A little gem to manage keys that aren't supposed to leave the machine.

Many local configuration files contain a mixture of keys that it would be fine to commit to the code repo and keys that it would be dangerous to commit to the code repo. Keyth allows you to refer to those values symbolically.

It uses monkey-patching to add its functionality automatically to YAML loading and the dotenv gem (if installed).

From RubyGems:

For example, my_values.yml was:

my:
  values:
  	our_aws: HERE_IS_A_KEY_THAT_I_CANT_COMMIT
  	their_aws: HERE_IS_ANOTHER
  	machine_type: t3.small # but this is fine to commit

..and now becomes

my:
  values:
    our_aws: keyth:mycompany/AWS_ACCESS_KEY
    their_aws: keyth:client/AWS_ACCESS_KEY
    machine_type: t3.small

...if you create the required keys in your private store:

keyth_admin add mycompany/AWS_ACCESS_KEY ABABABABAB
keyth_admin add client/AWS_ACCESS_KEY CDCDCDCDCD

...it loads automatically when you read it as a YAML file.

settings = YAML.load(File.open('my_values.yml'))
settings['my']['values']['our_aws']
-> "ABABABABABAB"

keyth_admin allows you to add, remove, or list keys in your local store

keyth_check_file checks to see if a supplied file contains any of the keys listed in the keystore, and fails with suggested replacements if any are found. This can be called from (for example) a git hook to check that committed files don't contain any of the keys you're storing locally.