ac-awssecrets 2.3.3 → 2.4.1

package/CHANGELOG.md

@@ -1,3 +1,28 @@
+<a name="2.4.1"></a>
+
+## [2.4.1](https://github.com/admiralcloud/ac-awssecrets/compare/v2.4.0..v2.4.1) (2024-10-18 13:50:58)
+
+
+### Bug Fix
+
+* **App:** Typo fix | MP | [e28ae4505a53e0b6aad6f1a6959b9ab763c0faad](https://github.com/admiralcloud/ac-awssecrets/commit/e28ae4505a53e0b6aad6f1a6959b9ab763c0faad)    
+Typo fix  
+Related issues: [undefined/undefined#master](undefined/browse/master)
+<a name="2.4.0"></a>
+ 
+# [2.4.0](https://github.com/admiralcloud/ac-awssecrets/compare/v2.3.3..v2.4.0) (2024-10-18 13:41:05)
+
+
+### Feature
+
+* **App:** Allow retrieving paramters by path | MP | [3a2b7be3a3a7cff5132fcb3a19cab6cbb382beed](https://github.com/admiralcloud/ac-awssecrets/commit/3a2b7be3a3a7cff5132fcb3a19cab6cbb382beed)    
+You can fetch and add multiple parameter from they same path with one entry. See README for example  
+Related issues: [undefined/undefined#master](undefined/browse/master)
+### Chores
+
+* **App:** Updated packages | MP | [52502906bf6f1071d8e896f34139f865eac3559b](https://github.com/admiralcloud/ac-awssecrets/commit/52502906bf6f1071d8e896f34139f865eac3559b)    
+Updated packages  
+Related issues: [undefined/undefined#master](undefined/browse/master)
 <a name="2.3.3"></a>
 
 ## [2.3.3](https://github.com/admiralcloud/ac-awssecrets/compare/v2.3.2..v2.3.3) (2024-09-28 08:08:07)

package/README.md

@@ -88,6 +88,24 @@ config.aws = {
   }
 }
 
+// USE WITH PATH
+/development/db1 -> { url: 'https://db1.admiralcloud.com' }
+/development/db2 -> { url: 'https://db2.admiralcloud.com' }
+
+const payload = {
+  secretParameters: [ 
+    { name: 'db/*', path: 'database', json: true, merge: true },
+  ],
+  config
+}
+await awsSecrets.loadSecretParameters(payload)
+
+// final result
+config.database = [
+  { url: 'https://db1.admiralcloud.com' },
+  { url: 'https://db2.admiralcloud.com' }
+]
+
 ```
 
 ## Options
@@ -99,6 +117,7 @@ config.aws = {
 |array|boolean|-|If true, the the value will be pushed to the array at name or path
 |property|object|-|If set, instead of pushing the value to an array it will inserted at the object which matches the property 
 |merge|boolean|-|If true, objects from AWS parameters will be merged with existing objects
+|ignoreInTestMode|boolean|-|If true, parameter will be ignored if environment is test
 
 
 # AWS Secrets

package/index.js

@@ -1,5 +1,5 @@
 const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager')
-const { SSMClient, GetParameterCommand } = require("@aws-sdk/client-ssm")
+const { SSMClient, GetParameterCommand, GetParametersByPathCommand } = require("@aws-sdk/client-ssm")
 
 const testConfig = require('./test/config')
 const functionName = 'ac-awsSecrets'.padEnd(15)
@@ -78,7 +78,6 @@ const awsSecrets = () => {
   }
   
 
-
   const loadSecretParameters = async({ secretParameters = [], config = {}, testMode = 0, debug = false, throwError = false, region = 'eu-central-1' } = {}) => {
     const environment = config?.environment || process.env.NODE_ENV || 'development'
 
@@ -94,7 +93,7 @@ const awsSecrets = () => {
         if (testMode === 3) {
           // fetch from availableSecrets
           let found = testConfig.parameterStore.find(item => item.name === parameterName)
-          value = found?.value
+          value = found?.value         
         }
         else {
           const command = new GetParameterCommand({
@@ -124,10 +123,64 @@ const awsSecrets = () => {
       }
     }
 
+    // pushes multiple paramters into the given path (e.g. params /dev/db/1 and /dev/db/2 (name = /dev/db/*) will be objects in array databases (path))
+    const getSecretParametersByPath = async({ name, json = false, array = true, path, property, debug, merge }) => {
+      if (!path) throw new Error('pathMustBeSet')
+      const parameterName = `/${environment}/${name}`
+      try {
+        let valueArray
+        if (testMode === 3) {
+          // fetch from availableSecrets
+          valueArray = testConfig.parameterStore.filter(item => {
+            return item.name.startsWith(parameterName.replace('*', ''))
+          })
+          valueArray = valueArray.map(item => {
+            return {
+              Name: item?.name,
+              Type: 'SecureString',
+              Value: item?.value,
+              Version: 1,
+              LastModifiedDate: new Date(),
+              ARN: `arn:aws:ssm:region:account-id:parameter/${item?.name}`,
+              DataType: 'text'
+            }
+          })
+        }        
+        else {
+          // fetch all paramters with the path
+          const command = new GetParametersByPathCommand({
+            Path: parameterName.replace('*', ''),
+            Recursive: true,
+            WithDecryption: true,
+          })
+          const response = await ssmClient.send(command)
+          valueArray = response?.Parameters
+        }
+
+        for (const item of valueArray) {
+          let value = item?.Value
+          // Extract and return the parameter value
+          if (json) {
+            value = JSON.parse(value)
+          }
+
+          if (debug) {
+            console.warn('P %s | T %s | V %j', item?.Name, typeof value, value)
+          }
+          setValue(config, { path, value, array, property, merge })
+        }
+      } 
+      catch (e) {
+        console.error('%s | %s | %s', functionName, parameterName, e?.message)
+        if (throwError) throw e
+      }
+    }
+
     for (const secretParameter of secretParameters) {
       if (environment === 'test' && secretParameter?.ignoreInTestMode) continue
       if (debug) secretParameter.debug = true
-      await getSecretParameter(secretParameter)
+      if (secretParameter.name.endsWith('*')) await getSecretParametersByPath(secretParameter)
+      else await getSecretParameter(secretParameter)
     }
   }
 

package/package.json

@@ -3,10 +3,10 @@
   "author": "Mark Poepping (https://www.admiralcloud.com)",
   "license": "MIT",
   "repository": "admiralcloud/ac-awssecrets",
-  "version": "2.3.3",
+  "version": "2.4.1",
   "dependencies": {
-    "@aws-sdk/client-secrets-manager": "^3.658.1",
-    "@aws-sdk/client-ssm": "^3.658.1"
+    "@aws-sdk/client-secrets-manager": "^3.674.0",
+    "@aws-sdk/client-ssm": "^3.674.0"
   },
   "devDependencies": {
     "ac-semantic-release": "^0.4.3",
@@ -16,7 +16,7 @@
     "mocha": "^10.7.3"
   },
   "scripts": {
-    "test": "NODE_ENV=test mocha --reporter spec",
+    "test": "NODE_ENV=test mocha --reporter spec --bail",
     "coverage": "./node_modules/c8/bin/c8.js yarn test"
   },
   "engines": {

package/test/config.js

@@ -23,7 +23,8 @@ const config = {
   },
   configVar7: {
     level: 'info'
-  }
+  },
+  db: []
 }
 
 
@@ -34,7 +35,8 @@ const secretParameters = [
   { name: 'configVar4/api', json: true },
   { name: 'configVar5.path', json: true },
   { name: 'configVar6', json: true },
-  { name: 'aws', json: true, merge: true }
+  { name: 'aws', json: true, merge: true },
+  { name: 'db/*', json: true, merge: true, path: 'db' }
 ]
 
 const parameterStore = [
@@ -73,7 +75,15 @@ const parameterStore = [
     value: JSON.stringify({
       account: '456'
     })
-  }
+  },
+  {
+    name: '/test/db/1',
+    value: JSON.stringify({ url: 'https://db1.admiralcloud.com' }),
+  },
+  {
+    name: '/test/db/2',
+    value: JSON.stringify({ url: 'https://db2.admiralcloud.com' }),
+  },
 ]
 
 

package/test/test.js

@@ -73,6 +73,12 @@ describe('Reading secretParameters', () => {
     expect(config.aws).to.have.property('account', '456')
     expect(config.aws).to.have.property('accessKeys').length(0)
   })
+
+  it('Check path secrets', async() => {
+    expect(config.db).to.have.length(2)
+    expect(config.db[0]).to.have.property('url', 'https://db1.admiralcloud.com')
+    expect(config.db[1]).to.have.property('url', 'https://db2.admiralcloud.com')
+  })
 })