Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@sodefa/gitenvs

Package Overview
Dependencies
Maintainers
2
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sodefa/gitenvs

Save your environment variables in git - encrypted!

  • 1.1.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
12
decreased by-52%
Maintainers
2
Weekly downloads
 
Created
Source

Git Envs

Save encrypted environment variables directly in git.

Setup

  • Create a ts file in your root folder (we suggest createEnvFiles.ts)
  • Copy the following template into the file:
import { GenerateEnvFilesFunction, Keys, main } from '@sodefa/gitenvs'

type Stage = 'production' | 'staging' | 'development'

const generateEnvFiles: GenerateEnvFilesFunction<Stage> = ({
  resolveSecret,
}) => {
  return [
    {
      envFilePath: 'path/to/your/app/.env.local',
      envVars: [
        {
          key: 'ENV_NAME',
          values: {
            default: 'EMPTY',
            production: resolveSecret(''),
            staging: resolveSecret(''),
            development: resolveSecret(''),
          },
        },
      ],
    },
  ]
}

const keys: Keys<Stage> = {
  production: {
    publicKey: '',
    encryptedPrivateKey: '',
  },
  staging: {
    publicKey: '',
    encryptedPrivateKey: '',
  },
  development: {
    publicKey: '',
    encryptedPrivateKey: '',
  },
}

main({
  generateEnvFiles,
  keys,
})
  • Setup the stages as you need them
    • development is the default stage that is used if you do not specify any stage
  • Create new public / private keys for every stage you defined by running npx ts-node createEnvFiles.ts createKeys (or how you called your file)
    • Copy the object with publicKey & encryptedPrivateKey and paste them into the keys object in your createEnvFiles.ts file
    • !WARNING! Do not copy & paste the passphrase into createEnvFiles.ts. It is a secret! Save it into your password manager.
  • Add the following command to your package.json:
    • "env:create": "npx ts-node createEnvFiles.ts createEnvFiles"
    • "env:ui": "npx nodemon createEnvFiles.ts ui"
    • "prepare": "yarn env:create" (This is so that the .env files will be created after node_modules were installed)
  • Add *.passphrase to your .gitignore

Adding new environment variables

  • Start the UI by running yarn env:ui and go to http://localhost:1337
  • Define environment variables in your createEnvFiles.ts file
    • The default value will be used if no value for the current stage is provided
    • If you want to use an encrypted enviroment variable go to the UI and enter the plaintext under Encryption
    • Copy the encrypted secret and paste it into the resolveSecret function. Example: resolveSecret('jk3Z35gkHKQtWlLWl4HXdhEJQAJdyIHTzQ4nH/uq84+SdD2ty2Q6qEECfjbAr79U65slD+8BxmFbSMwkAFdXtpkJpw+vHzwi+uVbMIDuq/yHW39XQ9Tv+5qGO3xIZnnE1HrkIOYNFc5O+YLb5dsBTasBwbMrVEBSUL1jA7NdL1IHo9lidrMPFfPxTdyB6COfuhu+UBq1MSXvjVabXXYuU2LXCBVeGhfRRVqs9lxPzb0ilplldsxns3nWRc3g2C5mOc3P2Ki9PjPEmaSvAi/CDgtrXuhMQ4yjeTTLmsZ9iDzyC9RR6apoJBj0NMkFxrnoJg/gG9Jyrgofbi2vfgmchFTPNB41KggNFEMGf428oihXW/k0o9tZWkyiCkXyysjHNJ/hz5g10tEBII1DTifWSe4H2LAfvAliOz8EzTMopXnra5LjlP1exDiTBTwg1GQj6VJ0tcYGnDLkGbkHVXZSZxQwgHWyUKcipb3J2O+21qMWcsRPGo4mzH0X6ORKnD+v4oGI34YDvcedMuQEfs2pmmX+EYwQx3TRgNk6Uy3ZAU84nM2z3IFeLBjhra5/mIH68y/MFMN/Kle6lEa28RR3bz2ToMDrDfvEyIQV+T2X0h8YiUDhol6UWA6OPGY8p2xS8Inz/byQCjbPO0z9hk1Vq9nzMkaupAy/KzZcorwtSPc=')

Decrypting environment variables locally

  • This is for debugging purposes only
  • Copy the passphrases you got from the createKeys command and paste them into the textarea under Decryption
  • All secrets will be revealed

Setting up local dev environment

  • You want to give all your developers the development passphrase so that they can work
  • You can send them a file called development.passphrase which just contains the passphrase
  • They should place it under the root folder and the local .env files will be created if they run env:create / yarn install

Setting up servers

  • On servers you want to provide the passphrase through environment variables. You have to provide two env vars:
  • GITENV_STAGE defines which stage should be used
  • GITENV_PRIVATE_KEY_PASSPHRASE_${stageName} contains the passpharse. Replace ${stageName} with the stage name you used in GITENV_STAGE

Keywords

FAQs

Package last updated on 07 Jun 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc