npm - presidium - Versions diffs - 0.18.7 → 0.19.0 - Mend

presidium 0.18.7 → 0.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/SecretsManager.js CHANGED Viewed

@@ -1,58 +1,93 @@
-/*
-// Use this code snippet in your app.
-// If you need more information about configurations or implementing the sample code, visit the AWS docs:
-// https://aws.amazon.com/developers/getting-started/nodejs/
+require('rubico/global')
+const AWSSecretsManager = require('aws-sdk/clients/secretsmanager')
-// Load the AWS SDK
-var AWS = require('aws-sdk'),
-    region = "us-west-1",
-    secretName = "production/PAYPAL_CLIENT_ID",
-    secret,
-    decodedBinarySecret;
+/**
+ * @name SecretsManager
+ *
+ * @synopsis
+ * ```coffeescript [specscript]
+ * new SecretsManager(options {
+ *   accessKeyId: string,
+ *   secretAccessKey: string,
+ *   region: string,
+ * }|{
+ *   endpoint: string,
+ *   region: string,
+ * }) -> secretsManager Object
+ * ```
+ */
+const SecretsManager = function (options) {
+  this.awsSecretsManager = new AWSSecretsManager({
+    apiVersion: '2017-10-17',
+    ...pick([
+      'accessKeyId',
+      'secretAccessKey',
+      'region',
+      'endpoint',
+    ])(options),
+  })
+}
-// Create a Secrets Manager client
-var client = new AWS.SecretsManager({
-    region: region
-});
+/**
+ * @name SecretsManager.prototype.createSecret
+ *
+ * @synopsis
+ * ```coffeescript [specscript]
+ * new SecretsManager(...).createSecret(
+ *   name string,
+ *   secretString string,
+ * ) -> result Promise<{
+ *   ARN: string,
+ *   Name: string,
+ *   VersionId: string,
+ * }>
+ * ```
+ */
+SecretsManager.prototype.createSecret = function (name, secretString) {
+  return this.awsSecretsManager.createSecret({
+    Name: name,
+    SecretString: secretString,
+  }).promise()
+}
-// In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
-// See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
-// We rethrow the exception by default.
+/**
+ * @name SecretsManager.prototype.getSecretValue
+ *
+ * @synopsis
+ * ```coffeescript [specscript]
+ * new SecretsManager(...).getSecretValue(name string) -> result Promise<{
+ *   ARN: string,
+ *   CreatedDate: Date,
+ *   Name: string,
+ *   SecretString: string,
+ *   VersionId: string,
+ *   VersionStages: Array<string>,
+ * }>
+ * ```
+ */
+SecretsManager.prototype.getSecretValue = function (name) {
+  return this.awsSecretsManager.getSecretValue({
+    SecretId: name,
+  }).promise()
+}
-client.getSecretValue({SecretId: secretName}, function(err, data) {
-    if (err) {
-        if (err.code === 'DecryptionFailureException')
-            // Secrets Manager can't decrypt the protected secret text using the provided KMS key.
-            // Deal with the exception here, and/or rethrow at your discretion.
-            throw err;
-        else if (err.code === 'InternalServiceErrorException')
-            // An error occurred on the server side.
-            // Deal with the exception here, and/or rethrow at your discretion.
-            throw err;
-        else if (err.code === 'InvalidParameterException')
-            // You provided an invalid value for a parameter.
-            // Deal with the exception here, and/or rethrow at your discretion.
-            throw err;
-        else if (err.code === 'InvalidRequestException')
-            // You provided a parameter value that is not valid for the current state of the resource.
-            // Deal with the exception here, and/or rethrow at your discretion.
-            throw err;
-        else if (err.code === 'ResourceNotFoundException')
-            // We can't find the resource that you asked for.
-            // Deal with the exception here, and/or rethrow at your discretion.
-            throw err;
-    }
-    else {
-        // Decrypts secret using the associated KMS key.
-        // Depending on whether the secret is a string or binary, one of these fields will be populated.
-        if ('SecretString' in data) {
-            secret = data.SecretString;
-        } else {
-            let buff = new Buffer(data.SecretBinary, 'base64');
-            decodedBinarySecret = buff.toString('ascii');
-        }
-    }
+/**
+ * @name SecretsManager.prototype.deleteSecret
+ *
+ * @synopsis
+ * ```coffeescript [specscript]
+ * new SecretsManager(...).deleteSecret(name string) -> result Promise<{
+ *   ARN: string,
+ *   DeletionDate: Date,
+ *   Name: string,
+ * }>
+ * ```
+ */
+SecretsManager.prototype.deleteSecret = function (name) {
+  return this.awsSecretsManager.deleteSecret({
+    SecretId: name,
+    ForceDeleteWithoutRecovery: true,
+  }).promise()
+}
-    // Your code goes here.
-});
-*/
+module.exports = SecretsManager

package/SecretsManager.test.js ADDED Viewed

@@ -0,0 +1,67 @@
+const Test = require('thunk-test')
+const assert = require('assert')
+const AwsCredentials = require('./internal/AwsCredentials')
+const SecretsManager = require('./SecretsManager')
+const test = new Test('SecretsManager', async function () {
+  const awsCreds = await AwsCredentials('default').catch(error => {
+    if (error.code == 'ENOENT') {
+      const accessKeyId = process.env.AWS_ACCESS_KEY_ID
+      const secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY
+      if (accessKeyId == null || secretAccessKey == null) {
+        throw new Error('No AWS credential file or environment variables')
+      }
+      return { accessKeyId, secretAccessKey }
+    }
+    throw error
+  })
+  awsCreds.region = 'us-west-1'
+  const secretsManager = new SecretsManager({ ...awsCreds })
+  const mySecret = {
+    name: `test-secret-${Math.trunc(Math.random() * 1e6)}`,
+    value: 'helloworld',
+  }
+  let didRerunTooSoon = false
+  try {
+    const result = await secretsManager.createSecret(mySecret.name, mySecret.value)
+    assert.equal(result.Name, mySecret.name)
+  } catch (error) {
+    if (error.message.includes('scheduled for deletion')) {
+      didRerunTooSoon = true
+    } else {
+      throw error
+    }
+  }
+  try {
+    const result = await secretsManager.getSecretValue(mySecret.name)
+    assert.equal(result.Name, mySecret.name)
+    assert.equal(result.SecretString, mySecret.value)
+  } catch (error) {
+    if (error.message.includes('marked for deletion')) {
+      didRerunTooSoon = true
+    } else {
+      throw error
+    }
+  }
+  {
+    const result = await secretsManager.deleteSecret(mySecret.name, mySecret.value)
+    assert.equal(result.Name, mySecret.name)
+  }
+  if (didRerunTooSoon) {
+    throw new Error('Reran test too soon, please try in a few seconds')
+  }
+}).case()
+if (process.argv[1] == __filename) {
+  test()
+}
+module.exports = test

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "presidium",
-  "version": "0.18.7",
+  "version": "0.19.0",
   "description": "A library for creating web services",
   "author": "Richard Tong",
   "license": "MIT",