@orion-js/env 3.7.4 → 3.9.0

package/lib/cli/add/index.js

@@ -9,6 +9,8 @@ const getParams_1 = require("./getParams");
 const yaml_1 = __importDefault(require("yaml"));
 const files_1 = require("../../files");
 const sortObjectByKeys = (object) => {
+    if (!object)
+        return {};
     const sorted = {};
     Object.keys(object)
         .sort()
@@ -29,6 +31,7 @@ async function envAdd({ path }) {
     // sort keys alphabetically
     config.cleanKeys = sortObjectByKeys(config.cleanKeys);
     config.encryptedKeys = sortObjectByKeys(config.encryptedKeys);
+    config.readFromSecret = sortObjectByKeys(config.readFromSecret);
     const text = yaml_1.default.stringify(config);
     (0, files_1.writeFile)(path, text);
 }

package/lib/cli/init/index.js

@@ -15,7 +15,8 @@ async function envInit({ path }) {
         version: '1.0',
         publicKey: keypair.encryptKey,
         cleanKeys: {},
-        encryptedKeys: {}
+        encryptedKeys: {},
+        readFromSecret: {}
     };
     const text = yaml_1.default.stringify(envFile);
     (0, files_1.writeFile)(path, text);

package/lib/environment/getDts.js

@@ -4,7 +4,11 @@ exports.writeDtsFileFromConfigFile = exports.writeDtsFile = exports.getDts = voi
 const getConfig_1 = require("../cli/add/getConfig");
 const files_1 = require("../files");
 function getDts(config) {
-    const keys = [...Object.keys(config.cleanKeys), ...Object.keys(config.encryptedKeys)];
+    const keys = [
+        ...Object.keys(config.cleanKeys),
+        ...Object.keys(config.encryptedKeys),
+        ...Object.values(config.readFromSecret).flat()
+    ];
     return `declare module '@orion-js/env' {
   export const env: {
 ${keys.map(key => `    ${key}: string`).join('\n')}

package/lib/environment/getVariables.d.ts

@@ -7,8 +7,11 @@ export interface Config {
     encryptedKeys: {
         [key: string]: string;
     };
+    readFromSecret?: {
+        [key: string]: string[];
+    };
 }
 export interface Variables {
     [key: string]: string;
 }
-export declare function getVariables(config: Config, secretKey: string): Variables;
+export declare function getVariables(config: Config, secretKey?: string): Variables;

package/lib/environment/getVariables.js

@@ -2,9 +2,44 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getVariables = void 0;
 const crypto_1 = require("../crypto");
-function getVariables(config, secretKey) {
-    const { cleanKeys, encryptedKeys } = config;
+function readSecrets(readFromSecret) {
     const variables = {};
+    let secretKey = null;
+    if (!readFromSecret)
+        return { variables, secretKey };
+    for (const secretName in readFromSecret) {
+        const keys = readFromSecret[secretName];
+        if (!process.env[secretName]) {
+            console.warn(`@orion/env could not find the secret "${secretName}" in the environment. Related variables will be undefined.`);
+            continue;
+        }
+        try {
+            const values = JSON.parse(process.env[secretName]);
+            if (values.ORION_ENV_SECRET_KEY) {
+                secretKey = values.ORION_ENV_SECRET_KEY;
+            }
+            for (const key of keys) {
+                if (values[key]) {
+                    variables[key] = values[key];
+                }
+                else {
+                    console.warn(`@orion/env could not find the variable "${key}" in the secret "${secretName}". Related variables will be undefined.`);
+                }
+            }
+        }
+        catch (error) {
+            console.warn(`'@orion/env found a the secret "${secretName}" variable in the environment but it is not a valid JSON. Related variables will be undefined.'`);
+        }
+    }
+    return { variables, secretKey: secretKey };
+}
+function getVariables(config, secretKey) {
+    const { cleanKeys, encryptedKeys, readFromSecret } = config;
+    const { variables, secretKey: foundSecretKey } = readSecrets(readFromSecret);
+    let decryptKey = foundSecretKey || secretKey;
+    if (!decryptKey) {
+        throw new Error('Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined');
+    }
     for (const key in cleanKeys) {
         const value = cleanKeys[key];
         variables[key] = value;
@@ -12,7 +47,7 @@ function getVariables(config, secretKey) {
     for (const key in encryptedKeys) {
         const encrypted = encryptedKeys[key];
         try {
-            variables[key] = (0, crypto_1.decrypt)(secretKey, encrypted);
+            variables[key] = (0, crypto_1.decrypt)(decryptKey, encrypted);
         }
         catch (error) {
             throw new Error(`Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not the right key for "${key}"`);

package/lib/environment/index.js

@@ -28,9 +28,6 @@ if (g.__orion_env_final__) {
     variables = g.__orion_env_final__;
 }
 else if (envFilePath) {
-    if (!secretKey) {
-        throw new Error('Orion encrypted env was passed but process.env.ORION_ENV_SECRET_KEY is not defined');
-    }
     variables = (0, exports.readEnv)();
 }
 g.__orion_env_final__ = variables;

package/lib/environment/index.test.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const crypto_1 = require("../crypto");
+const getDts_1 = require("./getDts");
 const getVariables_1 = require("./getVariables");
 describe('Environment', () => {
     beforeEach(() => {
@@ -19,13 +20,22 @@ describe('Environment', () => {
             },
             encryptedKeys: {
                 secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
+            },
+            readFromSecret: {
+                SECRET_ENV: ['secret2'],
+                SECRET2_ENV: ['secret3', 'secret4']
             }
         };
+        process.env.SECRET_ENV = JSON.stringify({ secret2: 'this_is_secret' });
+        process.env.SECRET2_ENV = JSON.stringify({ secret3: '3', secret4: '4' });
         process.env.ORION_ENV_SECRET_KEY = secretKey;
         const env = (0, getVariables_1.getVariables)(data, secretKey);
         expect(env).toEqual({
             a_key: 'a_value',
-            secret1: secretValue
+            secret1: secretValue,
+            secret2: 'this_is_secret',
+            secret3: '3',
+            secret4: '4'
         });
     });
     it('should thow an error when the secret key is not the one used to encrypt', () => {
@@ -46,4 +56,81 @@ describe('Environment', () => {
         }
         expect.assertions(1);
     });
+    it('should read the decyrpt key from the secret', () => {
+        const secretKey = 'QShwQT1+d5wk/F6FVpT5VmZFXm50aFRt9/LaDbwSEGo=';
+        const secretValue = 'this_is_secret';
+        const data = {
+            version: '1.0',
+            publicKey: 'quyw/56O1P/BmjlHGfguZD27zKbjOtxNBDOTz+FOYho=',
+            cleanKeys: {
+                a_key: 'a_value'
+            },
+            encryptedKeys: {
+                secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
+            },
+            readFromSecret: {
+                SECRET_ENV: ['secret2']
+            }
+        };
+        process.env.SECRET_ENV = JSON.stringify({
+            secret2: 'this_is_secret',
+            ORION_ENV_SECRET_KEY: secretKey
+        });
+        const env = (0, getVariables_1.getVariables)(data, secretKey);
+        expect(env).toEqual({
+            a_key: 'a_value',
+            secret1: secretValue,
+            secret2: 'this_is_secret'
+        });
+    });
+    it('should log an error when the secret is not a valid JSON, and related secrets undefined', () => {
+        console.warn = jest.fn();
+        const secretKey = 'QShwQT1+d5wk/F6FVpT5VmZFXm50aFRt9/LaDbwSEGo=';
+        const secretValue = 'this_is_secret';
+        const data = {
+            version: '1.0',
+            publicKey: 'quyw/56O1P/BmjlHGfguZD27zKbjOtxNBDOTz+FOYho=',
+            cleanKeys: {
+                a_key: 'a_value'
+            },
+            encryptedKeys: {
+                secret1: 'nQCxsZxjVkOABeQSdIhYK7jSMYKUggUm9IWUGLpY3i4=:9gvH5IOhV/q5R4ngUIk2onf5oEZM5dIU89PRZ5TGjnnfcnrwkssLqsACNDmr0m4jQZVo0nBL'
+            },
+            readFromSecret: {
+                SECRET_ENV: ['secret2']
+            }
+        };
+        process.env.SECRET_ENV = 'not a json';
+        const env = (0, getVariables_1.getVariables)(data, secretKey);
+        expect(env).toEqual({
+            a_key: 'a_value',
+            secret1: secretValue,
+            secret2: undefined
+        });
+        expect(console.warn.mock.calls[0][0].includes('it is not a valid JSON')).toBe(true);
+    });
+    it('Dts should return the right types', () => {
+        const dts = (0, getDts_1.getDts)({
+            version: '1.0',
+            publicKey: 'public',
+            cleanKeys: {
+                a_key: 'a_value'
+            },
+            encryptedKeys: {
+                secret: 'encrypted'
+            },
+            readFromSecret: {
+                SECRET_ENV: ['secret2', 'secret3']
+            }
+        });
+        expect(dts).toEqual(`declare module '@orion-js/env' {
+  export const env: {
+    a_key: string
+    secret: string
+    secret2: string
+    secret3: string
+  }
+}
+`);
+    });
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@orion-js/env",
-  "version": "3.7.4",
+  "version": "3.9.0",
   "main": "lib/index.js",
   "author": "nicolaslopezj",
   "license": "MIT",
@@ -32,5 +32,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "c77b95ffc592ddce0ba6b95ae5e34f3e273c4cd5"
+  "gitHead": "23e0eda5348153dcc07b307a97b641d52eb41f39"
 }