npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@financial-times/vaultenv

v2.0.0

Published

a script to sync vault variables

Downloads

131

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

robgodfreyrobgodfreyrobertboultonrobertboultonseraph2000seraph2000hamza.samihhamza.samihnotleenotleeemmalewisemmalewisaendraaendrathe-ftthe-ftrowanmanningrowanmanningcheecheealexwilsonalexwilson

Keywords

Readme

vaultenv CircleCI

Load vars from Vault straight into process.env

  1. Get started with Vault
  2. npm i -D @financial-times/vaultenv

FYI: use vaultenv for dev and ip-vault-sync for prod

Two ways of skinning a cat

1. Sync

Sync requires all configuration to be in the environment before the call to Vault is made.

Put this in your "dev script" in your package.json
VAULT_PATH=secret/teams/<your team>/<your thing>/<environment> node --require @financial-times/vaultenv
If you want to physically see your env vars printing out
  • add DEBUG=* at the beginning and
  • -pe 'console.log()' at the end of your "dev script"
Required variables
  • VAULT_ADDR - the address of the vault instance
  • VAULT_AUTH_GITHUB_TOKEN - your github personal token
  • VAULT_PATH - the full path to the secrets in vault (e.g. secret/teams/ateam/murdoch/production)
    • Without VAULT_PATH, the path is made up of npm_package_team, npm_package_name and the environment is derived from CI and NODE_ENV
      • When CI is true, the env will be continuous-integration
      • When NODE_ENV is set, then its value will be used, otherwise it's development
The vars below are for appRole auth and can be used instead of GitHub auth
  • VAULT_AUTH_ROLE_ID - a role id for approle authentication
  • VAULT_AUTH_SECRET_ID - a secret id for approle authentication
Optional variables
  • VAULT_OVERRIDE_EXISTING - can be set in the environment or within the secrets in vault
    • When VAULT_OVERRIDE_EXISTING is true, vault will override the existing environment variables
    • When VAULT_OVERRIDE_EXISTING is false (default), vault will not override the existing environment variables

2. Async

This can be used during start up or while an app is running
const vault = require('@financial-times/vaultenv/async');
const start = async () => {
  const vars = await vault('https://vault.instance', 'github token', '/path/to/secrets');
  console.log(`env loaded: ${vars}`);
};
start();

Development

vaultenv is an npm package, which is published whenever a tagged commit is created.

The easiest way to do this is to create a PR, make your changes and once approved:

  • Merge the PR to the main branch.
  • Draft a new release in GitHub.
  • Click choose a tag then create a new tag, for example:
    • v1.0.3
  • Give your release a title and description of the changes.
  • Click publish release.

This will automatically trigger a publish in CircleCI, which will use the version of your release as the package version in NPM.