npm - ac-awssecrets - Versions diffs - 2.3.3 → 2.4.0 - Mend

ac-awssecrets 2.3.3 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,18 @@
+<a name="2.4.0"></a>
+# [2.4.0](https://github.com/admiralcloud/ac-awssecrets/compare/v2.3.3..v2.4.0) (2024-10-18 13:41:05)
+### Feature
+* **App:** Allow retrieving paramters by path | MP | [3a2b7be3a3a7cff5132fcb3a19cab6cbb382beed](https://github.com/admiralcloud/ac-awssecrets/commit/3a2b7be3a3a7cff5132fcb3a19cab6cbb382beed)
+You can fetch and add multiple parameter from they same path with one entry. See README for example
+Related issues: [undefined/undefined#master](undefined/browse/master)
+### Chores
+* **App:** Updated packages | MP | [52502906bf6f1071d8e896f34139f865eac3559b](https://github.com/admiralcloud/ac-awssecrets/commit/52502906bf6f1071d8e896f34139f865eac3559b)
+Updated packages
+Related issues: [undefined/undefined#master](undefined/browse/master)
 <a name="2.3.3"></a>
 ## [2.3.3](https://github.com/admiralcloud/ac-awssecrets/compare/v2.3.2..v2.3.3) (2024-09-28 08:08:07)

package/README.md CHANGED Viewed

@@ -88,6 +88,24 @@ config.aws = {
   }
 }
+// USE WITH PATH
+/development/db1 -> { url: 'https://db1.admiralcloud.com' }
+/development/db2 -> { url: 'https://db2.admiralcloud.com' }
+const payload = {
+  secretParameters: [
+    { name: 'db/*', path: 'database', json: true, merge: true },
+  ],
+  config
+}
+await awsSecrets.loadSecretParameters(payload)
+// final result
+config.database = [
+  { url: 'https://db1.admiralcloud.com' },
+  { url: 'https://db2.admiralcloud.com' }
+]
 ```
 ## Options
@@ -99,6 +117,7 @@ config.aws = {
 |array|boolean|-|If true, the the value will be pushed to the array at name or path
 |property|object|-|If set, instead of pushing the value to an array it will inserted at the object which matches the property
 |merge|boolean|-|If true, objects from AWS parameters will be merged with existing objects
+|ignoreInTestMode|boolean|-|If true, parameter will be ignored if environment is test
 # AWS Secrets

package/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
 const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager')
-const { SSMClient, GetParameterCommand } = require("@aws-sdk/client-ssm")
+const { SSMClient, GetParameterCommand, GetParametersByPathCommand } = require("@aws-sdk/client-ssm")
 const testConfig = require('./test/config')
 const functionName = 'ac-awsSecrets'.padEnd(15)
@@ -78,7 +78,6 @@ const awsSecrets = () => {
   }
   const loadSecretParameters = async({ secretParameters = [], config = {}, testMode = 0, debug = false, throwError = false, region = 'eu-central-1' } = {}) => {
     const environment = config?.environment || process.env.NODE_ENV || 'development'
@@ -94,7 +93,7 @@ const awsSecrets = () => {
         if (testMode === 3) {
           // fetch from availableSecrets
           let found = testConfig.parameterStore.find(item => item.name === parameterName)
-          value = found?.value
+          value = found?.value
         }
         else {
           const command = new GetParameterCommand({
@@ -124,10 +123,64 @@ const awsSecrets = () => {
       }
     }
+    // pushes multiple paramters into the given path (e.g. params /dev/db/1 and /dev/db/2 (name = /dev/db/*) will be objects in array databases (path))
+    const getSecretParametersByPath = async({ name, json = false, array = true, path, property, debug, merge }) => {
+      if (!path) throw new Error('pathMustBeSet')
+      const parameterName = `/${environment}/${name}`
+      try {
+        let valueArray
+        if (testMode === 3) {
+          // fetch from availableSecrets
+          valueArray = testConfig.parameterStore.filter(item => {
+            return item.name.startsWith(parameterName.replace('*', ''))
+          })
+          valueArray = valueArray.map(item => {
+            return {
+              Name: item?.name,
+              Type: 'SecureString',
+              Value: item?.value,
+              Version: 1,
+              LastModifiedDate: new Date(),
+              ARN: `arn:aws:ssm:region:account-id:parameter/${item?.name}`,
+              DataType: 'text'
+            }
+          })
+        }
+        else {
+          // fetch all paramters with the path
+          const command = new GetParametersByPathCommand({
+            Path: parameterName.replace('*', ''),
+            Recursive: true,
+            WithDecryption: true,
+          })
+          const response = await ssmClient.send(command)
+          valueArrays = response?.Parameters
+        }
+        for (const item of valueArray) {
+          let value = item?.Value
+          // Extract and return the parameter value
+          if (json) {
+            value = JSON.parse(value)
+          }
+          if (debug) {
+            console.warn('P %s | T %s | V %j', item?.Name, typeof value, value)
+          }
+          setValue(config, { path, value, array, property, merge })
+        }
+      }
+      catch (e) {
+        console.error('%s | %s | %s', functionName, parameterName, e?.message)
+        if (throwError) throw e
+      }
+    }
     for (const secretParameter of secretParameters) {
       if (environment === 'test' && secretParameter?.ignoreInTestMode) continue
       if (debug) secretParameter.debug = true
-      await getSecretParameter(secretParameter)
+      if (secretParameter.name.endsWith('*')) await getSecretParametersByPath(secretParameter)
+      else await getSecretParameter(secretParameter)
     }
   }

package/package.json CHANGED Viewed

@@ -3,10 +3,10 @@
   "author": "Mark Poepping (https://www.admiralcloud.com)",
   "license": "MIT",
   "repository": "admiralcloud/ac-awssecrets",
-  "version": "2.3.3",
+  "version": "2.4.0",
   "dependencies": {
-    "@aws-sdk/client-secrets-manager": "^3.658.1",
-    "@aws-sdk/client-ssm": "^3.658.1"
+    "@aws-sdk/client-secrets-manager": "^3.674.0",
+    "@aws-sdk/client-ssm": "^3.674.0"
   },
   "devDependencies": {
     "ac-semantic-release": "^0.4.3",
@@ -16,7 +16,7 @@
     "mocha": "^10.7.3"
   },
   "scripts": {
-    "test": "NODE_ENV=test mocha --reporter spec",
+    "test": "NODE_ENV=test mocha --reporter spec --bail",
     "coverage": "./node_modules/c8/bin/c8.js yarn test"
   },
   "engines": {

package/test/config.js CHANGED Viewed

@@ -23,7 +23,8 @@ const config = {
   },
   configVar7: {
     level: 'info'
-  }
+  },
+  db: []
 }
@@ -34,7 +35,8 @@ const secretParameters = [
   { name: 'configVar4/api', json: true },
   { name: 'configVar5.path', json: true },
   { name: 'configVar6', json: true },
-  { name: 'aws', json: true, merge: true }
+  { name: 'aws', json: true, merge: true },
+  { name: 'db/*', json: true, merge: true, path: 'db' }
 ]
 const parameterStore = [
@@ -73,7 +75,15 @@ const parameterStore = [
     value: JSON.stringify({
       account: '456'
     })
-  }
+  },
+  {
+    name: '/test/db/1',
+    value: JSON.stringify({ url: 'https://db1.admiralcloud.com' }),
+  },
+  {
+    name: '/test/db/2',
+    value: JSON.stringify({ url: 'https://db2.admiralcloud.com' }),
+  },
 ]

package/test/test.js CHANGED Viewed

@@ -73,6 +73,12 @@ describe('Reading secretParameters', () => {
     expect(config.aws).to.have.property('account', '456')
     expect(config.aws).to.have.property('accessKeys').length(0)
   })
+  it('Check path secrets', async() => {
+    expect(config.db).to.have.length(2)
+    expect(config.db[0]).to.have.property('url', 'https://db1.admiralcloud.com')
+    expect(config.db[1]).to.have.property('url', 'https://db2.admiralcloud.com')
+  })
 })