envilder 0.2.2 → 0.3.0

package/README.md

@@ -1,18 +1,24 @@
-![image](https://github.com/user-attachments/assets/6f962001-911a-41be-8ebf-80f66bf6582f)
+![Envilder](https://github.com/user-attachments/assets/f646a3e7-6ae2-4f3b-8f51-3807067fc99c)
 
-`Envilder` is a CLI tool to manage AWS SSM Parameter Store parameters and automatically generate the required `.env` file. This tool simplifies environment variable management for projects, avoiding manual updates and ensuring consistency across environments.
+Envilder is a CLI tool for managing AWS SSM Parameter Store parameters and automatically generating the required
+`.env` file. This tool simplifies project environment variable management, avoiding manual updates and ensuring
+consistency across environments.
 
 # ✨ Features
 
 - 🔒 Fetch parameters securely from AWS SSM Parameter Store.
 - ⚡ Automatically generates a `.env` file with specified parameters.
-- 🛡️ Handles encrypted (currently only supported) SSM parameters.
+- 🛡️ Handles encrypted SSM parameters.
 - 🪶 Lightweight and simple to use.
+- 🔄 Support for multiple AWS profiles.
 
 # Prerequisites
-Before using `Envilder`, ensure that you have the AWS CLI installed and properly configured on your local machine. This configuration is required for `Envilder` to access and manage parameters in AWS SSM.
+
+Before using `Envilder`, ensure that you have the AWS CLI installed and properly configured on your local
+machine. This configuration is required for `Envilder` to access and manage parameters in AWS SSM.
 
 ## AWS CLI Installation & Configuration
+
 1. Install the AWS CLI by following the instructions [here](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html).
 2. After installation, configure the AWS CLI using the following command:
 
@@ -26,10 +32,13 @@ Before using `Envilder`, ensure that you have the AWS CLI installed and properly
     - Default region name (e.g., `us-east-1`)
     - Default output format (e.g., `json`)
 
-   Make sure that the AWS credentials you're using have the appropriate permissions to access the SSM Parameter Store in your AWS account.
+   Make sure that the AWS credentials you're using have the appropriate permissions to access the SSM Parameter
+   Store in your AWS account.
 
 # Installation
-You can install `Envilder` globally using yarn. This will allow you to use the `envilder` command from any directory on your system.
+
+You can install `Envilder` globally using yarn. This will allow you to use the `envilder` command from any
+directory on your system.
 
 ```bash
 yarn global add envilder
@@ -50,6 +59,10 @@ Envilder requires two arguments:
 - `--map <path>`: Path to a JSON file mapping environment variable names to SSM parameters.
 - `--envfile <path>`: Path where the generated .env file will be saved.
 
+Optional arguments:
+
+- `--profile <name>`: AWS CLI profile to use for credentials (if not using the default profile).
+
 # 🔧 Example
 
 1. Create a mapping file `param_map.json`:
@@ -67,7 +80,43 @@ Envilder requires two arguments:
     envilder --map=param_map.json --envfile=.env
     ```
 
-3. The `.env` file will be generated in the specified location.
+3. To use a specific AWS profile:
+
+    ```bash
+    envilder --map=param_map.json --envfile=.env --profile=dev-account
+    ```
+
+4. The `.env` file will be generated in the specified location.
+
+## 🌐 Working with Multiple AWS Profiles
+
+If you work with multiple AWS accounts or environments, you can configure different profiles in your AWS credentials file:
+
+1. Edit your AWS credentials file (usually at `~/.aws/credentials` on Linux/Mac or `%USERPROFILE%\.aws\credentials` on Windows):
+
+    ```ini
+    [default]
+    aws_access_key_id=YOUR_DEFAULT_ACCESS_KEY
+    aws_secret_access_key=YOUR_DEFAULT_SECRET_KEY
+
+    [dev-account]
+    aws_access_key_id=YOUR_DEV_ACCESS_KEY
+    aws_secret_access_key=YOUR_DEV_SECRET_KEY
+
+    [prod-account]
+    aws_access_key_id=YOUR_PROD_ACCESS_KEY
+    aws_secret_access_key=YOUR_PROD_SECRET_KEY
+    ```
+
+2. When running Envilder, specify which profile to use with the `--profile` option:
+
+    ```bash
+    # For development environment
+    envilder --map=param_map.json --envfile=.env.development --profile=dev-account
+
+    # For production environment
+    envilder --map=param_map.json --envfile=.env.production --profile=prod-account
+    ```
 
 # 📂 Sample `.env` Output
 
@@ -78,13 +127,13 @@ SECRET_KEY=mockedPassword
 
 # 🧪 Running Tests
 
-To run the tests with coverage: 
+To run the tests with coverage:
 
 ```bash
 yarn test
 ```
 
-Here you can see the current coverage report: https://macalbert.github.io/envilder/
+Here you can see the current coverage report: <https://macalbert.github.io/envilder/>
 
 # 📝 License
 

package/lib/cli/cliRunner.d.ts

@@ -1,3 +1,10 @@
 #!/usr/bin/env node
+/**
+ * Parses CLI arguments and runs the environment file generator.
+ *
+ * Expects `--map` and `--envfile` options to be provided, with an optional `--profile` for AWS CLI profile selection. Invokes the main process to generate a `.env` file from AWS SSM parameters based on the provided mapping.
+ *
+ * @throws {Error} If either `--map` or `--envfile` arguments are missing.
+ */
 export declare function cliRunner(): Promise<void>;
 //# sourceMappingURL=cliRunner.d.ts.map

package/lib/cli/cliRunner.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cliRunner.d.ts","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";AAKA,wBAAsB,SAAS,kBAkB9B"}
+{"version":3,"file":"cliRunner.d.ts","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";AAKA;;;;;;GAMG;AACH,wBAAsB,SAAS,kBAmB9B"}

package/lib/cli/cliRunner.js

@@ -10,6 +10,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { Command } from 'commander';
 import { run } from '../index.js';
+/**
+ * Parses CLI arguments and runs the environment file generator.
+ *
+ * Expects `--map` and `--envfile` options to be provided, with an optional `--profile` for AWS CLI profile selection. Invokes the main process to generate a `.env` file from AWS SSM parameters based on the provided mapping.
+ *
+ * @throws {Error} If either `--map` or `--envfile` arguments are missing.
+ */
 export function cliRunner() {
     return __awaiter(this, void 0, void 0, function* () {
         const program = new Command();
@@ -18,13 +25,14 @@ export function cliRunner() {
             .description('A CLI tool to generate .env files from AWS SSM parameters')
             .version('0.1.0')
             .requiredOption('--map <path>', 'Path to the JSON file with environment variable mapping')
-            .requiredOption('--envfile <path>', 'Path to the .env file to be generated');
+            .requiredOption('--envfile <path>', 'Path to the .env file to be generated')
+            .option('--profile <name>', 'AWS CLI profile to use');
         yield program.parseAsync(process.argv);
         const options = program.opts();
         if (!options.map || !options.envfile) {
             throw new Error('Missing required arguments: --map and --envfile');
         }
-        yield run(options.map, options.envfile);
+        yield run(options.map, options.envfile, options.profile);
     });
 }
 cliRunner().catch((error) => {

package/lib/cli/cliRunner.js.map

@@ -1 +1 @@
-{"version":3,"file":"cliRunner.js","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";;;;;;;;;;AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,UAAgB,SAAS;;QAC7B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QAE9B,OAAO;aACJ,IAAI,CAAC,UAAU,CAAC;aAChB,WAAW,CAAC,2DAA2D,CAAC;aACxE,OAAO,CAAC,OAAO,CAAC;aAChB,cAAc,CAAC,cAAc,EAAE,yDAAyD,CAAC;aACzF,cAAc,CAAC,kBAAkB,EAAE,uCAAuC,CAAC,CAAC;QAE/E,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC;CAAA;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;AAC7E,CAAC,CAAC,CAAC"}
+{"version":3,"file":"cliRunner.js","sourceRoot":"","sources":["../../src/cli/cliRunner.ts"],"names":[],"mappings":";;;;;;;;;;AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC;;;;;;GAMG;AACH,MAAM,UAAgB,SAAS;;QAC7B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QAE9B,OAAO;aACJ,IAAI,CAAC,UAAU,CAAC;aAChB,WAAW,CAAC,2DAA2D,CAAC;aACxE,OAAO,CAAC,OAAO,CAAC;aAChB,cAAc,CAAC,cAAc,EAAE,yDAAyD,CAAC;aACzF,cAAc,CAAC,kBAAkB,EAAE,uCAAuC,CAAC;aAC3E,MAAM,CAAC,kBAAkB,EAAE,wBAAwB,CAAC,CAAC;QAExD,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC;CAAA;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;AAC7E,CAAC,CAAC,CAAC"}

package/lib/index.d.ts

@@ -1,2 +1,11 @@
-export declare function run(mapPath: string, envFilePath: string): Promise<void>;
+/**
+ * Orchestrates the process of fetching environment variable values from AWS SSM Parameter Store and writing them to a local environment file.
+ *
+ * Loads a parameter mapping from a JSON file, retrieves existing environment variables, fetches updated values from SSM (optionally using a specified AWS profile), merges them, and writes the result to the specified environment file.
+ *
+ * @param mapPath - Path to the JSON file mapping environment variable names to SSM parameter names.
+ * @param envFilePath - Path to the local environment file to read and update.
+ * @param profile - Optional AWS profile name to use for credentials.
+ */
+export declare function run(mapPath: string, envFilePath: string, profile?: string): Promise<void>;
 //# sourceMappingURL=index.d.ts.map

package/lib/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,wBAAsB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,iBAQ7D"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA;;;;;;;;GAQG;AACH,wBAAsB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,iBAY/E"}

package/lib/index.js

@@ -9,13 +9,25 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import * as fs from 'node:fs';
 import { GetParameterCommand, SSM } from '@aws-sdk/client-ssm';
+import { fromIni } from '@aws-sdk/credential-providers';
 import * as dotenv from 'dotenv';
-const ssm = new SSM({});
-export function run(mapPath, envFilePath) {
+/**
+ * Orchestrates the process of fetching environment variable values from AWS SSM Parameter Store and writing them to a local environment file.
+ *
+ * Loads a parameter mapping from a JSON file, retrieves existing environment variables, fetches updated values from SSM (optionally using a specified AWS profile), merges them, and writes the result to the specified environment file.
+ *
+ * @param mapPath - Path to the JSON file mapping environment variable names to SSM parameter names.
+ * @param envFilePath - Path to the local environment file to read and update.
+ * @param profile - Optional AWS profile name to use for credentials.
+ */
+export function run(mapPath, envFilePath, profile) {
     return __awaiter(this, void 0, void 0, function* () {
+        const defaultAwsConfig = {};
+        const ssmClientConfig = profile ? { credentials: fromIni({ profile }) } : defaultAwsConfig;
+        const ssm = new SSM(ssmClientConfig);
         const paramMap = loadParamMap(mapPath);
         const existingEnvVariables = loadExistingEnvVariables(envFilePath);
-        const updatedEnvVariables = yield fetchAndUpdateEnvVariables(paramMap, existingEnvVariables);
+        const updatedEnvVariables = yield fetchAndUpdateEnvVariables(paramMap, existingEnvVariables, ssm);
         writeEnvFile(envFilePath, updatedEnvVariables);
         console.log(`Environment File generated at '${envFilePath}'`);
     });
@@ -39,12 +51,24 @@ function loadExistingEnvVariables(envFilePath) {
     Object.assign(envVariables, parsedEnv);
     return envVariables;
 }
-function fetchAndUpdateEnvVariables(paramMap, existingEnvVariables) {
+/**
+ * Fetches parameter values from AWS SSM for each environment variable in the map and updates the existing environment variables record.
+ *
+ * For each mapping, retrieves the corresponding SSM parameter value and updates the environment variable if found. Logs masked values and warnings for missing parameters. Throws an error if any parameters fail to fetch.
+ *
+ * @param paramMap - Mapping of environment variable names to SSM parameter names.
+ * @param existingEnvVariables - Current environment variables to be updated.
+ * @param ssm - AWS SSM client instance used for fetching parameters.
+ * @returns The updated environment variables record.
+ *
+ * @throws {Error} If any SSM parameters cannot be fetched.
+ */
+function fetchAndUpdateEnvVariables(paramMap, existingEnvVariables, ssm) {
     return __awaiter(this, void 0, void 0, function* () {
         const errors = [];
         for (const [envVar, ssmName] of Object.entries(paramMap)) {
             try {
-                const value = yield fetchSSMParameter(ssmName);
+                const value = yield fetchSSMParameter(ssmName, ssm);
                 if (value) {
                     existingEnvVariables[envVar] = value;
                     console.log(`${envVar}=${value.length > 3 ? '*'.repeat(value.length - 3) + value.slice(-3) : '*'.repeat(value.length)}`);
@@ -64,7 +88,13 @@ function fetchAndUpdateEnvVariables(paramMap, existingEnvVariables) {
         return existingEnvVariables;
     });
 }
-function fetchSSMParameter(ssmName) {
+/**
+ * Retrieves the value of a parameter from AWS SSM Parameter Store with decryption enabled.
+ *
+ * @param ssmName - The name of the SSM parameter to retrieve.
+ * @returns The decrypted parameter value if found, or undefined if the parameter does not exist.
+ */
+function fetchSSMParameter(ssmName, ssm) {
     return __awaiter(this, void 0, void 0, function* () {
         const command = new GetParameterCommand({
             Name: ssmName,

package/lib/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAEjC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;AAExB,MAAM,UAAgB,GAAG,CAAC,OAAe,EAAE,WAAmB;;QAC5D,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,WAAW,CAAC,CAAC;QAEnE,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;QAE7F,YAAY,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,GAAG,CAAC,CAAC;IAChE,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,uCAAuC,OAAO,EAAE,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,WAAmB;IACnD,MAAM,YAAY,GAA2B,EAAE,CAAC;IAEhD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,YAAY,CAAC;IAErD,MAAM,kBAAkB,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEvC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAe,0BAA0B,CACvC,QAAgC,EAChC,oBAA4C;;QAE5C,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;gBAC/C,IAAI,KAAK,EAAE,CAAC;oBACV,oBAAoB,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;oBACrC,OAAO,CAAC,GAAG,CACT,GAAG,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAC5G,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,iCAAiC,OAAO,GAAG,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,OAAO,GAAG,CAAC,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,0CAA0C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,oBAAoB,CAAC;IAC9B,CAAC;CAAA;AAED,SAAe,iBAAiB,CAAC,OAAe;;QAC9C,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC;YACtC,IAAI,EAAE,OAAO;YACb,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;QAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAC;IAC1B,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,WAAmB,EAAE,YAAoC;IAC7E,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SAC5C,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACpB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChF,OAAO,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;IAClC,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AAC5C,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAC;AACxD,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAEjC;;;;;;;;GAQG;AACH,MAAM,UAAgB,GAAG,CAAC,OAAe,EAAE,WAAmB,EAAE,OAAgB;;QAC9E,MAAM,gBAAgB,GAAG,EAAE,CAAC;QAC5B,MAAM,eAAe,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC;QAC3F,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;QAErC,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,WAAW,CAAC,CAAC;QAEnE,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB,EAAE,GAAG,CAAC,CAAC;QAElG,YAAY,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,GAAG,CAAC,CAAC;IAChE,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,uCAAuC,OAAO,EAAE,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,WAAmB;IACnD,MAAM,YAAY,GAA2B,EAAE,CAAC;IAEhD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,YAAY,CAAC;IAErD,MAAM,kBAAkB,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEvC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAe,0BAA0B,CACvC,QAAgC,EAChC,oBAA4C,EAC5C,GAAQ;;QAER,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;gBACpD,IAAI,KAAK,EAAE,CAAC;oBACV,oBAAoB,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;oBACrC,OAAO,CAAC,GAAG,CACT,GAAG,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAC5G,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,iCAAiC,OAAO,GAAG,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,OAAO,GAAG,CAAC,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,0CAA0C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,oBAAoB,CAAC;IAC9B,CAAC;CAAA;AAED;;;;;GAKG;AACH,SAAe,iBAAiB,CAAC,OAAe,EAAE,GAAQ;;QACxD,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC;YACtC,IAAI,EAAE,OAAO;YACb,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;QAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAC;IAC1B,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,WAAmB,EAAE,YAAoC;IAC7E,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SAC5C,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACpB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChF,OAAO,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;IAClC,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AAC5C,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "envilder",
-  "version": "0.2.2",
+  "version": "0.3.0",
   "description": "A CLI tool to generate .env files from AWS SSM parameters",
   "exports": {
     ".": {
@@ -38,21 +38,22 @@
   "type": "module",
   "dependencies": {
     "@aws-sdk/client-ssm": "^3.654.0",
-    "@secretlint/core": "^8.2.4",
-    "@secretlint/secretlint-rule-preset-recommend": "^8.2.4",
+    "@aws-sdk/credential-providers": "^3.806.0",
+    "@secretlint/core": "^9.2.1",
+    "@secretlint/secretlint-rule-preset-recommend": "^9.0.0",
     "@types/node": "^22.5.5",
-    "commander": "^12.1.0",
+    "commander": "^13.1.0",
     "dotenv": "^16.4.5",
     "picocolors": "^1.1.0"
   },
   "devDependencies": {
     "@biomejs/biome": "^1.9.1",
-    "@vitest/coverage-v8": "^2.1.1",
+    "@vitest/coverage-v8": "^3.1.1",
     "rimraf": "^6.0.1",
-    "secretlint": "^8.2.4",
+    "secretlint": "^9.0.0",
     "ts-node": "^10.9.2",
     "typescript": "^5.6.2",
-    "vitest": "^2.1.2"
+    "vitest": "^3.1.1"
   },
   "resolutions": {
     "string-width": "4.2.3",

package/src/cli/cliRunner.ts

@@ -3,6 +3,13 @@
 import { Command } from 'commander';
 import { run } from '../index.js';
 
+/**
+ * Parses CLI arguments and runs the environment file generator.
+ *
+ * Expects `--map` and `--envfile` options to be provided, with an optional `--profile` for AWS CLI profile selection. Invokes the main process to generate a `.env` file from AWS SSM parameters based on the provided mapping.
+ *
+ * @throws {Error} If either `--map` or `--envfile` arguments are missing.
+ */
 export async function cliRunner() {
   const program = new Command();
 
@@ -11,7 +18,8 @@ export async function cliRunner() {
     .description('A CLI tool to generate .env files from AWS SSM parameters')
     .version('0.1.0')
     .requiredOption('--map <path>', 'Path to the JSON file with environment variable mapping')
-    .requiredOption('--envfile <path>', 'Path to the .env file to be generated');
+    .requiredOption('--envfile <path>', 'Path to the .env file to be generated')
+    .option('--profile <name>', 'AWS CLI profile to use');
 
   await program.parseAsync(process.argv);
   const options = program.opts();
@@ -20,7 +28,7 @@ export async function cliRunner() {
     throw new Error('Missing required arguments: --map and --envfile');
   }
 
-  await run(options.map, options.envfile);
+  await run(options.map, options.envfile, options.profile);
 }
 
 cliRunner().catch((error) => {

package/src/index.ts

@@ -1,14 +1,26 @@
 import * as fs from 'node:fs';
 import { GetParameterCommand, SSM } from '@aws-sdk/client-ssm';
+import { fromIni } from '@aws-sdk/credential-providers';
 import * as dotenv from 'dotenv';
 
-const ssm = new SSM({});
+/**
+ * Orchestrates the process of fetching environment variable values from AWS SSM Parameter Store and writing them to a local environment file.
+ *
+ * Loads a parameter mapping from a JSON file, retrieves existing environment variables, fetches updated values from SSM (optionally using a specified AWS profile), merges them, and writes the result to the specified environment file.
+ *
+ * @param mapPath - Path to the JSON file mapping environment variable names to SSM parameter names.
+ * @param envFilePath - Path to the local environment file to read and update.
+ * @param profile - Optional AWS profile name to use for credentials.
+ */
+export async function run(mapPath: string, envFilePath: string, profile?: string) {
+  const defaultAwsConfig = {};
+  const ssmClientConfig = profile ? { credentials: fromIni({ profile }) } : defaultAwsConfig;
+  const ssm = new SSM(ssmClientConfig);
 
-export async function run(mapPath: string, envFilePath: string) {
   const paramMap = loadParamMap(mapPath);
   const existingEnvVariables = loadExistingEnvVariables(envFilePath);
 
-  const updatedEnvVariables = await fetchAndUpdateEnvVariables(paramMap, existingEnvVariables);
+  const updatedEnvVariables = await fetchAndUpdateEnvVariables(paramMap, existingEnvVariables, ssm);
 
   writeEnvFile(envFilePath, updatedEnvVariables);
   console.log(`Environment File generated at '${envFilePath}'`);
@@ -36,15 +48,28 @@ function loadExistingEnvVariables(envFilePath: string): Record<string, string> {
   return envVariables;
 }
 
+/**
+ * Fetches parameter values from AWS SSM for each environment variable in the map and updates the existing environment variables record.
+ *
+ * For each mapping, retrieves the corresponding SSM parameter value and updates the environment variable if found. Logs masked values and warnings for missing parameters. Throws an error if any parameters fail to fetch.
+ *
+ * @param paramMap - Mapping of environment variable names to SSM parameter names.
+ * @param existingEnvVariables - Current environment variables to be updated.
+ * @param ssm - AWS SSM client instance used for fetching parameters.
+ * @returns The updated environment variables record.
+ *
+ * @throws {Error} If any SSM parameters cannot be fetched.
+ */
 async function fetchAndUpdateEnvVariables(
   paramMap: Record<string, string>,
   existingEnvVariables: Record<string, string>,
+  ssm: SSM,
 ): Promise<Record<string, string>> {
   const errors: string[] = [];
 
   for (const [envVar, ssmName] of Object.entries(paramMap)) {
     try {
-      const value = await fetchSSMParameter(ssmName);
+      const value = await fetchSSMParameter(ssmName, ssm);
       if (value) {
         existingEnvVariables[envVar] = value;
         console.log(
@@ -66,7 +91,13 @@ async function fetchAndUpdateEnvVariables(
   return existingEnvVariables;
 }
 
-async function fetchSSMParameter(ssmName: string): Promise<string | undefined> {
+/**
+ * Retrieves the value of a parameter from AWS SSM Parameter Store with decryption enabled.
+ *
+ * @param ssmName - The name of the SSM parameter to retrieve.
+ * @returns The decrypted parameter value if found, or undefined if the parameter does not exist.
+ */
+async function fetchSSMParameter(ssmName: string, ssm: SSM): Promise<string | undefined> {
   const command = new GetParameterCommand({
     Name: ssmName,
     WithDecryption: true,

package/tests/cli/cliRunner.test.ts

@@ -12,9 +12,9 @@ describe('cliRunner', () => {
   beforeEach(() => {
     process.argv = [...originalArgv.slice(0, 2)];
   });
-
   afterEach(() => {
     vi.clearAllMocks();
+    process.argv = originalArgv;
   });
 
   it('Should_CallRunWithCorrectArguments_When_ValidArgumentsAreProvided', async () => {
@@ -27,7 +27,7 @@ describe('cliRunner', () => {
     await cliRunner();
 
     // Assert
-    expect(run).toHaveBeenCalledWith(mockMapPath, mockEnvFilePath);
+    expect(run).toHaveBeenCalledWith(mockMapPath, mockEnvFilePath, undefined);
   });
 
   it('Should_ThrowError_When_RequiredArgumentsAreMissing', async () => {
@@ -42,4 +42,18 @@ describe('cliRunner', () => {
     // Assert
     await expect(action).rejects.toThrow('process.exit called');
   });
+
+  it('Should_CallRunWithCorrectArgumentsIncludingProfile_When_ProfileIsProvided', async () => {
+    // Arrange
+    const mockMapPath = 'path/to/mockMap.json';
+    const mockEnvFilePath = 'path/to/.env';
+    const mockProfile = 'test-profile';
+    process.argv.push('--map', mockMapPath, '--envfile', mockEnvFilePath, '--profile', mockProfile);
+
+    // Act
+    await cliRunner();
+
+    // Assert
+    expect(run).toHaveBeenCalledWith(mockMapPath, mockEnvFilePath, mockProfile);
+  });
 });

package/tests/index.test.ts

@@ -1,4 +1,5 @@
 import * as fs from 'node:fs';
+import { SSM } from '@aws-sdk/client-ssm';
 import { afterEach, describe, expect, it, vi } from 'vitest';
 import { run } from '../src/index';
 
@@ -140,4 +141,21 @@ describe('Envilder CLI', () => {
     fs.unlinkSync(mockEnvFilePath);
     fs.unlinkSync(mockMapPath);
   });
+
+  it('Should_ConfigureSSMClientWithProfile_When_ProfileIsProvided', async () => {
+    // Arrange
+    const mockMapPath = './tests/param_map.json';
+    const mockEnvFilePath = './tests/.env.test';
+    const mockProfile = 'test-profile';
+    const paramMapContent = {
+      NEXT_PUBLIC_CREDENTIAL_EMAIL: '/path/to/ssm/email',
+    };
+    fs.writeFileSync(mockMapPath, JSON.stringify(paramMapContent));
+
+    // Act
+    await run(mockMapPath, mockEnvFilePath, mockProfile);
+
+    // Assert
+    expect(vi.mocked(SSM).mock.calls[0][0]).toEqual(expect.objectContaining({ credentials: expect.anything() }));
+  });
 });