npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

dotenv-azure

v2.0.0

Published

Load environment variables from Azure's services App Configuration, Key Vault or a .env file

Downloads

847

Readme

dotenv-azure

NPM version Build status codecov js-standard-style LICENSE Conventional Commits

Load environment variables from Azure's services App Configuration, Key Vault or a .env file with an api similar to dotenv.

Why

Maybe you want to securely store secrets in Azure Key Vault, but you also have configurations and feature flags stored in Azure App Configuration and you have to override some of those configurations with a .env file when running your app locally.

Or you have a complex configuration data that you want to centralize it somewhere. Azure recommends the usage of App Config for configuration and Key Vault for secrets. You can read more about it here.

With dotenv-azure you can easily retrieve your app's configurations and secrets from these 3 sources and merge them into process.env.

If you would like to know more about App Configuration and Key Vault, you may want to review What is App Configuration? and What is Azure Key Vault?

Getting started

Install the package

Install with npm

npm install dotenv-azure

or with yarn

yarn add dotenv-azure

Configuring App Configuration

  1. Create an app configuration store via Azure portal or CLI.
  2. Set AZURE_APP_CONFIG_CONNECTION_STRING as environment variable using bash or put them in a .env file:
AZURE_APP_CONFIG_CONNECTION_STRING="generated-app-config-conneciton-string"

Configuring Key Vault

If you want to use Key Vault alongside with App Configuration you have to create a service principal and configure its access to Azure resources. You can follow this guide.

Once you have AZURE_CLIENT_ID(appId), AZURE_CLIENT_SECRET(password) and AZURE_TENANT_ID(tenant) you have to set them as environment variables. You can do this with export in Bash or put them in a .env file:

In production, if you are using Azure Managed Identities, you don't have to set these variables.

AZURE_CLIENT_ID="generated-app-ID"
AZURE_CLIENT_SECRET="random-password"
AZURE_TENANT_ID="tenant-ID"

If you have a configuration in App Configuration with the content type application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8 then dotenv-azure will try to load it from Key Vault.

You can add a Key Vault reference to App Configuration in the Azure portal:

  1. Sign in to the Azure portal. Select All resources, and then select the App Configuration store instance that you created in the quickstart
  2. Select Configuration Explorer
  3. Select + Create > Key vault reference

Now when you call the .config() method, the value of your key vault secret will be set to process.env:

const { DotenvAzure } = require('dotenv-azure')

async function main() {
  await new DotenvAzure().config()
  console.log(process.env.DATABASE_URL) // prints your secret value
}

main()

Using dotenv-azure programmatically

You should call dotenv-azure before the initialization of your app. Since the method .config() returns a promise, you have to call it inside an async function:

const { DotenvAzure } = require('dotenv-azure')

async function main() {
  const dotenvAzure = new DotenvAzure()
  const { parsed } = await dotenvAzure.config()

  // `parsed` is an object containing:
  //   - Your App Config configurations
  //   - Key Vault secrets
  //   - Environment variables defined in a .env file
  //   - and environment variables that weren't overwritten
  console.log(parsed)

  // process.env now has the keys and values from the parsed result
  console.log(process.env)

  // start app
  // ...
}

main()

Preload dotenv-azure

You can use the --require (-r) command line option to preload dotenv-azure. By doing this, you do not need to require and load dotenv-azure in your application code.

node -r dotenv-azure/config your_script.js

To enable safe mode you should require config-safe:

node -r dotenv-azure/config-safe your_script.js

Rules

dotenv-azure uses dotenv under the covers, so the same rules for .env files apply here as well.

When populating process.env dotenv-azure will follow these steps:

  1. Values within the process's environment (i.e. an environment variable exists) takes precedence over everything else.
  2. For values defined in the .env file, and not present in the environemnt, process.env will be populated with those values.
  3. dotenv-azure will search for the required environment variables to access azure's services after loading variables from the .env file.
  4. For values defined within the process's environment, in the .env file or in the Azure App Configuration, where the value is prefixed with kv: what follows is assumed to be the secret identifier of a secret stored in Key Vault, and so dotenv-azure will attempt to populate the value from Key Vault.

Options

You can pass a safe option to validate your variables from a .env.example file like dotenv-safe:

const { DotenvAzure } = require('dotenv-azure')
const dotenvAzure = new DotenvAzure()

async function main() {
  await dotenvAzure.config({
    safe: true,
    allowEmptyValues: true,
    example: './.my-env-example-filename',
  })
}

main()

.config() and .parse() have the same options as dotenv and dotenv-safe

Documentation

You can read the api documentation here.

Inspirations

Contributors

This project follows the all-contributors specification. Contributions of any kind are welcome!