serverless / serverless-secrets-plugin Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
serverless-secrets-plugin's People
Contributors
Stargazers
Watchers
Forkers
chrisell privoro apobbati medikoo mpuittinen lucasklaassen keltonkowalchuk lrakai ndurayomo saikishore143 xola isabella232 robertdowneyjr0113serverless-secrets-plugin's Issues
Encrypt and Decrypt are not compatible between OSX and Windows OS.
How to reproduce:
-
Execute on OSX: sls encrypt -s stag --password 'xxx'
-
Commit to git secrets.prod.yml.encrypted.
-
Make git pull of the same file on Win10.
-
Execute on Win10: sls decrypt -s stag --password 'xxx'
-
Error:
Error --------------------------------------------------
error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.
Get Support --------------------------------------------
Docs: docs.serverless.com
Bugs: github.com/serverless/serverless/issues
Issues: forum.serverless.com
Your Environment Information -----------------------------
OS: win32
Node Version: 8.9.1
Serverless Version: 1.28.0 -
File unreadable.
Note: the passwords used are correct. I double checked and the encrypt|decrypt still work on my Mac (where I initially encrypted files).
DeprecationWarning: crypto.createDecipher is deprecated
See: Deprecated APIs
Consider using KMS
With this plugin secrets are actually exposed during the deployment so I would not recommend that as a secure solution. I think that the better solution would be storing secrets in KMS and decrypting them inside lambda during cold start. We could do that with our handler function form stdlib.
Define types for CLI options "stage" and "password"
CLI options definitions were upgraded with "type" property (which could be one of "string", "boolean", "multiple").
Below listed plugins do not predefine type for introduced options:
- ServerlessSecretsPlugin for "stage", "password"
"serverless-secrets-plugin": "^0.1.0"
$ serverless --verison
Running "serverless" from node_modules
Framework Core: 3.15.0 (local) 3.7.9 (global)
Plugin: 6.2.2
SDK: 4.3.2
Specify custom location of secret files
I don't like my project root getting full of miscellaneous files. Is it possible to specify a custom location where the secrets are, and the option to use stage on the folder structure rather than the file name? I.e.
config/
development
secrets.yml
secrets.yml.encrypted
staging
secrets.yml
secrets.yml.encrypted
production
secrets.yml
secrets.yml.encrypted
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.