Class: CredentialStore
- Inherits:
-
Object
- Object
- CredentialStore
- Defined in:
- lib/credential_store.rb
Overview
Read/write operations for runtime secrets (API tokens, MCP credentials). Backed by the Secret model with Active Record Encryption — values are encrypted at rest and always fresh (no caching, no file-path issues in forked Solid Queue workers).
All namespacing (e.g. mcp, anthropic) is the caller’s responsibility.
Class Method Summary collapse
-
.list(namespace) ⇒ Array<String>
Lists all keys under a namespace (not values).
-
.read(namespace, key) ⇒ String?
Reads a single credential value from a namespace.
-
.remove(namespace, key) ⇒ void
Removes a single key from a namespace.
-
.write(namespace, pairs) ⇒ void
Writes one or more key-value pairs under a top-level namespace.
Class Method Details
.list(namespace) ⇒ Array<String>
Lists all keys under a namespace (not values).
40 41 42 |
# File 'lib/credential_store.rb', line 40 def list(namespace) Secret.list(namespace) end |
.read(namespace, key) ⇒ String?
Reads a single credential value from a namespace.
32 33 34 |
# File 'lib/credential_store.rb', line 32 def read(namespace, key) Secret.read(namespace, key) end |
.remove(namespace, key) ⇒ void
This method returns an undefined value.
Removes a single key from a namespace. No-op if the key does not exist.
50 51 52 |
# File 'lib/credential_store.rb', line 50 def remove(namespace, key) Secret.remove(namespace, key) end |
.write(namespace, pairs) ⇒ void
This method returns an undefined value.
Writes one or more key-value pairs under a top-level namespace. Upserts: existing keys are updated, new keys are created.
23 24 25 |
# File 'lib/credential_store.rb', line 23 def write(namespace, pairs) Secret.write(namespace, pairs) end |