npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@onboardbase/global-env

v0.0.7

Published

Dynamically access Environment variables

Downloads

10

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bazamelbazamelakeem_onboardbaseakeem_onboardbasemahmoudgalalmahmoudgalalsamolusolasamolusolaobbadminobbadmin

Keywords

envsecretsenvironmentvariables

Readme

Global ENV

Dynamically evaluate environment variables at runtime.

This library assumes that environment variables are best stored remotely in a secure vault and attempts to load the secrets during initialization.

Motivation

Secrets can be statically analyzed in a node application through process.env, which exports all the key/value pairs of the current environment variables as static objects and can be inspected through the built files.

To mitigate the risk of spreading secrets unintentionally, this library attempts to take secrets as dynamic values that could be pulled from a remote resource and be kept in memory for the entire runtime of the application.

Install

To use global-env,

yarn

yarn add @onboardbase/global-env

npm

npm i @onboardbase/global-env

Usage

Using with in-memory variable source

Create a file called setupGlobalEnv.ts and add the below content.

import { setupStore, memoryStore, SECRET_KEY, SECRET_VALUE, env, allEnv } from "@onboardbase/global-env"

const MEMORY_SECRETS = {
    RECORD_LABEL: "IMOLENIZATION",
    SECRET_KEY: "MOHBAD"
}

memoryStore.getSecrets = async () => {
    return new Promise((resolve, reject) => {
        // Dynamically fetch secrets from a remote resource
        resolve(MEMORY_SECRETS)
    })
}
memoryStore.setSecret = async (key: SECRET_KEY, value: SECRET_VALUE) => {
    // Make an API call to update the secret
    const secrets = allEnv()
    secrets[key] = value
    console.log("Secret Updated on Remote", secrets)
}

(async function () {
    await setupStore(memoryStore)
})()

Import this file at the top of the root file of your project.

import "./setupGlobalEnv"

Finally, anywhere else:

import {env} from "@onboardbase/global-env"

console.log(env()) // logs all the secrets set during initialization
console.log(env("SECRET_KEY")) // => "MOHBAD"

Find an example here: https://github.com/Onboardbase/global-env/tree/main/example

Using a Remote source

If you want to fetch the environment variables from a remote source instead, you will have to setup global env like this:

import { setupStore, SecretStore, Env, env } from "@onboardbase/global-env";
import axios from "axios";

const remoteStore: SecretStore<Env> = {
  async getSecrets() {
    const response = await axios.get<Env>("<remote-url>");
    return response.data;
  },
  async setSecret() {},
};

(async function () {
  await setupStore(remoteStore);
})();

Using a .env file

If you want to fetch the environment variables from a .env file instead, you will have to setup global env like this:

import { dotEnv, setupStore, SecretStore, Env, env } from "@onboardbase/global-env";

const remoteStore: SecretStore<Env> = {
  async getSecrets() {
    return dotEnv()
  },
  async setSecret() {
    
  },
};

(async function () {
  await setupStore(remoteStore);
})();

You can then access the secrets in your Express Server like this:

import './setupGlobalEnv';
import express from 'express';
import { env } from '@onboardbase/global-env';
const app = express();

app.get('/secrets', async (req, res) => {
  console.log(env()); // logs the variables here
  res.send({success: true});
});

app.listen(3000, () => {
  console.log('Listening on port 3000!');
});

API

exports.set(key: string, value: string): void

It can be used to update the value of an env or create a new one. It attempts first to update the in-memory copy of the secrets and then calls the remote resource to complete the update on the upstream.

exports.env(key?): string | Record<string, any>

Get the value of an env by passing the key into the function. If no key is passed, it loads all the key/value pairs of the env.

exports.allEnv(): Record<string, any>

Loads all the key/value pairs of the env.

Credits

🙌 Inspired by: std-env