@mikestaub/simple-secrets

2.0.1 • Public • Published

simple-secrets

Overview

This is a small, opinionated library for managing app secrets. The developer now must only manage a single, master key to access all sensitive data for the project.

For small to medium sized projects and teams, this approach should be sufficient. For a more robust / complex solution, something like HashiCorp Vault or AWS Secrets Manager should be used.

Usage

Storing secrets

  1. create a file called 'secrets.js' and have it export an object containing sensitive data in the following format:
module.exports = {
  API_KEY: {
    staging: "123",
    production: "345"
  }
}
  1. add the 'secrets.js' file to the project's .gitignore as to not accidentally commit it
  2. add the following script to the package.json:
"scripts": {
  "encrypt": "simple-secrets encrypt",
  "decrypt": "simple-secrets decrypt",
}
  1. run
export ENCRYPTION_KEY=some-secret-string
npm run encrypt

Using secrets

  1. There must exist a file called 'secrets.js.encrypted' in the current working directory
  2. run
export ENCRYPTION_KEY=some-secret-string
npm run decrypt

It is assumed there exists a 'secrets.js.encrypted' file in the current working directory that can be or decrypted with the key specified by the 'ENCRYPTION_KEY' environment variable.

Other commands

To print the secrets to stdout, use:

simple-secrets print

To inject the secrets into process.env use:

simple-secrets export

Note

This approach assumes that the master encyption key is kept secret and safe. If it is ever made public, assume all credentials in secrets.js are compromised.

Readme

Keywords

Package Sidebar

Install

npm i @mikestaub/simple-secrets

Weekly Downloads

0

Version

2.0.1

License

MIT

Unpacked Size

4.49 kB

Total Files

4

Last publish

Collaborators

  • mikestaub