ac-awssecrets 2.4.4 → 2.5.1

package/CHANGELOG.md

@@ -1,4 +1,37 @@
 
+## [2.5.1](https://github.com/admiralcloud/ac-awssecrets/compare/v2.5.0..v2.5.1) (2025-05-13 08:10:25)
+
+
+### Bug Fix
+
+* **App:** Fixed deep merge with arrays | MP | [715c67bc5ef1c2520069d07953c6f05fd08ab37a](https://github.com/admiralcloud/ac-awssecrets/commit/715c67bc5ef1c2520069d07953c6f05fd08ab37a)    
+Fixed deep merge with arrays  
+Related issues:
+### Chores
+
+* **App:** Updated packages | MP | [843ab11b885697b471c74d546b40d885cc9f2844](https://github.com/admiralcloud/ac-awssecrets/commit/843ab11b885697b471c74d546b40d885cc9f2844)    
+Updated packages  
+Related issues:
+ 
+# [2.5.0](https://github.com/admiralcloud/ac-awssecrets/compare/v2.4.4..v2.5.0) (2025-05-06 18:01:30)
+
+
+### Feature
+
+* **App:** Allow batch fetching secret parameters | MP | [0d74ae3d45edde466aa36ca15e3f3a689676cc37](https://github.com/admiralcloud/ac-awssecrets/commit/0d74ae3d45edde466aa36ca15e3f3a689676cc37)    
+To speed up processes, this version now allows batch fetching of secret parameters  
+Related issues:
+### Tests
+
+* **App:** Fixed test | MP | [996dabf3f6287150da5aaa048bcb2c3b7aa9a289](https://github.com/admiralcloud/ac-awssecrets/commit/996dabf3f6287150da5aaa048bcb2c3b7aa9a289)    
+Fixed test  
+Related issues:
+### Chores
+
+* **App:** Updated packages | MP | [42be94ad3cb396fc40f4300eec4463d6cfe18b3a](https://github.com/admiralcloud/ac-awssecrets/commit/42be94ad3cb396fc40f4300eec4463d6cfe18b3a)    
+Updated packages  
+Related issues:
+
 ## [2.4.4](https://github.com/admiralcloud/ac-awssecrets/compare/v2.4.3..v2.4.4) (2025-04-20 06:17:50)
 
 

package/index.js

@@ -1,5 +1,5 @@
 const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager')
-const { SSMClient, GetParameterCommand, GetParametersByPathCommand } = require("@aws-sdk/client-ssm")
+const { SSMClient, GetParameterCommand, GetParametersCommand, GetParametersByPathCommand } = require("@aws-sdk/client-ssm")
 
 const testConfig = require('./test/config')
 const functionName = 'ac-awsSecrets'.padEnd(15)
@@ -32,16 +32,26 @@ const awsSecrets = () => {
   }
 
   const deepMerge = (target, source) => {
-    const result = { ...target }
-    for (const key in source) {
-      if (typeof source[key] === 'object' && !Array.isArray(source[key]) && typeof result[key] === 'object' && !Array.isArray(result[key])) {
-        result[key] = deepMerge(result[key], source[key])
-      } 
-      else {
-        result[key] = source[key]
+    if (Array.isArray(target) && Array.isArray(source)) {
+      return [...target, ...source]
+    }
+  
+    if (typeof source === 'object' && source !== null && typeof target === 'object' && target !== null) {
+      const result = { ...target }
+      
+      for (const key in source) {
+        if (key in result) {
+          result[key] = deepMerge(result[key], source[key])
+        }
+        else {
+          result[key] = source[key]
+        }
       }
+      
+      return result
     }
-    return result
+    
+    return source
   }
 
   const setValue = (config, { path, value, array = false, property, merge = false }) => {
@@ -93,14 +103,127 @@ const awsSecrets = () => {
 
   const loadSecretParameters = async({ secretParameters = [], config = {}, testMode = 0, debug = false, throwError = false, region = 'eu-central-1' } = {}) => {
     const environment = config?.environment || process.env.NODE_ENV || 'development'
-
+  
     const awsConfig = {
       region
     }
     const ssmClient = new SSMClient(awsConfig)
-
-    const getSecretParameter = async({ name, json = false, array = false, path, property, debug, merge }) => {
-      const parameterName = `/${environment}/${name}`
+  
+    // Process parameters in batches of 10 (AWS limit for GetParametersCommand)
+    const processBatchedParameters = async(paramList) => {
+      // Skip if no parameters
+      if (paramList.length === 0) return
+      
+      // Split parameters into batches of 10
+      const batchSize = 10
+      const batches = []
+      
+      for (let i = 0; i < paramList.length; i += batchSize) {
+        batches.push(paramList.slice(i, i + batchSize))
+      }
+      
+      // Process each batch
+      for (const batch of batches) {
+        if (testMode === 3) {
+          // For test mode, process individually as before
+          await Promise.all(batch.map(async param => {
+            const parameterName = `/${environment}/${param.name}`
+            const found = testConfig.parameterStore.find(item => item.name === parameterName)
+            let value = found?.value
+            
+            if (param.json && value) {
+              try {
+                value = JSON.parse(value)
+              } 
+              catch (e) {
+                console.error('%s | %s | %s', functionName, parameterName, e?.message)
+                if (throwError) throw e
+              }
+            }
+            
+            if (debug) {
+              console.warn('P %s | T %s | V %j', parameterName, typeof value, value)
+            }
+            setValue(config, { 
+              path: (param.path || param.name), 
+              value, 
+              array: param.array || false, 
+              property: param.property, 
+              merge: param.merge || false 
+            })
+          }))
+        } 
+        else {
+          // For production mode, use GetParametersCommand to fetch multiple parameters at once
+          try {
+            // Get parameter names for this batch
+            const parameterNames = batch.map(param => `/${environment}/${param.name}`)
+            
+            // Fetch all parameters in this batch with a single API call
+            const command = new GetParametersCommand({
+              Names: parameterNames,
+              WithDecryption: true
+            })
+            
+            const response = await ssmClient.send(command)
+            const parameters = response?.Parameters || []
+            
+            // Process each parameter
+            await Promise.all(parameters.map(async parameter => {
+              // Find corresponding parameter config
+              const paramName = parameter.Name
+              const paramConfig = batch.find(p => `/${environment}/${p.name}` === paramName)
+              
+              if (!paramConfig) return // Skip if no matching config found
+              
+              let value = parameter.Value
+              
+              if (paramConfig.json && value) {
+                try {
+                  value = JSON.parse(value)
+                } 
+                catch (e) {
+                  console.error('%s | %s | %s', functionName, paramName, e?.message)
+                  if (throwError) throw e
+                  return // Skip this parameter if JSON parsing fails
+                }
+              }
+              
+              if (debug) {
+                console.warn('P %s | T %s | V %j', paramName, typeof value, value)
+              }
+              
+              setValue(config, { 
+                path: (paramConfig.path || paramConfig.name), 
+                value, 
+                array: paramConfig.array || false, 
+                property: paramConfig.property, 
+                merge: paramConfig.merge || false 
+              })
+            }))
+            
+            // Handle invalid parameters
+            if (response?.InvalidParameters?.length > 0) {
+              console.error('%s | Invalid parameters: %j', functionName, response.InvalidParameters)
+              if (throwError) {
+                throw new Error(`Invalid parameters: ${response.InvalidParameters.join(', ')}`)
+              }
+            }
+          } 
+          catch (e) {
+            console.error('%s | Batch parameter fetch error: %s', functionName, e?.message)
+            if (throwError) throw e
+            
+            // Fallback: process parameters individually if batch fails
+            await Promise.all(batch.map(param => getSecretParameter(param)))
+          }
+        }
+      }
+    }
+  
+    // Keep the original getSecretParameter as fallback
+    const getSecretParameter = async(param) => {
+      const parameterName = `/${environment}/${param.name}`
       try {
         let value
         if (testMode === 3) {
@@ -118,26 +241,25 @@ const awsSecrets = () => {
           const response = await ssmClient.send(command)
           value = response?.Parameter?.Value
         }
-
+  
         // Extract and return the parameter value
-        if (json) {
+        if (param.json) {
           value = JSON.parse(value)
         }
-
+  
         if (debug) {
           console.warn('P %s | T %s | V %j', parameterName, typeof value, value)
         }
-        setValue(config, { path: (path || name), value, array, property, merge })
-
+        setValue(config, { path: (param.path || param.name), value, array: param.array, property: param.property, merge: param.merge })
       } 
       catch (e) {
         console.error('%s | %s | %s', functionName, parameterName, e?.message)
         if (throwError) throw e
       }
     }
-
-    // pushes multiple paramters into the given path (e.g. params /dev/db/1 and /dev/db/2 (name = /dev/db/*) will be objects in array databases (path))
-    const getSecretParametersByPath = async({ name, json = false, array = true, path, property, debug, merge }) => {
+  
+    // Keep the original getSecretParametersByPath for wildcard parameters
+    const getSecretParametersByPath = async({ path, name, json = false, array, property, merge }) => {
       if (!path) throw new Error('pathMustBeSet')
       const parameterName = `/${environment}/${name}`
       try {
@@ -169,14 +291,14 @@ const awsSecrets = () => {
           const response = await ssmClient.send(command)
           valueArray = response?.Parameters
         }
-
+  
         for (const item of valueArray) {
           let value = item?.Value
           // Extract and return the parameter value
           if (json) {
             value = JSON.parse(value)
           }
-
+  
           if (debug) {
             console.warn('P %s | T %s | V %j', item?.Name, typeof value, value)
           }
@@ -188,13 +310,30 @@ const awsSecrets = () => {
         if (throwError) throw e
       }
     }
-
-    for (const secretParameter of secretParameters) {
-      if (environment === 'test' && secretParameter?.ignoreInTestMode) continue
-      if (debug) secretParameter.debug = true
-      if (secretParameter.name.endsWith('*')) await getSecretParametersByPath(secretParameter)
-      else await getSecretParameter(secretParameter)
+  
+    // Filter out parameters with ignoreInTestMode = true in test environment
+    let filteredParams = secretParameters
+    if (environment === 'test') {
+      filteredParams = secretParameters.filter(param => !param.ignoreInTestMode)
     }
+    
+    // Add debug if needed
+    if (debug) {
+      filteredParams.forEach(param => param.debug = true)
+    }
+  
+    // Split parameters into regular and wildcard ones
+    const wildcardParams = filteredParams.filter(param => param.name.endsWith('*'))
+    const regularParams = filteredParams.filter(param => !param.name.endsWith('*'))
+    
+    // Process parameters in parallel
+    await Promise.all([
+      // Process regular parameters in batches
+      processBatchedParameters(regularParams),
+      
+      // Process wildcard parameters individually (using original method)
+      ...wildcardParams.map(param => getSecretParametersByPath(param))
+    ])
   }
 
 

package/package.json

@@ -3,17 +3,17 @@
   "author": "Mark Poepping (https://www.admiralcloud.com)",
   "license": "MIT",
   "repository": "admiralcloud/ac-awssecrets",
-  "version": "2.4.4",
+  "version": "2.5.1",
   "dependencies": {
-    "@aws-sdk/client-secrets-manager": "^3.787.0",
-    "@aws-sdk/client-ssm": "^3.787.0"
+    "@aws-sdk/client-secrets-manager": "^3.808.0",
+    "@aws-sdk/client-ssm": "^3.808.0"
   },
   "devDependencies": {
     "ac-semantic-release": "^0.4.6",
     "c8": "^10.1.3",
     "chai": "^4.x",
     "eslint": "9.x",
-    "mocha": "^11.1.0"
+    "mocha": "^11.2.2"
   },
   "scripts": {
     "test": "NODE_ENV=test mocha --reporter spec --bail",

package/test/config.js

@@ -36,7 +36,7 @@ const secretParameters = [
   { name: 'configVar5.path', json: true },
   { name: 'configVar6', json: true },
   { name: 'aws', json: true, merge: true },
-  { name: 'db/*', json: true, merge: true, path: 'db' }
+  { name: 'db/*', json: true, merge: true, path: 'db', array: true }
 ]
 
 const parameterStore = [

package/g.sh

@@ -1,11 +0,0 @@
-#!/bin/bash
-aws ssm get-parameters-by-path \
-    --path "/development" \
-    --recursive \
-    --profile dev.mfa --region eu-central-1 \
-    --output json | \
-jq '.Parameters[] | 
-    {Name: .Name}'
-
-
-    {"secret":"L4w,UU3g;NAh)e6,HV(TTzUZ2G>","name":"acauth","valueHasJSON":"true","defaultApps":{"acapp":"8d09356a-042f-4d4a-9c6f-935329000969","embedlink": "5ffd8ff6-2aeb-44b0-8a6c-f413de58df3c"},"passwordAlgorithm":"aes-256-ctr","password":"8gZVqjzKN@g4XdD7Cq#9qAPh>iPdKNkr"}