All geek questions in one place

How to use environment variables in package.json

Since we do not want important data in the project code, including the package.json file, using environment variables, it would be a logical choice, in my opinion.

Package.json example:

  "dependencies": {
    "accounting": "~0.4.0",
    "async": "~1.4.2",
    "my-private-module":"git+https://${BB_USER}:${BB_PASS}@bitbucket.org/foo/bar.git"

Is it possible?

(The question is not whether this is reasonable or not good, just if possible )

Hello!

I.

+11
source share
5 answers

No, It is Immpossible. You must access the repo using git+sshand save the private key in ~/.ssh.

Your line looks like this:

"my-private-module":"git+ssh://git@bitbucket.org/foo/bar.git"

That does not contain anything sensitive.

+2
source

, . .

, package.json, :

"some-script": "./scripts/some-script.sh",

some-script.sh:

#!/bin/sh

npm run some-other-script -- --prop=$SOME_ENV_VAR
+2

, , npm .

git+ssh ( ) ssh.

+1

package.json :

, npm_config_, . , npm_config_foo = bar foo. , , true. Config , NPM_CONFIG_FOO = bar .

https://docs.npmjs.com/misc/config#environment-variables

0

package.json . , package.json URL, npm install --no-save (--no-save , ).

: env .env.json, gitignore'd .

  1. , package.json

env-dependencies.js

const execSync = require('child_process').execSync
const pkg = require('./package.json')

if (!pkg.envDependencies) {
  return process.exit(0)
}

let env = Object.assign({}, process.env)

if (typeof pkg.envDependencies.localJSON === 'string') {
  try {
    Object.assign(env, require(pkg.envDependencies.localJSON))
  } catch (err) {
    console.log('Could not read or parse pkg.envDependencies.localJSON. Processing with env only.')
  }
}

if (typeof pkg.envDependencies.urls === 'undefined') {
  console.log('pkg.envDependencies.urls not found or empty. Passing.')
  process.exit(0)
}

if (
  !Array.isArray(pkg.envDependencies.urls) ||
  !(pkg.envDependencies.urls.every(url => typeof url === 'string'))
) {
  throw new Error('pkg.envDependencies.urls should have a signature of String[]')
}

const parsed = pkg.envDependencies.urls
  .map(url => url.replace(/\${([0-9a-zA-Z_]*)}/g, (_, varName) => {
    if (typeof env[varName] === 'string') {
      return env[varName]
    } else {
      throw new Error('Could not read env variable ${varName} in url ${url}')
    }
  }))
  .join(' ')

try {
  execSync('npm install --no-save ' + parsed, { stdio: [0, 1, 2] })
  process.exit(0)
} catch (err) {
  throw new Error('Could not install pkg.envDependencies. Are you sure the remote URLs all have a package.json?')
}

  1. "postinstall": "node env-dependencies.js" package.json, npm install

  2. Add your personal git repositories to package.jsonusing the package.jsonURLs (note: they should all have package.jsonroot package.json!):

"envDependencies": {
  "localJSON": "./.env.json",
  "urls": [
    "git+https://${GITHUB_PERSONAL_ACCESS_TOKEN}@github.com/user/repo#semver:^2.0.0"
  ]
},

(the specifier #semver:^2.0.0can be omitted, but refers to the git tag, which can be very useful, as it makes your git server a complete package manager)

  1. npm install
0
source

Source: https://habr.com/ru/post/1623225/

More articles:


All Articles