import { DmnoBaseTypes, defineDmnoService, switchBy } from 'dmno';import { EncryptedVaultDmnoPlugin, EncryptedVaultTypes } from '@dmno/encrypted-vault-plugin';import { OnePasswordDmnoPlugin, OnePasswordTypes } from '@dmno/1password-plugin'; // use a plugin to fetch secrets from a secure backend like 1Passwordconst OnePass = new OnePasswordDmnoPlugin('1pass', { token: configPath('OP_TOKEN'),});// or store them encrypted within your repoconst MyProdVault = new EncryptedVaultDmnoPlugin('vault', { key: configPath('DMNO_VAULT_KEY'),}); export default defineDmnoService({ settings: { // automatically detect and prevent leaks interceptSensitiveLeakRequests: true, redactSensitiveLogs: true, preventClientLeaks: true, }, // re-use items defined in other services pick: ['API_KEY', 'DB_URL', 'DMNO_ENV'], // more config specific to this service schema: { DMNO_VAULT_KEY: { // re-use existing types with validation and docs info built-in extends: EncryptedVaultTypes.encryptionKey, }, OP_TOKEN: { extends: OnePasswordTypes.serviceAccountToken, }, SAAS_API_KEY: { // load different values based on any other value value: switchBy('DMNO_ENV', { _default: 'my-dev-key', production: MyProdVault.item(), }), }, SAAS_PROJECT_TAG: { // use a function to set a value - reference any other config value: (ctx) => `myapp_${DMNO_CONFIG.DMNO_ENV}`, }, }});
Use something else? 💪 Join us on discord and help us build the next one!