Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@hmcts/properties-volume

Package Overview
Dependencies
Maintainers
16
Versions
15
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@hmcts/properties-volume

Azure key-vault flex volume to express properties integration

  • 1.1.0
  • Source
  • npm
  • Socket score

Version published
Maintainers
16
Created
Source

properties-volume-nodejs

MIT license

This module is to incorporate the integration of the Azure key-vault flex volume to node properties.

Usage

This module adds the properties volume entries into the configuration object from 'config' We use the default mount point of /mnt/ volume, which happens exposes the key vault in chart-nodejs.

We use the last folder of the mount point, secrets, to map the properties into the configuration.

Below is an example:

{
 "secrets": {
   "VAULT": {
     "secretOne": "VALUE",
     "some-secret-two": "VALUE"
   },
   "VAULT2": {
     "secretOne": "VALUE",
     "some-secret-two": "VALUE"
   }
 }
}

NOTE

  • The property names are not sanitised and are an exact copy from the file names on volume. This means when using the hmcts/nodejs helm chart the property naming is exactly the same as those in the key vault.

  • Application property defaults can be added to your application configuration for the config package using the same object structure.

    e.g To add a default for the property secrets.cmc.staff-email we would add the following to the configuration.

    in JSON:

    {
      "secrets": {
        "cmc": {
          "staff-email": "DEFAULT_EMAIL"
        }
      }
    }
    

    or in yaml

    secrets:
       cmc:
         staff-email: DEFAULT_EMAIL
    
    
  • If you have the need to add a test or add multiple property volumes in one application you can override the volume mount point. To do this we can supply a value for the defaulted volume folder in the api i.e addTo( config, {mountPoint:'some/other/folder/secrets'}).

  • The last folder name is used as the prefix for the properties in the configuration e.g. /mnt/secrets the properties start with secrets, /mnt/certs the properties start with certs.

  • If you mount volumes with the same last folder name e.g /mnt/super/secrets and /mnt/silly/secrets the properties will be fully merged together into the configuration object under secrets and the last property volume that is merged in will override any properties with the same name.

Quick start

$ yarn add @hmcts/properties-volume

Typescript

import * as config from 'config'
import * as propertiesVolume from '@hmcts/properties-volume'
propertiesVolume.addTo(config)

Javascript

config = require('@hmcts/properties-volume').addTo(require('config'))

Options

The properties volume can be supplied with a couple of options via a js like options object. e.g.

const config = require('@hmcts/properties-volume').addTo(require('config'),{mountPoint:'some/properties/mount/point'})
OptionDescriptionDefault
mountPointthe folder where the properties volume exists./mnt/secrets/
failOnErrorShould this module throw an exception if mount does not exist or there is an error reading the propertiesfalse

Local access to vaults

You can configure the application to connect directly to the Azure Vaults specified in your application's Helm chart. This is intended to be used locally, and not in production.

This method uses your local Azure AD authentication so you will need to run az login before running your application.

import * as config from 'config'
import { addTo, addFromAzureVault } from '@hmcts/properties-volume'

async function setupConfig() {
  if (process.env.NODE_ENV !== 'production') {
    await addFromAzureVault(config, { pathToHelmChart: 'charts/my-app/values.yaml' });
  } else {
    addTo(config);
  }
}

Note that this method is asynchronous and either needs to be awaited inside an async function or in a project with top level await enabled.

OptionDescriptionDefault
pathToHelmChartpath to the values.yaml file for the Helm chart.N/A
envUsed to calculate the vault nameaat

FAQs

Package last updated on 30 Oct 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc