Stashbase
Workspace Clien

Secrets

Manage secrets

This API allows you to manage secrets in selected environments.

Make sure the API Key has the necessary permissions.

Method parameters

When using this API you need to pass the project name or ID and environment name or ID to the secrets method.

// pass the project and environment to the secrets method
await stashbase.secrets({ project: 'my-project', environment: 'api-dev' }).list()

Get

Get single secret by its name.

Parameters

This takes two parameters.

Prop

Type

Options

An object with the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .get('JWT_SECRET')

if (error) {
  // handle error
} else {
  // do something with the data
}

Get metadata

Get operational metadata for a single secret by name.

Parameters

This method takes one parameter.

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .getMetadata('JWT_SECRET')

if (error) {
  // handle error
} else {
  // do something with the metadata
  console.log(data)
}

List

List all secrets in the selected environment.

Parameters

This method takes single optional object parameter.

Prop

Type

Options

An object with the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .list()

if (error) {
  // handle error
} else {
  // do something with the data
}

List metadata

List operational metadata for all visible secrets in the selected environment.

Parameters

This method does not take parameters.

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .listMetadata()

if (error) {
  // handle error
} else {
  // do something with the metadata list
  console.log(data)
}

List only

List only selected secrets.

Parameters

This method takes two parameters.

Prop

Type

Options

An object with the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .listOnly(['DB_USER', 'DB_PASSWORD', 'DB_HOST'])

if (error) {
  // handle error
} else {
  // do something with the data
}

List exclude

List all secrets except the excluded ones.

Parameters

This method takes object parameter with the following properties:

Prop

Type

Options

An object with the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'my-project', environment: 'api-dev' })
  .listExclude(['DB_URL', 'DB_USER', 'DB_PASSWORD'])

if (error) {
  // handle error
} else {
  // do something with the data
}

Create

With this method you can easily create new secrets in the selected environment. The data proprety returns createdCount and duplicateSecrets array of strings.

Parameters

This method takes a single array parameter:

Prop

Type

Data

An array of objects CreateSecretsItem containing the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'project', environment: 'api-dev' })
  .create([
    {
      name: 'DATABASE_URL',
      value: 'postgres://user:password@localhost:5432/dbname',
    },
  ])

// check for error
if (error) {
  // handle error
} else {
  // do something with the data
  console.log(data.createdCount)
  console.log(data.duplicateSecrets)
}

Upsert

With this method you can easily upsert secrets. One key difference from the create method is the fact that this method will create the secret if it does not exist or update if it exists. The data property returns secret names using createdSecrets and updatedSecrets properties.

Parameters

This method takes a single array parameter:

Prop

Type

Data

An array of objects SetSecretsItem containing the following properties:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'project', environment: 'api-dev' })
  .set([
    {
      name: 'DATABASE_URL',
      value: 'postgres://user:password@localhost:5432/dbname',
    },
  ])

// check for error
if (error) {
  // handle error
} else {
  // do something with the data
  console.log(data.createdSecrets)
  console.log(data.updatedSecrets)
}

Update

Update existing secrets. The data proprety returns updatedCount and notFoundSecrets array of strings.

Parameters

This method takes a single array parameter:

Prop

Type

Data

An array of objects UpdateSecretsItem where name is the currrent name of the secret to update and at least one of the additional properties is required:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'project', environment: 'api-dev' })
  .update([
    {
      name: 'DATABASE_URL',
      newName: 'DB_URL',
      value: 'postgres://user:password@localhost:5432/dbname',
    },
  ])

if (error) {
  // handle error
} else {
  // ok
}

Delete

Delete existing secrets. The data proprety returns deletedCount and notFoundsecrets array of strings.

Parameters

This method takes a single array parameter:

Prop

Type

Example

const { data, error } = await stashbase
  .secrets({ project: 'project', environment: 'api-dev' })
  .delete(['JWT_SECRET'])

// check for error
if (error) {
  // handle error
} else {
  // ok
  console.log(data.deletedCount)
  console.log(data.notFoundSecrets)
}

Delete all

Delete all secrets in the environment The data proprety returns property deletedCount (number).

Use carefully, this method deletes all secrets in the environment.

Parameters

This method takes no parameters.

Example

const { data, error } = await stashbase
  .secrets({ project: 'project', environment: 'api-dev' })
  .deleteAll()

// check for error
if (error) {
  // handle error
} else {
  // ok
  console.log(data.deletedCount)
}

Search secrets

Use the root workspace client method searchSecrets to search secrets in a project. This method is project-scoped and does not require environment.

Examples

Search by name:

import { createWorkspaceClient } from '@stashbase/node-sdk'

const client = createWorkspaceClient(process.env.SB_API_KEY)

const { data, error } = await client.searchSecrets({
  project: 'my-project',
  name: 'JWT_KEY',
  includeValue: true,
})

Search by value:

import { createWorkspaceClient } from '@stashbase/node-sdk'

const client = createWorkspaceClient(process.env.SB_API_KEY)

const { data, error } = await client.searchSecrets({
  project: 'my-project',
  value: 'abc123',
})

Parameters

Prop

Type

Exactly one of name or value must be provided.

On this page