1 | #!/usr/bin/env node
|
2 |
|
3 | import * as yargs from 'yargs'
|
4 | import { dimGrey } from '../colors'
|
5 | import { runScript } from '../script'
|
6 | import { EncryptCLIOptions, secretsEncrypt } from '../secret/secrets-encrypt.util'
|
7 |
|
8 | runScript(() => {
|
9 | const { pattern, encKey, algorithm, del } = getEncryptCLIOptions()
|
10 |
|
11 | secretsEncrypt(pattern, encKey, algorithm, del)
|
12 | })
|
13 |
|
14 | function getEncryptCLIOptions(): EncryptCLIOptions {
|
15 | require('dotenv').config()
|
16 |
|
17 | let { pattern, encKey, encKeyVar, algorithm, del } = yargs.options({
|
18 | pattern: {
|
19 | type: 'string',
|
20 | array: true,
|
21 | desc: 'Globby pattern for secrets. Can be many.',
|
22 |
|
23 | default: './secret/**',
|
24 | },
|
25 | encKey: {
|
26 | type: 'string',
|
27 | desc: 'Encryption key',
|
28 |
|
29 |
|
30 | },
|
31 | encKeyVar: {
|
32 | type: 'string',
|
33 | desc: 'Env variable name to get `encKey` from.',
|
34 | default: 'SECRET_ENCRYPTION_KEY',
|
35 | },
|
36 | algorithm: {
|
37 | type: 'string',
|
38 | default: 'aes-256-cbc',
|
39 | },
|
40 | del: {
|
41 | type: 'boolean',
|
42 | desc: 'Delete source files after encryption/decryption. Be careful!',
|
43 | },
|
44 | }).argv
|
45 |
|
46 | if (!encKey) {
|
47 | encKey = process.env[encKeyVar]
|
48 |
|
49 | if (encKey) {
|
50 | console.log(`using encKey from process.env.${dimGrey(encKeyVar)}`)
|
51 | } else {
|
52 | throw new Error(
|
53 | `encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
|
54 | )
|
55 | }
|
56 | }
|
57 |
|
58 |
|
59 | return { pattern: pattern as any, encKey, algorithm, del }
|
60 | }
|