-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
250 additions
and
98 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import { vaultExists } from 'db/vaults'; | ||
import { loadConfig } from 'lib/config'; | ||
import { addEnvToVault } from 'lib/env'; | ||
import { logError, logInfo } from 'lib/log'; | ||
import { exit } from 'process'; | ||
|
||
export async function vaultImport(envPath: string) { | ||
const { config } = await loadConfig(); | ||
|
||
const { vaults, active_vault } = config; | ||
|
||
const { key } = vaults[active_vault]; | ||
|
||
const location = vaultExists(vaults, active_vault); | ||
|
||
if (!location) { | ||
logError('Default vault could not be found!'); | ||
return exit(1); | ||
} | ||
|
||
const newSecrets = await addEnvToVault(envPath, { key, location }); | ||
|
||
logInfo( | ||
`${newSecrets.rowsAffected} secrets added to vault from '${envPath}'!`, | ||
); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
export * from './create'; | ||
export * from './delete'; | ||
export * from './export'; | ||
export * from './import'; | ||
export * from './sync'; | ||
export * from './use'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
import { createSecretsHelpers } from 'db/secrets'; | ||
import { loadConfig } from 'lib/config'; | ||
import { syncEnv } from 'lib/env'; | ||
import { logInfo } from 'lib/log'; | ||
import { resolve } from 'path'; | ||
import { cwd } from 'process'; | ||
|
||
export async function vaultSync( | ||
vaultNameInput: string, | ||
envDestinationPath: string, | ||
) { | ||
const { config } = await loadConfig(); | ||
|
||
const { vaults, active_vault } = config; | ||
|
||
const { location, key } = vaults[active_vault]; | ||
|
||
const { getAllSecrets } = createSecretsHelpers({ | ||
location, | ||
key, | ||
}); | ||
|
||
const secrets = await getAllSecrets(); | ||
const secretsMap = secrets.reduce( | ||
(prev, { name, value }) => ({ | ||
...prev, | ||
[name]: value, | ||
}), | ||
{}, | ||
); | ||
|
||
logInfo(`Secrets synced to ./.env for '${active_vault}' vault!`); | ||
console.log(secretsMap); | ||
|
||
await syncEnv('./.env', secretsMap); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
import { Command } from 'commander'; | ||
import { description, version } from '../package.json'; | ||
import init from 'actions/init'; | ||
import { drop } from 'actions/drop'; | ||
import { grab } from 'actions/grab'; | ||
import { secretAdd } from 'actions/secret/add'; | ||
import { secretRemove } from 'actions/secret/remove'; | ||
import { | ||
vaultCreate, | ||
vaultDelete, | ||
vaultExport, | ||
vaultImport, | ||
vaultSync, | ||
vaultUse, | ||
} from 'actions/vault'; | ||
|
||
const deadrop = new Command(); | ||
|
||
deadrop.name('deadrop').description(description).version(version); | ||
|
||
deadrop.command('init').action(init); | ||
|
||
deadrop | ||
.command('drop') | ||
.description('drop a secret from a vault or in raw format') | ||
.argument('[input]', 'secret to drop') | ||
.option('-i, --input [input]', 'secret to drop') | ||
.option('-f, --file', 'secret to drop is a file') | ||
.action(drop); | ||
|
||
deadrop | ||
.command('grab') | ||
.description('grab a secret with a drop ID') | ||
.argument('<id>', 'drop session ID') | ||
.action(grab); | ||
|
||
// vault commands | ||
|
||
const vaultRoot = deadrop | ||
.command('vault') | ||
.description('manage your vaults'); | ||
|
||
vaultRoot | ||
.command('create') | ||
.description( | ||
'create a new vault, optionally specify its parent folder', | ||
) | ||
.argument('<name>', 'name of the vault') | ||
.argument('[location]', 'folder location of the vault') | ||
.action(vaultCreate); | ||
|
||
vaultRoot | ||
.command('use') | ||
.description('change the current active vault deadrop is using') | ||
.argument('<name>', 'name of the vault to switch to as active') | ||
.action(vaultUse); | ||
|
||
vaultRoot | ||
.command('sync') | ||
.description('sync the current active vault with .env file') | ||
.action(vaultSync); | ||
|
||
vaultRoot | ||
.command('export') | ||
.description('export all the secrets of the specified vault') | ||
.argument('<name>', 'name of the vault to export') | ||
.action(vaultExport); | ||
|
||
vaultRoot | ||
.command('import') | ||
.description( | ||
'import all the secrets of a given .env file to active vault', | ||
) | ||
.argument('<path>', 'path to the .env file') | ||
.action(vaultImport); | ||
|
||
vaultRoot | ||
.command('delete') | ||
.description( | ||
`delete the specified vault's database and remove it from config`, | ||
) | ||
.argument('<name>', 'name of the vault to delete') | ||
.action(vaultDelete); | ||
|
||
// secrets commands | ||
|
||
const secretRoot = deadrop | ||
.command('secret') | ||
.description('manage your secrets in active vault'); | ||
|
||
secretRoot | ||
.command('add') | ||
.argument('[name]', 'name of the secret') | ||
.argument('[value]', 'value of the secret') | ||
.action(secretAdd); | ||
|
||
secretRoot | ||
.command('remove') | ||
.argument('[name]', 'name of the secret to remove') | ||
.action(secretRemove); | ||
|
||
export { deadrop }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
import { initDB } from 'db/init'; | ||
import { secretsTable } from 'db/schema'; | ||
import { stringify, parse } from 'envfile'; | ||
import { appendFile, readFile, writeFile } from 'fs/promises'; | ||
import { resolve } from 'path'; | ||
import { cwd } from 'process'; | ||
import { VaultDBConfig } from 'types/config'; | ||
|
||
type Env = Record<string, string>; | ||
|
||
const encoding: BufferEncoding = 'utf-8'; | ||
|
||
export async function syncEnv( | ||
filePath: string, | ||
envVars: Env, | ||
append = false, | ||
) { | ||
const fullPath = resolve(cwd(), filePath); | ||
|
||
const envAsString = stringify(envVars); | ||
|
||
const envContent = `# generated by deadrop\n\n${envAsString}\n`; | ||
|
||
if (append) await appendFile(fullPath, `\n${envContent}`, encoding); | ||
else await writeFile(fullPath, envContent, encoding); | ||
} | ||
|
||
export async function loadEnvFromFile(filePath: string) { | ||
const fullPath = resolve(cwd(), filePath); | ||
console.log(fullPath); | ||
const envContent = await readFile(fullPath, encoding); | ||
|
||
const parsedEnv = parse(envContent); | ||
|
||
return parsedEnv; | ||
} | ||
|
||
export async function addEnvToVault( | ||
envPath: string, | ||
vault: VaultDBConfig, | ||
) { | ||
const envVars = await loadEnvFromFile(envPath); | ||
|
||
const db = initDB(vault.location, vault.key); | ||
|
||
const secretsToAdd = Object.entries(envVars).map( | ||
([key, value]) => ({ | ||
name: key, | ||
value, | ||
}), | ||
); | ||
console.log(secretsToAdd); | ||
return db.insert(secretsTable).values(secretsToAdd).run(); | ||
} |
Oops, something went wrong.