UNPKG

@naturalcycles/nodejs-lib/src/bin/secrets-decrypt.ts

Version:

1.83 kBPlain TextView Raw

1#!/usr/bin/env node
2
3import * as yargs from 'yargs'
4import { dimGrey } from '../colors'
5import { runScript } from '../script'
6import { DecryptCLIOptions, secretsDecrypt } from '../secret/secrets-decrypt.util'
7
8runScript(() => {
const { dir, file, encKey, del, jsonMode } = getDecryptCLIOptions()
10
secretsDecrypt(dir, file, encKey, del, jsonMode)
12})
13
14function getDecryptCLIOptions(): DecryptCLIOptions {
require('dotenv').config()
16
let { dir, file, encKey, encKeyVar, del, jsonMode } = yargs.options({
  dir: {
    type: 'array',
    desc: 'Directory with secrets. Can be many',
    // demandOption: true,
    default: './secret',
  },
  file: {
    type: 'string',
    desc: 'Single file to decrypt. Useful in jsonMode',
  },
  encKey: {
    type: 'string',
    desc: 'Encryption key',
    // demandOption: true,
    // default: process.env.SECRET_ENCRYPTION_KEY!,
  },
  encKeyVar: {
    type: 'string',
    desc: 'Env variable name to get `encKey` from.',
    default: 'SECRET_ENCRYPTION_KEY',
  },
  // algorithm: {
  //   type: 'string',
  //   default: 'aes-256-cbc',
  // },
  del: {
    type: 'boolean',
    desc: 'Delete source files after encryption/decryption. Be careful!',
  },
  jsonMode: {
    type: 'boolean',
    desc: 'JSON mode. Encrypts only json values, not the whole file',
    default: false,
  },
}).argv
53
if (!encKey) {
  encKey = process.env[encKeyVar]
56
  if (encKey) {
    console.log(`using encKey from env.${dimGrey(encKeyVar)}`)
  } else {
    throw new Error(
      `encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
    )
  }
}
65
// `as any` because @types/yargs can't handle string[] type properly
return { dir: dir as any, file, encKey, del, jsonMode }
68}

1	`#!/usr/bin/env node`
2
3	`import * as yargs from 'yargs'`
4	`import { dimGrey } from '../colors'`
5	`import { runScript } from '../script'`
6	`import { DecryptCLIOptions, secretsDecrypt } from '../secret/secrets-decrypt.util'`
7
8	`runScript(() => {`
9	`const { dir, file, encKey, del, jsonMode } = getDecryptCLIOptions()`
10
11	`secretsDecrypt(dir, file, encKey, del, jsonMode)`
12	`})`
13
14	`function getDecryptCLIOptions(): DecryptCLIOptions {`
15	`require('dotenv').config()`
16
17	`let { dir, file, encKey, encKeyVar, del, jsonMode } = yargs.options({`
18	`dir: {`
19	`type: 'array',`
20	`desc: 'Directory with secrets. Can be many',`
21	`// demandOption: true,`
22	`default: './secret',`
23	`},`
24	`file: {`
25	`type: 'string',`
26	`desc: 'Single file to decrypt. Useful in jsonMode',`
27	`},`
28	`encKey: {`
29	`type: 'string',`
30	`desc: 'Encryption key',`
31	`// demandOption: true,`
32	`// default: process.env.SECRET_ENCRYPTION_KEY!,`
33	`},`
34	`encKeyVar: {`
35	`type: 'string',`
36	desc: 'Env variable name to get `encKey` from.',
37	`default: 'SECRET_ENCRYPTION_KEY',`
38	`},`
39	`// algorithm: {`
40	`// type: 'string',`
41	`// default: 'aes-256-cbc',`
42	`// },`
43	`del: {`
44	`type: 'boolean',`
45	`desc: 'Delete source files after encryption/decryption. Be careful!',`
46	`},`
47	`jsonMode: {`
48	`type: 'boolean',`
49	`desc: 'JSON mode. Encrypts only json values, not the whole file',`
50	`default: false,`
51	`},`
52	`}).argv`
53
54	`if (!encKey) {`
55	`encKey = process.env[encKeyVar]`
56
57	`if (encKey) {`
58	console.log(`using encKey from env.${dimGrey(encKeyVar)}`)
59	`} else {`
60	`throw new Error(`
61	`encKey is required. Can be provided as --encKey or env.SECRET_ENCRYPTION_KEY (see readme.md)`,
62	`)`
63	`}`
64	`}`
65
66	// `as any` because @types/yargs can't handle string[] type properly
67	`return { dir: dir as any, file, encKey, del, jsonMode }`
68	`}`