Nicely Pointed Mandibles

    @bn-digital/vault-env
    TypeScript icon, indicating that this package has built-in type declarations

    1.4.0 • Public • Published

    Vault .env

    Populates .env file with values, provided by Hashicorp's Vault.

    Features

    • Uses Github token for authenticating in Vault
    • Fetch secret value by provided path
    • Updates only provided environment variables
    • Sort alphabetically target .env file
    • Could be used as cli or part of github workflow

    Usage

    CLI

    1. Install package
    yarn add @bn-digital/vault-env
    1. Create template file with key=value structure, where key - desired environment variable name, and value - full variable path in Vault

    Example:

    MAILGUN_API_KEY=staging/mailgun/mg-bndigital-dev/api-key
    MAILGUN_DOMAIN=staging/mailgun/mg-bndigital-dev/domain
    MAILGUN_PUBLIC_KEY=staging/mailgun/mg-bndigital-dev/public-key
    S3_SECRET_ACCESS_KEY=staging/digitalocean/spaces/secret-access-key
    S3_ACCESS_KEY_ID=staging/digitalocean/spaces/access-key-id
    DATABASE_PASSWORD=staging/postgresql/database-password
    
    1. Execute command to generate .env file
    yarn vault-env -e https://vault.company.com -t $GITHUB_TOKEN -d .env.dist -f .env.dev

    Github Action

    name: Vault
    on:
      - push
    jobs:
      env:
        name: Dump .env
        runs-on: ubuntu-20.04
        steps:
          - name: Checkout sources
            uses: actions/checkout@v2
    
          - name: Populate .env
            uses: bn-digital/vault-env@latest
            with:
              endpoint: ${{ secrets.VAULT_ENDPOINT }}
              token: ${{ secrets.GITHUB_TOKEN }}
              template: .env.dist
              target: .env
    

    Install

    npm i @bn-digital/vault-env

    DownloadsWeekly Downloads

    15

    Version

    1.4.0

    License

    none

    Unpacked Size

    3.2 MB

    Total Files

    40

    Last publish

    Collaborators

    • bdenysovets
    • bndigital