npm - @varius.io/framework - Versions diffs - 13.12.3 → 13.12.5 - Mend

@varius.io/framework 13.12.3 → 13.12.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/vatom-vault-env.mjs +30 -2
package/package.json +1 -1

package/bin/vatom-vault-env.mjs CHANGED Viewed

@@ -2,7 +2,9 @@
 import { spawn } from "child_process";
 import fsp from "node:fs/promises";
-import { format } from "node:util";
+import { format, debuglog } from "node:util";
+const debug = debuglog("vatom-vault-env");
 const vaultApiBase = process.env.VAULT_ENV_VAULT_API_BASE;
@@ -56,6 +58,8 @@ async function fetchSecret(secretPath) {
 		);
 	}
+	debug("fetched secret, secretPath=%j", secretPath);
 	const resBody = await res.json();
 	return resBody.data;
 }
@@ -83,6 +87,16 @@ export async function resolveEnv() {
 	for (const envVar of secretEnvVars) {
 		const secret = resolvedSecrets.get(envVar.secretPath);
 		const secretPropertyValue = secret.data[envVar.secretPropertyName];
+		if (secretPropertyValue === undefined) {
+			console.error(
+				"vatom-vault-env: no value in vault for requested secret property, secretPath=%j, propertyName=%j",
+				envVar.secretPath,
+				envVar.secretPropertyName
+			);
+			process.exit(1);
+		}
 		newEnv[envVar.envKey] = secretPropertyValue;
 	}
@@ -100,6 +114,13 @@ function spawnChildProcess() {
 	const childCommand = process.argv.shift();
+	debug(
+		"spawning child process, command=%j, argv=%j, cwd=%j",
+		childCommand,
+		process.argv,
+		process.cwd()
+	);
 	const child = spawn(childCommand, process.argv, {
 		cwd: process.cwd(),
 		env: process.env,
@@ -112,14 +133,21 @@ function spawnChildProcess() {
 }
 async function main() {
+	debug("starting");
 	// need to temporarily allow self-signed certs
 	const oldRejectUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED;
 	process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
 	const resolvedEnv = await resolveEnv();
+	debug("resolved env vars, names=%j", Object.keys(resolvedEnv).join(" "));
 	// reset self-signed cert permission, for the child process
-	process.env.NODE_TLS_REJECT_UNAUTHORIZED = oldRejectUnauthorized;
+	if (oldRejectUnauthorized === undefined) {
+		delete process.env.NODE_TLS_REJECT_UNAUTHORIZED;
+	} else {
+		process.env.NODE_TLS_REJECT_UNAUTHORIZED = oldRejectUnauthorized;
+	}
 	process.env = { ...process.env, ...resolvedEnv };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@varius.io/framework",
-  "version": "13.12.3",
+  "version": "13.12.5",
   "main": "./build/index.js",
   "type": "./build/index.d.ts",
   "scripts": {