Class: EasyCrypt::SecretsProvider

Inherits:

Object

• Object
• EasyCrypt::SecretsProvider

Defined in:

lib/easy_crypt/secrets_provider.rb,
lib/easy_crypt/secrets_provider/base.rb,
lib/easy_crypt/secrets_provider/env_provider.rb,
lib/easy_crypt/secrets_provider/rails_credentials_provider.rb

Overview

The SecretsProvider class serves as a factory for creating secret providers that supply encryption configuration values from different sources.

Examples:

Creating a provider for Rails credentials and for the authentication purpose

provider = SecretsProvider.build(:rails_credentials, :authentication)

Creating a provider for environment variables and for the user_data purpose

provider = SecretsProvider.build(:env_vars, :user_data)

Defined Under Namespace

Classes: Base, EnvProvider, RailsCredentialsProvider

Constant Summary

PROVIDERS =

Available secrets providers and their corresponding classes

{
  env_vars: EnvProvider,
  rails_credentials: RailsCredentialsProvider
}.freeze

Class Method Summary

• .build(provider, purpose) ⇒ Base

  Builds a new secrets provider instance based on the specified provider.

Class Method Details

.build(provider, purpose) ⇒ Base

Builds a new secrets provider instance based on the specified provider

This method acts as a factory for instantiating a secrets provider that fetches encryption configurations (e.g., secret keys, salts) for a given purpose from the selected source. The method ensures the specified provider exists and validates the configuration values.

Examples:

Building a provider for Rails credentials with the ‘authentication` purpose

provider = SecretsProvider.build(:rails_credentials, :authentication)

Building a provider for environment variables with the ‘user_data` purpose

provider = SecretsProvider.build(:env_vars, :user_data)

Parameters:

• provider (Symbol) —

  The secrets provider to use (:env_vars or :rails_credentials).

  • ‘:env_vars`: To fetch secrets from environment variables.

  • ‘:rails_credentials`: To fetch secrets from Rails credentials.

• purpose (Symbol) —

  The purpose of the credential (e.g., :authentication, :user_data). This links the encryption secrets to a set of credentials (such as secret key and salt).

Returns:

• (Base) —

  An instance of the appropriate provider class.

Raises:

• (InvalidSecretsProvider) —

  If the specified secrets provider is not recognized.

# File 'lib/easy_crypt/secrets_provider.rb', line 45

def self.build(provider, purpose)
  provider = PROVIDERS
    .fetch(provider.to_sym) { raise InvalidSecretsProvider, provider }
    .new(purpose)
  provider.validate_attributes!
  provider
end