npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

netlify-plugin-vault-variables

v2.0.0

Published

Use vault as the place to store environment variables.

Downloads

501

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

stanfordwebservicesstanfordwebservices

Keywords

netlifyvaultenvironmentplugin

Readme

Netlify Plugin Vault Variables

For when you want to put your environment variables in the vault.

Configuration & Installation

Prerequisite: Enterprise Vault Account

  1. Create an approle login with a client id and secret in your vault instance
  2. Create an .env file in the root of your project if you don't already have one.
  3. Add the variables VAULT_ROLE_ID and VAULT_SECRET_ID with the newly created values
  4. Add a new script to your package.json file that executes the script.js file eg: "vault": "netlify-plugin-vault-variables",
  5. Add configuration to your netlify.toml to enable this plugin
# Fetch vault plugin needs to come before any of the contextual environment
# variable plugins so they can act on the new vars.
[[plugins]]
  package = "netlify-plugin-vault-variables"
  [plugins.inputs]
    # The vault service endpoint
    endpoint = 'https://vault.example.com'
    # Order doesn't matter here as these will be fetched asyncronously. Try not to have dupes.
    secrets = ['secret/data/path/project/folder1', 'secret/data/path/project/folder2']
    # Set which environment variables to use for the approle login
    secretId = 'VAULT_SECRET_ID'
    roleId = 'VAULT_ROLE_ID'
  1. Run it with npm run vault

On success, you may now change and alter values in .env if you need to. To reset, simply remove the values from .env and run the script again.

Environment Variable Strategy with Vault.

Environment variable file: .env We are no longer using production and development environment variable files. We use the netlify-plugin-contextual-env plugin to support different environments. See below for more.

Netlify-plugin-contextual-env We have ported this plugin into our package to set the environment variables in the various different environments. See the plugin page for a full set of configuration options. We are use the prefix option to separate out the different configuration.

Local Development Context When developing on your local environment you can use the prefix LOCAL_ to set contextual environment variables for developers.

Contextual Environment Variables in LAMBDA functions

This plugin will add contextual variables through Netlify's plugin API and they will be available to LAMBDA functions at runtime through an .env file. You will need to ensure that your LAMBDA function sets the environment by calling something like require('dotenv').config() at the top of your file if you are using a commonjs file. For modules follow https://github.com/motdotla/dotenv#how-do-i-use-dotenv-with-import.

Prefix strategy A non-prefixed version has to exist in order for the plugin to work. For example, GATSBY_TOKEN has to exist in order for DEPLOY_PREVIEW_GATSBY_TOKEN to work. The non-prefixed version of the environment variable is the default and then overridden with the plugin at build time. The default tokens should all point to the development environments so that branch deployes, dev environments, and build previews all use that token. We then use the PRODUCTION_ prefix to override the production environment builds.

Environment Variables on Netlify

Netlify should support only a minimal amount of environment variables in their UI. VAULT_ROLE_ID and VAULT_SECRET_ID are required but all other environment variables should go into either a global folder or into the project specific folder.

The project specific folder eg secret/data/projects/myProject/stuff

As environment variables get contextualized this plugin, there is no need to separate out dev/prod variables into separate folders.

Vault

Environment variables are stored (and versioned) in a Enterprise Vault service. You can fetch them and have them written to .env by running npm run vault. You will need to add the vault role id and vault secret into the .env file first. You can likely find those values in the Netlify environment variables UI. If you can't find them. Please ask another developer.

When the script runs, it should only append new values to your .env file. This means you can have your own local environment variables or overwrite ones that are coming from vault. You can change this so that vault overwrite all values by setting the environment variable VAULT_OVERWRITE=true.