UNPKG

@naturalcycles/nodejs-lib/src/bin/secrets-encrypt.ts

Version:

1.92 kBPlain TextView Raw

1#!/usr/bin/env node
2
3import * as yargs from 'yargs'
4import { dimGrey } from '../colors'
5import { runScript } from '../script'
6import { EncryptCLIOptions, secretsEncrypt } from '../secret/secrets-encrypt.util'
7
8runScript(() => {
const { pattern, file, encKey, del, jsonMode } = getEncryptCLIOptions()
10
secretsEncrypt(pattern, file, encKey, del, jsonMode)
12})
13
14function getEncryptCLIOptions(): EncryptCLIOptions {
require('dotenv').config()
16
let { pattern, file, encKey, encKeyVar, del, jsonMode } = yargs.options({
  pattern: {
    type: 'string',
    array: true,
    desc: 'Globby pattern for secrets. Can be many.',
    // demandOption: true,
    default: './secret/**',
  },
  file: {
    type: 'string',
    desc: 'Single file to decrypt. Useful in jsonMode',
  },
  encKey: {
    type: 'string',
    desc: 'Encryption key',
    // demandOption: true,
    // default: process.env.SECRET_ENCRYPTION_KEY!,
  },
  encKeyVar: {
    type: 'string',
    desc: 'Env variable name to get `encKey` from.',
    default: 'SECRET_ENCRYPTION_KEY',
  },
  // algorithm: {
  //   type: 'string',
  //   default: 'aes-256-cbc',
  // },
  del: {
    type: 'boolean',
    desc: 'Delete source files after encryption/decryption. Be careful!',
    default: false,
  },
  jsonMode: {
    type: 'boolean',
    desc: 'JSON mode. Encrypts only json values, not the whole file',
    default: false,
  },
}).argv
55
if (!encKey) {
  encKey = process.env[encKeyVar]
58
  if (encKey) {
    console.log(`using encKey from process.env.${dimGrey(encKeyVar)}`)
  } else {
    throw new Error(
      `encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
    )
  }
}
67
// `as any` because @types/yargs can't handle string[] type properly
return { pattern: pattern as any, file, encKey, del, jsonMode }
70}

1	`#!/usr/bin/env node`
2
3	`import * as yargs from 'yargs'`
4	`import { dimGrey } from '../colors'`
5	`import { runScript } from '../script'`
6	`import { EncryptCLIOptions, secretsEncrypt } from '../secret/secrets-encrypt.util'`
7
8	`runScript(() => {`
9	`const { pattern, file, encKey, del, jsonMode } = getEncryptCLIOptions()`
10
11	`secretsEncrypt(pattern, file, encKey, del, jsonMode)`
12	`})`
13
14	`function getEncryptCLIOptions(): EncryptCLIOptions {`
15	`require('dotenv').config()`
16
17	`let { pattern, file, encKey, encKeyVar, del, jsonMode } = yargs.options({`
18	`pattern: {`
19	`type: 'string',`
20	`array: true,`
21	`desc: 'Globby pattern for secrets. Can be many.',`
22	`// demandOption: true,`
23	`default: './secret/**',`
24	`},`
25	`file: {`
26	`type: 'string',`
27	`desc: 'Single file to decrypt. Useful in jsonMode',`
28	`},`
29	`encKey: {`
30	`type: 'string',`
31	`desc: 'Encryption key',`
32	`// demandOption: true,`
33	`// default: process.env.SECRET_ENCRYPTION_KEY!,`
34	`},`
35	`encKeyVar: {`
36	`type: 'string',`
37	desc: 'Env variable name to get `encKey` from.',
38	`default: 'SECRET_ENCRYPTION_KEY',`
39	`},`
40	`// algorithm: {`
41	`// type: 'string',`
42	`// default: 'aes-256-cbc',`
43	`// },`
44	`del: {`
45	`type: 'boolean',`
46	`desc: 'Delete source files after encryption/decryption. Be careful!',`
47	`default: false,`
48	`},`
49	`jsonMode: {`
50	`type: 'boolean',`
51	`desc: 'JSON mode. Encrypts only json values, not the whole file',`
52	`default: false,`
53	`},`
54	`}).argv`
55
56	`if (!encKey) {`
57	`encKey = process.env[encKeyVar]`
58
59	`if (encKey) {`
60	console.log(`using encKey from process.env.${dimGrey(encKeyVar)}`)
61	`} else {`
62	`throw new Error(`
63	`encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
64	`)`
65	`}`
66	`}`
67
68	// `as any` because @types/yargs can't handle string[] type properly
69	`return { pattern: pattern as any, file, encKey, del, jsonMode }`
70	`}`