Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ovotech/ssm-env-secrets

Load secrets from ssm transparently
https://github.com/ovotech/ssm-env-secrets

aws boostpower

Last synced: 12 days ago
JSON representation

Load secrets from ssm transparently

Host: GitHub
URL: https://github.com/ovotech/ssm-env-secrets
Owner: ovotech
License: other
Created: 2018-11-25T09:12:18.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2019-01-18T15:51:36.000Z (almost 6 years ago)
Last Synced: 2024-12-05T15:11:29.695Z (17 days ago)
Topics: aws, boostpower
Language: TypeScript
Size: 73.2 KB
Stars: 4
Watchers: 27
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # SSM ENV Secrets

[![CircleCI](https://circleci.com/gh/ovotech/ssm-env-secrets.svg?style=svg&circle-token=d9be710126b12e0271cb77a09d08a7e2129ba112)](https://circleci.com/gh/ovotech/ssm-env-secrets)

[![npm (scoped)](https://img.shields.io/npm/v/@ovotech/ssm-env-secrets.svg)](https://www.npmjs.com/package/@ovotech/ssm-env-secrets)

This function is loads data from AWS Systems Manager (SSM) Parameter Store. This way you can securely store secrets and retrieve them at runtime in production, but rely on dummy values in dev/testing.

This module ships with TypeScript types.

### Using

```bash

yarn add @ovotech/ssm-env-secrets

```

If you have a parameter in SSM Parameter store called `my-secret-key` with your secret value. And your env vars look like this:

```

NODE_ENV=something

API_ID=my-id

API_KEY=ssm://my-secret-key

```

Then you can load the secret values with:

```ts

import { loadSSMSecrets } from '@ovotech/ssm-env-secrets';

import { SSM } from 'aws-sdk';

const ssm = new SSM({ region: 'eu-west-1' });

const env = loadSSMSecrets(ssm, process.env);

console.log(env.API_KEY); // will hold the decrypted value of "my-secret-key" parameter

```

## Running the tests

The tests require a running ssm mock server, and we're using [localstack](https://github.com/localstack/localstack) for that.

You'll need to start the ssm server:

```bash

SERVICES=ssm localstack start

```

After which you can run all the tests:

```bash

yarn test

```

### Coding style (linting, etc) tests

Style is maintained with prettier and tslint

```

yarn lint

```

## Deployment

To deploy a new version, push to master and then create a new release. CircleCI will automatically build and deploy a the version to the npm registry.

## Contributing

Have a bug? File an issue with a simple example that reproduces this so we can take a look & confirm.

Want to make a change? Submit a PR, explain why it's useful, and make sure you've updated the docs (this file) and the tests (see `test/S3DataSource.spec.ts`). You can run the tests with `SERVICES=ssm localstack start` and `yarn test`.

## Responsible Team

- Boost Internal Tools (BIT)

## License

This project is licensed under Apache 2 - see the [LICENSE](LICENSE) file for details