serverless / serverless-secrets-plugin Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
How to reproduce:
Execute on OSX: sls encrypt -s stag --password 'xxx'
Commit to git secrets.prod.yml.encrypted.
Make git pull of the same file on Win10.
Execute on Win10: sls decrypt -s stag --password 'xxx'
Error:
Error --------------------------------------------------
error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.
Get Support --------------------------------------------
Docs: docs.serverless.com
Bugs: github.com/serverless/serverless/issues
Issues: forum.serverless.com
Your Environment Information -----------------------------
OS: win32
Node Version: 8.9.1
Serverless Version: 1.28.0
File unreadable.
Note: the passwords used are correct. I double checked and the encrypt|decrypt still work on my Mac (where I initially encrypted files).
See: Deprecated APIs
With this plugin secrets are actually exposed during the deployment so I would not recommend that as a secure solution. I think that the better solution would be storing secrets in KMS and decrypting them inside lambda during cold start. We could do that with our handler function form stdlib.
CLI options definitions were upgraded with "type" property (which could be one of "string", "boolean", "multiple").
Below listed plugins do not predefine type for introduced options:
- ServerlessSecretsPlugin for "stage", "password"
"serverless-secrets-plugin": "^0.1.0"
$ serverless --verison
Running "serverless" from node_modules
Framework Core: 3.15.0 (local) 3.7.9 (global)
Plugin: 6.2.2
SDK: 4.3.2
I don't like my project root getting full of miscellaneous files. Is it possible to specify a custom location where the secrets are, and the option to use stage
on the folder structure rather than the file name? I.e.
config/
development
secrets.yml
secrets.yml.encrypted
staging
secrets.yml
secrets.yml.encrypted
production
secrets.yml
secrets.yml.encrypted
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.