SecretReader

Many secrets of a MOVEX application, i.e. database credentials, are so far stored in environment variables. In Docker environment reading those secrets from a file is preferred.

SecretReader helps to combine both approaches. A secret with a given name is at first attempted to be read as an environment variable. Only if not found it is read from a file with the fixed name /run/secrets/secret, that contains simple pairs of keys and values and is expected to be delivered by the docker engine as a secret.

Installation

Add this line to your application's Gemfile:

gem 'secret_reader'

And then execute:

$ bundle

Or install it yourself as:

$ gem install secret_reader

Usage

For instance read the database user for AMOS:

SecretReader::SecretReader.read('AMOS_DBUSER')

Development

After checking out the repo, run bin/setup to install dependencies. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/secret_reader.