Secrets
Manage secrets
This API allows you to manage secrets in selected environments.
Method parameters
When using this API you need to pass the project name or ID and environment name or ID to the secrets method.
// pass the project and environment to the secrets method
await stashbase.secrets({ project: 'my-project', environment: 'api-dev' }).list()Get
Get single secret by its name.
Parameters
This takes two parameters.
Prop
Type
Options
An object with the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.get('JWT_SECRET')
if (error) {
// handle error
} else {
// do something with the data
}Get metadata
Get operational metadata for a single secret by name.
Parameters
This method takes one parameter.
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.getMetadata('JWT_SECRET')
if (error) {
// handle error
} else {
// do something with the metadata
console.log(data)
}List
List all secrets in the selected environment.
Parameters
This method takes single optional object parameter.
Prop
Type
Options
An object with the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.list()
if (error) {
// handle error
} else {
// do something with the data
}List metadata
List operational metadata for all visible secrets in the selected environment.
Parameters
This method does not take parameters.
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.listMetadata()
if (error) {
// handle error
} else {
// do something with the metadata list
console.log(data)
}List only
List only selected secrets.
Parameters
This method takes two parameters.
Prop
Type
Options
An object with the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.listOnly(['DB_USER', 'DB_PASSWORD', 'DB_HOST'])
if (error) {
// handle error
} else {
// do something with the data
}List exclude
List all secrets except the excluded ones.
Parameters
This method takes object parameter with the following properties:
Prop
Type
Options
An object with the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'my-project', environment: 'api-dev' })
.listExclude(['DB_URL', 'DB_USER', 'DB_PASSWORD'])
if (error) {
// handle error
} else {
// do something with the data
}Create
With this method you can easily create new secrets in the selected environment.
The data proprety returns createdCount and duplicateSecrets array of strings.
Parameters
This method takes a single array parameter:
Prop
Type
Data
An array of objects CreateSecretsItem containing the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'project', environment: 'api-dev' })
.create([
{
name: 'DATABASE_URL',
value: 'postgres://user:password@localhost:5432/dbname',
},
])
// check for error
if (error) {
// handle error
} else {
// do something with the data
console.log(data.createdCount)
console.log(data.duplicateSecrets)
}Upsert
With this method you can easily upsert secrets.
One key difference from the create method is the fact that this method will create the secret if it does not exist or update if it exists.
The data property returns secret names using createdSecrets and updatedSecrets properties.
Parameters
This method takes a single array parameter:
Prop
Type
Data
An array of objects SetSecretsItem containing the following properties:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'project', environment: 'api-dev' })
.set([
{
name: 'DATABASE_URL',
value: 'postgres://user:password@localhost:5432/dbname',
},
])
// check for error
if (error) {
// handle error
} else {
// do something with the data
console.log(data.createdSecrets)
console.log(data.updatedSecrets)
}Update
Update existing secrets.
The data proprety returns updatedCount and notFoundSecrets array of strings.
Parameters
This method takes a single array parameter:
Prop
Type
Data
An array of objects UpdateSecretsItem where name is the currrent name of the secret to update and at least one of the additional properties is required:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'project', environment: 'api-dev' })
.update([
{
name: 'DATABASE_URL',
newName: 'DB_URL',
value: 'postgres://user:password@localhost:5432/dbname',
},
])
if (error) {
// handle error
} else {
// ok
}Delete
Delete existing secrets.
The data proprety returns deletedCount and notFoundsecrets array of strings.
Parameters
This method takes a single array parameter:
Prop
Type
Example
const { data, error } = await stashbase
.secrets({ project: 'project', environment: 'api-dev' })
.delete(['JWT_SECRET'])
// check for error
if (error) {
// handle error
} else {
// ok
console.log(data.deletedCount)
console.log(data.notFoundSecrets)
}Delete all
Delete all secrets in the environment
The data proprety returns property deletedCount (number).
Parameters
This method takes no parameters.
Example
const { data, error } = await stashbase
.secrets({ project: 'project', environment: 'api-dev' })
.deleteAll()
// check for error
if (error) {
// handle error
} else {
// ok
console.log(data.deletedCount)
}Search secrets
Use the root workspace client method searchSecrets to search secrets in a project.
This method is project-scoped and does not require environment.
Examples
Search by name:
import { createWorkspaceClient } from '@stashbase/node-sdk'
const client = createWorkspaceClient(process.env.SB_API_KEY)
const { data, error } = await client.searchSecrets({
project: 'my-project',
name: 'JWT_KEY',
includeValue: true,
})Search by value:
import { createWorkspaceClient } from '@stashbase/node-sdk'
const client = createWorkspaceClient(process.env.SB_API_KEY)
const { data, error } = await client.searchSecrets({
project: 'my-project',
value: 'abc123',
})Parameters
Prop
Type
Exactly one of name or value must be provided.