Nuclear Secrets

Quell rails secret espionage by verifying what secrets exist and their types in your rails application

Record all application secrets and their appropriate types in Nuclear Secrets initializer. If your application loads secrets that are not recorded, or your app does not load a required secret, your rails app will crash and inform you of what missing or extra secrets exist.

Add this line to your application's Gemfile:

gem 'nuclear_secrets'

And then execute:

$ bundle

Add initializer to your rails application at config/initializers/nuclear_secrets.rb

NuclearSecrets.configure do |config|
  config.required_secrets = {
    my_string_secret: String,
    my_numeric_secret: Fixnum,
  }
end

Include all secrets that your application utilizes, and their types, in required_secrets hash

In addition to being able to supply NuclearSecrets with the type of a secret, you can also pass a Proc or a Lambda. If the proc or lamba returns true when passed the value of the secret, then the secret will be allowed.

NuclearSecrets.configure do |config|
  config.required_secrets = {
    my_string_secret: String,
    my_numeric_secret: Fixnum,
    my_secret: Proc.new { |secret| secret.is_worthy? }
  }
end

You can add a settings object in the configure as well:

NuclearSecrets.configure do |config|
  config.required_secrets = {
    ...
  }
  config.settings = {
    raise_on_extra_secrets: false,
  }
end

• raise_on_extra_secrets: raises an error when extra secrets are present(defaults to false)

Contribution directions go here.

The gem is available as open source under the terms of the MIT License.