UNPKG

envilder

Version:

A CLI and GitHub Action that securely centralizes your environment variables from AWS SSM or Azure Key Vault as a single source of truth

24 lines 1.45 kB
import { DefaultAzureCredential } from '@azure/identity'; import { SecretClient } from '@azure/keyvault-secrets'; import { DependencyMissingError } from '../../domain/errors/DomainErrors.js'; import { AzureKeyVaultSecretProvider } from './AzureKeyVaultSecretProvider.js'; import { DEFAULT_VAULT_HOSTS, validateAzureVaultUrl, } from './AzureVaultUrlValidator.js'; export { DEFAULT_VAULT_HOSTS } from './AzureVaultUrlValidator.js'; export function createAzureSecretProvider(config, options) { var _a, _b; const { vaultUrl } = config; if (!vaultUrl) { throw new DependencyMissingError('vaultUrl is required when using Azure provider.' + ' Set it in $config.vaultUrl in your map file' + ' or via --vault-url flag.'); } const allowedVaultHosts = (_a = options === null || options === void 0 ? void 0 : options.allowedVaultHosts) !== null && _a !== void 0 ? _a : DEFAULT_VAULT_HOSTS; const disableChallengeResourceVerification = (_b = options === null || options === void 0 ? void 0 : options.disableChallengeResourceVerification) !== null && _b !== void 0 ? _b : false; validateAzureVaultUrl(vaultUrl, allowedVaultHosts); const credential = new DefaultAzureCredential(); const client = new SecretClient(vaultUrl, credential, { disableChallengeResourceVerification, }); return new AzureKeyVaultSecretProvider(client); } //# sourceMappingURL=AzureSecretProviderFactory.js.map