Skip to content
This repository has been archived by the owner on Jan 1, 2023. It is now read-only.
/ confidant Public archive

Securely manage all the configuration your Node app needs to run: environmental variables, hard-coded configuration, AWS Secret Manager, refetchable JWT Tokens and Launch Darkly feature flags.

License

View license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tdreyno/confidant

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

167 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
.husky
.husky
 
 
.vscode
.vscode
 
 
bin
bin
 
 
src
src
 
 
test-npm-version
test-npm-version
 
 
.eslintrc.js
.eslintrc.js
 
 
.gitignore
.gitignore
 
 
.prettierrc
.prettierrc
 
 
.releaserc
.releaserc
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
commitlint.config.js
commitlint.config.js
 
 
jest.config.js
jest.config.js
 
 
package.json
package.json
 
 
tsconfig.cjs.json
tsconfig.cjs.json
 
 
tsconfig.json
tsconfig.json
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

Confidant

Test Coverage npm latest version

Confidant is a library for storing environmental variables, secrets, feature flags and tokens so all can be easily access throughout your JavaScript/TypeScript project.

Install

yarn add @tdreyno/confidant

Basic Usage

import { SecretsManager } from "aws-sdk"
import {
  Confidant,
  AWSSecret,
  Hardcoded as _,
  LaunchDarkly,
  Inputs,
  Group,
  AWSManager,
} from "@tdreyno/confidant"

const results = await Confidant(
  {
    awsManager: new AWSManager(new SecretsManager({ region: "ap-south-1" })),
  },
  {
    ...DEV,
    url: _("/prod"),
    anotherThing: AWSSecret("MyViasat-TSUsage/PSM/serviceAccount/PROD"),

    launchDarklyKey: AWSSecret("LDKEY FROM AWS"),
    featureA: Inputs("launchDarklyKey").chain(
      LaunchDarkly("feature-a", "default-value"),
    ),

    items: Group({
      first: _(1),
      last: _(1_000_000),
    }),
  },
).initialize()

console.log(results.url)

console.log(results.featureA)

Built-in Tasks

  • Hardcoded (often aliased as _): A task which always returns a hard-coded value.
  • AWSSecret: A task which loads a string secret from AWS Secret Manager. Must include an instance of awsManager in the Confidant context.
  • AWSJSONSecret: A task which loads a JSON secret from AWS Secret Manager. Must include an instance of awsManager in the Confidant context.
  • LaunchDarkly: A task which loads a feature flag when provided a launchDarklyUser object in the Confidant context.
  • Token is an abstract base class. Create custom Token tasks by inheriting from it and implementing the fetchToken method which returns a Promise<string>
  • DecodedJWT is a task which takes a JWT string and a function for converting the decoded object into a typed and validated data structure.
  • Inputs is a task which listens to other tasks by key name. When all those tasks are loaded (or updated), pass the values to a dependent task via .chain. Allows composition of tasks.
  • Group is a task which groups a set of tasks into a single object.

Add Logger

Provide a winston logger as the 3rd parameter to Confidant. Can be accessed as this.logger in custom Tasks.

Can be used to forward logs to 3rd party logging platforms.

import { createLogger, transports } from "winston"
import { Confidant, Task } from "@tdreyno/confidant"

class MyToken extends Token<MyTokenData> {
  constructor(
    confidant: Confidant<MyTokenData, Record<string, any>>,
    public url_: string,
    public username_: string,
    public password_: string,
  ) {
    super(confidant)
  }

  fetchToken(): Promise<string> {
    this.logger.log("My message")

    return fetch(this.url_, {
      username: this.username_,
      password: this.password_,
    })
  }
}

const results = await Confidant(
  {},
  {
    myToken: c => new MyToken(c, "url", "username", "password"),
  },
  {
    logger: createLogger({
      transports: [new transports.Console()],
    }),
  },
).initialize()

console.log(results.myToken)

Invalidate JWT

import { Confidant } from "@tdreyno/confidant"

const confidant = Confidant(
  {},
  {
    myJWT: MyJWT("url", "username", "password"),
  },
)

const results = await confidant.initialize()

await confidant.invalidate("myJWT")

const newValue = await confidant.get("myJWT")

About

Securely manage all the configuration your Node app needs to run: environmental variables, hard-coded configuration, AWS Secret Manager, refetchable JWT Tokens and Launch Darkly feature flags.

Topics

typescript configuration secret-management

Resources

Readme

License

View license

Security policy

Security policy
Activity

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 20

v1.12.0 Latest
Nov 12, 2021
+ 19 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages