vault-env
v5.0.0-beta.2
Published
Put your vault secrets in your process.env
Downloads
3,684
Readme
vault-env-js
Put your vault secrets in your process.env
Install the package
npm install --save vault-env
Write a Secretfile
in your app directory
DATABASE_URL secrets/databases/main:url
Require vault-env
and the environment variables are loaded
require("vault-env");
console.log(process.env.DATABASE_URL);
// => 'postgres://...'
Provide your app with VAULT_ADDR
and VAULT_TOKEN
environment variables when
you run it.
VAULT_ADDR=https://localhost:8200 VAULT_TOKEN=12345 node ./app.js
Require vault-env/rotate
and vault-env will request new leases before your
secrets expire, keeping your environment variables up to date forever.
require("vault-env/rotate");
// check the database url
console.log(process.env.DATABASE_URL);
// => 'postgres://username:password@host/db'
// check again in six weeks
setTimeout(function () {
console.log(process.env.DATABASE_URL);
// => 'postgres://user:newpassword@host/db'
}, 1000 * 60 * 60 * 24 * 7 * 6);
Watch for secret changes
var vaultEnv = require("vault-env/rotate");
vaultEnv.on("DATABASE_URL", function (newDB, oldDB) {
console.log("DATABASE_URL has changed to " + newDB + " from " + oldDB);
});
Require vault-env/local
and vault-env will not set your environment
your variables will only be exported by the module as regular variables
var secret = require("vault-env/local");
console.log(secret.DATABASE_URL);
// => 'postgres://...'