
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
gcf-runtime-config
Advanced tools
Environment Variables within Google Cloud Functions through Runtime Config
Supply Chain Security
Vulnerability
Quality
Maintenance
License
gcf-runtime-config
helps you
get environment variables within Google Cloud Functions (GCF) through
Runtime Config
.
$ npm install --save gcf-runtime-config
$ gcloud services enable runtimeconfig.googleapis.com
Create a new config:
$ gcloud beta runtime-config configs create EXAMPLE_ENVIRONMENT
$ gcloud beta runtime-config configs variables \
set PAYPAL_SECRET_KEY "NOTREAL1234!@#$" \
--config-name EXAMPLE_ENVIRONMENT \
--is-text
$ gcloud beta runtime-config configs variables \
set STRIPE_SECRET_KEY "YESREAL1234!@#$" \
--config-name EXAMPLE_ENVIRONMENT \
--is-text
const gcfRuntimeConfig = require('gcf-runtime-config');
exports.testRuntimeConfig = (req, res) => {
gcfRuntimeConfig
.getVariables('EXAMPLE_ENVIRONMENT')
.then(variablesObj => res.send(variablesObj))
.catch(err => res.send(err));
};
The example
directory is a ready-to-deploy sample function that uses
gcf-runtime-config
and extracts a runtime config (environment).
$ gcloud beta functions deploy testExpressApp --trigger-http
$ curl https://<YOUR_PROJECT>.cloudfunctions.net/testRuntimeConfig
{"PAYPAL_SECRET_KEY":"NOTREAL1234!@#$","STRIPE_SECRET_KEY":"YESREAL1234!@#$"}
$ gcloud beta functions delete testExpressApp
Arguments:
EXAMPLE_ENVIRONMENT
.{"PAYPAL_SECRET_KEY":"NOTREAL1234!@#$","STRIPE_SECRET_KEY":"YESREAL1234!@#$"}
[{"name":"STRIPE_SECRET_KEY","updateTime":"2018-05-20T09:53:11.383980095Z","text":"YESREAL1234!@#$"},{"name":"PAYPAL_SECRET_KEY","updateTime":"2018-05-20T09:53:09.683262561Z","text":"NOTREAL1234!@#$"}]
Returns:
A Promise
that depending on objectify
resolves to either an object where its
keys and values are the config's parameters and values or to an array of parameter objects.
We needed a way to inject secret keys to a Google Cloud Function. Storing keys in code base is wrong.
MIT
FAQs
Environment Variables within Google Cloud Functions through Runtime Config
The npm package gcf-runtime-config receives a total of 4 weekly downloads. As such, gcf-runtime-config popularity was classified as not popular.
We found that gcf-runtime-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.