envilder 0.5.0 → 0.5.2

package/README.md

@@ -1,12 +1,9 @@
 <h1 align="center">
   <br>
   <img src="https://github.com/user-attachments/assets/96bf1efa-7d21-440a-a414-3a20e7f9a1f1" alt="Envilder">
-  <br>
-  Envilder
-  <br>
 </h1>
 
-<h4 align="center">Secure Your Environment Variables with AWS SSM Parameter Store</h4>
+<h4 align="center">A CLI that securely centralizes your environment variables from AWS SSM as a single source of truth</h4>
 
 <p align="center">
   <a href="https://www.npmjs.com/package/envilder">
@@ -20,11 +17,16 @@
   </a>
 </p>
 
-<p align="center">
-  <b>Stop committing secrets to your repo! Start using AWS SSM Parameter Store to secure your credentials.</b>
-</p>
+## 🌟 Key benefits
+
+- **🔒 Strict access control** - AWS IAM policies control who accesses which secrets (dev vs prod)
+- **📊 Full audit trail** - All parameter access is logged in CloudTrail for compliance requirements
+- **🧩 Single source of truth** - No more copying .env files from Notion or emails - SSM is your only source
+- **🔁 Idempotent operations** - Won't overwrite your local values - safe for automation
+- **⚙️ Environment-aware** - Use templates like `/project/${ENV}/DB_PASSWORD` to dynamically fetch the right secrets
+- **🧱 No extra infrastructure** - Uses AWS SSM's existing reliability instead of additional secret managers
 
-## ⚡ Quick Start
+## ⚡ Quick start
 
 ```bash
 # Install globally
@@ -37,7 +39,7 @@ echo '{"DB_PASSWORD": "/my-app/db/password"}' > param-map.json
 envilder --map=param-map.json --envfile=.env
 ```
 
-## 🤔 What Problem Does Envilder Solve?
+## 🤔 What problem does Envilder solve?
 
 <table>
 <tr>
@@ -72,23 +74,23 @@ envilder --map=param-map.json --envfile=.env
 
 ## 💡 Why Envilder?
 
-- 🔐 **No More Secrets in Git** - Store credentials in AWS SSM Parameter Store instead of version control
-- 🤖 **Automate Everything** - One command to generate your `.env` files across all environments
-- 🔄 **Always in Sync** - Keep your local, dev, and production environments consistent
-- 🏎️ **Fast to Set Up** - Configure once, then generate `.env` files with a single command
-- 🪶 **Simple but Powerful** - Easy interface with support for encrypted parameters and multiple AWS profiles
+- 🔐 **No more secrets in git** - Store credentials in AWS SSM Parameter Store instead of version control
+- 🤖 **Automate everything** - One command to generate your `.env` files across all environments
+- 🔄 **Always in sync** - Keep your local, dev, and production environments consistent
+- 🏎️ **Fast to set up** - Configure once, then generate `.env` files with a single command
+- 🪶 **Simple but powerful** - Easy interface with support for encrypted parameters and multiple AWS profiles
 
-## 🎯 Perfect for Teams
+## 🎯 Perfect for teams
 
 Envilder is the tool you need if you:
 
-- 👥 **Work in a Development Team** - Ensure everyone has the same environment without sharing raw secrets
-- 🔑 **Deal with API Keys & Tokens** - Securely store and retrieve sensitive credentials
-- ⚙️ **Run CI/CD Pipelines** - Automatically generate environment files during deployments
-- ☁️ **Use AWS Already** - Leverage your existing AWS infrastructure more effectively
-- 🌐 **Manage Multiple Environments** - Switch easily between dev, staging, and production
+- 👥 **Work in a development team** - Ensure everyone has the same environment without sharing raw secrets
+- 🔑 **Deal with API keys & tokens** - Securely store and retrieve sensitive credentials
+- ⚙️ **Run CI/CD pipelines** - Automatically generate environment files during deployments
+- ☁️ **Use AWS already** - Leverage your existing AWS infrastructure more effectively
+- 🌐 **Manage multiple environments** - Switch easily between dev, staging, and production
 
-## 🔍 How It Works (Simple!)
+## 🔍 How it works (simple!)
 
 ```mermaid
 graph LR
@@ -98,10 +100,10 @@ graph LR
     E[SSM Parameters] --> B
 ```
 
-1. 📖 **Define Your Mapping** - Simple JSON mapping env vars to SSM paths
+1. 📖 **Define your mapping** - Simple JSON mapping env vars to SSM paths
 2. 🚀 **Run Envilder** - One command with your mapping file
-3. 🔄 **Auto-Fetch from AWS** - Retrieves values using your AWS credentials
-4. 💾 **Get Your .env File** - Ready to use in your project
+3. 🔄 **Auto-fetch from AWS** - Retrieves values using your AWS credentials
+4. 💾 **Get your .env file** - Ready to use in your project
 
 ## ⚙️ Prerequisites
 
@@ -110,7 +112,7 @@ You'll need:
 - ✅ **AWS CLI** - Installed and configured with proper permissions to access SSM Parameter Store
 - ✅ **Node.js** - Version 14 or higher
 
-### AWS CLI Setup
+### AWS CLI setup
 
 1. Install the AWS CLI by following the [official instructions](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html).
 2. After installation, configure the AWS CLI:
@@ -149,7 +151,7 @@ envilder --map=<mapping-file> --envfile=<output-file> [--profile=<aws-profile>]
 | `--envfile` | Path to output .env file (required) |
 | `--profile` | AWS CLI profile to use (optional) |
 
-## 🔧 Quick Example
+## 🔧 Quick example
 
 1. Create a mapping file `param-map.json`:
 
@@ -172,7 +174,7 @@ envilder --map=<mapping-file> --envfile=<output-file> [--profile=<aws-profile>]
     envilder --map=param-map.json --envfile=.env --profile=dev-account
     ```
 
-## 🌐 Working with Multiple AWS Profiles
+## 🌐 Working with multiple AWS profiles
 
 For multiple AWS accounts or environments, configure different profiles in your AWS credentials file:
 
@@ -203,14 +205,63 @@ or `%USERPROFILE%\.aws\credentials` on Windows):
     envilder --map=param-map.json --envfile=.env.production --profile=prod-account
     ```
 
-## 📂 Sample `.env` Output
+## 🛠️ Advanced usage: environment-specific parameters
+
+Envilder works brilliantly with environment variables for dynamic parameter paths:
+
+1. Set up your SSM parameters with environment-specific paths:
+
+   ```text
+   /project/dev/DB_PASSWORD
+   /project/stage/DB_PASSWORD
+   /project/prod/DB_PASSWORD
+   ```
+
+2. Create a template-based mapping file `env-map.json`:
+
+   ```json
+   {
+     "DB_PASSWORD": "/project/${ENV}/DB_PASSWORD"
+   }
+   ```
+
+3. Generate environment-specific .env files:
+
+   ```powershell
+   # Development
+   $env:ENV = "dev"
+   envilder --map=env-map.json --envfile=.env.dev
+
+   # Staging 
+   $env:ENV = "stage"
+   envilder --map=env-map.json --envfile=.env.stage
+   
+   # Production
+   $env:ENV = "prod" 
+   envilder --map=env-map.json --envfile=.env.prod --profile=prod-account
+   ```
+
+This approach ensures the right variables are pulled for each environment with minimal configuration.
+
+## 📂 Sample `.env` output
 
 ```ini
 SECRET_TOKEN=mockedEmail@example.com
 SECRET_KEY=mockedPassword
 ```
 
-## 🧪 Running Tests
+## 🎯 Why use Envilder in practice?
+
+Envilder eliminates common problems in development teams:
+
+- **🛑 No more "it works on my machine"** - Everyone uses the exact same environment variables from the same source
+- **🔄 Always fresh credentials** - Update a secret in SSM and everyone gets it automatically on next run
+- **🛡️ Access control built-in** - Developers only see dev secrets, CI/CD systems see what they need
+- **🧠 Zero mental overhead** - No need to remember which variables are needed - the mapping defines everything
+- **🚫 No more sharing secrets** - Stop pasting credentials in Slack, email, or Notion documents
+- **📋 Compliance ready** - All accesses are logged in AWS CloudTrail for auditing
+
+## 🧪 Running tests
 
 ```bash
 yarn test

package/lib/cli/cli.d.ts

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+/**
+ * Parses CLI arguments and runs the environment file generator.
+ *
+ * Expects `--map` and `--envfile` options to be provided, with an optional `--profile` for AWS CLI profile selection. Invokes the main process to generate a `.env` file from AWS SSM parameters based on the provided mapping.
+ *
+ * @throws {Error} If either `--map` or `--envfile` arguments are missing.
+ */
+export declare function main(): Promise<void>;
+//# sourceMappingURL=cli.d.ts.map

package/lib/cli/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/cli/cli.ts"],"names":[],"mappings":";AA4CA;;;;;;GAMG;AACH,wBAAsB,IAAI,kBAkBzB"}

package/lib/cli/cli.js

@@ -0,0 +1,76 @@
+#!/usr/bin/env node
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { existsSync, readFileSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { Command } from 'commander';
+import { run } from '../index.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+/**
+ * Find the package.json file by traversing up directories
+ * @param startDir The directory to start searching from
+ * @param maxDepth Maximum number of parent directories to check
+ * @returns Path to package.json if found, or null if not found
+ */
+function findPackageJson(startDir, maxDepth = 5) {
+    let currentDir = startDir;
+    let depth = 0;
+    while (depth < maxDepth) {
+        const packagePath = join(currentDir, 'package.json');
+        if (existsSync(packagePath)) {
+            return packagePath;
+        }
+        // Go up one directory
+        const parentDir = dirname(currentDir);
+        if (parentDir === currentDir) {
+            // We've reached the root
+            break;
+        }
+        currentDir = parentDir;
+        depth++;
+    }
+    return null;
+}
+// Get package.json path by searching up from current file
+const packageJsonPath = findPackageJson(__dirname) || join(__dirname, '..', '..', 'package.json');
+const packageJson = JSON.parse(readFileSync(packageJsonPath, 'utf8'));
+/**
+ * Parses CLI arguments and runs the environment file generator.
+ *
+ * Expects `--map` and `--envfile` options to be provided, with an optional `--profile` for AWS CLI profile selection. Invokes the main process to generate a `.env` file from AWS SSM parameters based on the provided mapping.
+ *
+ * @throws {Error} If either `--map` or `--envfile` arguments are missing.
+ */
+export function main() {
+    return __awaiter(this, void 0, void 0, function* () {
+        const program = new Command();
+        program
+            .name('envilder')
+            .description('A CLI tool to generate .env files from AWS SSM parameters')
+            .version(packageJson.version)
+            .requiredOption('--map <path>', 'Path to the JSON file with environment variable mapping')
+            .requiredOption('--envfile <path>', 'Path to the .env file to be generated')
+            .option('--profile <name>', 'AWS CLI profile to use');
+        yield program.parseAsync(process.argv);
+        const options = program.opts();
+        if (!options.map || !options.envfile) {
+            throw new Error('Missing required arguments: --map and --envfile');
+        }
+        yield run(options.map, options.envfile, options.profile);
+    });
+}
+// Execute the CLI
+main().catch((error) => {
+    console.error('🚨 Uh-oh! Looks like Mario fell into the wrong pipe! 🍄💥');
+    console.error(error);
+});
+//# sourceMappingURL=cli.js.map

package/lib/cli/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli/cli.ts"],"names":[],"mappings":";;;;;;;;;;AACA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC;;;;;GAKG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,QAAQ,GAAG,CAAC;IACrD,IAAI,UAAU,GAAG,QAAQ,CAAC;IAC1B,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,OAAO,KAAK,GAAG,QAAQ,EAAE,CAAC;QACxB,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;QACrD,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,sBAAsB;QACtB,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;QACtC,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;YAC7B,yBAAyB;YACzB,MAAM;QACR,CAAC;QAED,UAAU,GAAG,SAAS,CAAC;QACvB,KAAK,EAAE,CAAC;IACV,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,0DAA0D;AAC1D,MAAM,eAAe,GAAG,eAAe,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;AAClG,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CAAC;AAEtE;;;;;;GAMG;AACH,MAAM,UAAgB,IAAI;;QACxB,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QAC9B,OAAO;aACJ,IAAI,CAAC,UAAU,CAAC;aAChB,WAAW,CAAC,2DAA2D,CAAC;aACxE,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC;aAC5B,cAAc,CAAC,cAAc,EAAE,yDAAyD,CAAC;aACzF,cAAc,CAAC,kBAAkB,EAAE,uCAAuC,CAAC;aAC3E,MAAM,CAAC,kBAAkB,EAAE,wBAAwB,CAAC,CAAC;QAExD,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAE/B,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC;CAAA;AAED,kBAAkB;AAClB,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAC3E,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}

package/lib/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Orchestrates the process of fetching environment variable values from AWS SSM Parameter Store and writing them to a local environment file.
+ *
+ * Loads a parameter mapping from a JSON file, retrieves existing environment variables, fetches updated values from SSM (optionally using a specified AWS profile), merges them, and writes the result to the specified environment file.
+ *
+ * @param mapPath - Path to the JSON file mapping environment variable names to SSM parameter names.
+ * @param envFilePath - Path to the local environment file to read and update.
+ * @param profile - Optional AWS profile name to use for credentials.
+ */
+export declare function run(mapPath: string, envFilePath: string, profile?: string): Promise<void>;
+//# sourceMappingURL=index.d.ts.map

package/lib/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA;;;;;;;;GAQG;AACH,wBAAsB,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,iBAY/E"}

package/lib/index.js

@@ -0,0 +1,116 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as fs from 'node:fs';
+import { GetParameterCommand, SSM } from '@aws-sdk/client-ssm';
+import { fromIni } from '@aws-sdk/credential-providers';
+import * as dotenv from 'dotenv';
+/**
+ * Orchestrates the process of fetching environment variable values from AWS SSM Parameter Store and writing them to a local environment file.
+ *
+ * Loads a parameter mapping from a JSON file, retrieves existing environment variables, fetches updated values from SSM (optionally using a specified AWS profile), merges them, and writes the result to the specified environment file.
+ *
+ * @param mapPath - Path to the JSON file mapping environment variable names to SSM parameter names.
+ * @param envFilePath - Path to the local environment file to read and update.
+ * @param profile - Optional AWS profile name to use for credentials.
+ */
+export function run(mapPath, envFilePath, profile) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const defaultAwsConfig = {};
+        const ssmClientConfig = profile ? { credentials: fromIni({ profile }) } : defaultAwsConfig;
+        const ssm = new SSM(ssmClientConfig);
+        const paramMap = loadParamMap(mapPath);
+        const existingEnvVariables = loadExistingEnvVariables(envFilePath);
+        const updatedEnvVariables = yield fetchAndUpdateEnvVariables(paramMap, existingEnvVariables, ssm);
+        writeEnvFile(envFilePath, updatedEnvVariables);
+        console.log(`Environment File generated at '${envFilePath}'`);
+    });
+}
+function loadParamMap(mapPath) {
+    const content = fs.readFileSync(mapPath, 'utf-8');
+    try {
+        return JSON.parse(content);
+    }
+    catch (error) {
+        console.error(`Error parsing JSON from ${mapPath}`);
+        throw new Error(`Invalid JSON in parameter map file: ${mapPath}`);
+    }
+}
+function loadExistingEnvVariables(envFilePath) {
+    const envVariables = {};
+    if (!fs.existsSync(envFilePath))
+        return envVariables;
+    const existingEnvContent = fs.readFileSync(envFilePath, 'utf-8');
+    const parsedEnv = dotenv.parse(existingEnvContent);
+    Object.assign(envVariables, parsedEnv);
+    return envVariables;
+}
+/**
+ * Fetches parameter values from AWS SSM for each environment variable in the map and updates the existing environment variables record.
+ *
+ * For each mapping, retrieves the corresponding SSM parameter value and updates the environment variable if found. Logs masked values and warnings for missing parameters. Throws an error if any parameters fail to fetch.
+ *
+ * @param paramMap - Mapping of environment variable names to SSM parameter names.
+ * @param existingEnvVariables - Current environment variables to be updated.
+ * @param ssm - AWS SSM client instance used for fetching parameters.
+ * @returns The updated environment variables record.
+ *
+ * @throws {Error} If any SSM parameters cannot be fetched.
+ */
+function fetchAndUpdateEnvVariables(paramMap, existingEnvVariables, ssm) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const errors = [];
+        for (const [envVar, ssmName] of Object.entries(paramMap)) {
+            try {
+                const value = yield fetchSSMParameter(ssmName, ssm);
+                if (value) {
+                    existingEnvVariables[envVar] = value;
+                    console.log(`${envVar}=${value.length > 3 ? '*'.repeat(value.length - 3) + value.slice(-3) : '*'.repeat(value.length)}`);
+                }
+                else {
+                    console.error(`Warning: No value found for: '${ssmName}'`);
+                }
+            }
+            catch (error) {
+                console.error(`Error fetching parameter: '${ssmName}'`);
+                errors.push(`ParameterNotFound: ${ssmName}`);
+            }
+        }
+        if (errors.length > 0) {
+            throw new Error(`Some parameters could not be fetched:\n${errors.join('\n')}`);
+        }
+        return existingEnvVariables;
+    });
+}
+/**
+ * Retrieves the value of a parameter from AWS SSM Parameter Store with decryption enabled.
+ *
+ * @param ssmName - The name of the SSM parameter to retrieve.
+ * @returns The decrypted parameter value if found, or undefined if the parameter does not exist.
+ */
+function fetchSSMParameter(ssmName, ssm) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const command = new GetParameterCommand({
+            Name: ssmName,
+            WithDecryption: true,
+        });
+        const { Parameter } = yield ssm.send(command);
+        return Parameter === null || Parameter === void 0 ? void 0 : Parameter.Value;
+    });
+}
+function writeEnvFile(envFilePath, envVariables) {
+    const envContent = Object.entries(envVariables)
+        .map(([key, value]) => {
+        const escapedValue = value.replace(/(\n|\r|\n\r)/g, '\\n').replace(/"/g, '\\"');
+        return `${key}=${escapedValue}`;
+    })
+        .join('\n');
+    fs.writeFileSync(envFilePath, envContent);
+}
+//# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAC;AACxD,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAEjC;;;;;;;;GAQG;AACH,MAAM,UAAgB,GAAG,CAAC,OAAe,EAAE,WAAmB,EAAE,OAAgB;;QAC9E,MAAM,gBAAgB,GAAG,EAAE,CAAC;QAC5B,MAAM,eAAe,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC;QAC3F,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;QAErC,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,WAAW,CAAC,CAAC;QAEnE,MAAM,mBAAmB,GAAG,MAAM,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB,EAAE,GAAG,CAAC,CAAC;QAElG,YAAY,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,GAAG,CAAC,CAAC;IAChE,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,uCAAuC,OAAO,EAAE,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,WAAmB;IACnD,MAAM,YAAY,GAA2B,EAAE,CAAC;IAEhD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,YAAY,CAAC;IAErD,MAAM,kBAAkB,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAEvC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAe,0BAA0B,CACvC,QAAgC,EAChC,oBAA4C,EAC5C,GAAQ;;QAER,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;gBACpD,IAAI,KAAK,EAAE,CAAC;oBACV,oBAAoB,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;oBACrC,OAAO,CAAC,GAAG,CACT,GAAG,MAAM,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAC5G,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,iCAAiC,OAAO,GAAG,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,OAAO,GAAG,CAAC,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,0CAA0C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,oBAAoB,CAAC;IAC9B,CAAC;CAAA;AAED;;;;;GAKG;AACH,SAAe,iBAAiB,CAAC,OAAe,EAAE,GAAQ;;QACxD,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC;YACtC,IAAI,EAAE,OAAO;YACb,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;QAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAC;IAC1B,CAAC;CAAA;AAED,SAAS,YAAY,CAAC,WAAmB,EAAE,YAAoC;IAC7E,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SAC5C,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QACpB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChF,OAAO,GAAG,GAAG,IAAI,YAAY,EAAE,CAAC;IAClC,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AAC5C,CAAC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "envilder",
-  "version": "0.5.0",
-  "description": "A CLI tool to generate .env files from AWS SSM parameters",
+  "version": "0.5.2",
+  "description": "A CLI that securely centralizes your environment variables from AWS SSM as a single source of truth",
   "exports": {
     ".": {
       "import": "./lib/index.js",
@@ -13,9 +13,10 @@
     "envilder": "lib/cli/cli.js"
   },
   "scripts": {
-    "clean": "npx jest --clearCache && yarn cache clean --force && npx rimraf lib && npx rimraf node_modules && npx rimraf coverage && npx rimraf yarn.lock",
+    "clean": "npx jest --clearCache && yarn cache clean --force && npx rimraf lib && npx rimraf node_modules && npx rimraf coverage",
     "test-run": "yarn build && node lib/cli/cli.js --map=tests/sample/param-map.json --envfile=tests/sample/autogenerated.env",
-    "build": "tsc -p tsconfig.build.json --sourceMap --declaration && node --no-warnings scripts/chmod-cli.js",
+    "build": "tsc -p tsconfig.build.json --sourceMap --declaration",
+    "local-deploy": "yarn build && node --no-warnings scripts/pack-and-install.js",
     "validate-cli": "node --no-warnings --loader ts-node/esm scripts/validate-cli.ts",
     "format": "npx biome format",
     "format:write": "npx biome format --write",
@@ -23,12 +24,28 @@
     "lint:fix": "npx biome lint --fix",
     "test": "vitest run --reporter verbose --coverage",
     "cli-run": "yarn build && node --trace-warnings lib",
-    "npm-publish": "yarn lint && yarn build && yarn publish",
+    "npm-publish": "yarn lint && yarn build && yarn test && npm pack --dry-run && yarn publish",
     "npm-release-patch": "yarn version --new-version patch",
     "npm-release-minor": "yarn version --new-version minor",
     "npm-release-prerelease": "yarn version --new-version prerelease"
   },
-  "keywords": [],
+  "keywords": [
+    "env",
+    "dotenv",
+    "aws",
+    "ssm",
+    "parameter-store",
+    "cli",
+    "environment",
+    "secrets",
+    "automation",
+    "config",
+    "aws-cli",
+    "devops",
+    "ci-cd",
+    "secure",
+    "envfile"
+  ],
   "repository": {
     "type": "git",
     "url": "git://github.com/macalbert/envilder.git"
@@ -41,6 +58,12 @@
   "publishConfig": {
     "access": "public"
   },
+  "files": [
+    "lib/**/*",
+    "README.md",
+    "LICENSE",
+    "ROADMAP.md"
+  ],
   "type": "module",
   "dependencies": {
     "@aws-sdk/client-ssm": "^3.806.0",

package/.gitattributes

@@ -1,67 +0,0 @@
-###############################################################################
-# Set default behavior to automatically normalize line endings.
-###############################################################################
-* text=auto
-
-# Explicitly declare text files you want to always be normalized and converted
-# to native line endings on checkout.
-*.sh text eol=lf
-
-###############################################################################
-# Set default behavior for command prompt diff.
-#
-# This is need for earlier builds of msysgit that does not have it on by
-# default for csharp files.
-# Note: This is only used by command line
-###############################################################################
-#*.cs     diff=csharp
-
-###############################################################################
-# Set the merge driver for project and solution files
-#
-# Merging from the command prompt will add diff markers to the files if there
-# are conflicts (Merging from VS is not affected by the settings below, in VS
-# the diff markers are never inserted). Diff markers may cause the following 
-# file extensions to fail to load in VS. An alternative would be to treat
-# these files as binary and thus will always conflict and require user
-# intervention with every merge. To do so, just uncomment the entries below
-###############################################################################
-#*.sln       merge=binary
-#*.csproj    merge=binary
-#*.vbproj    merge=binary
-#*.vcxproj   merge=binary
-#*.vcproj    merge=binary
-#*.dbproj    merge=binary
-#*.fsproj    merge=binary
-#*.lsproj    merge=binary
-#*.wixproj   merge=binary
-#*.modelproj merge=binary
-#*.sqlproj   merge=binary
-#*.wwaproj   merge=binary
-
-###############################################################################
-# behavior for image files
-#
-# image files are treated as binary by default.
-###############################################################################
-#*.jpg   binary
-#*.png   binary
-#*.gif   binary
-
-###############################################################################
-# diff behavior for common document formats
-# 
-# Convert binary document formats to text before diffing them. This feature
-# is only available from the command line. Turn it on by uncommenting the 
-# entries below.
-###############################################################################
-#*.doc   diff=astextplain
-#*.DOC   diff=astextplain
-#*.docx  diff=astextplain
-#*.DOCX  diff=astextplain
-#*.dot   diff=astextplain
-#*.DOT   diff=astextplain
-#*.pdf   diff=astextplain
-#*.PDF   diff=astextplain
-#*.rtf   diff=astextplain
-#*.RTF   diff=astextplain

package/.gitconfig

@@ -1,2 +0,0 @@
-[core]
-    longpaths = true

package/.github/dependabot.yml

@@ -1,40 +0,0 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
-version: 2
-updates: 
-- package-ecosystem: npm
-  directory: "/"
-  pull-request-branch-name:
-    separator: "/"
-  schedule:
-    interval: monthly
-    day: monday
-    time: "10:00"
-    timezone: Europe/Madrid
-  labels:
-  - "npm"
-  - "dependencies"
-  reviewers:
-  - macalbert
-  assignees:
-  - macalbert
-    
-- package-ecosystem: github-actions
-  directory: "/"
-  pull-request-branch-name:
-      separator: "/"
-  schedule:
-    interval: monthly
-    day: monday
-    time: "10:00"
-    timezone: Europe/Madrid
-  labels:
-  - "github-actions"
-  - "dependencies"
-  reviewers:
-  - macalbert
-  assignees:
-  - macalbert

package/.github/pull_request_template.md

@@ -1,20 +0,0 @@
-# Description
-
-_Describe the problem or feature in addition to a link to the issues._
-
-## Approach
-
-_How does this change address the problem?_
-
-## Open Questions and Pre-Merge TODOs
-
-- [ ] Use github checklists. When solved, check the box and explain the answer.
-
-## Learning
-
-_Describe the research stage_
-_Links to blog posts, patterns, libraries or addons used to solve this problem_
-
-## Blog Posts
-
-- [How to Pull Request](https://github.com/flexyford/pull-request) Github Repo with Learning focused Pull Request Template.