1 | const AWS = require( "aws-sdk" );
|
2 | const prompt = require( "prompt" );
|
3 |
|
4 | const utils = require( "./utils" );
|
5 |
|
6 | function encrypt ( varName, varValue, externalEncrypt ) {
|
7 |
|
8 | function callEncryptMethod ( params, cb, externalEncrypt ) {
|
9 | if ( externalEncrypt ) {
|
10 | externalEncrypt( params, cb);
|
11 | } else {
|
12 | let kms = new AWS.KMS();
|
13 | kms.encrypt( params, cb );
|
14 | }
|
15 | }
|
16 |
|
17 | const params = {
|
18 | "KeyId": utils.getProjectConfig().kmsKeyArn,
|
19 | "Plaintext": varValue
|
20 | };
|
21 |
|
22 | callEncryptMethod( params, function( err, data ) {
|
23 | if ( err ) {
|
24 | console.log( err );
|
25 | } else {
|
26 | utils.addEnvVarToProjectConfig( varName, data.CiphertextBlob.toString( "base64" ) );
|
27 | }
|
28 | }, externalEncrypt);
|
29 |
|
30 | }
|
31 |
|
32 | function commandLineArgsAreValid ( a, b ) {
|
33 | console.log( a, b );
|
34 | return a && b;
|
35 | }
|
36 |
|
37 | function validateAndEnsure ( varName, varValue ) {
|
38 |
|
39 | return new Promise( ( resolve, reject ) => {
|
40 |
|
41 | if ( commandLineArgsAreValid( varName, varValue ) ) {
|
42 |
|
43 | console.log( `You are about to set "${varName}" to an encrypted value of "${varValue}" in the file "${utils.getProjectConfigFilePath()}"`)
|
44 |
|
45 | prompt.start();
|
46 |
|
47 | prompt.get([ { "message": "Are you sure you want to add this? (Y/n)" } ], ( err, results ) => {
|
48 |
|
49 | if ( !err && ( [ "y", "Y" ].indexOf( results.question ) > -1 ) ) {
|
50 | encrypt( varName, varValue );
|
51 | resolve();
|
52 | } else {
|
53 | if ( err ) {
|
54 | console.log( err );
|
55 | }
|
56 | reject( "Encryption rejected" );
|
57 | }
|
58 |
|
59 | });
|
60 |
|
61 | } else {
|
62 | reject( "ERROR: no variable name or variable value param defined. Please use the `--name` and `--value` options to state a var to encrypt" );
|
63 | }
|
64 |
|
65 | });
|
66 |
|
67 | }
|
68 |
|
69 | function init ( varName, varValue ) {
|
70 |
|
71 | utils.authenticate().then( () => {
|
72 | const projectConfig = utils.getProjectConfig();
|
73 | AWS.config.region = projectConfig.region;
|
74 | validateAndEnsure( varName, varValue );
|
75 | });
|
76 |
|
77 | }
|
78 |
|
79 | module.exports = {
|
80 | "encrypt": encrypt,
|
81 | "init": init
|
82 | } |
\ | No newline at end of file |