1 | import { StringMap } from '@naturalcycles/js-lib';
|
2 | /**
|
3 | * Loads plaintext secrets from process.env, removes them, stores locally.
|
4 | * Make sure to call this function early on server startup, so secrets are removed from process.env
|
5 | *
|
6 | * Does NOT delete previous secrets from secretMap.
|
7 | */
|
8 | export declare function loadSecretsFromEnv(): void;
|
9 | /**
|
10 | * Removes process.env.SECRET_*
|
11 | */
|
12 | export declare function removeSecretsFromEnv(): void;
|
13 | /**
|
14 | * Does NOT delete previous secrets from secretMap.
|
15 | *
|
16 | * If SECRET_ENCRYPTION_KEY argument is passed - will decrypt the contents of the file first, before parsing it as JSON.
|
17 | *
|
18 | * Whole file is encrypted.
|
19 | * For "json-values encrypted" style - use `loadSecretsFromEncryptedJsonFileValues`
|
20 | */
|
21 | export declare function loadSecretsFromEncryptedJsonFile(filePath: string, secretEncryptionKey?: string): void;
|
22 | /**
|
23 | * Whole file is NOT encrypted, but instead individual json values ARE encrypted..
|
24 | * For whole-file encryption - use `loadSecretsFromEncryptedJsonFile`
|
25 | */
|
26 | export declare function loadSecretsFromEncryptedJsonFileValues(filePath: string, secretEncryptionKey?: string): void;
|
27 | /**
|
28 | * json secrets are always base64'd
|
29 | */
|
30 | export declare function secret<T = string>(k: string, json?: boolean): T;
|
31 | export declare function secretOptional<T = string>(k: string, json?: boolean): T | undefined;
|
32 | export declare function getSecretMap(): StringMap;
|
33 | /**
|
34 | * REPLACES secretMap with new map.
|
35 | */
|
36 | export declare function setSecretMap(map: StringMap): void;
|