npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@twentyfourg/vault-dotenv

v2.3.2

Published

Create .env from Vault secret

Downloads

1,819

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

briananstettbriananstett24gbot24gbotkylehutchenskylehutchensjakowenkojakowenko

Keywords

Readme

@twentyfourg/vault-dotenv

Create .env file from Vault.

Usage

npm i -g @twentyfourg/vault-dotenv
vault-dotenv /kv/secret/path

Options

  • -o, --override-file [file]: File containing values to override the retreived Vault values.
  • -f, --out-file [file]: Name of the generated env file. Defaults to '.env'.
  • -l, --login: Log into Vault
  • -a, --vault-addr [address]: Address to your Vault server. Defaults to process.env.VAULT_ADDR || http://127.0.0.1:8200
  • -e, --env-file [file]: .env file that should parsed to set enviornment variables for this run.

Overrides

The -o or --override-file flag can be used to specify a file with env formated (key=value) variables that will override any colliding values retrieved from Vault.

# Content from override (.env.override)
foo=bar

# Content from Vault (/kv/1234/dev/secret)
foo=baz
bar=rag

vault-dotenv -o .env.override /kv/1234/dev/secret

# Results in
foo=bar
bar=rag

Environment Variables

Environment variables can used to fullfil some input values when running vault-dotenv. These environment variables can be set outside the purview of vault-dotenv or you can pass a environment variable file which vault-dotenv fill parse and use when creating the .env file. You can configure this with the -e or --env-file flag.

Vault address: VAULT_ADDR Vault Token: VAULT_TOKEN Vault secret path; SECRET_PATH

# Env file to parse (.env.example)
SECRET_PATH=/kv/secret/foo

# Generate env from secret /kv/secret/foo
vault-dotenv -e .env.example

Output File

By default vault-dotenv generates a .env file called .env. You can change this to be any value with the -f or --out-file flag.

vault-dotenv -f .env.fancycat kv/796-11/dev/backend-infrastructure-secrets

ll
.env.fancycat


vault-dotenv -f /tmp/.env.fancycat kv/796-11/dev/backend-infrastructure-secrets
ll /tmp
.env.fancycat

Lambda Extension

You can use the Lambda Extension to inject environment variables from Vault. The extension uses the @twentyfourg/vault-dotenv binaries to generate a .env file in Lambda function's /tmp directory. It then automatically loads those environment variables using a custom Lambda Execution Wrapper Script.

The extension uses the AWS auth method that is implemented in the underlying @twentyfourg/cloud-sdk package.

Environment Variables:

  • SECRET_PATH (Required): Vault secret path.
  • VAULT_ROLE (Required): The VAULT AWS auth method role to use to authenticate.
  • VAULT_ADDR (Required): The endpoint for your Vault server.
  • AWS_LAMBDA_EXEC_WRAPPER (Optional): If you want the extension to automatically load the environment variables located in /tmp/.env. When enabled, the value must be /opt/bin/wrapper.
  • VAULT_ENV_OUTPUT_FILE (Optional): Where the env file should created. Defaults to /tmp/.env
  • VAULT_ENV_EXTENSION_NAME (Optional): The name of the extension. Defaults to vault-dotenv. This value must be equal to name of the extension.
arn:aws:lambda:<region>:033632814797:layer:vault-dotenv:<>

See release page for latest Layer version