jc-it/yii2-secrets

Secrets storage and extractor for Yii2

v1.0.0 2022-01-13 11:27 UTC

This package is auto-updated.

Last update: 2024-12-13 18:12:12 UTC


README

codecov Continous integration Packagist Total Downloads Packagist Monthly Downloads GitHub tag (latest by date) Packagist Version

This extension provides secret storage and extractor for Yii2.

Installation

The preferred way to install this extension is through composer.

Either run

$ composer require jc-it/yii2-secrets

or add

"jc-it/yii2-secrets": "^<latest version>"

to the require section of your composer.json file.

Configuration

Secrets

It is recommended to use this package only in configuration files before your application is loaded, this way they won't be dumped by your application on chrashes or something unexpected.

$secrets = new \JCIT\secrets\SecretsService(
    new \JCIT\secrets\storages\Chained(
        new \JCIT\secrets\storages\Cache(getenv()),
        new \JCIT\secrets\storages\Json('/run/env.json'),
        new \JCIT\secrets\storages\Filesystem(__DIR__ . '/secrets'),
    )
);

Note that the order in the Chained storage does matter, wherever a secret is found first that value will be returned.

Secret extraction

When deploying a new environment it can be a hassle finding out what all secrets are to be configured. This package contains a console command to extract the secret usages.

  • Create an action in a console controller
      class SecretsController extends Controller
      {
          public function actions(): array
          {
              return [
                  'extract' => [
                      'class' => Extract::class,
                      'calls' => ['$secrets->get', '$secrets->getAndThrowOnNull'],
                      'sourcePath' => '@app/',
                  ],
              ];
          }
      }
  • In dependency injection add the storage (which should only be used for the extract command)
    ...
    'container' => [
        'definitions' => [
            \JCIT\secrets\interfaces\StorageInterface::class => function() {
                return new \JCIT\secrets\storages\Filesystem(__DIR__ . '/../../../secrets')
            }
        ]
    ],

Credits