Migrate to dotenvx and dotenv-vault

.env.vault

@@ -0,0 +1,25 @@
+#/-------------------.env.vault---------------------/
+#/         cloud-agnostic vaulting standard         /
+#/   [how it works](https://dotenv.org/env-vault)   /
+#/--------------------------------------------------/
+
+# development
+DOTENV_VAULT_DEVELOPMENT="mnuq6r009xu1oBXlbgX1oP5kPeOwUPukxBK3cphuZ0Fsl/hOEQYsReIhQ5DlluUAjOMZvWuOwVDX5tfmqrtpBqEbbQZKpqYp9t/PPVr6hABwU1ELGuQDENi1iqbuQGI/WTPW6QjDCgAbEavBIkIOeSAIL5dCdrq7vjCO//Dz+r0ESX+kfQcVKHTuLD4LxqwqSzxjAq+L79v4rmaHg1avKod1dOCZiP1MUtWkVdEpshCbzy2mos5I4gpGQErTfSLT16ihORsD7PCzsVf2b0vYj+OgnXtpWUAjGj+qrCxjEqYTe2xvQjG+6lons4lbDcqEh1zxw84cKD2S1Iiz0MsaUkhNfSuv66oiuniZaxe+yBSu/cKMl+qD5qE53m4N9kDUQk1pQcOM8FpyvaWGwrmrl4kmG1AHii957jSDNsz+6rOLDLmkX3BbxK+1XXN3wwa/kRdOjXQ/zN7r5kikK0dqb64Kvy1MJ5+J2PIB53J8CE5S/auQgiLq80/AhjhH33qTyXTszCuJ4AlDSZwP/l0TsSbZxfQVkR1lSscKzCv3XHuq+rhIM+GbgUYoLIkhbhc2YLVjkznw16hjPyP+kQ4vASXlGz/6goIpAPf4a+f8dTg8zH4dRpYdU66VHxwpiqaqzInykBBHb29OSBmfOuw/6M3RESKyMGlsnRqzKe+mQM0VYEbN7OtmoGOND5nMh5IzmjpORC4uvyRt1EzI5dXDZrefi+ySHaUC5uf/df/x4d/IAgLqlQNQGKRnXsjutovrCy6PdcRDfbEqArsMIDuTGGnznxHqvd4prEPnTyxZ8fKXl9OCx9bc1AHJw+8iTI05/VsYDQiYNPGg5jWYTNKz7/jcIsTqj2KjCxDkumJI0MmGzpUwR/+hdUbfg3pudj/MJkE4Ach9Hipu+By1OmMblxf4bLiH+Di+fz7f8vt2Q918rPqy5HuMUDpcpG7VHBxVmnMoJgVqV6knNqJhVf/xwMgSe8ZGF8jFjIL8ickJ89H8FHp1wspR3SYlTA8jyFrd+QOLZ3QzA6xE05bt3mYkGah++DtCaQ7OLkrjDAWK1JHxR1iRR6KYTUOzZ3U42R+lJeX5TAiLcG7m94XnDDSjcqHOfuiWImjLAwCJiAQCn22NeVxTrB7PwUCtfcDrIbuV2sVTeu8/PjkcNFXeLueo5DXDphM+CTsONmmh5F4clKniQeLYwzMESlXqTaA="
+DOTENV_VAULT_DEVELOPMENT_VERSION=3
+
+# ci
+DOTENV_VAULT_CI="jj5VGryshnURdhxnya7LJSfhqsjUdJZiPWcolulQy6gxjRjy/hBPqset0VtmOMlOyKDqSm/syiJIiiuKL7hb9ViEhRSmkTZ7Iv6Y0zDyMtCaO1+bXfoBbRnKPxthkKS/h3FLfaDc8i2DqAEcixCpnIAvAR+mWJwfgRPpxmW+Jyf7SCage+4x6EQrSloI+Ts0tUZRrBqHMFSAH8wjYm+COIs2YkBWdZfhBC4kUGx2VMQUfjPS86A/G/uxTQnENlWRgTXoOcO47MzuSH4hzR8Ih2hU6o+0Z+9X7a/wnt6m6/QI2sbM8j7P4Qc6Tla0io1bqyMD3PNH/KfDvjLl349BQcPluPCMF24rCzTIdhlZsT61KYBLsLmZ8IXT95GlUWfEAq1B2SU="
+DOTENV_VAULT_CI_VERSION=3
+
+# staging
+DOTENV_VAULT_STAGING="mLJgvI2XjbVGsNrA5uhQgdo4QcFr2sxszcfxZpb5V9jzRZ+kNJTnU3w23UkvKo95L9skZlZ06DqsPTSEm68Brgd3NWObo+/rIm8cATWCd7EzWOwKx4OC5lDT1hxti+9bufDoRUEvp8EolcsxCdtmhjuLXSgEMWwXSBzfZYq1lGMmyaoGLzu0MAZ9It05a2svjZrR2t4h/hh4ClQUJtruqVMhutr/XxoO2l8So7bLBn1duujvpgmlSBO67n4c0OjfGpxNHfRU6anaWHqVNNPIZT5DUs/JqzfRXVnI46syrydSW2cLUcajH5jpl7uH2RWwazYncklPwVjwWz3Bb/kNK7KhJyfSTUGi5gSPsttRLdQYfbYr0GBUZIDq67G6mNNZGO9k424="
+DOTENV_VAULT_STAGING_VERSION=3
+
+# production
+DOTENV_VAULT_PRODUCTION="JNTkw2+v+staeSB83lDkYpr/J11nRWfCvFlyCujLqg5GIFn0VlDIQe3YBFoUky/hcUBKX9AIwfdoxeVClWD4lHqhlZxA+gV6z3aRnmtHHthqWGzBdKs7MTR5IoaYczB9OCFa6yKfiu7Fxd64UOMF+5JblajJg3/lB3WkkEDVz4ouCQdU6B3PR5Yhlc5ZQ6SATk2eJfK5594WFSXhI3xIpOCijxw/tNhYs4G9zLYeduJdtgrxIfqOWvkV9RJIXHebqI1WKiKwuPwbU9z3ZYkCKbI0n9eM1gueFz0mnwf74vn+HjprBKqL0aGCFX0h8eNnQvoipbRKUiY+nQSq8HwhSfy69M1ky9JB8ouuo9zuiku7/T6deyV8HoMJkhukUjNqB7ptbOk="
+DOTENV_VAULT_PRODUCTION_VERSION=3
+
+#/----------------settings/metadata-----------------/
+DOTENV_VAULT="vlt_2fabcdc982d04b5a1e33c3e8727a59ecabadc39576535c5d2ad6eb8840bd7c2e"
+DOTENV_API_URL="https://vault.dotenv.org"
+DOTENV_CLI="npx dotenv-vault@latest"

app.js

@@ -6,24 +6,13 @@ const schedule = require('node-schedule'); // FIXME: Keep only if scheduling cro
 // Routes
 const sampleRouter = require('./routes/sample'); // FIXME: delete sample router
 
-require('dotenv').config();
-
 schedule.scheduleJob('0 0 0 0 0', () => console.log('Hello Cron Job!')); // FIXME: delete sample cronjob
 
 const app = express();
 
-const CLIENT_HOSTNAME =
-  process.env.NODE_ENV === 'development'
-    ? `${process.env.DEV_CLIENT_HOSTNAME}:${process.env.DEV_CLIENT_PORT}`
-    : process.env.PROD_CLIENT_HOSTNAME;
-const SERVER_PORT =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_SERVER_PORT
-    : process.env.PROD_SERVER_PORT;
-
 app.use(
   cors({
-    origin: CLIENT_HOSTNAME,
+    origin: process.env.CLIENT_URL,
   }),
 );
 
@@ -32,6 +21,6 @@ app.use(cookieParser());
 app.use(express.json()); // for req.body
 app.use('/', sampleRouter); // FIXME: delete sample endpoint
 
-app.listen(SERVER_PORT, () => {
-  console.log(`Server listening on ${SERVER_PORT}`);
+app.listen(process.env.SERVER_PORT, () => {
+  console.log(`Server listening on ${process.env.SERVER_PORT}`);
 });

common/s3.js

@@ -3,22 +3,11 @@
 const aws = require('aws-sdk');
 const crypto = require('crypto');
 
-const region =
-  process.env.NODE_ENV === 'development' ? process.env.DEV_S3_REGION : process.env.PROD_S3_REGION;
-const accessKeyId =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_S3_ACCESS_KEY_ID
-    : process.env.PROD_S3_ACCESS_KEY_ID;
-const secretAccessKey =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_SECRET_ACCESS_KEY
-    : process.env.PROD_S3_SECRET_ACCESS_KEY;
-
 // initialize a S3 instance
 const s3 = new aws.S3({
-  region,
-  accessKeyId,
-  secretAccessKey,
+  region: process.env.S3_REGION,
+  accessKeyId: process.env.S3_ACCESS_KEY_ID,
+  secretAccessKey: process.env.S3_SECRET_ACCESS_KEY,
   signatureVersion: 'v4',
 });
 
@@ -34,7 +23,7 @@ const getS3UploadURL = async () => {
   };
 
   // get a s3 upload url
-  const uploadURL = await s3.getSignedUrl('putObject', params);
+  const uploadURL = s3.getSignedUrl('putObject', params);
 
   return uploadURL;
 };

common/transporter.js

@@ -2,29 +2,16 @@
 
 const nodemailer = require('nodemailer');
 
-require('dotenv').config();
-
-const user =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_EMAIL_USERNAME
-    : process.env.PROD_EMAIL_USERNAME;
-const pass =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_EMAIL_PASSWORD
-    : process.env.PROD_EMAIL_PASSWORD;
-const emailSender =
-  process.env.NODE_ENV === 'development'
-    ? `${process.env.DEV_EMAIL_FIRSTNAME} ${process.env.DEV_EMAIL_LASTNAME}`
-    : `${process.env.PROD_EMAIL_FIRSTNAMS} ${process.env.DEV_EMAIL_LASTNAME}`;
+const emailSender = `${process.env.EMAIL_FIRSTNAME} ${process.env.EMAIL_LASTNAME}`;
 
 // sender information
 const transport = {
   host: 'smtp.gmail.com', // e.g. smtp.gmail.com
   auth: {
-    user,
-    pass,
+    user: process.env.EMAIL_USERNAME,
+    pass: process.env.EMAIL_PASSWORD,
   },
-  from: user,
+  from: process.env.EMAIL_USERNAME,
   secure: true,
 };
 

package.json

@@ -7,7 +7,7 @@
   "author": "CTC <[email protected]>",
   "license": "MIT",
   "scripts": {
-    "start": "nodemon app.js",
+    "start": "dotenvx run -- nodemon app.js",
     "prepare": "husky install",
     "lint": "eslint '**/*.js'",
     "format": "prettier --write \"**/*.js\""
@@ -19,23 +19,23 @@
     "aws-sdk": "^2.1568.0",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",
-    "dotenv": "^10.0.0",
-    "eslint": "^8.1.0",
-    "eslint-config-airbnb-base": "^14.2.1",
-    "eslint-plugin-import": "^2.25.2",
-    "eslint-plugin-prettier": "^4.0.0",
     "express": "^4.17.1",
     "mongoose": "^8.2.0",
     "mysql": "^2.18.1",
     "node-schedule": "^2.1.1",
     "nodemailer": "^6.9.10",
     "nodemon": "^2.0.14",
-    "pg-promise": "^11.5.4",
-    "prettier": "^2.4.1"
+    "pg-promise": "^11.5.4"
   },
   "devDependencies": {
+    "prettier": "^2.4.1",
+    "eslint": "^8.1.0",
+    "eslint-config-airbnb-base": "^14.2.1",
+    "eslint-plugin-import": "^2.25.2",
+    "eslint-plugin-prettier": "^4.0.0",
+    "@dotenvx/dotenvx": "^0.24.0",
     "eslint-config-prettier": "^8.3.0",
     "husky": "^7.0.4",
     "lint-staged": "^11.2.6"
   }
-}
+}

server/db-mongoose.js

@@ -1,10 +1,7 @@
 // FIXME: keep file only if using mongodb
 const mongoose = require('mongoose');
 
-const mongoURI =
-  process.env.NODE_ENV === 'development' ? process.env.DEV_DB_URI : process.env.PROD_DB_URI;
-
-mongoose.connect(mongoURI, {
+mongoose.connect(process.env.DB_URI, {
   useNewUrlParser: true,
   useUnifiedTopology: true,
 });

server/db-mysql.js

@@ -2,26 +2,11 @@
 
 const mysql = require('mysql');
 
-const host =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_HOSTNAME
-    : process.env.PROD_DB_HOSTNAME;
-const user =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_USERNAME
-    : process.env.PROD_DB_USERNAME;
-const password =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_PASSWORD
-    : process.env.PROD_DB_PASSWORD;
-const database =
-  process.env.NODE_ENV === 'development' ? process.env.DEV_DB_NAME : process.env.PROD_DB_NAME;
-
 const db = mysql.createConnection({
-  host,
-  user,
-  password,
-  database,
+  host: process.env.DB_HOSTNAME,
+  user: process.env.DB_USERNAME,
+  password: process.env.DB_PASSWORD,
+  database: process.env.DB_NAME,
 });
 
 db.connect();

server/db-pgp.js

@@ -1,31 +1,13 @@
 // FIXME: keep file only if using postgresql
 
 const pgp = require('pg-promise')({});
-require('dotenv').config();
-
-const host =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_HOSTNAME
-    : process.env.PROD_DB_HOSTNAME;
-const user =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_USERNAME
-    : process.env.PROD_DB_USERNAME;
-const password =
-  process.env.NODE_ENV === 'development'
-    ? process.env.DEV_DB_PASSWORD
-    : process.env.PROD_DB_PASSWORD;
-const database =
-  process.env.NODE_ENV === 'development' ? process.env.DEV_DB_NAME : process.env.PROD_DB_NAME;
-const port =
-  process.env.NODE_ENV === 'development' ? process.env.DEV_DB_PORT : process.env.PROB_DB_PORT;
 
 const db = pgp({
-  host,
-  user,
-  password,
-  database,
-  port,
+  host: process.env.DB_HOSTNAME,
+  user: process.env.DB_USERNAME,
+  password: process.env.DB_PASSWORD,
+  database: process.env.DB_NAME,
+  port: process.env.DB_PORT,
   ssl: {
     rejectUnauthorized: false,
   },