Skip to content
/ oprah Public
forked from ACloudGuru/oprah

Package to deploy parameters to AWS

License

MIT license
0 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Danwakeem/oprah

BranchesTags
 
 

Repository files navigation

Build Status codecov Codacy Badge NPM Status dependencies Status

🐝 Oprah

Node module to push configuration and encrypted secrets to AWS.

Installation

# Via yarn
$ yarn add oprah

# Via npm
$ npm install oprah

Usage

  1. At the root of your application add configuration file called oprah.yml.
service: oprah-service
provider: ssm

config:
  path: /${stage}/oprah/config
  defaults:
    DB_NAME: my-database
    DB_HOST: 3200
  required:
    DB_TABLE: "some database table name for ${stage}"

secret:
  path: /${stage}/oprah/secret
  required:
    DB_PASSWORD: "secret database password"
  1. Use oprah CLI tool to push your keys to AWS parameter store.
$ oprah run --stage <stage> --interactive

Config File

Following is the configuration file will all possible options:

service: oprah-service
provider: ssm                                 # Only supports ssm for now.

stacks:                                       # Outputs from cloudformation stacks that needs to be interpolated.
  - some-cloudformation-stack

config:
  path: /${stage}/oprah/config                # Base path for params to be added to
  defaults:                                   # Default parameters. Can be overwritten in different environments.
    DB_NAME: my-database
    DB_HOST: 3200
  production:                                 # If keys are deployed to production stage, its value will be overwritten by following
    DB_NAME: my-production-database
  required:                                   # Keys mentioned below will be prompted to be entered.
    DB_TABLE: "some database table name for ${stage}"

secret:
  keyId: some-arn-of-kms-key-to-use .         # If not specified, default key will be used to encrypt variables.
  path: /${stage}/oprah/secret                # Base path for params to be added to
  required:
    DB_PASSWORD: "secret database password" . # Parameter to encrypt and add to. Will be encrypted using KMS.
                                              # Above key will be added to /${stage}/oprah/secret/DB_PASSWORD
                                              # Value in quote will be displayed as explanation in prompt during interactive run.

CLI

Following is all options available in oprah CLI.

Usage: oprah [options] [command]

Options:
  -V, --version          output the version number
  -s, --stage [stage]    Specify stage to run on. (required)
  -c, --config [config]  Path to oprah configuration (default: "oprah.yml")
  -i, --interactive      specify values through command line
  -h, --help             display help for command

Commands:
  run [options]          Verify or populate all remote configurations and
                         secrets.
  init                   Initialize oprah. Only required to run once.
  export [options]       Export of all of the configuration from the provider
                         to a text json file
  import [options]       Import all of the configuration from the json from to
                         a provider
  list                   List all remote configurations and secrets.
  fetch [options]        Fetch config or secret
  help [command]         display help for command

Push configuration

Usage: oprah run [options]

Verify or populate all remote configurations and secrets.

Options:
  -v, --variables [variables]  Variables used for config interpolation.
  -i, --interactive            Run on interactive mode
  -m, --missing                Only prompt missing values in interactive mode
  -r, --removing               Removing orphan configs or secrets
  -h, --help                   display help for command

List pushed configurations

Usage: oprah list [options]

List all remote configurations and secrets.

Options:
  -h, --help  display help for command

Fetch individual configuration

Usage: oprah fetch [options]

Fetch config or secret

Options:
  -k, --keys [keys]  Comma seperated configs to fetch (example:
                     "SOME_CONFIG,ANOTHER_CONFIG")
  -h, --help         display help for command

Fetch configuration can be used in automation scripts. Example:

PARAMS=$(./node_modules/.bin/cm fetch -k "CALLBACK_URL,LOGOUT_URL" -s $STAGE)

CALLBACK_URL=$(echo $PARAMS | jq -er ".CALLBACK_URL")
LOGOUT_URL=$(echo $PARAMS | jq -er ".LOGOUT_URL")

# do something with the values

Import

Usage: oprah import [options]

Import all of the configuration from the json from to a provider

Options:
  -p, --path [path]  The location of the secrets and configuration file
                     (default: "/tmp/oprah-exports.json")
  -h, --help         display help for command

Export

Usage: oprah export [options]

Export of all of the configuration from the provider to a text json file

Options:
  -p, --path [path]      The location for the output secrets & configuration file
                         (default: "/tmp/oprah-exports.json" or ".env_oprah")
  -t, --target [target]  The output target, available options are json|env
                         (default:json)

  -h, --help             display help for command

Clean up

Usage: oprah clean-up [options]

Clean up orphan configurations and secrets from provider

Options:
  -d, --dry-run [dryRun]  Execute a dry run to display all orphan configurations and secrets

  -h, --help              display help for command

License

Feel free to use the code, it's released using the MIT license.

About

Package to deploy parameters to AWS

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

25 tags

Packages

No packages published

Languages

  • JavaScript 99.9%
  • Shell 0.1%