Socket
Socket
Sign inDemoInstall

@socialgouv/sre-secrets

Package Overview
Dependencies
60
Maintainers
2
Versions
53
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @socialgouv/sre-secrets

Generate sealed secrets files for k8s deployment.

Version published
Weekly downloads
7
decreased by-73.08%
Maintainers
2
Install size
4.29 MB
Created
Weekly downloads
 

Readme

Source

@socialgouv/sre-secrets

Generate sealed secrets files for k8s deployment.

Usage

Install
yarn global add @socialgouv/sre-secrets

This package can also be installed locally.

:warning: It requires kubeseal CLI installed on your system to work.

Cli
Usage: sre-secrets [options]

Options:
  -h, --help     Show help                       [boolean]
  -f, --from     File containing secrets         [string]  [default: "./.secrets.yaml"]
  -t, --to       Folder to store sealed secrets  [string]  [default: "./.k8s"]
  -v, --version  Show version number             [boolean]
Examples

Ran at project level it produces all required sealed secrets files for k8s deployment.

sre-secrets --from=./.secrets.yaml --to=./.k8s

Assuming the existence of a .secrets.yaml file as follows:

namespace: "carnets"
services:
  - name: "app"
    environments:
      dev:
        secrets:
          SERVICE_TOKEN: "V16gKZBHjh8z7aO2IeFxTqvS5JFCmxHIgyuqQ"
          USER_PASSWORD: "ObkWO7BUkmDFAl3v_XP-nNEYADymg2FeO5168-nj9BdreHTyp7NSrnmumBFNbY1dg6m-irxrEHxw"
      preprod:
        secrets:
          SERVICE_TOKEN: "V16gKZBHjh8z7aO2IeFxTqvS5JFCmxHIgyuqQ"
          USER_PASSWORD: "ObkWO7BUkmDFAl3v_XP-nNEYADymg2FeO5168-nj9BdreHTyp7NSrnmumBFNbY1dg6m-irxrEHxw"
      prod:
        secrets:
          SERVICE_TOKEN: "V16gKZBHjh8z7aO2IeFxTqvS5JFCmxHIgyuqQ"
          USER_PASSWORD: "ObkWO7BUkmDFAl3v_XP-nNEYADymg2FeO5168-nj9BdreHTyp7NSrnmumBFNbY1dg6m-irxrEHxw"

  - name: "hasura"
    environments:
      dev:
        secrets:
          HASURA_GRAPHQL_ADMIN_SECRET: "hasurapassword"
      preprod:
        secrets:
          HASURA_GRAPHQL_ADMIN_SECRET: "hasurapassword"
      prod:
        secrets:
          HASURA_GRAPHQL_ADMIN_SECRET: "hasurapassword"
          HASURA_GRAPHQL_DATABASE_URL: "postgresql://user%40my_server..."

  - name: "pg"
    environments:
      dev:
        secretsName: "azure-pg-admin-user" # overwrite default sealed secrets name
        secrets:
          DATABASE_URL: "postgresql://user%40my_server..."
          PGHOST: "my_server..."
          PGPASSWORD: "my_password..."
          PGSSLMODE: "require"
          PGUSER: "my_user..."
      preprod:
        fileName: "pg-user" # overwrite default sealed secrets file name
        secretsName: "azure-pg-user"
        secrets:
          DATABASE_URL: "postgresql://user%40my_server..."
          PGHOST: "my_server..."
          PGPASSWORD: "my_password..."
          PGSSLMODE: "require"
          PGUSER: "my_user..."
      prod:
        fileName: "pg-user"
        secretsName: "azure-pg-user"
        secrets:
          DATABASE_URL: "postgresql://user%40my_server..."
          PGHOST: "my_server..."
          PGPASSWORD: "my_password..."
          PGSSLMODE: "require"
          PGUSER: "my_user..."

Developement

Run
yarn start
Build
yarn build
Test
yarn test

With coverage:

yarn test-coverage

FAQs

Last updated on 24 Oct 2022

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Enhanced Alert Actions and Triage Functionality

Product

Introducing Enhanced Alert Actions and Triage Functionality

Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.

By Philipp Burckhardt, Alex Morais  -  Jun 27, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc