1 | #!/usr/bin/env node
|
2 |
|
3 | import * as yargs from 'yargs'
|
4 | import { dimGrey } from '../colors'
|
5 | import { runScript } from '../script'
|
6 | import { DecryptCLIOptions, secretsDecrypt } from '../secret/secrets-decrypt.util'
|
7 |
|
8 | runScript(() => {
|
9 | const { dir, encKey, algorithm, del } = getDecryptCLIOptions()
|
10 |
|
11 | secretsDecrypt(dir, encKey, algorithm, del)
|
12 | })
|
13 |
|
14 | function getDecryptCLIOptions(): DecryptCLIOptions {
|
15 | require('dotenv').config()
|
16 |
|
17 | let { dir, encKey, encKeyVar, algorithm, del } = yargs.options({
|
18 | dir: {
|
19 | type: 'array',
|
20 | desc: 'Directory with secrets. Can be many',
|
21 |
|
22 | default: './secret',
|
23 | },
|
24 | encKey: {
|
25 | type: 'string',
|
26 | desc: 'Encryption key',
|
27 |
|
28 |
|
29 | },
|
30 | encKeyVar: {
|
31 | type: 'string',
|
32 | desc: 'Env variable name to get `encKey` from.',
|
33 | default: 'SECRET_ENCRYPTION_KEY',
|
34 | },
|
35 | algorithm: {
|
36 | type: 'string',
|
37 | default: 'aes-256-cbc',
|
38 | },
|
39 | del: {
|
40 | type: 'boolean',
|
41 | desc: 'Delete source files after encryption/decryption. Be careful!',
|
42 | },
|
43 | }).argv
|
44 |
|
45 | if (!encKey) {
|
46 | encKey = process.env[encKeyVar]
|
47 |
|
48 | if (encKey) {
|
49 | console.log(`using encKey from env.${dimGrey(encKeyVar)}`)
|
50 | } else {
|
51 | throw new Error(
|
52 | `encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
|
53 | )
|
54 | }
|
55 | }
|
56 |
|
57 |
|
58 | return { dir: dir as any, encKey, algorithm, del }
|
59 | }
|