UNPKG

briareus

Version:

Briareus assists with Feature Branch deploys to ECS

github.com/bugcrowd/briareus

bugcrowd/briareus

119 lines (104 loc) 3.29 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
'use strict' const fs = require('fs'); const async = require('async'); const _ = require('lodash'); const columnify = require('columnify'); const uuidv4 = require('uuid/v4'); const CLI = require('../../cli'); const cmd = { setup(yargs, output, cb) { yargs.command({ command: 'secrets', desc: 'Manage secrets', builder: (yargs) => { return yargs .option('authtoken', { required: true, description: 'Authtoken' }) .command({ command: 'list', desc: 'List secrets', builder: (yargs) => { return yargs .option('scope', { required: true, description: 'Environment variable Scope' }) }, handler: (argv) => cmd.list(new CLI(argv, output), cb) }) .command({ command: 'set', desc: 'Set a secret', builder: (yargs) => { return yargs .option('scope', { required: true, description: 'Environment variable Scope' }) }, handler: (argv) => cmd.set(new CLI(argv, output), cb) }); } }) }, /************************ * List all secrets in decrypted form *************************/ list(cli, cb) { if (!cli.config.scopes || !cli.config.scopes[cli.args.scope]) { return cb(new Error(`Scope "${cli.args.scope}" not found in Briareus project config`)); } const scope = cli.config.scopes[cli.args.scope]; async.map(_.toPairs(scope.secrets), (secret, done) => { cli.api.secrets.decrypt({ encrypted: secret[1] }, (err, data) => { if (err) return done(err); done(null, { name: secret[0], scope: cli.args.scope, value: data.plaintext }); }); }, (err, decryptedSecrets) => { if (err) return cb(err); cli.output.write(columnify(decryptedSecrets, { columnSplitter: ' | ', config: { value: { maxWidth: 'auto' } } })); cb(); }); }, /************************ * Set Secrets *************************/ set(cli, cb) { const newSecrets = _.map(Array.from(cli.args._).slice(2), (secret) => secret.split(/=(.+)/)); const newSecretNames = _.map(newSecrets, (secret) => secret[0]); let scope = { containers: [], secrets: {}, envs: {} } if (cli.config.scopes && cli.config.scopes[cli.args.scope]) { scope = cli.config.scopes[cli.args.scope]; } async.map(newSecrets, (secret, done) => { cli.api.secrets.encrypt({ plaintext: secret[1] }, (err, data) => { if (err) return done(err); scope.secrets[secret[0]] = data.encrypted; done(); }); }, (err, encryptedNewSecrets) => { if (err) return cb(err); if (!cli.config.scopes) cli.config.scopes = {}; cli.config.scopes[cli.args.scope] = scope; fs.writeFileSync(cli.paths.briareus.config, JSON.stringify(cli.config, null, 2)); cli.output.write(`Added encrypted secrets to Briareus config for ${newSecretNames.join(', ')}`); cb(); }); }, } module.exports = cmd;