dotsec 1.0.0-alpha.8 → 2.0.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
- "sources": ["../src/index.ts", "../src/dotsec.ts", "../src/constants.ts", "../src/lib/aws/AwsKmsEncryptionEngine.ts", "../src/lib/aws/getCredentialsProfileRegion.ts", "../src/utils/logger.ts", "../src/lib/aws/handleCredentialsAndRegion.ts", "../src/lib/config/index.ts", "../src/lib/json.ts"],
4
- "sourcesContent": ["export type { DotsecConfig as Dotsec } from \"./types\";\nexport type { DotsecConfig } from \"./types\";\nimport dotsec from \"./dotsec\";\nexport default dotsec;\n", "import { parse } from \"dotenv\";\nimport { DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS } from \"./constants\";\nimport { awsEncryptionEngineFactory } from \"./lib/aws/AwsKmsEncryptionEngine\";\nimport { getConfig } from \"./lib/config\";\nimport fs from \"node:fs\";\nimport { strong } from \"./utils/logger\";\nimport { DotsecConfig } from \"./types\";\n\nconst config = async (\n\toptions: {\n\t\taws?: { region?: string; kms?: { keyAlias?: string } };\n\t} & (\n\t\t| { sec: true | string; env?: never }\n\t\t| { env: true | string; sec?: never }\n\t) &\n\t\t(\n\t\t\t| { dotsecConfig: DotsecConfig; configFile?: never }\n\t\t\t| { dotsecConfig?: never; configFile: string }\n\t\t\t| { dotsecConfig?: never; configFile?: never }\n\t\t),\n) => {\n\tconst { configFile, sec, env, dotsecConfig } = options;\n\tconst {\n\t\tcontents: { config } = { config: {} },\n\t} = dotsecConfig ? { contents: dotsecConfig } : await getConfig(configFile);\n\tconst keyAlias =\n\t\toptions.aws?.kms?.keyAlias ||\n\t\tconfig?.aws?.kms?.keyAlias ||\n\t\tDOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS;\n\n\tconst region = options.aws?.region || config?.aws?.region;\n\tconst encryptionPlugin = await awsEncryptionEngineFactory({\n\t\tverbose: true,\n\t\tkms: {\n\t\t\tkeyAlias: keyAlias,\n\t\t},\n\t\tregion: region,\n\t});\n\n\tlet dotsec: string | undefined;\n\tlet dotenv: string | undefined;\n\t// is set?\n\tif (sec) {\n\t\t// is string ?\n\t\tif (typeof sec === \"string\") {\n\t\t\t// here we hava filename\n\t\t\tdotsec = sec;\n\t\t} else if (typeof options.sec === \"boolean\" && options.sec === true) {\n\t\t\t// is true ?\n\t\t\tdotsec = \".sec\";\n\t\t}\n\t} else if (env) {\n\t\t// is string ?\n\t\tif (typeof env === \"string\") {\n\t\t\t// here we hava filename\n\t\t\tdotenv = env;\n\t\t} else if (typeof options.env === \"boolean\" && options.env === true) {\n\t\t\t// is true ?\n\t\t\tdotenv = \".env\";\n\t\t}\n\t} else {\n\t\t// if not set, we use default\n\t\tdotsec = \".sec\";\n\t\tconsole.warn(\n\t\t\t`Since no value is set for neither ${strong(\"sec\")} nor ${strong(\n\t\t\t\t\"env\",\n\t\t\t)}, we use default value for sec which is .sec`,\n\t\t);\n\t}\n\n\tlet envContents: string | undefined;\n\n\tif (dotenv) {\n\t\tenvContents = fs.readFileSync(dotenv, \"utf8\");\n\t} else if (dotsec) {\n\t\tconst dotSecContents = fs.readFileSync(dotsec, \"utf8\");\n\t\tenvContents = await encryptionPlugin.decrypt(dotSecContents);\n\t\tconsole.log(\"envContents\", envContents);\n\t} else {\n\t}\n\tif (envContents) {\n\t\tconst dotenvVars = parse(envContents);\n\t\tObject.entries(dotenvVars).map(([key, value]) => {\n\t\t\tprocess.env[key] = value;\n\t\t});\n\t} else {\n\t\tthrow new Error(\"No .env or .sec file provided\");\n\t}\n};\n\nconst dotsec = {\n\tconfig,\n};\n\nexport default dotsec;\n", "import { DotsecConfig } from \"./types\";\n\nexport const DOTSEC_DEFAULT_CONFIG_FILE = \"dotsec.config.ts\";\nexport const DOTSEC_CONFIG_FILES = [DOTSEC_DEFAULT_CONFIG_FILE];\nexport const DOTSEC_DEFAULT_DOTSEC_FILENAME = \".sec\";\nexport const DOTSEC_DEFAULT_DOTENV_FILENAME = \".env\";\nexport const DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS = \"alias/dotsec\";\nexport const DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE = \"SecureString\";\n\nexport const defaultConfig: DotsecConfig = {\n\tconfig: {\n\t\taws: {\n\t\t\tkms: {\n\t\t\t\tkeyAlias: DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n\t\t\t},\n\t\t\tssm: {\n\t\t\t\tparameterType: DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE,\n\t\t\t},\n\t\t},\n\t},\n};\n", "import {\n\tDecryptCommand,\n\tDescribeKeyCommand,\n\tEncryptCommand,\n\tKMSClient,\n} from \"@aws-sdk/client-kms\";\nimport { EncryptionEngineFactory } from \"../../types\";\nimport { handleCredentialsAndRegion } from \"./handleCredentialsAndRegion\";\n\nexport type AwsEncryptionEngineFactory = EncryptionEngineFactory<\n\t{ region?: string; kms?: { keyAlias?: string } },\n\t{ other: () => void }\n>;\n\nexport const awsEncryptionEngineFactory: AwsEncryptionEngineFactory = async (\n\toptions,\n) => {\n\tconst {\n\t\tkms: { keyAlias } = {},\n\t\tregion,\n\t} = options;\n\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst kmsClient = new KMSClient({\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: region || regionAndOrigin.value,\n\t});\n\n\tconst describeKeyCommand = new DescribeKeyCommand({\n\t\tKeyId: keyAlias,\n\t});\n\n\tconst describeKeyResult = await kmsClient.send(describeKeyCommand);\n\tconst encryptionAlgorithm =\n\t\tdescribeKeyResult.KeyMetadata?.EncryptionAlgorithms?.[0];\n\n\tif (encryptionAlgorithm === undefined) {\n\t\tthrow new Error(\"Could not determine encryption algorithm\");\n\t}\n\n\treturn {\n\t\tasync encrypt(plaintext: string): Promise<string> {\n\t\t\tconst encryptCommand = new EncryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tPlaintext: Buffer.from(plaintext),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\t\t\tconst encryptionResult = await kmsClient.send(encryptCommand);\n\n\t\t\tif (!encryptionResult.CiphertextBlob) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tencryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst cipherText = Buffer.from(encryptionResult.CiphertextBlob).toString(\n\t\t\t\t\"base64\",\n\t\t\t);\n\n\t\t\treturn cipherText;\n\t\t},\n\t\tasync decrypt(cipherText: string): Promise<string> {\n\t\t\tconst decryptCommand = new DecryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tCiphertextBlob: Buffer.from(cipherText, \"base64\"),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\n\t\t\tconst decryptionResult = await kmsClient.send(decryptCommand);\n\n\t\t\tif (!decryptionResult.Plaintext) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tcipherText: cipherText,\n\t\t\t\t\t\tdecryptCommand: decryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst decryptedValue = Buffer.from(decryptionResult.Plaintext).toString();\n\n\t\t\tif (this.verbose) {\n\t\t\t\tconsole.info(`Decrypting key '${cipherText}'`);\n\t\t\t}\n\n\t\t\treturn decryptedValue;\n\t\t},\n\t\tother: () => {},\n\t};\n};\n", "import {\n\tfromEnv,\n\tfromIni,\n\tfromTemporaryCredentials,\n} from \"@aws-sdk/credential-providers\";\nimport { loadSharedConfigFiles } from \"@aws-sdk/shared-ini-file-loader\";\nimport { emphasis, strong } from \"../../utils/logger\";\n\nimport {\n\tCredentialsAndOrigin,\n\tProfileAndOrigin,\n\tRegionAndOrigin,\n} from \"./types\";\n\nexport const getCredentialsProfileRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tprofile?: string;\n\t\tregion?: string;\n\t\tassumeRoleArn?: string;\n\t\tassumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string;\n\t\tAWS_ACCESS_KEY_ID?: string;\n\t\tAWS_SECRET_ACCESS_KEY?: string;\n\t\tAWS_REGION?: string;\n\t\tAWS_DEFAULT_REGION?: string;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst sharedConfigFiles = await loadSharedConfigFiles();\n\tlet credentialsAndOrigin: CredentialsAndOrigin | undefined = undefined;\n\tlet profileAndOrigin: ProfileAndOrigin | undefined = undefined;\n\tlet regionAndOrigin: RegionAndOrigin | undefined = undefined;\n\tif (argv.profile) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: argv.profile,\n\t\t\torigin: `command line option: ${emphasis(argv.profile)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: argv.profile,\n\t\t\t})(),\n\t\t\torigin: `${emphasis(`[${argv.profile}]`)} in credentials file`,\n\t\t};\n\t} else if (env.AWS_PROFILE) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: env.AWS_PROFILE,\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: env.AWS_PROFILE,\n\t\t\t})(),\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_ACCESS_KEY_ID && env.AWS_SECRET_ACCESS_KEY) {\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromEnv()(),\n\t\t\torigin: `env variables ${emphasis(\"AWS_ACCESS_KEY_ID\")} and ${emphasis(\n\t\t\t\t\"AWS_SECRET_ACCESS_KEY\",\n\t\t\t)}`,\n\t\t};\n\t} else if (sharedConfigFiles.credentialsFile?.default) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: \"default\",\n\t\t\torigin: `${emphasis(\"[default]\")} in credentials file`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: \"default\",\n\t\t\t})(),\n\t\t\torigin: `profile ${emphasis(\"[default]\")}`,\n\t\t};\n\t}\n\n\tif (argv.region) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: argv.region,\n\t\t\torigin: `command line option: ${emphasis(argv.region)}`,\n\t\t};\n\t} else if (env.AWS_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_DEFAULT_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_DEFAULT_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_DEFAULT_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_DEFAULT_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (profileAndOrigin) {\n\t\tconst foundRegion =\n\t\t\tsharedConfigFiles?.configFile?.[profileAndOrigin.value]?.region;\n\n\t\tif (foundRegion) {\n\t\t\tregionAndOrigin = {\n\t\t\t\tvalue: foundRegion,\n\t\t\t\torigin: `${emphasis(\n\t\t\t\t\t`[profile ${profileAndOrigin.value}]`,\n\t\t\t\t)} in config file`,\n\t\t\t};\n\t\t}\n\t}\n\n\tconst assumedRole = argv.assumeRoleArn || env.AWS_ASSUME_ROLE_ARN;\n\tif (assumedRole) {\n\t\tconst origin = argv.assumeRoleArn ? \"command line option\" : \"env variable\";\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromTemporaryCredentials({\n\t\t\t\tmasterCredentials: credentialsAndOrigin?.value,\n\n\t\t\t\tparams: {\n\t\t\t\t\tDurationSeconds:\n\t\t\t\t\t\targv.assumeRoleSessionDuration ||\n\t\t\t\t\t\tNumber(env.AWS_ASSUME_ROLE_SESSION_DURATION) ||\n\t\t\t\t\t\t3600,\n\t\t\t\t\tRoleArn: assumedRole,\n\t\t\t\t},\n\n\t\t\t\tclientConfig: {\n\t\t\t\t\tregion: regionAndOrigin?.value,\n\t\t\t\t},\n\t\t\t})(),\n\t\t\torigin: `${origin} ${emphasis(`[${assumedRole}]`)}`,\n\t\t};\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin, profileAndOrigin };\n};\n\nexport const printVerboseCredentialsProfileRegion = ({\n\tcredentialsAndOrigin,\n\tregionAndOrigin,\n\tprofileAndOrigin,\n}: {\n\tcredentialsAndOrigin?: CredentialsAndOrigin;\n\tregionAndOrigin?: RegionAndOrigin;\n\tprofileAndOrigin?: ProfileAndOrigin;\n}): string => {\n\tconst out: string[] = [];\n\tif (profileAndOrigin) {\n\t\tout.push(`Got profile name from ${profileAndOrigin.origin}`);\n\t}\n\tif (credentialsAndOrigin) {\n\t\tout.push(`Resolved credentials from ${credentialsAndOrigin.origin}`);\n\t}\n\tif (regionAndOrigin) {\n\t\tout.push(`Resolved region from ${regionAndOrigin.origin}`);\n\t}\n\treturn out.join(\"\\n\");\n};\n", "import chalk from \"chalk\";\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">;\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console;\n\t}\n\n\treturn _logger;\n};\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str);\n};\nexport const emphasis = (str: string): string => chalk.yellowBright(str);\nexport const strong = (str: string): string => chalk.yellow.bold(str);\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content);\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content);\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content);\n\t},\n\terror(content: object) {\n\t\tconsole.error(content);\n\t},\n};\n", "import {\n\tgetCredentialsProfileRegion,\n\tprintVerboseCredentialsProfileRegion,\n} from \"./getCredentialsProfileRegion\";\n\nexport const handleCredentialsAndRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tawsRegion?: string;\n\t\tawsProfile?: string;\n\t\tverbose?: boolean;\n\t\tawsAssumeRoleArn?: string;\n\t\tawsAssumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string | undefined;\n\t\tAWS_ACCESS_KEY_ID?: string | undefined;\n\t\tAWS_SECRET_ACCESS_KEY?: string | undefined;\n\t\tAWS_REGION?: string | undefined;\n\t\tAWS_DEFAULT_REGION?: string | undefined;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst { credentialsAndOrigin, regionAndOrigin, profileAndOrigin } =\n\t\tawait getCredentialsProfileRegion({\n\t\t\targv: {\n\t\t\t\tregion: argv.awsRegion,\n\t\t\t\tprofile: argv.awsProfile,\n\t\t\t\tassumeRoleArn: argv.awsAssumeRoleArn,\n\t\t\t\tassumeRoleSessionDuration: argv.awsAssumeRoleSessionDuration,\n\t\t\t},\n\t\t\tenv: {\n\t\t\t\t...env,\n\t\t\t},\n\t\t});\n\n\tif (argv.verbose === true) {\n\t\tconsole.log(\n\t\t\tprintVerboseCredentialsProfileRegion({\n\t\t\t\tcredentialsAndOrigin,\n\t\t\t\tregionAndOrigin,\n\t\t\t\tprofileAndOrigin,\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (!(credentialsAndOrigin && regionAndOrigin)) {\n\t\tif (!credentialsAndOrigin) {\n\t\t\tconsole.error(\"Could not find credentials\");\n\t\t\tthrow new Error(\"Could not find credentials\");\n\t\t}\n\t\tif (!regionAndOrigin) {\n\t\t\tconsole.error(\"Could not find region\");\n\t\t\tthrow new Error(\"Could not find region\");\n\t\t}\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin };\n};\n", "import path from \"node:path\";\n\nimport { bundleRequire } from \"bundle-require\";\nimport JoyCon from \"joycon\";\n\nimport { loadJson } from \"../json\";\nimport { DotsecConfig, DotsecConfigAndSource } from \"../../types\";\nimport { defaultConfig, DOTSEC_CONFIG_FILES } from \"../../constants\";\n\nexport const getConfig = async (\n\tfilename?: string,\n): Promise<DotsecConfigAndSource> => {\n\tconst cwd = process.cwd();\n\tconst configJoycon = new JoyCon();\n\tconst configPath = await configJoycon.resolve({\n\t\tfiles: filename ? [filename] : [...DOTSEC_CONFIG_FILES, \"package.json\"],\n\t\tcwd,\n\t\tstopDir: path.parse(cwd).root,\n\t\tpackageKey: \"dotsec\",\n\t});\n\tif (filename && configPath === null) {\n\t\tthrow new Error(`Could not find config file ${filename}`);\n\t}\n\tif (configPath) {\n\t\tif (configPath.endsWith(\".json\")) {\n\t\t\tconst rawData = (await loadJson(configPath)) as Partial<DotsecConfig>;\n\n\t\t\tlet data: Partial<DotsecConfig>;\n\n\t\t\tif (\n\t\t\t\tconfigPath.endsWith(\"package.json\") &&\n\t\t\t\t(rawData as { dotsec: Partial<DotsecConfig> }).dotsec !== undefined\n\t\t\t) {\n\t\t\t\tdata = (rawData as { dotsec: Partial<DotsecConfig> }).dotsec;\n\t\t\t} else {\n\t\t\t\tdata = rawData as Partial<DotsecConfig>;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tsource: \"json\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t} else if (configPath.endsWith(\".ts\")) {\n\t\t\tconst bundleRequireResult = await bundleRequire({\n\t\t\t\tfilepath: configPath,\n\t\t\t});\n\t\t\tconst data = (bundleRequireResult.mod.dotsec ||\n\t\t\t\tbundleRequireResult.mod.default ||\n\t\t\t\tbundleRequireResult.mod) as Partial<DotsecConfig>;\n\n\t\t\treturn {\n\t\t\t\tsource: \"ts\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n\n\treturn { source: \"defaultConfig\", contents: defaultConfig };\n};\n", "import fs from \"fs\";\nimport path from \"node:path\";\n\nexport function jsoncParse(data: string) {\n\ttry {\n\t\treturn new Function(`return ${data.trim()}`)();\n\t} catch {\n\t\t// Silently ignore any error\n\t\t// That's what tsc/jsonc-parser did after all\n\t\treturn {};\n\t}\n}\n\nexport const loadJson = async (filepath: string) => {\n\ttry {\n\t\treturn jsoncParse(await fs.promises.readFile(filepath, \"utf8\"));\n\t} catch (error) {\n\t\tif (error instanceof Error) {\n\t\t\tthrow new Error(\n\t\t\t\t`Failed to parse ${path.relative(process.cwd(), filepath)}: ${\n\t\t\t\t\terror.message\n\t\t\t\t}`,\n\t\t\t);\n\t\t} else {\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n"],
5
- "mappings": "m8BAAA,6BCAA,OAAsB,qBCEf,GAAM,IAA6B,mBAC7B,GAAsB,CAAC,IAG7B,GAAM,GAAmC,eACnC,GAAwC,eAExC,EAA8B,CAC1C,OAAQ,CACP,IAAK,CACJ,IAAK,CACJ,SAAU,GAEX,IAAK,CACJ,cAAe,OChBnB,MAKO,kCCLP,MAIO,4CACP,GAAsC,8CCLtC,MAAkB,oBAYX,GAAM,GAAW,AAAC,GAAwB,UAAM,aAAa,GACvD,EAAS,AAAC,GAAwB,UAAM,OAAO,KAAK,GDC1D,GAAM,IAA8B,MAAO,CACjD,OACA,SAkBK,CAlCN,UAmCC,GAAM,GAAoB,KAAM,+BAC5B,EACA,EACA,EA+CJ,GA9CA,AAAI,EAAK,QACR,GAAmB,CAClB,MAAO,EAAK,QACZ,OAAQ,wBAAwB,EAAS,EAAK,YAE/C,EAAuB,CACtB,MAAO,KAAM,cAAQ,CACpB,QAAS,EAAK,YAEf,OAAQ,GAAG,EAAS,IAAI,EAAK,oCAExB,AAAI,EAAI,YACd,GAAmB,CAClB,MAAO,EAAI,YACX,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,gBAGN,EAAuB,CACtB,MAAO,KAAM,cAAQ,CACpB,QAAS,EAAI,gBAEd,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,iBAGA,AAAI,EAAI,mBAAqB,EAAI,sBACvC,EAAuB,CACtB,MAAO,KAAM,kBACb,OAAQ,iBAAiB,EAAS,4BAA4B,EAC7D,4BAGQ,MAAkB,kBAAlB,cAAmC,UAC7C,GAAmB,CAClB,MAAO,UACP,OAAQ,GAAG,EAAS,oCAErB,EAAuB,CACtB,MAAO,KAAM,cAAQ,CACpB,QAAS,cAEV,OAAQ,WAAW,EAAS,iBAI1B,EAAK,OACR,EAAkB,CACjB,MAAO,EAAK,OACZ,OAAQ,wBAAwB,EAAS,EAAK,mBAErC,EAAI,WACd,EAAkB,CACjB,MAAO,EAAI,WACX,OAAQ,gBAAgB,EAAS,kBAAkB,EAClD,EAAI,uBAGI,EAAI,mBACd,EAAkB,CACjB,MAAO,EAAI,mBACX,OAAQ,gBAAgB,EAAS,0BAA0B,EAC1D,EAAI,+BAGI,EAAkB,CAC5B,GAAM,GACL,uBAAmB,aAAnB,cAAgC,EAAiB,SAAjD,cAAyD,OAE1D,AAAI,GACH,GAAkB,CACjB,MAAO,EACP,OAAQ,GAAG,EACV,YAAY,EAAiB,6BAMjC,GAAM,GAAc,EAAK,eAAiB,EAAI,oBAC9C,GAAI,EAAa,CAChB,GAAM,GAAS,EAAK,cAAgB,sBAAwB,eAC5D,EAAuB,CACtB,MAAO,KAAM,+BAAyB,CACrC,kBAAmB,iBAAsB,MAEzC,OAAQ,CACP,gBACC,EAAK,2BACL,OAAO,EAAI,mCACX,KACD,QAAS,GAGV,aAAc,CACb,OAAQ,iBAAiB,WAG3B,OAAQ,GAAG,KAAU,EAAS,IAAI,SAIpC,MAAO,CAAE,uBAAsB,kBAAiB,qBAGpC,GAAuC,CAAC,CACpD,uBACA,kBACA,sBAKa,CACb,GAAM,GAAgB,GACtB,MAAI,IACH,EAAI,KAAK,yBAAyB,EAAiB,UAEhD,GACH,EAAI,KAAK,6BAA6B,EAAqB,UAExD,GACH,EAAI,KAAK,wBAAwB,EAAgB,UAE3C,EAAI,KAAK;IE9JV,GAAM,IAA6B,MAAO,CAChD,OACA,SAmBK,CACL,GAAM,CAAE,uBAAsB,kBAAiB,oBAC9C,KAAM,IAA4B,CACjC,KAAM,CACL,OAAQ,EAAK,UACb,QAAS,EAAK,WACd,cAAe,EAAK,iBACpB,0BAA2B,EAAK,8BAEjC,IAAK,KACD,KAcN,GAVI,EAAK,UAAY,IACpB,QAAQ,IACP,GAAqC,CACpC,uBACA,kBACA,sBAKC,CAAE,IAAwB,GAAkB,CAC/C,GAAI,CAAC,EACJ,cAAQ,MAAM,8BACR,GAAI,OAAM,8BAEjB,GAAI,CAAC,EACJ,cAAQ,MAAM,yBACR,GAAI,OAAM,yBAIlB,MAAO,CAAE,uBAAsB,oBH/CzB,GAAM,IAAyD,KACrE,IACI,CAhBL,QAiBC,GAAM,CACL,IAAK,CAAE,YAAa,GACpB,UACG,EAEE,CAAE,uBAAsB,mBAC7B,KAAM,IAA2B,CAChC,KAAM,GACN,IAAK,KAAK,QAAQ,OAGd,EAAY,GAAI,aAAU,CAC/B,YAAa,EAAqB,MAClC,OAAQ,GAAU,EAAgB,QAG7B,EAAqB,GAAI,sBAAmB,CACjD,MAAO,IAIF,EACL,MAFyB,MAAM,GAAU,KAAK,IAE5B,cAAlB,cAA+B,uBAA/B,cAAsD,GAEvD,GAAI,IAAwB,OAC3B,KAAM,IAAI,OAAM,4CAGjB,MAAO,MACA,SAAQ,EAAoC,CACjD,GAAM,GAAiB,GAAI,kBAAe,CACzC,MAAO,EACP,UAAW,OAAO,KAAK,GACvB,oBAAqB,IAEhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,eACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,sBASH,MAJmB,QAAO,KAAK,EAAiB,gBAAgB,SAC/D,gBAKI,SAAQ,EAAqC,CAClD,GAAM,GAAiB,GAAI,kBAAe,CACzC,MAAO,EACP,eAAgB,OAAO,KAAK,EAAY,UACxC,oBAAqB,IAGhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,UACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,WAAY,EACZ,eAAgB,OAKnB,GAAM,GAAiB,OAAO,KAAK,EAAiB,WAAW,WAE/D,MAAI,MAAK,SACR,QAAQ,KAAK,mBAAmB,MAG1B,GAER,MAAO,IAAM,KI9Ff,OAAiB,wBAEjB,GAA8B,6BAC9B,GAAmB,qBCHnB,OAAe,iBACf,GAAiB,wBAEV,YAAoB,EAAc,CACxC,GAAI,CACH,MAAO,IAAI,UAAS,UAAU,EAAK,iBAClC,CAGD,MAAO,IAIF,GAAM,IAAW,KAAO,IAAqB,CACnD,GAAI,CACH,MAAO,IAAW,KAAM,YAAG,SAAS,SAAS,EAAU,eAC/C,EAAP,CACD,KAAI,aAAiB,OACd,GAAI,OACT,mBAAmB,WAAK,SAAS,QAAQ,MAAO,OAC/C,EAAM,WAIF,IDfF,GAAM,IAAY,KACxB,IACoC,CAXrC,4EAYC,GAAM,GAAM,QAAQ,MAEd,EAAa,KAAM,AADJ,IAAI,cACa,QAAQ,CAC7C,MAAO,EAAW,CAAC,GAAY,CAAC,GAAG,GAAqB,gBACxD,MACA,QAAS,WAAK,MAAM,GAAK,KACzB,WAAY,WAEb,GAAI,GAAY,IAAe,KAC9B,KAAM,IAAI,OAAM,8BAA8B,KAE/C,GAAI,GACH,GAAI,EAAW,SAAS,SAAU,CACjC,GAAM,GAAW,KAAM,IAAS,GAE5B,EAEJ,MACC,GAAW,SAAS,iBACnB,EAA8C,SAAW,OAE1D,EAAQ,EAA8C,OAEtD,EAAO,EAGD,CACN,OAAQ,OACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,+BAMhB,EAAW,SAAS,OAAQ,CACtC,GAAM,GAAsB,KAAM,qBAAc,CAC/C,SAAU,IAEL,EAAQ,EAAoB,IAAI,QACrC,EAAoB,IAAI,SACxB,EAAoB,IAErB,MAAO,CACN,OAAQ,KACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,wBAS5B,MAAO,CAAE,OAAQ,gBAAiB,SAAU,INnG7C,MAAe,sBAIf,GAAM,IAAS,KACd,IAWI,CApBL,gBAqBC,GAAM,CAAE,aAAY,MAAK,MAAK,gBAAiB,EACzC,CACL,SAAU,CAAE,UAAW,CAAE,OAAQ,KAC9B,EAAe,CAAE,SAAU,GAAiB,KAAM,IAAU,GAC1D,EACL,SAAQ,MAAR,cAAa,MAAb,cAAkB,WAClB,wBAAQ,MAAR,cAAa,MAAb,cAAkB,WAClB,EAEK,EAAS,MAAQ,MAAR,cAAa,SAAU,qBAAQ,MAAR,cAAa,QAC7C,EAAmB,KAAM,IAA2B,CACzD,QAAS,GACT,IAAK,CACJ,SAAU,GAEX,OAAQ,IAGL,EACA,EAEJ,AAAI,EAEH,AAAI,MAAO,IAAQ,SAElB,EAAS,EACC,MAAO,GAAQ,KAAQ,WAAa,EAAQ,MAAQ,IAE9D,GAAS,QAEJ,AAAI,EAEV,AAAI,MAAO,IAAQ,SAElB,EAAS,EACC,MAAO,GAAQ,KAAQ,WAAa,EAAQ,MAAQ,IAE9D,GAAS,QAIV,GAAS,OACT,QAAQ,KACP,qCAAqC,EAAO,cAAc,EACzD,uDAKH,GAAI,GAEJ,GAAI,EACH,EAAc,UAAG,aAAa,EAAQ,gBAC5B,EAAQ,CAClB,GAAM,GAAiB,UAAG,aAAa,EAAQ,QAC/C,EAAc,KAAM,GAAiB,QAAQ,GAC7C,QAAQ,IAAI,cAAe,GAG5B,GAAI,EAAa,CAChB,GAAM,GAAa,aAAM,GACzB,OAAO,QAAQ,GAAY,IAAI,CAAC,CAAC,EAAK,KAAW,CAChD,QAAQ,IAAI,GAAO,QAGpB,MAAM,IAAI,OAAM,kCAIZ,GAAS,CACd,WAGM,GAAQ,GD3Ff,GAAO,IAAQ",
3
+ "sources": ["../src/index.ts", "../src/utils/prompts.ts", "../src/utils/fromEnv.ts", "../src/utils/logging.ts"],
4
+ "sourcesContent": ["export type {\n\tDotsecEncryptionEngine,\n\tDotsecEncryptionEngineFactory,\n\tDotsecEncryptionEngineFactoryProps,\n\tFromEnv,\n\tDotsecPlugin,\n\tDotsecPluginModule,\n\tMeh,\n\tDotsecConfig,\n} from \"./types\";\nexport { promptExecute } from \"./utils/prompts\";\nexport { resolveFromEnv } from \"./utils/fromEnv\";\n\n// import dotsec from \"./dotsec\";\n// export default dotsec;\n\nexport { Table, emphasis, strong, writeLine } from \"./utils/logging\";\n", "import prompts from \"prompts\";\n\nexport const promptConfirm = async ({\n\tpredicate,\n\tskip,\n\tmessage,\n}: {\n\tpredicate?: (...args: unknown[]) => Promise<boolean> | boolean;\n\tskip?: boolean;\n\tmessage: string;\n}): Promise<boolean> => {\n\tif (skip === true) {\n\t\treturn true;\n\t} else {\n\t\tconst result = predicate ? await predicate() : true;\n\t\tif (result) {\n\t\t\tconst confirmResult = await prompts({\n\t\t\t\ttype: \"confirm\",\n\t\t\t\tname: \"confirm\",\n\t\t\t\tmessage: () => {\n\t\t\t\t\treturn message;\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tif (confirmResult.confirm === true) {\n\t\t\t\treturn true;\n\t\t\t}\n\t\t}\n\t}\n\treturn false;\n};\n\nexport const promptExecute = async ({\n\tskip,\n\tmessage,\n\texecute,\n}: {\n\tskip?: boolean;\n\tmessage: string;\n\texecute: () => unknown | Promise<unknown>;\n}) => {\n\tlet shouldExecute = false;\n\tif (skip) {\n\t\tshouldExecute = true;\n\t} else {\n\t\tconst promptResponse = await prompts({\n\t\t\ttype: \"confirm\",\n\t\t\tname: \"confirm\",\n\t\t\tmessage,\n\t\t});\n\n\t\tif (promptResponse.confirm === true) {\n\t\t\tshouldExecute = true;\n\t\t}\n\t}\n\n\tif (shouldExecute) {\n\t\tawait execute();\n\t}\n};\n", "import { expand } from \"dotenv-expand\";\n\nexport const resolveFromEnv = (options: {\n\tfromEnvValue?: string;\n\tenv: NodeJS.ProcessEnv;\n\tvariables: Record<string, string>;\n}) => {\n\tconst { fromEnvValue, env, variables } = options;\n\n\tif (!fromEnvValue) {\n\t\treturn \"\";\n\t}\n\n\treturn (\n\t\texpand({\n\t\t\tignoreProcessEnv: true,\n\t\t\tparsed: {\n\t\t\t\t// add standard env variables\n\t\t\t\t...(env as Record<string, string>),\n\t\t\t\t// add custom env variables, either from .env or .sec, (or empty object if none)\n\t\t\t\t...variables,\n\t\t\t\tRESOLVED: fromEnvValue || \"\",\n\t\t\t},\n\t\t}) as { parsed?: { RESOLVED?: string } }\n\t).parsed?.RESOLVED;\n};\n", "import chalk from \"chalk\"\nimport Table = require(\"cli-table\")\nexport { Table }\n\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console\n\t}\n\n\treturn _logger\n}\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str)\n}\nexport const emphasis = (str: string): string => chalk.yellowBright(str)\nexport const strong = (str: string): string => chalk.yellow.bold(str)\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content)\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content)\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content)\n\t},\n\terror(content: object) {\n\t\tconsole.error(content)\n\t},\n}\n"],
5
+ "mappings": "s6BAAA,8GCAA,MAAoB,sBAgCb,GAAM,GAAgB,MAAO,CACnC,OACA,UACA,aAKK,CACL,GAAI,GAAgB,GACpB,AAAI,IASC,AANmB,MAAM,cAAQ,CACpC,KAAM,UACN,KAAM,UACN,aAGkB,UAAY,KAC9B,GAAgB,IAId,GACH,KAAM,MCzDR,MAAuB,4BAEV,EAAiB,AAAC,GAIzB,CANN,MAOC,GAAM,CAAE,eAAc,MAAK,aAAc,EAEzC,MAAK,GAKJ,gBAAO,CACN,iBAAkB,GAClB,OAAQ,SAEH,GAED,GAJI,CAKP,SAAU,GAAgB,OAG3B,SAVD,cAUS,SAdF,ICVT,MAAkB,oBACX,EAAQ,QAAQ,aAWhB,GAAM,GAAY,AAAC,GAAgB,CACzC,QAAQ,OAAO,MAAM,IAET,EAAW,AAAC,GAAwB,UAAM,aAAa,GACvD,EAAS,AAAC,GAAwB,UAAM,OAAO,KAAK",
6
6
  "names": []
7
7
  }
package/dist/index.mjs CHANGED
@@ -1,3 +1,2 @@
1
- var ae=Object.defineProperty,ce=Object.defineProperties;var le=Object.getOwnPropertyDescriptors;var Z=Object.getOwnPropertySymbols;var fe=Object.prototype.hasOwnProperty,ge=Object.prototype.propertyIsEnumerable;var z=(e,n,i)=>n in e?ae(e,n,{enumerable:!0,configurable:!0,writable:!0,value:i}):e[n]=i,r=(e,n)=>{for(var i in n||(n={}))fe.call(n,i)&&z(e,i,n[i]);if(Z)for(var i of Z(n))ge.call(n,i)&&z(e,i,n[i]);return e},C=(e,n)=>ce(e,le(n));import{parse as ve}from"dotenv";var de="dotsec.config.ts",H=[de];var F="alias/dotsec",me="SecureString",g={config:{aws:{kms:{keyAlias:F},ssm:{parameterType:me}}}};import{DecryptCommand as Ee,DescribeKeyCommand as Se,EncryptCommand as _e,KMSClient as we}from"@aws-sdk/client-kms";import{fromEnv as pe,fromIni as I,fromTemporaryCredentials as ue}from"@aws-sdk/credential-providers";import{loadSharedConfigFiles as Ae}from"@aws-sdk/shared-ini-file-loader";import Q from"chalk";var d=e=>Q.yellowBright(e),_=e=>Q.yellow.bold(e);var X=async({argv:e,env:n})=>{var E,m,l;let i=await Ae(),o,a,s;if(e.profile?(a={value:e.profile,origin:`command line option: ${d(e.profile)}`},o={value:await I({profile:e.profile})(),origin:`${d(`[${e.profile}]`)} in credentials file`}):n.AWS_PROFILE?(a={value:n.AWS_PROFILE,origin:`env variable ${d("AWS_PROFILE")}: ${_(n.AWS_PROFILE)}`},o={value:await I({profile:n.AWS_PROFILE})(),origin:`env variable ${d("AWS_PROFILE")}: ${_(n.AWS_PROFILE)}`}):n.AWS_ACCESS_KEY_ID&&n.AWS_SECRET_ACCESS_KEY?o={value:await pe()(),origin:`env variables ${d("AWS_ACCESS_KEY_ID")} and ${d("AWS_SECRET_ACCESS_KEY")}`}:((E=i.credentialsFile)==null?void 0:E.default)&&(a={value:"default",origin:`${d("[default]")} in credentials file`},o={value:await I({profile:"default"})(),origin:`profile ${d("[default]")}`}),e.region)s={value:e.region,origin:`command line option: ${d(e.region)}`};else if(n.AWS_REGION)s={value:n.AWS_REGION,origin:`env variable ${d("AWS_REGION")}: ${_(n.AWS_REGION)}`};else if(n.AWS_DEFAULT_REGION)s={value:n.AWS_DEFAULT_REGION,origin:`env variable ${d("AWS_DEFAULT_REGION")}: ${_(n.AWS_DEFAULT_REGION)}`};else if(a){let c=(l=(m=i==null?void 0:i.configFile)==null?void 0:m[a.value])==null?void 0:l.region;c&&(s={value:c,origin:`${d(`[profile ${a.value}]`)} in config file`})}let A=e.assumeRoleArn||n.AWS_ASSUME_ROLE_ARN;if(A){let c=e.assumeRoleArn?"command line option":"env variable";o={value:await ue({masterCredentials:o==null?void 0:o.value,params:{DurationSeconds:e.assumeRoleSessionDuration||Number(n.AWS_ASSUME_ROLE_SESSION_DURATION)||3600,RoleArn:A},clientConfig:{region:s==null?void 0:s.value}})(),origin:`${c} ${d(`[${A}]`)}`}}return{credentialsAndOrigin:o,regionAndOrigin:s,profileAndOrigin:a}},ee=({credentialsAndOrigin:e,regionAndOrigin:n,profileAndOrigin:i})=>{let o=[];return i&&o.push(`Got profile name from ${i.origin}`),e&&o.push(`Resolved credentials from ${e.origin}`),n&&o.push(`Resolved region from ${n.origin}`),o.join(`
2
- `)};var ne=async({argv:e,env:n})=>{let{credentialsAndOrigin:i,regionAndOrigin:o,profileAndOrigin:a}=await X({argv:{region:e.awsRegion,profile:e.awsProfile,assumeRoleArn:e.awsAssumeRoleArn,assumeRoleSessionDuration:e.awsAssumeRoleSessionDuration},env:r({},n)});if(e.verbose===!0&&console.log(ee({credentialsAndOrigin:i,regionAndOrigin:o,profileAndOrigin:a})),!(i&&o)){if(!i)throw console.error("Could not find credentials"),new Error("Could not find credentials");if(!o)throw console.error("Could not find region"),new Error("Could not find region")}return{credentialsAndOrigin:i,regionAndOrigin:o}};var oe=async e=>{var l,c;let{kms:{keyAlias:n}={},region:i}=e,{credentialsAndOrigin:o,regionAndOrigin:a}=await ne({argv:{},env:r({},process.env)}),s=new we({credentials:o.value,region:i||a.value}),A=new Se({KeyId:n}),m=(c=(l=(await s.send(A)).KeyMetadata)==null?void 0:l.EncryptionAlgorithms)==null?void 0:c[0];if(m===void 0)throw new Error("Could not determine encryption algorithm");return{async encrypt(f){let p=new _e({KeyId:n,Plaintext:Buffer.from(f),EncryptionAlgorithm:m}),u=await s.send(p);if(!u.CiphertextBlob)throw new Error(`Something bad happened: ${JSON.stringify({encryptCommand:p})}`);return Buffer.from(u.CiphertextBlob).toString("base64")},async decrypt(f){let p=new Ee({KeyId:n,CiphertextBlob:Buffer.from(f,"base64"),EncryptionAlgorithm:m}),u=await s.send(p);if(!u.Plaintext)throw new Error(`Something bad happened: ${JSON.stringify({cipherText:f,decryptCommand:p})}`);let S=Buffer.from(u.Plaintext).toString();return this.verbose&&console.info(`Decrypting key '${f}'`),S},other:()=>{}}};import Oe from"node:path";import{bundleRequire as De}from"bundle-require";import he from"joycon";import Ce from"fs";import ye from"node:path";function Re(e){try{return new Function(`return ${e.trim()}`)()}catch{return{}}}var ie=async e=>{try{return Re(await Ce.promises.readFile(e,"utf8"))}catch(n){throw n instanceof Error?new Error(`Failed to parse ${ye.relative(process.cwd(),e)}: ${n.message}`):n}};var re=async e=>{var a,s,A,E,m,l,c,f,p,u,S,R,O,D,y,h,v,b,W,L,P,T,k,$,x,N,K,U,M,G,j,Y,B,J,V,q;let n=process.cwd(),o=await new he().resolve({files:e?[e]:[...H,"package.json"],cwd:n,stopDir:Oe.parse(n).root,packageKey:"dotsec"});if(e&&o===null)throw new Error(`Could not find config file ${e}`);if(o){if(o.endsWith(".json")){let w=await ie(o),t;return o.endsWith("package.json")&&w.dotsec!==void 0?t=w.dotsec:t=w,{source:"json",contents:C(r(r({},g),t),{config:C(r(r({},t==null?void 0:t.config),g.config),{aws:C(r(r({},(a=t==null?void 0:t.config)==null?void 0:a.aws),(A=(s=g)==null?void 0:s.config)==null?void 0:A.aws),{kms:r(r({},(l=(m=(E=g)==null?void 0:E.config)==null?void 0:m.aws)==null?void 0:l.kms),(f=(c=t.config)==null?void 0:c.aws)==null?void 0:f.kms),ssm:r(r({},(S=(u=(p=g)==null?void 0:p.config)==null?void 0:u.aws)==null?void 0:S.ssm),(O=(R=t.config)==null?void 0:R.aws)==null?void 0:O.ssm),secretsManager:r(r({},(h=(y=(D=g)==null?void 0:D.config)==null?void 0:y.aws)==null?void 0:h.secretsManager),(b=(v=t.config)==null?void 0:v.aws)==null?void 0:b.secretsManager)})})})}}else if(o.endsWith(".ts")){let w=await De({filepath:o}),t=w.mod.dotsec||w.mod.default||w.mod;return{source:"ts",contents:C(r(r({},g),t),{config:C(r(r({},t==null?void 0:t.config),g.config),{aws:C(r(r({},(W=t==null?void 0:t.config)==null?void 0:W.aws),(P=(L=g)==null?void 0:L.config)==null?void 0:P.aws),{kms:r(r({},($=(k=(T=g)==null?void 0:T.config)==null?void 0:k.aws)==null?void 0:$.kms),(N=(x=t.config)==null?void 0:x.aws)==null?void 0:N.kms),ssm:r(r({},(M=(U=(K=g)==null?void 0:K.config)==null?void 0:U.aws)==null?void 0:M.ssm),(j=(G=t.config)==null?void 0:G.aws)==null?void 0:j.ssm),secretsManager:r(r({},(J=(B=(Y=g)==null?void 0:Y.config)==null?void 0:B.aws)==null?void 0:J.secretsManager),(q=(V=t.config)==null?void 0:V.aws)==null?void 0:q.secretsManager)})})})}}}return{source:"defaultConfig",contents:g}};import te from"node:fs";var Fe=async e=>{var p,u,S,R,O,D;let{configFile:n,sec:i,env:o,dotsecConfig:a}=e,{contents:{config:s}={config:{}}}=a?{contents:a}:await re(n),A=((u=(p=e.aws)==null?void 0:p.kms)==null?void 0:u.keyAlias)||((R=(S=s==null?void 0:s.aws)==null?void 0:S.kms)==null?void 0:R.keyAlias)||F,E=((O=e.aws)==null?void 0:O.region)||((D=s==null?void 0:s.aws)==null?void 0:D.region),m=await oe({verbose:!0,kms:{keyAlias:A},region:E}),l,c;i?typeof i=="string"?l=i:typeof e.sec=="boolean"&&e.sec===!0&&(l=".sec"):o?typeof o=="string"?c=o:typeof e.env=="boolean"&&e.env===!0&&(c=".env"):(l=".sec",console.warn(`Since no value is set for neither ${_("sec")} nor ${_("env")}, we use default value for sec which is .sec`));let f;if(c)f=te.readFileSync(c,"utf8");else if(l){let y=te.readFileSync(l,"utf8");f=await m.decrypt(y),console.log("envContents",f)}if(f){let y=ve(f);Object.entries(y).map(([h,v])=>{process.env[h]=v})}else throw new Error("No .env or .sec file provided")},Ie={config:Fe},se=Ie;var an=se;export{an as default};
1
+ var a=Object.defineProperty,m=Object.defineProperties;var g=Object.getOwnPropertyDescriptors;var i=Object.getOwnPropertySymbols;var u=Object.prototype.hasOwnProperty,f=Object.prototype.propertyIsEnumerable;var c=(e,o,r)=>o in e?a(e,o,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[o]=r,s=(e,o)=>{for(var r in o||(o={}))u.call(o,r)&&c(e,r,o[r]);if(i)for(var r of i(o))f.call(o,r)&&c(e,r,o[r]);return e},p=(e,o)=>m(e,g(o));var E=(e=>typeof require!="undefined"?require:typeof Proxy!="undefined"?new Proxy(e,{get:(o,r)=>(typeof require!="undefined"?require:o)[r]}):e)(function(e){if(typeof require!="undefined")return require.apply(this,arguments);throw new Error('Dynamic require of "'+e+'" is not supported')});import x from"prompts";var b=async({skip:e,message:o,execute:r})=>{let t=!1;(e||(await x({type:"confirm",name:"confirm",message:o})).confirm===!0)&&(t=!0),t&&await r()};import{expand as v}from"dotenv-expand";var d=e=>{var n;let{fromEnvValue:o,env:r,variables:t}=e;return o?(n=v({ignoreProcessEnv:!0,parsed:p(s(s({},r),t),{RESOLVED:o||""})}).parsed)==null?void 0:n.RESOLVED:""};import l from"chalk";var w=E("cli-table");var y=e=>{process.stdout.write(e)},D=e=>l.yellowBright(e),P=e=>l.yellow.bold(e);export{w as Table,D as emphasis,b as promptExecute,d as resolveFromEnv,P as strong,y as writeLine};
3
2
  //# sourceMappingURL=index.mjs.map
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
- "sources": ["../src/dotsec.ts", "../src/constants.ts", "../src/lib/aws/AwsKmsEncryptionEngine.ts", "../src/lib/aws/getCredentialsProfileRegion.ts", "../src/utils/logger.ts", "../src/lib/aws/handleCredentialsAndRegion.ts", "../src/lib/config/index.ts", "../src/lib/json.ts", "../src/index.ts"],
4
- "sourcesContent": ["import { parse } from \"dotenv\";\nimport { DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS } from \"./constants\";\nimport { awsEncryptionEngineFactory } from \"./lib/aws/AwsKmsEncryptionEngine\";\nimport { getConfig } from \"./lib/config\";\nimport fs from \"node:fs\";\nimport { strong } from \"./utils/logger\";\nimport { DotsecConfig } from \"./types\";\n\nconst config = async (\n\toptions: {\n\t\taws?: { region?: string; kms?: { keyAlias?: string } };\n\t} & (\n\t\t| { sec: true | string; env?: never }\n\t\t| { env: true | string; sec?: never }\n\t) &\n\t\t(\n\t\t\t| { dotsecConfig: DotsecConfig; configFile?: never }\n\t\t\t| { dotsecConfig?: never; configFile: string }\n\t\t\t| { dotsecConfig?: never; configFile?: never }\n\t\t),\n) => {\n\tconst { configFile, sec, env, dotsecConfig } = options;\n\tconst {\n\t\tcontents: { config } = { config: {} },\n\t} = dotsecConfig ? { contents: dotsecConfig } : await getConfig(configFile);\n\tconst keyAlias =\n\t\toptions.aws?.kms?.keyAlias ||\n\t\tconfig?.aws?.kms?.keyAlias ||\n\t\tDOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS;\n\n\tconst region = options.aws?.region || config?.aws?.region;\n\tconst encryptionPlugin = await awsEncryptionEngineFactory({\n\t\tverbose: true,\n\t\tkms: {\n\t\t\tkeyAlias: keyAlias,\n\t\t},\n\t\tregion: region,\n\t});\n\n\tlet dotsec: string | undefined;\n\tlet dotenv: string | undefined;\n\t// is set?\n\tif (sec) {\n\t\t// is string ?\n\t\tif (typeof sec === \"string\") {\n\t\t\t// here we hava filename\n\t\t\tdotsec = sec;\n\t\t} else if (typeof options.sec === \"boolean\" && options.sec === true) {\n\t\t\t// is true ?\n\t\t\tdotsec = \".sec\";\n\t\t}\n\t} else if (env) {\n\t\t// is string ?\n\t\tif (typeof env === \"string\") {\n\t\t\t// here we hava filename\n\t\t\tdotenv = env;\n\t\t} else if (typeof options.env === \"boolean\" && options.env === true) {\n\t\t\t// is true ?\n\t\t\tdotenv = \".env\";\n\t\t}\n\t} else {\n\t\t// if not set, we use default\n\t\tdotsec = \".sec\";\n\t\tconsole.warn(\n\t\t\t`Since no value is set for neither ${strong(\"sec\")} nor ${strong(\n\t\t\t\t\"env\",\n\t\t\t)}, we use default value for sec which is .sec`,\n\t\t);\n\t}\n\n\tlet envContents: string | undefined;\n\n\tif (dotenv) {\n\t\tenvContents = fs.readFileSync(dotenv, \"utf8\");\n\t} else if (dotsec) {\n\t\tconst dotSecContents = fs.readFileSync(dotsec, \"utf8\");\n\t\tenvContents = await encryptionPlugin.decrypt(dotSecContents);\n\t\tconsole.log(\"envContents\", envContents);\n\t} else {\n\t}\n\tif (envContents) {\n\t\tconst dotenvVars = parse(envContents);\n\t\tObject.entries(dotenvVars).map(([key, value]) => {\n\t\t\tprocess.env[key] = value;\n\t\t});\n\t} else {\n\t\tthrow new Error(\"No .env or .sec file provided\");\n\t}\n};\n\nconst dotsec = {\n\tconfig,\n};\n\nexport default dotsec;\n", "import { DotsecConfig } from \"./types\";\n\nexport const DOTSEC_DEFAULT_CONFIG_FILE = \"dotsec.config.ts\";\nexport const DOTSEC_CONFIG_FILES = [DOTSEC_DEFAULT_CONFIG_FILE];\nexport const DOTSEC_DEFAULT_DOTSEC_FILENAME = \".sec\";\nexport const DOTSEC_DEFAULT_DOTENV_FILENAME = \".env\";\nexport const DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS = \"alias/dotsec\";\nexport const DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE = \"SecureString\";\n\nexport const defaultConfig: DotsecConfig = {\n\tconfig: {\n\t\taws: {\n\t\t\tkms: {\n\t\t\t\tkeyAlias: DOTSEC_DEFAULT_AWS_KMS_KEY_ALIAS,\n\t\t\t},\n\t\t\tssm: {\n\t\t\t\tparameterType: DOTSEC_DEFAULT_AWS_SSM_PARAMETER_TYPE,\n\t\t\t},\n\t\t},\n\t},\n};\n", "import {\n\tDecryptCommand,\n\tDescribeKeyCommand,\n\tEncryptCommand,\n\tKMSClient,\n} from \"@aws-sdk/client-kms\";\nimport { EncryptionEngineFactory } from \"../../types\";\nimport { handleCredentialsAndRegion } from \"./handleCredentialsAndRegion\";\n\nexport type AwsEncryptionEngineFactory = EncryptionEngineFactory<\n\t{ region?: string; kms?: { keyAlias?: string } },\n\t{ other: () => void }\n>;\n\nexport const awsEncryptionEngineFactory: AwsEncryptionEngineFactory = async (\n\toptions,\n) => {\n\tconst {\n\t\tkms: { keyAlias } = {},\n\t\tregion,\n\t} = options;\n\n\tconst { credentialsAndOrigin, regionAndOrigin } =\n\t\tawait handleCredentialsAndRegion({\n\t\t\targv: {},\n\t\t\tenv: { ...process.env },\n\t\t});\n\n\tconst kmsClient = new KMSClient({\n\t\tcredentials: credentialsAndOrigin.value,\n\t\tregion: region || regionAndOrigin.value,\n\t});\n\n\tconst describeKeyCommand = new DescribeKeyCommand({\n\t\tKeyId: keyAlias,\n\t});\n\n\tconst describeKeyResult = await kmsClient.send(describeKeyCommand);\n\tconst encryptionAlgorithm =\n\t\tdescribeKeyResult.KeyMetadata?.EncryptionAlgorithms?.[0];\n\n\tif (encryptionAlgorithm === undefined) {\n\t\tthrow new Error(\"Could not determine encryption algorithm\");\n\t}\n\n\treturn {\n\t\tasync encrypt(plaintext: string): Promise<string> {\n\t\t\tconst encryptCommand = new EncryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tPlaintext: Buffer.from(plaintext),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\t\t\tconst encryptionResult = await kmsClient.send(encryptCommand);\n\n\t\t\tif (!encryptionResult.CiphertextBlob) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tencryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst cipherText = Buffer.from(encryptionResult.CiphertextBlob).toString(\n\t\t\t\t\"base64\",\n\t\t\t);\n\n\t\t\treturn cipherText;\n\t\t},\n\t\tasync decrypt(cipherText: string): Promise<string> {\n\t\t\tconst decryptCommand = new DecryptCommand({\n\t\t\t\tKeyId: keyAlias,\n\t\t\t\tCiphertextBlob: Buffer.from(cipherText, \"base64\"),\n\t\t\t\tEncryptionAlgorithm: encryptionAlgorithm,\n\t\t\t});\n\n\t\t\tconst decryptionResult = await kmsClient.send(decryptCommand);\n\n\t\t\tif (!decryptionResult.Plaintext) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`Something bad happened: ${JSON.stringify({\n\t\t\t\t\t\tcipherText: cipherText,\n\t\t\t\t\t\tdecryptCommand: decryptCommand,\n\t\t\t\t\t})}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst decryptedValue = Buffer.from(decryptionResult.Plaintext).toString();\n\n\t\t\tif (this.verbose) {\n\t\t\t\tconsole.info(`Decrypting key '${cipherText}'`);\n\t\t\t}\n\n\t\t\treturn decryptedValue;\n\t\t},\n\t\tother: () => {},\n\t};\n};\n", "import {\n\tfromEnv,\n\tfromIni,\n\tfromTemporaryCredentials,\n} from \"@aws-sdk/credential-providers\";\nimport { loadSharedConfigFiles } from \"@aws-sdk/shared-ini-file-loader\";\nimport { emphasis, strong } from \"../../utils/logger\";\n\nimport {\n\tCredentialsAndOrigin,\n\tProfileAndOrigin,\n\tRegionAndOrigin,\n} from \"./types\";\n\nexport const getCredentialsProfileRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tprofile?: string;\n\t\tregion?: string;\n\t\tassumeRoleArn?: string;\n\t\tassumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string;\n\t\tAWS_ACCESS_KEY_ID?: string;\n\t\tAWS_SECRET_ACCESS_KEY?: string;\n\t\tAWS_REGION?: string;\n\t\tAWS_DEFAULT_REGION?: string;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst sharedConfigFiles = await loadSharedConfigFiles();\n\tlet credentialsAndOrigin: CredentialsAndOrigin | undefined = undefined;\n\tlet profileAndOrigin: ProfileAndOrigin | undefined = undefined;\n\tlet regionAndOrigin: RegionAndOrigin | undefined = undefined;\n\tif (argv.profile) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: argv.profile,\n\t\t\torigin: `command line option: ${emphasis(argv.profile)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: argv.profile,\n\t\t\t})(),\n\t\t\torigin: `${emphasis(`[${argv.profile}]`)} in credentials file`,\n\t\t};\n\t} else if (env.AWS_PROFILE) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: env.AWS_PROFILE,\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: env.AWS_PROFILE,\n\t\t\t})(),\n\t\t\torigin: `env variable ${emphasis(\"AWS_PROFILE\")}: ${strong(\n\t\t\t\tenv.AWS_PROFILE,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_ACCESS_KEY_ID && env.AWS_SECRET_ACCESS_KEY) {\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromEnv()(),\n\t\t\torigin: `env variables ${emphasis(\"AWS_ACCESS_KEY_ID\")} and ${emphasis(\n\t\t\t\t\"AWS_SECRET_ACCESS_KEY\",\n\t\t\t)}`,\n\t\t};\n\t} else if (sharedConfigFiles.credentialsFile?.default) {\n\t\tprofileAndOrigin = {\n\t\t\tvalue: \"default\",\n\t\t\torigin: `${emphasis(\"[default]\")} in credentials file`,\n\t\t};\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromIni({\n\t\t\t\tprofile: \"default\",\n\t\t\t})(),\n\t\t\torigin: `profile ${emphasis(\"[default]\")}`,\n\t\t};\n\t}\n\n\tif (argv.region) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: argv.region,\n\t\t\torigin: `command line option: ${emphasis(argv.region)}`,\n\t\t};\n\t} else if (env.AWS_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (env.AWS_DEFAULT_REGION) {\n\t\tregionAndOrigin = {\n\t\t\tvalue: env.AWS_DEFAULT_REGION,\n\t\t\torigin: `env variable ${emphasis(\"AWS_DEFAULT_REGION\")}: ${strong(\n\t\t\t\tenv.AWS_DEFAULT_REGION,\n\t\t\t)}`,\n\t\t};\n\t} else if (profileAndOrigin) {\n\t\tconst foundRegion =\n\t\t\tsharedConfigFiles?.configFile?.[profileAndOrigin.value]?.region;\n\n\t\tif (foundRegion) {\n\t\t\tregionAndOrigin = {\n\t\t\t\tvalue: foundRegion,\n\t\t\t\torigin: `${emphasis(\n\t\t\t\t\t`[profile ${profileAndOrigin.value}]`,\n\t\t\t\t)} in config file`,\n\t\t\t};\n\t\t}\n\t}\n\n\tconst assumedRole = argv.assumeRoleArn || env.AWS_ASSUME_ROLE_ARN;\n\tif (assumedRole) {\n\t\tconst origin = argv.assumeRoleArn ? \"command line option\" : \"env variable\";\n\t\tcredentialsAndOrigin = {\n\t\t\tvalue: await fromTemporaryCredentials({\n\t\t\t\tmasterCredentials: credentialsAndOrigin?.value,\n\n\t\t\t\tparams: {\n\t\t\t\t\tDurationSeconds:\n\t\t\t\t\t\targv.assumeRoleSessionDuration ||\n\t\t\t\t\t\tNumber(env.AWS_ASSUME_ROLE_SESSION_DURATION) ||\n\t\t\t\t\t\t3600,\n\t\t\t\t\tRoleArn: assumedRole,\n\t\t\t\t},\n\n\t\t\t\tclientConfig: {\n\t\t\t\t\tregion: regionAndOrigin?.value,\n\t\t\t\t},\n\t\t\t})(),\n\t\t\torigin: `${origin} ${emphasis(`[${assumedRole}]`)}`,\n\t\t};\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin, profileAndOrigin };\n};\n\nexport const printVerboseCredentialsProfileRegion = ({\n\tcredentialsAndOrigin,\n\tregionAndOrigin,\n\tprofileAndOrigin,\n}: {\n\tcredentialsAndOrigin?: CredentialsAndOrigin;\n\tregionAndOrigin?: RegionAndOrigin;\n\tprofileAndOrigin?: ProfileAndOrigin;\n}): string => {\n\tconst out: string[] = [];\n\tif (profileAndOrigin) {\n\t\tout.push(`Got profile name from ${profileAndOrigin.origin}`);\n\t}\n\tif (credentialsAndOrigin) {\n\t\tout.push(`Resolved credentials from ${credentialsAndOrigin.origin}`);\n\t}\n\tif (regionAndOrigin) {\n\t\tout.push(`Resolved region from ${regionAndOrigin.origin}`);\n\t}\n\treturn out.join(\"\\n\");\n};\n", "import chalk from \"chalk\";\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">;\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console;\n\t}\n\n\treturn _logger;\n};\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str);\n};\nexport const emphasis = (str: string): string => chalk.yellowBright(str);\nexport const strong = (str: string): string => chalk.yellow.bold(str);\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content);\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content);\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content);\n\t},\n\terror(content: object) {\n\t\tconsole.error(content);\n\t},\n};\n", "import {\n\tgetCredentialsProfileRegion,\n\tprintVerboseCredentialsProfileRegion,\n} from \"./getCredentialsProfileRegion\";\n\nexport const handleCredentialsAndRegion = async ({\n\targv,\n\tenv,\n}: {\n\targv: {\n\t\tawsRegion?: string;\n\t\tawsProfile?: string;\n\t\tverbose?: boolean;\n\t\tawsAssumeRoleArn?: string;\n\t\tawsAssumeRoleSessionDuration?: number;\n\t};\n\tenv: {\n\t\tAWS_PROFILE?: string | undefined;\n\t\tAWS_ACCESS_KEY_ID?: string | undefined;\n\t\tAWS_SECRET_ACCESS_KEY?: string | undefined;\n\t\tAWS_REGION?: string | undefined;\n\t\tAWS_DEFAULT_REGION?: string | undefined;\n\t\tAWS_ASSUME_ROLE_ARN?: string | undefined;\n\t\tAWS_ASSUME_ROLE_SESSION_DURATION?: string | undefined;\n\t\tTZ?: string;\n\t};\n}) => {\n\tconst { credentialsAndOrigin, regionAndOrigin, profileAndOrigin } =\n\t\tawait getCredentialsProfileRegion({\n\t\t\targv: {\n\t\t\t\tregion: argv.awsRegion,\n\t\t\t\tprofile: argv.awsProfile,\n\t\t\t\tassumeRoleArn: argv.awsAssumeRoleArn,\n\t\t\t\tassumeRoleSessionDuration: argv.awsAssumeRoleSessionDuration,\n\t\t\t},\n\t\t\tenv: {\n\t\t\t\t...env,\n\t\t\t},\n\t\t});\n\n\tif (argv.verbose === true) {\n\t\tconsole.log(\n\t\t\tprintVerboseCredentialsProfileRegion({\n\t\t\t\tcredentialsAndOrigin,\n\t\t\t\tregionAndOrigin,\n\t\t\t\tprofileAndOrigin,\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (!(credentialsAndOrigin && regionAndOrigin)) {\n\t\tif (!credentialsAndOrigin) {\n\t\t\tconsole.error(\"Could not find credentials\");\n\t\t\tthrow new Error(\"Could not find credentials\");\n\t\t}\n\t\tif (!regionAndOrigin) {\n\t\t\tconsole.error(\"Could not find region\");\n\t\t\tthrow new Error(\"Could not find region\");\n\t\t}\n\t}\n\n\treturn { credentialsAndOrigin, regionAndOrigin };\n};\n", "import path from \"node:path\";\n\nimport { bundleRequire } from \"bundle-require\";\nimport JoyCon from \"joycon\";\n\nimport { loadJson } from \"../json\";\nimport { DotsecConfig, DotsecConfigAndSource } from \"../../types\";\nimport { defaultConfig, DOTSEC_CONFIG_FILES } from \"../../constants\";\n\nexport const getConfig = async (\n\tfilename?: string,\n): Promise<DotsecConfigAndSource> => {\n\tconst cwd = process.cwd();\n\tconst configJoycon = new JoyCon();\n\tconst configPath = await configJoycon.resolve({\n\t\tfiles: filename ? [filename] : [...DOTSEC_CONFIG_FILES, \"package.json\"],\n\t\tcwd,\n\t\tstopDir: path.parse(cwd).root,\n\t\tpackageKey: \"dotsec\",\n\t});\n\tif (filename && configPath === null) {\n\t\tthrow new Error(`Could not find config file ${filename}`);\n\t}\n\tif (configPath) {\n\t\tif (configPath.endsWith(\".json\")) {\n\t\t\tconst rawData = (await loadJson(configPath)) as Partial<DotsecConfig>;\n\n\t\t\tlet data: Partial<DotsecConfig>;\n\n\t\t\tif (\n\t\t\t\tconfigPath.endsWith(\"package.json\") &&\n\t\t\t\t(rawData as { dotsec: Partial<DotsecConfig> }).dotsec !== undefined\n\t\t\t) {\n\t\t\t\tdata = (rawData as { dotsec: Partial<DotsecConfig> }).dotsec;\n\t\t\t} else {\n\t\t\t\tdata = rawData as Partial<DotsecConfig>;\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tsource: \"json\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t} else if (configPath.endsWith(\".ts\")) {\n\t\t\tconst bundleRequireResult = await bundleRequire({\n\t\t\t\tfilepath: configPath,\n\t\t\t});\n\t\t\tconst data = (bundleRequireResult.mod.dotsec ||\n\t\t\t\tbundleRequireResult.mod.default ||\n\t\t\t\tbundleRequireResult.mod) as Partial<DotsecConfig>;\n\n\t\t\treturn {\n\t\t\t\tsource: \"ts\",\n\t\t\t\tcontents: {\n\t\t\t\t\t...defaultConfig,\n\t\t\t\t\t...data,\n\t\t\t\t\tconfig: {\n\t\t\t\t\t\t...data?.config,\n\t\t\t\t\t\t...defaultConfig.config,\n\t\t\t\t\t\taws: {\n\t\t\t\t\t\t\t...data?.config?.aws,\n\t\t\t\t\t\t\t...defaultConfig?.config?.aws,\n\t\t\t\t\t\t\tkms: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.kms,\n\t\t\t\t\t\t\t\t...data.config?.aws?.kms,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tssm: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.ssm,\n\t\t\t\t\t\t\t\t...data.config?.aws?.ssm,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tsecretsManager: {\n\t\t\t\t\t\t\t\t...defaultConfig?.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t\t...data.config?.aws?.secretsManager,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t};\n\t\t}\n\t}\n\n\treturn { source: \"defaultConfig\", contents: defaultConfig };\n};\n", "import fs from \"fs\";\nimport path from \"node:path\";\n\nexport function jsoncParse(data: string) {\n\ttry {\n\t\treturn new Function(`return ${data.trim()}`)();\n\t} catch {\n\t\t// Silently ignore any error\n\t\t// That's what tsc/jsonc-parser did after all\n\t\treturn {};\n\t}\n}\n\nexport const loadJson = async (filepath: string) => {\n\ttry {\n\t\treturn jsoncParse(await fs.promises.readFile(filepath, \"utf8\"));\n\t} catch (error) {\n\t\tif (error instanceof Error) {\n\t\t\tthrow new Error(\n\t\t\t\t`Failed to parse ${path.relative(process.cwd(), filepath)}: ${\n\t\t\t\t\terror.message\n\t\t\t\t}`,\n\t\t\t);\n\t\t} else {\n\t\t\tthrow error;\n\t\t}\n\t}\n};\n", "export type { DotsecConfig as Dotsec } from \"./types\";\nexport type { DotsecConfig } from \"./types\";\nimport dotsec from \"./dotsec\";\nexport default dotsec;\n"],
5
- "mappings": "ubAAA,gCCEO,GAAM,IAA6B,mBAC7B,EAAsB,CAAC,IAG7B,GAAM,GAAmC,eACnC,GAAwC,eAExC,EAA8B,CAC1C,OAAQ,CACP,IAAK,CACJ,IAAK,CACJ,SAAU,GAEX,IAAK,CACJ,cAAe,OChBnB,oHCAA,qGAKA,yECLA,qBAYO,GAAM,GAAW,AAAC,GAAwB,EAAM,aAAa,GACvD,EAAS,AAAC,GAAwB,EAAM,OAAO,KAAK,GDC1D,GAAM,GAA8B,MAAO,CACjD,OACA,SAkBK,CAlCN,UAmCC,GAAM,GAAoB,KAAM,MAC5B,EACA,EACA,EA+CJ,GA9CA,AAAI,EAAK,QACR,GAAmB,CAClB,MAAO,EAAK,QACZ,OAAQ,wBAAwB,EAAS,EAAK,YAE/C,EAAuB,CACtB,MAAO,KAAM,GAAQ,CACpB,QAAS,EAAK,YAEf,OAAQ,GAAG,EAAS,IAAI,EAAK,oCAExB,AAAI,EAAI,YACd,GAAmB,CAClB,MAAO,EAAI,YACX,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,gBAGN,EAAuB,CACtB,MAAO,KAAM,GAAQ,CACpB,QAAS,EAAI,gBAEd,OAAQ,gBAAgB,EAAS,mBAAmB,EACnD,EAAI,iBAGA,AAAI,EAAI,mBAAqB,EAAI,sBACvC,EAAuB,CACtB,MAAO,KAAM,QACb,OAAQ,iBAAiB,EAAS,4BAA4B,EAC7D,4BAGQ,MAAkB,kBAAlB,cAAmC,UAC7C,GAAmB,CAClB,MAAO,UACP,OAAQ,GAAG,EAAS,oCAErB,EAAuB,CACtB,MAAO,KAAM,GAAQ,CACpB,QAAS,cAEV,OAAQ,WAAW,EAAS,iBAI1B,EAAK,OACR,EAAkB,CACjB,MAAO,EAAK,OACZ,OAAQ,wBAAwB,EAAS,EAAK,mBAErC,EAAI,WACd,EAAkB,CACjB,MAAO,EAAI,WACX,OAAQ,gBAAgB,EAAS,kBAAkB,EAClD,EAAI,uBAGI,EAAI,mBACd,EAAkB,CACjB,MAAO,EAAI,mBACX,OAAQ,gBAAgB,EAAS,0BAA0B,EAC1D,EAAI,+BAGI,EAAkB,CAC5B,GAAM,GACL,uBAAmB,aAAnB,cAAgC,EAAiB,SAAjD,cAAyD,OAE1D,AAAI,GACH,GAAkB,CACjB,MAAO,EACP,OAAQ,GAAG,EACV,YAAY,EAAiB,6BAMjC,GAAM,GAAc,EAAK,eAAiB,EAAI,oBAC9C,GAAI,EAAa,CAChB,GAAM,GAAS,EAAK,cAAgB,sBAAwB,eAC5D,EAAuB,CACtB,MAAO,KAAM,IAAyB,CACrC,kBAAmB,iBAAsB,MAEzC,OAAQ,CACP,gBACC,EAAK,2BACL,OAAO,EAAI,mCACX,KACD,QAAS,GAGV,aAAc,CACb,OAAQ,iBAAiB,WAG3B,OAAQ,GAAG,KAAU,EAAS,IAAI,SAIpC,MAAO,CAAE,uBAAsB,kBAAiB,qBAGpC,GAAuC,CAAC,CACpD,uBACA,kBACA,sBAKa,CACb,GAAM,GAAgB,GACtB,MAAI,IACH,EAAI,KAAK,yBAAyB,EAAiB,UAEhD,GACH,EAAI,KAAK,6BAA6B,EAAqB,UAExD,GACH,EAAI,KAAK,wBAAwB,EAAgB,UAE3C,EAAI,KAAK;IE9JV,GAAM,IAA6B,MAAO,CAChD,OACA,SAmBK,CACL,GAAM,CAAE,uBAAsB,kBAAiB,oBAC9C,KAAM,GAA4B,CACjC,KAAM,CACL,OAAQ,EAAK,UACb,QAAS,EAAK,WACd,cAAe,EAAK,iBACpB,0BAA2B,EAAK,8BAEjC,IAAK,KACD,KAcN,GAVI,EAAK,UAAY,IACpB,QAAQ,IACP,GAAqC,CACpC,uBACA,kBACA,sBAKC,CAAE,IAAwB,GAAkB,CAC/C,GAAI,CAAC,EACJ,cAAQ,MAAM,8BACR,GAAI,OAAM,8BAEjB,GAAI,CAAC,EACJ,cAAQ,MAAM,yBACR,GAAI,OAAM,yBAIlB,MAAO,CAAE,uBAAsB,oBH/CzB,GAAM,IAAyD,KACrE,IACI,CAhBL,QAiBC,GAAM,CACL,IAAK,CAAE,YAAa,GACpB,UACG,EAEE,CAAE,uBAAsB,mBAC7B,KAAM,IAA2B,CAChC,KAAM,GACN,IAAK,KAAK,QAAQ,OAGd,EAAY,GAAI,IAAU,CAC/B,YAAa,EAAqB,MAClC,OAAQ,GAAU,EAAgB,QAG7B,EAAqB,GAAI,IAAmB,CACjD,MAAO,IAIF,EACL,MAFyB,MAAM,GAAU,KAAK,IAE5B,cAAlB,cAA+B,uBAA/B,cAAsD,GAEvD,GAAI,IAAwB,OAC3B,KAAM,IAAI,OAAM,4CAGjB,MAAO,MACA,SAAQ,EAAoC,CACjD,GAAM,GAAiB,GAAI,IAAe,CACzC,MAAO,EACP,UAAW,OAAO,KAAK,GACvB,oBAAqB,IAEhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,eACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,sBASH,MAJmB,QAAO,KAAK,EAAiB,gBAAgB,SAC/D,gBAKI,SAAQ,EAAqC,CAClD,GAAM,GAAiB,GAAI,IAAe,CACzC,MAAO,EACP,eAAgB,OAAO,KAAK,EAAY,UACxC,oBAAqB,IAGhB,EAAmB,KAAM,GAAU,KAAK,GAE9C,GAAI,CAAC,EAAiB,UACrB,KAAM,IAAI,OACT,2BAA2B,KAAK,UAAU,CACzC,WAAY,EACZ,eAAgB,OAKnB,GAAM,GAAiB,OAAO,KAAK,EAAiB,WAAW,WAE/D,MAAI,MAAK,SACR,QAAQ,KAAK,mBAAmB,MAG1B,GAER,MAAO,IAAM,KI9Ff,0BAEA,gDACA,uBCHA,mBACA,0BAEO,YAAoB,EAAc,CACxC,GAAI,CACH,MAAO,IAAI,UAAS,UAAU,EAAK,iBAClC,CAGD,MAAO,IAIF,GAAM,IAAW,KAAO,IAAqB,CACnD,GAAI,CACH,MAAO,IAAW,KAAM,IAAG,SAAS,SAAS,EAAU,eAC/C,EAAP,CACD,KAAI,aAAiB,OACd,GAAI,OACT,mBAAmB,GAAK,SAAS,QAAQ,MAAO,OAC/C,EAAM,WAIF,IDfF,GAAM,IAAY,KACxB,IACoC,CAXrC,4EAYC,GAAM,GAAM,QAAQ,MAEd,EAAa,KAAM,AADJ,IAAI,MACa,QAAQ,CAC7C,MAAO,EAAW,CAAC,GAAY,CAAC,GAAG,EAAqB,gBACxD,MACA,QAAS,GAAK,MAAM,GAAK,KACzB,WAAY,WAEb,GAAI,GAAY,IAAe,KAC9B,KAAM,IAAI,OAAM,8BAA8B,KAE/C,GAAI,GACH,GAAI,EAAW,SAAS,SAAU,CACjC,GAAM,GAAW,KAAM,IAAS,GAE5B,EAEJ,MACC,GAAW,SAAS,iBACnB,EAA8C,SAAW,OAE1D,EAAQ,EAA8C,OAEtD,EAAO,EAGD,CACN,OAAQ,OACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,+BAMhB,EAAW,SAAS,OAAQ,CACtC,GAAM,GAAsB,KAAM,IAAc,CAC/C,SAAU,IAEL,EAAQ,EAAoB,IAAI,QACrC,EAAoB,IAAI,SACxB,EAAoB,IAErB,MAAO,CACN,OAAQ,KACR,SAAU,SACN,GACA,GAFM,CAGT,OAAQ,SACJ,iBAAM,QACN,EAAc,QAFV,CAGP,IAAK,SACD,oBAAM,SAAN,cAAc,KACd,wBAAe,SAAf,cAAuB,KAFtB,CAGJ,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,IAAK,OACD,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,KAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,KAEtB,eAAgB,OACZ,2BAAe,SAAf,cAAuB,MAAvB,cAA4B,gBAC5B,QAAK,SAAL,cAAa,MAAb,cAAkB,wBAS5B,MAAO,CAAE,OAAQ,gBAAiB,SAAU,INnG7C,wBAIA,GAAM,IAAS,KACd,IAWI,CApBL,gBAqBC,GAAM,CAAE,aAAY,MAAK,MAAK,gBAAiB,EACzC,CACL,SAAU,CAAE,UAAW,CAAE,OAAQ,KAC9B,EAAe,CAAE,SAAU,GAAiB,KAAM,IAAU,GAC1D,EACL,SAAQ,MAAR,cAAa,MAAb,cAAkB,WAClB,wBAAQ,MAAR,cAAa,MAAb,cAAkB,WAClB,EAEK,EAAS,MAAQ,MAAR,cAAa,SAAU,qBAAQ,MAAR,cAAa,QAC7C,EAAmB,KAAM,IAA2B,CACzD,QAAS,GACT,IAAK,CACJ,SAAU,GAEX,OAAQ,IAGL,EACA,EAEJ,AAAI,EAEH,AAAI,MAAO,IAAQ,SAElB,EAAS,EACC,MAAO,GAAQ,KAAQ,WAAa,EAAQ,MAAQ,IAE9D,GAAS,QAEJ,AAAI,EAEV,AAAI,MAAO,IAAQ,SAElB,EAAS,EACC,MAAO,GAAQ,KAAQ,WAAa,EAAQ,MAAQ,IAE9D,GAAS,QAIV,GAAS,OACT,QAAQ,KACP,qCAAqC,EAAO,cAAc,EACzD,uDAKH,GAAI,GAEJ,GAAI,EACH,EAAc,GAAG,aAAa,EAAQ,gBAC5B,EAAQ,CAClB,GAAM,GAAiB,GAAG,aAAa,EAAQ,QAC/C,EAAc,KAAM,GAAiB,QAAQ,GAC7C,QAAQ,IAAI,cAAe,GAG5B,GAAI,EAAa,CAChB,GAAM,GAAa,GAAM,GACzB,OAAO,QAAQ,GAAY,IAAI,CAAC,CAAC,EAAK,KAAW,CAChD,QAAQ,IAAI,GAAO,QAGpB,MAAM,IAAI,OAAM,kCAIZ,GAAS,CACd,WAGM,GAAQ,GQ3Ff,GAAO,IAAQ",
3
+ "sources": ["../src/utils/prompts.ts", "../src/utils/fromEnv.ts", "../src/utils/logging.ts"],
4
+ "sourcesContent": ["import prompts from \"prompts\";\n\nexport const promptConfirm = async ({\n\tpredicate,\n\tskip,\n\tmessage,\n}: {\n\tpredicate?: (...args: unknown[]) => Promise<boolean> | boolean;\n\tskip?: boolean;\n\tmessage: string;\n}): Promise<boolean> => {\n\tif (skip === true) {\n\t\treturn true;\n\t} else {\n\t\tconst result = predicate ? await predicate() : true;\n\t\tif (result) {\n\t\t\tconst confirmResult = await prompts({\n\t\t\t\ttype: \"confirm\",\n\t\t\t\tname: \"confirm\",\n\t\t\t\tmessage: () => {\n\t\t\t\t\treturn message;\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tif (confirmResult.confirm === true) {\n\t\t\t\treturn true;\n\t\t\t}\n\t\t}\n\t}\n\treturn false;\n};\n\nexport const promptExecute = async ({\n\tskip,\n\tmessage,\n\texecute,\n}: {\n\tskip?: boolean;\n\tmessage: string;\n\texecute: () => unknown | Promise<unknown>;\n}) => {\n\tlet shouldExecute = false;\n\tif (skip) {\n\t\tshouldExecute = true;\n\t} else {\n\t\tconst promptResponse = await prompts({\n\t\t\ttype: \"confirm\",\n\t\t\tname: \"confirm\",\n\t\t\tmessage,\n\t\t});\n\n\t\tif (promptResponse.confirm === true) {\n\t\t\tshouldExecute = true;\n\t\t}\n\t}\n\n\tif (shouldExecute) {\n\t\tawait execute();\n\t}\n};\n", "import { expand } from \"dotenv-expand\";\n\nexport const resolveFromEnv = (options: {\n\tfromEnvValue?: string;\n\tenv: NodeJS.ProcessEnv;\n\tvariables: Record<string, string>;\n}) => {\n\tconst { fromEnvValue, env, variables } = options;\n\n\tif (!fromEnvValue) {\n\t\treturn \"\";\n\t}\n\n\treturn (\n\t\texpand({\n\t\t\tignoreProcessEnv: true,\n\t\t\tparsed: {\n\t\t\t\t// add standard env variables\n\t\t\t\t...(env as Record<string, string>),\n\t\t\t\t// add custom env variables, either from .env or .sec, (or empty object if none)\n\t\t\t\t...variables,\n\t\t\t\tRESOLVED: fromEnvValue || \"\",\n\t\t\t},\n\t\t}) as { parsed?: { RESOLVED?: string } }\n\t).parsed?.RESOLVED;\n};\n", "import chalk from \"chalk\"\nimport Table = require(\"cli-table\")\nexport { Table }\n\nlet _logger: Pick<Console, \"info\" | \"error\" | \"table\">\nexport const getLogger = () => {\n\tif (!_logger) {\n\t\t_logger = console\n\t}\n\n\treturn _logger\n}\nexport const writeLine = (str: string) => {\n\tprocess.stdout.write(str)\n}\nexport const emphasis = (str: string): string => chalk.yellowBright(str)\nexport const strong = (str: string): string => chalk.yellow.bold(str)\n\nexport const clientLogger = {\n\tdebug(content: object) {\n\t\tconsole.log(content)\n\t},\n\tinfo(content: object) {\n\t\tconsole.log(content)\n\t},\n\twarn(content: object) {\n\t\tconsole.log(content)\n\t},\n\terror(content: object) {\n\t\tconsole.error(content)\n\t},\n}\n"],
5
+ "mappings": "8sBAAA,uBAgCO,GAAM,GAAgB,MAAO,CACnC,OACA,UACA,aAKK,CACL,GAAI,GAAgB,GACpB,AAAI,IASC,AANmB,MAAM,GAAQ,CACpC,KAAM,UACN,KAAM,UACN,aAGkB,UAAY,KAC9B,GAAgB,IAId,GACH,KAAM,MCzDR,uCAEO,GAAM,GAAiB,AAAC,GAIzB,CANN,MAOC,GAAM,CAAE,eAAc,MAAK,aAAc,EAEzC,MAAK,GAKJ,KAAO,CACN,iBAAkB,GAClB,OAAQ,SAEH,GAED,GAJI,CAKP,SAAU,GAAgB,OAG3B,SAVD,cAUS,SAdF,ICVT,qBACA,GAAO,GAAQ,EAAQ,aAWhB,GAAM,GAAY,AAAC,GAAgB,CACzC,QAAQ,OAAO,MAAM,IAET,EAAW,AAAC,GAAwB,EAAM,aAAa,GACvD,EAAS,AAAC,GAAwB,EAAM,OAAO,KAAK",
6
6
  "names": []
7
7
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "dotsec",
3
- "version": "1.0.0-alpha.8",
3
+ "version": "2.0.0-alpha.0",
4
4
  "description": "",
5
5
  "main": "./dist/index.js",
6
6
  "types": "./dist/index.d.ts",
@@ -39,28 +39,31 @@
39
39
  "displayName": "dotsec"
40
40
  },
41
41
  "devDependencies": {
42
- "@aws-sdk/types": "^3.52.0",
43
- "@types/node": "^14.14.19",
42
+ "@types/cli-table": "^0.3.1",
43
+ "@types/node": "^18.11.11",
44
44
  "@types/prompts": "^2.0.14",
45
- "tsup": "^4.14.0",
46
- "typescript": "~4.9.3"
45
+ "@types/yargs-parser": "^21.0.0",
46
+ "tsup": "^4.14.0"
47
+ },
48
+ "peerDependencies": {
49
+ "dotsec": "*"
47
50
  },
48
51
  "dependencies": {
49
- "@aws-sdk/client-kms": "^3.52.0",
50
- "@aws-sdk/client-secrets-manager": "^3.52.0",
51
- "@aws-sdk/client-ssm": "^3.52.0",
52
- "@aws-sdk/credential-providers": "^3.52.0",
53
- "@aws-sdk/shared-ini-file-loader": "^3.52.0",
54
- "@octokit/core": "^4.1.0",
52
+ "@npmcli/arborist": "^6.1.4",
53
+ "ajv": "^8.11.2",
55
54
  "bundle-require": "^3.0.4",
56
55
  "camel-case": "^4.1.2",
57
56
  "chalk": "^4.1.2",
57
+ "cli-table": "^0.3.11",
58
58
  "commander": "^9.4.1",
59
59
  "constant-case": "^3.0.4",
60
60
  "cross-spawn": "^7.0.3",
61
61
  "dotenv": "^16.0.0",
62
+ "dotenv-expand": "^10.0.0",
62
63
  "joycon": "^3.1.1",
63
- "prompts": "^2.4.2"
64
+ "prompts": "^2.4.2",
65
+ "typescript": "~4.9.3",
66
+ "yargs-parser": "^21.1.1"
64
67
  },
65
- "gitHead": "708733a06a297f675a02cab23577c5631a127984"
68
+ "gitHead": "792885d4cb9f5355dcc3b848533d07673661aaa2"
66
69
  }
@@ -1,13 +1,15 @@
1
1
  import type { DotsecConfig } from "dotsec";
2
2
 
3
3
  export const dotsec: DotsecConfig = {
4
- config: {
5
- aws: {
6
- region: "us-east-1",
7
- kms: {
8
- keyAlias: "alias/dotsec",
4
+ defaults: {
5
+ plugins: {
6
+ aws: {
7
+ region: "us-east-1",
8
+ kms: {
9
+ keyAlias: "alias/dotsec",
10
+ },
9
11
  },
10
12
  },
11
13
  },
12
- variables: {},
14
+ push: {},
13
15
  };