Skip to content

store secrets in process.env #51

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
recursivefunk merged 2 commits into from
Jun 10, 2025
Merged

store secrets in process.env #51

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a503aa9
store secrets in process.env
recursivefunk Jun 10, 2025
6781b98
appease linter
recursivefunk Jun 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,8 @@ const credentials = env.getAWS({ region: 'us-west-2' });

Some folks like to store secrets in AWS secrets manager in the form of a JSON object as opposed (or in addition) to environment variables. It's me, I'm some folks. Good Env now supports this pattern. To avoid introducing a dependency you'll have to bring your own instance of AWS Secrets Manager though. Be sure to specify your AWS region as an environment variable, otherwise, it'll default to `us-east-1`.

Not only will your secrets be merged with the Good Env store, but they will also be stored in the underlying `process.env` object in case there are components that are still pulling from the environment directly.

Note, if something goes wrong, this function _will_ throw an error.

```javascript
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "good-env",
"version": "7.6.0",
"version": "7.6.1",
"description": "Better environment variable handling for Twelve-Factor node apps",
"main": "src/index.js",
"scripts": {
Expand Down
6 changes: 4 additions & 2 deletions src/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ const isFunction = x => is(x) === '[object Function]';
const parse = (items, converter) => items.map(t => converter(t, 10));
const mapNums = items => parse(items, parseInt);
const validType = item => ['number', 'boolean', 'string'].includes(item);
let store = { ...process.env };
const store = { ...process.env };

module.exports = Object
.create({
Expand Down Expand Up @@ -43,7 +43,9 @@ module.exports = Object
);
const secretStr = response.SecretString;
const secret = JSON.parse(secretStr);
store = { ...store, ...secret };
Object.entries(secret).forEach(([key, value]) => {
this.set(key, value);
});
},
/**
* @description Fetches an IP address from the environment. If the value found under the specified key is not a valid IPv4
Expand Down
4 changes: 4 additions & 0 deletions test/test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ test('it uses secrets manager (happy path)', async (t) => {
t.equals(secretVal1, 'val1');
t.equals(secretVal2, 'val2');

// Ensure it updates the environment variables
t.equals(process.env.secretVal1, 'val1');
t.equals(process.env.secretVal2, 'val2');

t.end();
});

Expand Down