Skip to content

Latest commit

 

History

History

secrets-manager

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
src
src
 
 
.eslintrc.json
.eslintrc.json
 
 
README.md
README.md
 
 
generators.json
generators.json
 
 
package.json
package.json
 
 
project.json
project.json
 
 
tsconfig.json
tsconfig.json
 
 

README.md

nx-plugins-secrets-manager

Generates .env files from with Bitwarden secrets in nx monorepos.

Install

npm i -D @codesdowork/nx-secrets-manager @bitwarden/cli

Usage

1. Define a config in your project root (optional):

.secrets.config.json

{
  "sever": "https://your-bitwarden-server.url"
}

2. Create .env.secure.yaml files where necessary (in monorepo root or nx projects)

extends?: ../.env.secure.yaml # optionally extend another config
env?:
  NORMAL: variables
  GO: here
secrets?:
  COLLECTION_NAME:
    collectionId: "your-collection-id"
    prefix?: false # if the secret should be prefixed with the collection name (default: false)
    vars:
      - USERNAME
      - PASSWORD
      - OTHER_FIELD
      - name: OTHER_NAMED_FIELD
        field: secret_is_stored_in_field_with_this_name

3. Create .env files

nx g env-files [stages] [bw-username] [bw-password]

or

nx g @codesdowork/nx-secrets-manager:env-files [stages] [bw-username] [bw-password]

All input parameters can be omitted. They will be asked for when running the command. When you are already logged in, the username is not needed. The password input is hidden and can also read from the BW_PASSWORD environment variable. In Bitwarden, have a collection, e.g. DB, with credentials named like the stage (e.g. DEV, TEST, PROD).

Stages are comma separated and prioritized by their order, e.g., DEV,PROD uses the DEV stage primarily and PROD as fallback.