lockbox-env
README.md
lockbox-env
Yandex Cloud Lockbox service one line config library
With this library you can load all Lockbox secrets directly to environment variables in runtime
Use
You need invoke
function from main project endpointconfig
require('lockbox-env').config({ secrets: '', // string or array of string secret id for load, also can be specify by env variable (see below) saKeyFile: 'sa.json', // optional, service account json key file path, also can be specify by env variable (see below) iamToken: 'f1-T2dl94mf8sy5j...', // optional, iam auth token, also can be specify by env variable (see below) envPrefix: 'LOCKBOX', // optional, prefix for environment variables that loaded from secrets oneTimeRead: true, // optional, enable getter that clean variable from `process.env` after first read logger: pino(), // optional, override default library logger iamEndpoint, // optional, override Yandex Cloud IAM api endpoint lockboxEndpoint, // optional, override Yandex Cloud Lockbox api endpoint folderId: '', // optional, Yandex Cloud project folder-id for auto load secrets by main project name, also can be specify by env variable (see below)}) // return promise
// also you can use sync versionrequire('lockbox-env').configSync(...)
Environment variable
variable | description |
---|---|
| specify service account key file for auth |
| specify -token directly (ex: from cloud function) for auth |
| lockbox cloud secret-id for auto load secrets directly by secret-id |
| lockbox cloud folder-id for auto load secrets by main package name |
#lockbox #env #secret #security #credential