Standalone vault

.eslintrc.json

@@ -0,0 +1,64 @@
+{
+  "rules": {
+    "consistent-return": 0,
+    "curly": 2,
+    "dot-notation": 2,
+    "eqeqeq": 2,
+    "func-names": ["error", "always"],
+    "guard-for-in": 2,
+    "indent": [2, 2, {"SwitchCase": 1}],
+    "linebreak-style": [2, "unix"],
+    "new-cap": 1,
+    "no-caller": 2,
+    "no-catch-shadow": 2,
+    "no-console": 2,
+    "no-else-return": 2,
+    "no-extend-native": 2,
+    "no-extra-bind": 2,
+    "no-eval": 2,
+    "no-implicit-coercion": 2,
+    "no-implied-eval": 2,
+    "no-invalid-this": 2,
+    "no-irregular-whitespace": 2,
+    "no-labels": 2,
+    "no-lone-blocks": 2,
+    "no-lonely-if": 1,
+    "no-loop-func": 2,
+    "no-multi-spaces": 1,
+    "no-multiple-empty-lines": 1,
+    "no-native-reassign": 2,
+    "no-nested-ternary": 2,
+    "no-new": 2,
+    "no-new-func": 2,
+    "no-new-require": 2,
+    "no-new-wrappers": 2,
+    "no-return-assign": 2,
+    "no-self-compare": 2,
+    "no-sequences": 2,
+    "no-shadow": 2,
+    "no-shadow-restricted-names": 2,
+    "no-throw-literal": 2,
+    "no-undef": 2,
+    "no-undef-init": 1,
+    "no-unreachable": 2,
+    "no-unused-expressions": [2, {"allowShortCircuit": true}],
+    "no-useless-call": 2,
+    "no-with": 2,
+    "quotes": [2, "single"],
+    "semi": [2, "always"],
+    "space-before-blocks": 2,
+    "space-in-parens": [0, "never"],
+    "vars-on-top": 2,
+    "yoda": [2, "never"]
+  },
+  "env": {
+    "node": true,
+    "es6": true,
+    "mocha": true
+  },
+  "parserOptions": {
+    "sourceType": "module",
+    "ecmaVersion": 2018
+  },
+  "extends": "eslint:recommended"
+}

.gitignore

@@ -0,0 +1,3 @@
+node_modules
+coverage
+.nyc_output

.npmignore

@@ -0,0 +1,8 @@
+*#
+node_modules
+ssl
+.git
+.gitignore
+.nyc_output
+coverage
+test

.travis.yml

@@ -0,0 +1,23 @@
+sudo: required
+language: node_js
+node_js:
+  - 8
+install:
+  - npm install
+script:
+  - npm test && cat ./coverage/lcov.info | ./node_modules/.bin/codecov
+notifications:
+  email: false
+  slack:
+    secure: lcjjpIGmtjOac4SkeMg6rMcUu+3wee+xgEsBC6a1sYCWGKTxs6x22ezCHwBKbjZ9r14wm+2zOfYuBxWtvxkfduB8WVHH/U+2l5Fto37BxFvWSBqBJy+6BzMz+3gH9JvpHHOjuiqotDX8IQwsQhCgO2MIu+clU3F/T2KT9QtZAFzGnD00vjAkPH+9usxTKfFAmKNwETbTCP3cf3s0KOeX8q3YVW7yYV2Rx3lKT6LDtwzRoO1Fuhp6XNgTkKSWnrbkGsr0terSinkwHj/77cgyrnAVKKUo21Oorz9w6lBTOhvj32H0cShta0zk97+E3bhdhCg9hZtF7oqA+u2thLEWRX2luWlN45X6+kpcrEJYg4Zlhd+ABJyk9a68GwP9H9Kqa8+BxTk4tJzf9w/jgKhFcyM2HMBpD97aGqtQMUKXV5lwQPgutL7eGg8irGKwaidWKT9yWRthAQc0xRiv9/zc6Hwtb9RuRi6KZeyKrLFmDT2PP4Y5NhkDV6XFMaxllx0MSaYC4skl59gbrMl3FZWv8xgJUNHHyxfxheg9Apyf1MXGZOqsIlmqky87pO6csqVL1N5MsKrR12EEzBhW+71VnEPph5vNtTU6gm7sIHCkMPUdCbPNZtBnoK+1SF/T8PehgTPIkakFxmqMNy/ApEFHlUT3/5KvAKs37k481QROGV8=
+    on_success: never
+    on_failure: always
+    on_start: never
+deploy:
+  provider: npm
+  email: support@kuzzle.io
+  api_key:
+    secure: lWVKkkSlEZx05gJXc78bc+i8ltPbGDyZdeuyvIxE4HMKxVoRXD37WkIWTMZIdnS39ANU3Z9jHJITyHpehfnArvYaFCon5KEZ0yaKO36oNhnwgW23S/iqMuh2u9b+DRJnaU0FRJs3Bq5vEnpBkaKCw/0dFAOgtgzRF5gGGtDMRUTxlCbELTV228BmcI3kzY1hy+RfG8HfMj7vysCUW1ndDSXYxJ+utBVD9bKj0NHUp/nlJVcD7B3crzjERvfnEeKsqsIogsAw6KqCS27cOdliD/L50AogSjAskBfrQVux8Z3Jl4QUh+UQyQ7YPd4tIa2IkvH8OnFDr8MelLt8kWxTNMr1Ht6Edj2rGJ36EDgXQiScG+1GDhvO6uUsQIIo2sXrM96bcULWvKaLhvsHsjhvcy/f+TbQxPE1Q5n3jVJqH97q+Whny5SYeJTnbK02YVRc+QxtleoxYhcnzgOg3eyvfVAJj9tJk3J2MvH5IEkyRRDgv2GmhNepgnzzg25/GBf7dlS/PtOYNwwL2Ci6W0PNdHzmPN2tPeZ93okp0oDpvglQqa6aP+QPFhtz6YUJT/5WkGLppSng811WFpoIBksET+OP39NeE/jwOQT8r7wEveAlRWlioPLO/HVE+OEL0FRac+NubzLqqdUNlQcM6TyeQmzfQbkIgjKTjkBbUjj6zHY=
+  on:
+    repo: kuzzleio/kuzzle-vault
+    branch: master

README.md

@@ -0,0 +1,128 @@
+<p align="center">
+  <a href="https://travis-ci.org/kuzzleio/kuzzle-vault">
+    <img src="https://travis-ci.org/kuzzleio/kuzzle-vault.svg?branch=master"/>
+  </a>
+  <a href="https://codecov.io/gh/kuzzleio/kuzzle-vault">
+    <img src="https://codecov.io/gh/kuzzleio/kuzzle-vault/branch/master/graph/badge.svg" />
+  </a>
+  <a href="https://github.com/kuzzleio/kuzzle-vault/blob/master/LICENSE">
+    <img alt="undefined" src="https://img.shields.io/github/license/kuzzleio/kuzzle-vault.svg?style=flat">
+  </a>
+</p>
+
+## About
+
+Kuzzle Vault offers a secure storage system for secrets. It can encrypt inside a file your secrets and also decrypt in memory the encrypted file.
+
+___
+
+### Secrets file format
+
+The secrets file is in JSON format. String values are encrypted but the key names remain the same.
+
+```json
+/* secrets.json */
+{
+  "aws": {
+    "secretKeyId": "lfiduras"
+  },
+  "cloudinaryKey": "ho-chi-minh"
+}
+```
+
+Once encrypted, the file looks like the following:
+
+```json
+/* secrets.enc.json */
+{
+  "aws": {
+    "secretKeyId": "536553f3181ada6f700cac98100f1266.3181ada66536553f"
+  },
+  "cloudinaryKey": "f700cac98100f1266536553f3181ada6.6536553f3181ada"
+}
+```
+
+___
+
+## Api
+
+[Constructor](#constructor)
+[Decrypt](#decrypt)
+[Encrypt](#encrypt)
+
+___
+
+### Constructor
+
+The constructor of the `Vault` class.
+
+```js
+Vault(vaultKey [, secretsFile, encryptedSecretsFile]);
+```
+
+**Arguments**
+
+| Name | Type              | Description |
+| -------- | ----------------- | ----------- |
+| `vaultKey`  | <pre>string</pre> | The key used to encrypt and decrypt secrets   |
+| `secretsFile`  | <pre>string</pre> | Optional secrets file   |
+| `encryptedSecretsFile`  | <pre>string</pre> | Optional encrypted secrets file   |
+
+**Properties**
+
+| Property | Type | Description |
+| `secrets` | <pre>string</pre> | The decrypted secrets after calling [decrypt](#decrypt) |
+
+#### Usage
+
+```js
+const vault = new Vault('my vault key', 'secrets.json', 'secrets.enc.json');
+```
+
+___
+
+### Decrypt
+
+Decrypt the content of the file designated by `encryptedSecretsFile` in the [constructor](#constructor) and store the decrypted content inside `secrets` of the `Vault` class.
+
+<br/>
+
+```js
+decrypt();
+```
+
+
+#### Usage
+
+```js
+const vault = new Vault('my vault key', 'secrets.json', 'secrets.enc.json');
+vault.decrypt();
+console.log(vault.secrets); // Display decrypted secrets
+```
+
+___
+
+### Encrypt
+
+Encrypt the content of the file designated by `secretsFile` in the [constructor](#constructor) and store the encrypted content in the file designated by `encryptedSecretsFile` in the [constructor](#constructor) or `outputFile` passed as argument. If the file exists it will be rewritten only if you set the argument `replaceFileIfExist` to `true`.
+
+<br/>
+
+```js
+encrypt([outputFile, replaceFileIfExist]);
+```
+
+**Arguments**
+
+| Name | Type              | Description |
+| -------- | ----------------- | ----------- |
+| `outputFile`  | <pre>string</pre> | Optional file used to store the encrypted secrets. If not set `encryptedSecretsFile` from the [constructor](#constructor) will be used instead |
+| `replaceFileIfExist`  | <pre>bool</pre> | Optional argument to overwrite the file if it already exists |
+
+
+#### Usage
+
+```js
+const vault = new Vault('my vault key', 'secrets.json', 'secrets.enc.json');
+vault.encrypt('new-secrets.enc.json', true);
+```

index.js

@@ -0,0 +1 @@
+module.exports = require('./lib/vault.js');