Google Cloud Secrets into ENV.

## Installation

Add this line to your application's Gemfile:

```ruby

gem 'google_cloud_env_secrets'

```

And then execute:

```bash

$ bundle

```

Or install it yourself as:

```bash

$ gem install google_cloud_env_secrets

```

## Usage

Configure this gem with environment vars:

| Variable                              | Description                                                                                                                                                                                                                                          |

|---------------------------------------|--------------------------------------------------------------------|

| `GOOGLE_APPLICATION_CREDENTIALS`      | Google Application Credentials, path or data (not base64 encoded). |

| `GOOGLE_PROJECT`                      | Google project                                                     |

| `GOOGLE_SECRETS_PREFIX`               | Only load secrets that start with given prefix.                    |

| `GOOGLE_SECRETS_OVERLOAD`             | Replace existing ENV vars with secret's value. Default `true`.     |

The `GOOGLE_APPLICATION_CREDENTIALS` and `GOOGLE_PROJECT` variables are both optional. If not given,

we will detect them automatically, if run on Google Cloud.

Google Secrets are available after the [before_configuration hook](https://guides.rubyonrails.org/configuring.html#initialization-events).

You can call `GoogleCloudEnvSecrets.load` if you need the ENV secrets sooner than that.

See [docs](https://www.rubydoc.info/github/mattes/rails_google_cloud_env_secrets/main), too.

## Required IAM Roles

```

Secret Manager Secret Accessor

Secret Manager Viewer

```