Secrets Manager Ruby SDK
The Ruby language wrapper for interacting with Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:
Authenticate using an access token.
Perform commands for secret and project including:
list,create,updateanddelete
note
This SDK is a beta release. Therefore, some functionality may be missing.
Setting up a Secrets Manager account prior to using the Ruby SDK is recommended. This includes:
Enabling the Secrets Manager CLI.
Setting up machine accounts.
Setting up access tokens.
Ruby version 3.0 or newer
Install
gemPlain Textgem install bitwarden-sdk-secretsImport it: require
'bitwarden-sdk-secrets'
Locate the Ruby GitHub repository here.
To interact with the client, you must first obtain an access token from Bitwarden. Client will be initialized with default client settings if they are not provided from env variables.
Plain Textrequire 'bitwarden-sdk-secrets' # then you can initialize BitwardenSettings: bitwarden_settings = BitwardenSDK::BitwardenSettings.new( 'https://api.bitwarden.com', 'https://identity.bitwarden.com' ) # By passing these setting you can initialize BitwardenClient bw_client = BitwardenSDK::BitwardenClient.new(bitwarden_settings) response = bw_client.access_token_login(token) puts response
Once the Secrets Manager session has been authorized, you may interact with the client.
Once the Bitwarden client has been created and authorized, Secrets Manager CLI commands can be passed into the client.
The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.
create project
Plain Textproject_name = 'Test project 1' response = bw_client.project_client.create_project(project_name, organization_id) puts response project_id = response['id']
get project
Plain Textresponse = bw_client.project_client.get(project_id) puts response
list project
Plain Textresponse = bw_client.project_client.get(project_id) puts response
list projects
Plain Textresponse = bw_client.project_client.list_projects(organization_id) puts response
update project
Plain Textname = 'Updated test project 1' response = bw_client.project_client.update_project(project_id, name, organization_id) puts response
delete project
Plain Textresponse = bw_client.project_client.delete_projects([project_id]) puts response
The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.
create project
Plain Textkey = 'AWS-SES' note = 'Private account' value = '8t27.dfj;' response = bw_client.secrets_client.create(key, note, organization_id, [project_id], value) puts response secret_id = response['id']
get secret
Plain Textresponse = bw_client.secrets_client.get(secret_id) puts response
get secrets by ids
Plain Textresponse = bw_client.secrets_client.get_by_ids([secret_id]) puts response
list secrets
Plain Textresponse = bw_client.secrets_client.list(organization_id) puts response
update secret
Plain Textnote = 'updated password' value = '7I.ert10AjK' response = bw_client.secrets_client.update(secret_id, key, note,organization_id, [project_id], value) puts response
delete secret
Plain Textresponse = bw_client.secrets_client.delete_secret([secret_id]) puts response
Prerequisites:
Ruby version 3.0 or newer installed
Generate schemas:
Plain Textnpm run schemas
Navigate to the Ruby language folder:
Plain Textcd languages/rubyCreate the binary folder if it does not already exist:
Plain Textmkdir -p ./bitwarden_sdk_secrets/lib/macos-arm64Build and copy the
bitwarden-clibrary:Plain Textcargo build --package bitwarden-c cp ../../target/debug/libbitwarden_c.dylib ./bitwarden_sdk_secrets/lib/macos-arm64/libbitwarden_c.dylibInstall Ruby dependencies:
Plain Textcd ./bitwarden_sdk_secrets bundle installInstall the gem:
Plain Textbundle exec rake install
Plain Textcd .. export ACCESS_TOKEN="" export ORGANIZATION_ID="" export API_URL=http://localhost:4000 export IDENTITY_URL=http://localhost:33656 ruby examples/example.rb