Last active
February 2, 2022 23:44
-
-
Save selfagency/91075d154e6d0719a6fbed67751f157b to your computer and use it in GitHub Desktop.
[use google secret manager with strapi or any node application]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"name": "strapi", | |
"private": true, | |
"version": "0.1.0", | |
"description": "A Strapi application", | |
"scripts": { | |
"develop": "strapi develop", | |
"start": "eval $(node src/secrets.js); strapi start", | |
"build": "strapi build", | |
"gcp-build": "strapi build", | |
"strapi": "strapi", | |
"deploy": "gcloud beta app deploy devops-stats.yaml --quiet" | |
}, | |
"devDependencies": {}, | |
"dependencies": { | |
"@google-cloud/secret-manager": "^3.10.1", | |
"@strapi/plugin-i18n": "4.0.6", | |
"@strapi/plugin-users-permissions": "4.0.6", | |
"@strapi/strapi": "4.0.6", | |
"pg": "8.7.1", | |
"strapi-provider-upload-google-cloud-storage": "^4.0.0" | |
}, | |
"strapi": { | |
"uuid": "dba6663a-2592-481c-8bcf-0e183abe5607" | |
}, | |
"engines": { | |
"node": ">=12.x.x <=16.x.x", | |
"npm": ">=6.0.0", | |
"yarn": ">=1.0.0" | |
}, | |
"license": "MIT" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const { SecretManagerServiceClient } = require('@google-cloud/secret-manager'); | |
const secrets = async (secretsIn, secretPrefix) => { | |
const client = new SecretManagerServiceClient(); | |
const getSecret = async (secret) => { | |
const [version] = await client.accessSecretVersion({ | |
name: `projects/${process.env.GOOGLE_CLOUD_PROJECT}/secrets/${secret}/versions/latest`, | |
}); | |
return version.payload.data.toString(); | |
}; | |
let secretsOut = {}; | |
for (let secretId of secretsIn) { | |
secretsOut[secretId] = await getSecret(`${secretPrefix}${secretId}`); | |
} | |
return secretsOut; | |
}; | |
const getSecrets = async (secretsIn, secretPrefix) => { | |
let env = ''; | |
try { | |
const gotSecrets = await secrets(secretsIn, secretPrefix); | |
for (let secret in gotSecrets) { | |
env += `export ${secret}=${gotSecrets[secret]}\n`; | |
} | |
console.log(env); | |
} catch (err) { | |
console.error(err); | |
process.exit(1); | |
} | |
}; | |
(async () => { | |
const input = [ | |
'JWT_SECRET', | |
'ADMIN_JWT_SECRET', | |
'DATABASE_PASSWORD', | |
'API_TOKEN_SALT', | |
]; | |
const prefix = 'DEVOPSTATS_'; | |
return await getSecrets(input, prefix); | |
})(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment