UNPKG

cqr-env

Version:

Have multiple env files that can be encrypted and included in version control

github.com/bernardoadc/cqr-env

bernardoadc/cqr-env

96 lines (79 loc) 2.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/* imports */ const encryptor = require('simple-encryptor') const fs = require('fs') const path = require('path') /* lib */ const { get, set } = require('./lib/getset') const objFilter = require('./lib/objFilter') const posix = require('./lib/posix') /* modules */ const pkg = require('../index') const safeSize = 'bZ8TfrbMAus7W2vF' // simple-encryptor requires at least 16 chars function getKey (medium, envvarOrPwfile) { switch (medium) { case 'var': return process.env[envvarOrPwfile] + safeSize case 'file': return Buffer.from(fs.readFileSync(posix(envvarOrPwfile))).toString() + safeSize } } function decrypt (file, medium, envvarOrPwfile, filename = '') { if (!process.env[envvar]) throw new Error('envvar does not exist') const encrypted = Buffer.from(fs.readFileSync(file)).toString() const data = encryptor(getKey(medium, envvarOrPwfile)).decrypt(encrypted) if (!data) throw new Error('Failed to decrypt env file (wrong password?)' + (filename ? `: ${filename}` : '')) return data } function decryptFile (file, envvar) { let data if (typeof envvar == 'string') { const encrypted = Buffer.from(fs.readFileSync(file)).toString() data = Buffer.from(decrypt(encrypted, envvar, file)).toString() } else { data = pkg(file, { envvar: envvar, name: false }) } fs.writeFileSync(file.replace('.encrypted', '.exposed'), data) fs.unlinkSync(file) } function decryptFiles (gloob, medium, envvarOrPwfile) { for (const f of gloob) { try { decryptFile(f, envvar) console.log(`Decrypted file ${f} sucessfuly`) } catch (e) { // console.log(`Failed to decrypted file ${f}`) } } } function encrypt (data, envvar) { if (!process.env[envvar]) throw new Error('envvar does not exist') return encryptor(process.env[envvar] + safeSize).encrypt(data) } function encryptFile (file, envvar) { let encrypted if (typeof envvar == 'string') { const data = fs.readFileSync(file) encrypted = encrypt(data, envvar) fs.writeFileSync(file.replace('.exposed', '') + '.encrypted', encrypted) } else { encrypted = pkg(file, { name: false }) const filename = path.basename(file).split('.')[0] for (const key in envvar) { set(encrypted, key, encrypt(get(encrypted, key), envvar[key])) } console.log('encrypted', encrypted) console.log(file.replace('.exposed', '')) fs.writeFileSync(file.replace('.exposed', ''), JSON.stringify(encrypted)) // tem que saber o formato! } fs.unlinkSync(file) } function encryptFiles (gloob, envvar) { for (const f of gloob) { encryptFile(f, gloob.length === 1 ? envvar : objFilter(envvar, (v, k) => k.split('.').shift() == path.basename(f).split('.')[0])) console.log(`Encrypted file ${f} sucessfuly`) } } module.exports = { decrypt, decryptFile, decryptFiles, encryptFiles }