agz / laravel-gcp-secret-injector
Include GCP secrets in you laravel environment without explicitly declaring them in your .env files
Requires
- php: ^7.4|^8.0
- ext-bcmath: *
- google/cloud-secret-manager: ^1.13
Requires (Dev)
- phpunit/phpunit: ^9.0
README
This package helps load sensitive data from you Google Cloud Secret Manager into your laravel environment instead of explictly defining it in your .env file.
Prerequisite
You need to already have google/cloud-secret-manager
installed in your project.
Installation
You can install this package via composer:
composer require agz/laravel-secret-injector
To publish the config file run the vendor publish command:
php artisan vendor:publish --tag=gcp-secret-injector
Configuration
After publishing the secret inject assets, its configuration will be located at config/secret-injector.php. The configuration allows you to configure you environmental variables against the your Google Cloud secrets.
return [
'project_id' => env('GOOGLE_CLOUD_PROJECT'),
'includedEnvs' => ['production'],
'secrets' => []
];
The project_id
points to your google cloud project id. The includedEnvs
tells configures what environments which you want the library to be active. For example, by default is configured to be just production. Meaning that once your APP_ENV is set to production, then the library will pull secrets from your Google Cloud Secret Manager in to your environment.
The secrets
is used to configure what environmental variables should point to which secrets.
'secrets' => [
'ENVIROMENTAL_VARIABLE' => 'SECRET_NAME:VERSION',
]
For example:
'secrets' => [
'APP_KEY' => 'APP_KEY:latest',
'DB_PASSWORD' => 'DB_PASSWORD:1',
]
Testing
composer test
Contributors
License
The MIT License (MIT). Please see License File for more information.