@fengcart/secrets-client v1.20.0

@fengcart/secrets-client

Shared secrets manager for CTG.

Usage

yarn add @fengcart/secrets-client

By default, secrets will be stored in DynamoDB. However, the Secrets Manager can also be configured to use different backends.

import { Buyatab, SecretsManager } from '@fengcart/secrets-client';
import { Buyatab } from './secret-definitions';

const secrets = new SecretsManager();
const buyatabSecrets = await secrets.getSecrets(Buyatab);

To provide options to the DynamoDB backend:

import { DynamodbBackend, SecretsManager } from '@fengcart/secrets-client';
import { Buyatab } from './secret-definitions';

const backend = new DynamodbBackend({...});
const secrets = new SecretsManager({ backend });
const buyatabSecrets = await secrets.getSecrets(Buyatab);

To provide options to use the AWS Secrets Manager backend:

import { SecretsManager, SecretsManagerBackend } from '@fengcart/secrets';
import { Buyatab } from './secret-definitions';

const credentials = new SharedIniFileCredentials({ profile });
const awsSecretsManager = new AWSSecretsManager({ credentials });

const backend = new SecretsManagerBackend({ awsSecretsManager });
const secrets = new SecretsManager({ backend });
const buyatabSecrets = await secrets.getSecrets(Buyatab);

FAQ

What's the difference between this package and @fengcart/secrets?

This package was created off @fengcart/secrets to address the following challenges:

1. Allow services/apps to define secrets in their own repo and avoid having to create PRs in ctg-packages.
2. Reduce the number packages published just because we are updating secret definitions.

Which package should I use?

You should stop adding new secrets to @fengcart/secrets and instead start using this library and define secrets in the repo where they are needed.

At the same time you are encouraged to move existing secrets out of @fengcart/secrets and into the repo where they are actually used.