envilder 0.1.5 → 0.2.1

package/.github/dependabot.yml

@@ -0,0 +1,40 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates: 
+- package-ecosystem: npm
+  directory: "/"
+  pull-request-branch-name:
+    separator: "/"
+  schedule:
+    interval: monthly
+    day: monday
+    time: "10:00"
+    timezone: Europe/Madrid
+  labels:
+  - "npm"
+  - "dependencies"
+  reviewers:
+  - macalbert
+  assignees:
+  - macalbert
+    
+- package-ecosystem: github-actions
+  directory: "/"
+  pull-request-branch-name:
+      separator: "/"
+  schedule:
+    interval: monthly
+    day: monday
+    time: "10:00"
+    timezone: Europe/Madrid
+  labels:
+  - "github-actions"
+  - "dependencies"
+  reviewers:
+  - macalbert
+  assignees:
+  - macalbert

package/.github/pull_request_template.md

@@ -0,0 +1,20 @@
+# Description
+
+_Describe the problem or feature in addition to a link to the issues._
+
+## Approach
+
+_How does this change address the problem?_
+
+## Open Questions and Pre-Merge TODOs
+
+- [ ] Use github checklists. When solved, check the box and explain the answer.
+
+## Learning
+
+_Describe the research stage_
+_Links to blog posts, patterns, libraries or addons used to solve this problem_
+
+## Blog Posts
+
+- [How to Pull Request](https://github.com/flexyford/pull-request) Github Repo with Learning focused Pull Request Template.

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,49 @@
+name: CodeQL
+
+on:
+  workflow_dispatch:
+
+  pull_request:
+    branches: [main]
+    paths:
+      - ".github/workflows/codeql-analysis.yml"
+
+  push:
+    branches: [main]
+    paths:
+      - ".github/workflows/codeql-analysis.yml"
+      - "src/**"
+      - "test/**"
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript"]
+
+    permissions:
+      security-events: write
+
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          lfs: true
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3

package/.github/workflows/coverage-report.yml

@@ -0,0 +1,73 @@
+name: 🔦 code-coverage
+
+on:
+  workflow_dispatch:
+
+  pull_request:
+    paths:
+      - ".github/workflows/coverage-report.yml"
+
+  push:
+    branches:
+      - "main"
+    paths:
+      - ".github/workflows/coverage-report.yml"
+      - "src/**"
+      - "test/**"
+
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+jobs:
+  build-coverage:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.pull_request.draft }}
+    steps:
+      - name: Check if PR is created by Dependabot
+        id: dependabot-check
+        run: |
+          if [[ "${{ github.actor }}" == *dependabot* ]]; then
+            echo "is_dependabot=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "is_dependabot=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Check if the workflow should run
+        if: ${{ steps.dependabot-check.outputs.is_dependabot == 'false' }}
+        run: echo "The workflow is allowed to run for this PR"
+
+      - name: 🧲 Checkout
+        uses: actions/checkout@v4
+
+      - name: 🛠️ Setup Node.js with Cache
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20.x"
+          cache: "yarn"
+
+      - name: 📦 Install dependencies
+        run: yarn install
+
+      - name: 🔥 Run tests and collect coverage
+        run: yarn test
+
+      - name: Setup Pages
+        uses: actions/configure-pages@v5
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: "./coverage"
+
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

package/.github/workflows/unit-tests.yml

@@ -0,0 +1,48 @@
+name: 🌱 unit-tests
+
+on:
+  workflow_dispatch: {}
+
+  pull_request:
+    branches:
+      - "*"
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review
+    paths:
+      - ".github/workflows/unit-tests.yml"
+      - "src/**"
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
+  cancel-in-progress: true
+
+jobs:
+  envilder-test:
+    runs-on: ubuntu-24.04
+    if: ${{ !github.event.pull_request.draft }}
+    timeout-minutes: 30
+
+    steps:
+      - name: 🚀 ♂️ Checkout
+        uses: actions/checkout@v4
+
+      - name: 🛠️ Setup Node.js with Cache
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          cache: 'yarn'
+
+      - name: 📦 Install packages
+        run: yarn install
+
+      - name: 🔍 Run code quality checker
+        run: yarn lint
+
+      - name: 🚧 Build
+        run: yarn build
+
+      - name: 🚴‍♀️ Run unit tests
+        run: yarn test

package/README.md

@@ -1,6 +1,6 @@
 # 🌱 Envilder
 
-**Envilder** is a CLI tool designed to generate `.env` files from AWS SSM parameters. This is useful for managing environment variables securely in your projects without exposing sensitive information in your codebase.
+`Envilder` is a CLI tool to manage AWS SSM Parameter Store parameters and automatically generate the required `.env` file. This tool simplifies environment variable management for projects, avoiding manual updates and ensuring consistency across environments.
 
 ## ✨ Features
 
@@ -9,6 +9,32 @@
 - 🛡️ Handles both encrypted and unencrypted SSM parameters.
 - 🪶 Lightweight and simple to use.
 
+## Prerequisites
+Before using `Envilder`, ensure that you have the AWS CLI installed and properly configured on your local machine. This configuration is required for `Envilder` to access and manage parameters in AWS SSM.
+
+### AWS CLI Installation & Configuration
+1. Install the AWS CLI by following the instructions [here](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html).
+2. After installation, configure the AWS CLI using the following command:
+
+    ```bash
+    aws configure
+    ```
+
+    You'll be prompted to provide:
+    - AWS Access Key ID
+    - AWS Secret Access Key
+    - Default region name (e.g., `us-east-1`)
+    - Default output format (e.g., `json`)
+
+   Make sure that the AWS credentials you're using have the appropriate permissions to access the SSM Parameter Store in your AWS account.
+
+## Installation
+You can install `Envilder` globally using yarn. This will allow you to use the `envilder` command from any directory on your system.
+
+```bash
+yarn global add envilder
+```
+
 ## 📦 Installation
 
 You can install **envilder** globally or locally using npm:

package/lib/cli/cliRunner.js

@@ -28,6 +28,6 @@ export function cliRunner() {
     });
 }
 cliRunner().catch((error) => {
-    console.error('Error in CLI Runner:', error);
+    console.error('🚨 Uh-oh! Looks like Mario fell into the wrong pipe! 🍄💥');
 });
 //# sourceMappingURL=cliRunner.js.map

package/lib/cli/cliRunner.js.map

@@ -1 +1 @@
-{"version":3,"file":"cliRunner.js","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";;;;;;;;;;AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,UAAgB,SAAS;;QAC7B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QAE9B,OAAO;aACJ,IAAI,CAAC,UAAU,CAAC;aAChB,WAAW,CAAC,2DAA2D,CAAC;aACxE,OAAO,CAAC,OAAO,CAAC;aAChB,cAAc,CAAC,cAAc,EAAE,yDAAyD,CAAC;aACzF,cAAc,CAAC,kBAAkB,EAAE,uCAAuC,CAAC,CAAC;QAE/E,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;CAAA;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;AAC/C,CAAC,CAAC,CAAC"}
+{"version":3,"file":"cliRunner.js","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";;;;;;;;;;AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,UAAgB,SAAS;;QAC7B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QAE9B,OAAO;aACJ,IAAI,CAAC,UAAU,CAAC;aAChB,WAAW,CAAC,2DAA2D,CAAC;aACxE,OAAO,CAAC,OAAO,CAAC;aAChB,cAAc,CAAC,cAAc,EAAE,yDAAyD,CAAC;aACzF,cAAc,CAAC,kBAAkB,EAAE,uCAAuC,CAAC,CAAC;QAE/E,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;CAAA;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;AAC7E,CAAC,CAAC,CAAC"}

package/lib/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,wBAAsB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,iBA8B7D"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,wBAAsB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,iBAQ7D"}

package/lib/index.js

@@ -9,36 +9,78 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import * as fs from 'node:fs';
 import { GetParameterCommand, SSM } from '@aws-sdk/client-ssm';
+import * as dotenv from 'dotenv';
 const ssm = new SSM({});
 export function run(mapPath, envFilePath) {
     return __awaiter(this, void 0, void 0, function* () {
-        const content = fs.readFileSync(mapPath, 'utf-8');
-        const paramMap = JSON.parse(content);
-        const envContent = [];
-        console.log('Fetching parameters...');
+        const paramMap = loadParamMap(mapPath);
+        const existingEnvVariables = loadExistingEnvVariables(envFilePath);
+        const updatedEnvVariables = yield fetchAndUpdateEnvVariables(paramMap, existingEnvVariables);
+        writeEnvFile(envFilePath, updatedEnvVariables);
+        console.log(`Environment File generated at '${envFilePath}'`);
+    });
+}
+function loadParamMap(mapPath) {
+    const content = fs.readFileSync(mapPath, 'utf-8');
+    try {
+        return JSON.parse(content);
+    }
+    catch (error) {
+        console.error(`Error parsing JSON from ${mapPath}`);
+        throw new Error(`Invalid JSON in parameter map file: ${mapPath}`);
+    }
+}
+function loadExistingEnvVariables(envFilePath) {
+    const envVariables = {};
+    if (!fs.existsSync(envFilePath))
+        return envVariables;
+    const existingEnvContent = fs.readFileSync(envFilePath, 'utf-8');
+    const parsedEnv = dotenv.parse(existingEnvContent);
+    Object.assign(envVariables, parsedEnv);
+    return envVariables;
+}
+function fetchAndUpdateEnvVariables(paramMap, existingEnvVariables) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const errors = [];
         for (const [envVar, ssmName] of Object.entries(paramMap)) {
             try {
-                const command = new GetParameterCommand({
-                    Name: ssmName,
-                    WithDecryption: true,
-                });
-                const { Parameter } = yield ssm.send(command);
-                const value = Parameter === null || Parameter === void 0 ? void 0 : Parameter.Value;
+                const value = yield fetchSSMParameter(ssmName);
                 if (value) {
-                    envContent.push(`${envVar}=${value}`);
-                    console.log(`${envVar}=${value}`);
+                    existingEnvVariables[envVar] = value;
+                    console.log(`${envVar}=${value.length > 3 ? '*'.repeat(value.length - 3) + value.slice(-3) : '*'.repeat(value.length)}`);
                 }
                 else {
-                    console.error(`Warning: No value found for ${ssmName}`);
+                    console.error(`Warning: No value found for: '${ssmName}'`);
                 }
             }
             catch (error) {
-                console.error(`Error fetching parameter ${ssmName}: ${error}`);
-                throw new Error(`ParameterNotFound: ${ssmName}`);
+                console.error(`Error fetching parameter: '${ssmName}'`);
+                errors.push(`ParameterNotFound: ${ssmName}`);
             }
         }
-        fs.writeFileSync(envFilePath, envContent.join('\n'));
-        console.log(`.env file generated at ${envFilePath}`);
+        if (errors.length > 0) {
+            throw new Error(`Some parameters could not be fetched:\n${errors.join('\n')}`);
+        }
+        return existingEnvVariables;
     });
 }
+function fetchSSMParameter(ssmName) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const command = new GetParameterCommand({
+            Name: ssmName,
+            WithDecryption: true,
+        });
+        const { Parameter } = yield ssm.send(command);
+        return Parameter === null || Parameter === void 0 ? void 0 : Parameter.Value;
+    });
+}
+function writeEnvFile(envFilePath, envVariables) {
+    const envContent = Object.entries(envVariables)
+        .map(([key, value]) => {
+        const escapedValue = value.replace(/(\n|\r|\n\r)/g, '\\n').replace(/"/g, '\\"');
+        return `${key}=${escapedValue}`;
+    })
+        .join('\n');
+    fs.writeFileSync(envFilePath, envContent);
+}
 //# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAE/D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAExB,MAAM,UAAgB,GAAG,CAAC,OAAe,EAAE,WAAmB;;QAC5D,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,QAAQ,GAA2B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE7D,MAAM,UAAU,GAAa,EAAE,CAAC;QAEhC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC;oBACtC,IAAI,EAAE,OAAO;oBACb,cAAc,EAAE,IAAI;iBACrB,CAAC,CAAC;gBAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC9C,MAAM,KAAK,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAC;gBAC/B,IAAI,KAAK,EAAE,CAAC;oBACV,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,IAAI,KAAK,EAAE,CAAC,CAAC;oBACtC,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,IAAI,KAAK,EAAE,CAAC,CAAC;gBACpC,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,+BAA+B,OAAO,EAAE,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,OAAO,KAAK,KAAK,EAAE,CAAC,CAAC;gBAC/D,MAAM,IAAI,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;YACnD,CAAC;QACH,CAAC;QAED,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,0BAA0B,WAAW,EAAE,CAAC,CAAC;IACvD,CAAC;CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAEjC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAExB,MAAM,UAAgB,GAAG,CAAC,OAAe,EAAE,WAAmB;;QAC5D,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,WAAW,CAAC,CAAC;QAEnE,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;QAE7F,YAAY,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,GAAG,CAAC,CAAC;IAChE,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,uCAAuC,OAAO,EAAE,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,WAAmB;IACnD,MAAM,YAAY,GAA2B,EAAE,CAAC;IAEhD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,YAAY,CAAC;IAErD,MAAM,kBAAkB,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEvC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAe,0BAA0B,CACvC,QAAgC,EAChC,oBAA4C;;QAE5C,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;gBAC/C,IAAI,KAAK,EAAE,CAAC;oBACV,oBAAoB,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;oBACrC,OAAO,CAAC,GAAG,CACT,GAAG,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAC5G,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,iCAAiC,OAAO,GAAG,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,OAAO,GAAG,CAAC,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,0CAA0C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,oBAAoB,CAAC;IAC9B,CAAC;CAAA;AAED,SAAe,iBAAiB,CAAC,OAAe;;QAC9C,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC;YACtC,IAAI,EAAE,OAAO;YACb,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;QAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAC;IAC1B,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,WAAmB,EAAE,YAAoC;IAC7E,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SAC5C,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACpB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChF,OAAO,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;IAClC,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AAC5C,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "envilder",
-  "version": "0.1.5",
+  "version": "0.2.1",
   "description": "A CLI tool to generate .env files from AWS SSM parameters",
   "exports": {
     ".": {
@@ -15,7 +15,7 @@
     "test-run": "npm run build && node lib/cli/cliRunner.js --map=tests/sample/param_map.json --envfile=.env",
     "build": "npm run clean && tsc -p tsconfig.build.json --sourceMap --declaration",
     "lint": "biome lint --write && biome format --write && biome check --write && tsc --noEmit && secretlint **/*",
-    "test": "npx vitest run --reporter verbose --coverage",
+    "test": "vitest run --reporter verbose --coverage",
     "cli-run": "npm run build && node --trace-warnings lib",
     "npm-publish": "npm run lint && npm run build && npm publish",
     "npm-release-patch": "npm version patch && npm run npm-publish",
@@ -42,6 +42,7 @@
     "@secretlint/secretlint-rule-preset-recommend": "^8.2.4",
     "@types/node": "^22.5.5",
     "commander": "^12.1.0",
+    "dotenv": "^16.4.5",
     "picocolors": "^1.1.0"
   },
   "devDependencies": {
@@ -51,10 +52,14 @@
     "secretlint": "^8.2.4",
     "ts-node": "^10.9.2",
     "typescript": "^5.6.2",
-    "vitest": "^2.1.1"
+    "vitest": "^2.1.2"
+  },
+  "resolutions": {
+    "string-width": "4.2.3",
+    "strip-ansi": "6.0.1"
   },
   "engines": {
-    "node": ">=18.0.0",
+    "node": ">=20.0.0",
     "yarn": ">=1.22"
   }
 }

package/src/cli/cliRunner.ts

@@ -24,5 +24,5 @@ export async function cliRunner() {
 }
 
 cliRunner().catch((error) => {
-  console.error('Error in CLI Runner:', error);
+  console.error('🚨 Uh-oh! Looks like Mario fell into the wrong pipe! 🍄💥');
 });

package/src/index.ts

@@ -1,36 +1,88 @@
 import * as fs from 'node:fs';
 import { GetParameterCommand, SSM } from '@aws-sdk/client-ssm';
+import * as dotenv from 'dotenv';
 
 const ssm = new SSM({});
 
 export async function run(mapPath: string, envFilePath: string) {
+  const paramMap = loadParamMap(mapPath);
+  const existingEnvVariables = loadExistingEnvVariables(envFilePath);
+
+  const updatedEnvVariables = await fetchAndUpdateEnvVariables(paramMap, existingEnvVariables);
+
+  writeEnvFile(envFilePath, updatedEnvVariables);
+  console.log(`Environment File generated at '${envFilePath}'`);
+}
+
+function loadParamMap(mapPath: string): Record<string, string> {
   const content = fs.readFileSync(mapPath, 'utf-8');
-  const paramMap: Record<string, string> = JSON.parse(content);
+  try {
+    return JSON.parse(content);
+  } catch (error) {
+    console.error(`Error parsing JSON from ${mapPath}`);
+    throw new Error(`Invalid JSON in parameter map file: ${mapPath}`);
+  }
+}
+
+function loadExistingEnvVariables(envFilePath: string): Record<string, string> {
+  const envVariables: Record<string, string> = {};
+
+  if (!fs.existsSync(envFilePath)) return envVariables;
+
+  const existingEnvContent = fs.readFileSync(envFilePath, 'utf-8');
+  const parsedEnv = dotenv.parse(existingEnvContent);
+  Object.assign(envVariables, parsedEnv);
+
+  return envVariables;
+}
 
-  const envContent: string[] = [];
+async function fetchAndUpdateEnvVariables(
+  paramMap: Record<string, string>,
+  existingEnvVariables: Record<string, string>,
+): Promise<Record<string, string>> {
+  const errors: string[] = [];
 
-  console.log('Fetching parameters...');
   for (const [envVar, ssmName] of Object.entries(paramMap)) {
     try {
-      const command = new GetParameterCommand({
-        Name: ssmName,
-        WithDecryption: true,
-      });
-
-      const { Parameter } = await ssm.send(command);
-      const value = Parameter?.Value;
+      const value = await fetchSSMParameter(ssmName);
       if (value) {
-        envContent.push(`${envVar}=${value}`);
-        console.log(`${envVar}=${value}`);
+        existingEnvVariables[envVar] = value;
+        console.log(
+          `${envVar}=${value.length > 3 ? '*'.repeat(value.length - 3) + value.slice(-3) : '*'.repeat(value.length)}`,
+        );
       } else {
-        console.error(`Warning: No value found for ${ssmName}`);
+        console.error(`Warning: No value found for: '${ssmName}'`);
       }
     } catch (error) {
-      console.error(`Error fetching parameter ${ssmName}: ${error}`);
-      throw new Error(`ParameterNotFound: ${ssmName}`);
+      console.error(`Error fetching parameter: '${ssmName}'`);
+      errors.push(`ParameterNotFound: ${ssmName}`);
     }
   }
 
-  fs.writeFileSync(envFilePath, envContent.join('\n'));
-  console.log(`.env file generated at ${envFilePath}`);
+  if (errors.length > 0) {
+    throw new Error(`Some parameters could not be fetched:\n${errors.join('\n')}`);
+  }
+
+  return existingEnvVariables;
+}
+
+async function fetchSSMParameter(ssmName: string): Promise<string | undefined> {
+  const command = new GetParameterCommand({
+    Name: ssmName,
+    WithDecryption: true,
+  });
+
+  const { Parameter } = await ssm.send(command);
+  return Parameter?.Value;
+}
+
+function writeEnvFile(envFilePath: string, envVariables: Record<string, string>): void {
+  const envContent = Object.entries(envVariables)
+    .map(([key, value]) => {
+      const escapedValue = value.replace(/(\n|\r|\n\r)/g, '\\n').replace(/"/g, '\\"');
+      return `${key}=${escapedValue}`;
+    })
+    .join('\n');
+
+  fs.writeFileSync(envFilePath, envContent);
 }

package/tests/cli/cliRunner.test.ts

@@ -42,17 +42,4 @@ describe('cliRunner', () => {
     // Assert
     await expect(action).rejects.toThrow('process.exit called');
   });
-
-  it('Should_DisplayHelp_When_NoArgumentsAreProvided', async () => {
-    // Arrange
-    vi.spyOn(process, 'exit').mockImplementation(() => {
-      throw new Error('process.exit called with code 0');
-    });
-
-    // Act
-    const action = cliRunner();
-
-    // Assert
-    await expect(action).rejects.toThrow('process.exit called with code 0');
-  });
 });

package/tests/index.test.ts

@@ -11,12 +11,17 @@ vi.mock('@aws-sdk/client-ssm', () => {
             Parameter: { Value: 'mockedEmail@example.com' },
           });
         }
+
         if (command.input.Name === '/path/to/ssm/password') {
           return Promise.resolve({
             Parameter: { Value: 'mockedPassword' },
           });
         }
 
+        if (command.input.Name === '/path/to/ssm/password_no_value') {
+          return Promise.resolve({ Parameter: { Value: '' } });
+        }
+
         return Promise.reject(new Error(`ParameterNotFound: ${command.input.Name}`));
       }),
     })),
@@ -57,7 +62,7 @@ describe('Envilder CLI', () => {
     const mockMapPath = './tests/param_map.json';
     const mockEnvFilePath = './tests/.env.test';
     const paramMapContent = {
-      NEXT_PUBLIC_CREDENTIAL_EMAIL: '/path/to/ssm/unknown-email', // Non-existent parameter
+      NEXT_PUBLIC_CREDENTIAL_EMAIL: 'non-existent parameter',
     };
     fs.writeFileSync(mockMapPath, JSON.stringify(paramMapContent));
 
@@ -65,7 +70,74 @@ describe('Envilder CLI', () => {
     const action = run(mockMapPath, mockEnvFilePath);
 
     // Assert
-    await expect(action).rejects.toThrow('ParameterNotFound: /path/to/ssm/unknown-email');
+    await expect(action).rejects.toThrow('ParameterNotFound: non-existent parameter');
+    fs.unlinkSync(mockMapPath);
+  });
+
+  it('Should_AppendNewSSMParameters_When_EnvFileContainsExistingVariables', async () => {
+    // Arrange
+    const mockMapPath = './tests/param_map.json';
+    const mockEnvFilePath = './tests/.env.test';
+
+    const existingEnvContent = 'EXISTING_VAR=existingValue';
+    fs.writeFileSync(mockEnvFilePath, existingEnvContent);
+    const paramMapContent = {
+      NEXT_PUBLIC_CREDENTIAL_EMAIL: '/path/to/ssm/email',
+      NEXT_PUBLIC_CREDENTIAL_PASSWORD: '/path/to/ssm/password',
+    };
+    fs.writeFileSync(mockMapPath, JSON.stringify(paramMapContent));
+
+    // Act
+    await run(mockMapPath, mockEnvFilePath);
+
+    // Assert
+    const updatedEnvFileContent = fs.readFileSync(mockEnvFilePath, 'utf-8');
+    expect(updatedEnvFileContent).toContain('EXISTING_VAR=existingValue');
+    expect(updatedEnvFileContent).toContain('NEXT_PUBLIC_CREDENTIAL_EMAIL=mockedEmail@example.com');
+    expect(updatedEnvFileContent).toContain('NEXT_PUBLIC_CREDENTIAL_PASSWORD=mockedPassword');
+    fs.unlinkSync(mockEnvFilePath);
+    fs.unlinkSync(mockMapPath);
+  });
+
+  it('Should_OverwriteSSMParameters_When_EnvFileContainsSameVariables', async () => {
+    // Arrange
+    const mockMapPath = './tests/param_map.json';
+    const mockEnvFilePath = './tests/.env.test';
+    const existingEnvContent = 'NEXT_PUBLIC_CREDENTIAL_EMAIL=oldEmail@example.com';
+    fs.writeFileSync(mockEnvFilePath, existingEnvContent);
+    const paramMapContent = {
+      NEXT_PUBLIC_CREDENTIAL_EMAIL: '/path/to/ssm/email',
+      NEXT_PUBLIC_CREDENTIAL_PASSWORD: '/path/to/ssm/password',
+    };
+    fs.writeFileSync(mockMapPath, JSON.stringify(paramMapContent));
+
+    // Act
+    await run(mockMapPath, mockEnvFilePath);
+
+    // Assert
+    const updatedEnvFileContent = fs.readFileSync(mockEnvFilePath, 'utf-8');
+    expect(updatedEnvFileContent).toContain('NEXT_PUBLIC_CREDENTIAL_EMAIL=mockedEmail@example.com');
+    expect(updatedEnvFileContent).toContain('NEXT_PUBLIC_CREDENTIAL_PASSWORD=mockedPassword');
+    fs.unlinkSync(mockEnvFilePath);
+    fs.unlinkSync(mockMapPath);
+  });
+
+  it('Should_LogWarning_When_SSMParameterHasNoValue', async () => {
+    // Arrange
+    const mockMapPath = './tests/param_map.json';
+    const mockEnvFilePath = './tests/.env.test';
+    const paramMapContent = {
+      NEXT_PUBLIC_CREDENTIAL_PASSWORD: '/path/to/ssm/password_no_value',
+    };
+    fs.writeFileSync(mockMapPath, JSON.stringify(paramMapContent));
+    const consoleSpy = vi.spyOn(console, 'error');
+
+    // Act
+    await run(mockMapPath, mockEnvFilePath);
+
+    // Assert
+    expect(consoleSpy).toHaveBeenCalledWith(expect.stringContaining('Warning: No value found for'));
+    fs.unlinkSync(mockEnvFilePath);
     fs.unlinkSync(mockMapPath);
   });
 });

package/tests/sample/param_map.json

@@ -1,5 +1,3 @@
 {
-  "NEXT_PUBLIC_CREDENTIAL_EMAIL": "/M47.Claims.Apps.Minimal.Api/Production/Auth/CredentialEmail",
-  "NEXT_PUBLIC_CREDENTIAL_PASSWORD": "/M47.Claims.Apps.Minimal.Api/Production/Auth/CredentialPassword",
-  "NEXT_PUBLIC_JWT_SECRET": "/M47.Claims.Apps.Minimal.Api/Production/Auth/JwtSecret"
+  "TOKEN_SECRET": "/Test/Token"
 }

package/vite.config.ts

@@ -6,8 +6,12 @@ export default defineConfig({
     environment: 'node',
     include: ['tests/**/*.test.ts'],
     coverage: {
-      include: ['src/**/*'],
-      reporter: ['text', 'json', 'html'],
+      provider: 'v8',
+      reporter: ['text', 'html', 'json'],
+      reportsDirectory: './coverage',
+      all: true,
+      include: ['src/**/*.ts'],
+      exclude: ['node_modules', 'test', 'coverage', 'dist'],
     },
   },
 });

package/vitest.config.js

@@ -0,0 +1,12 @@
+// vitest.config.js
+import { defineConfig } from 'vitest/config';
+
+export default defineConfig({
+  test: {
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'html'],
+      reportsDirectory: './coverage',
+    },
+  },
+});