docs: add compare section

2026-02-08 00:46:23 +01:00 · 2025-08-08 15:14:36 +02:00
14 changed files with 1287 additions and 1508 deletions
--- a/.env.with-ssm
+++ b/.env.with-ssm
@@ -0,0 +1 @@
+PASSWORD=SSM:/test/hfd/rds/DB_USER
--- a/.github/workflows/pipeline-default.yaml
+++ b/.github/workflows/pipeline-default.yaml
@@ -12,13 +12,13 @@ on:
 env:
  environment: test
  release_channel: latest
-  DO_NOT_TRACK: "1"
-  NODE_VERSION: "23.x"
-  NODE_REGISTRY: "https://registry.npmjs.org"
+  DO_NOT_TRACK: '1'
+  NODE_VERSION: '23.x'
+  NODE_REGISTRY: 'https://registry.npmjs.org'
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  DOCKER_REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}
-  PNPM_VERSION: 10.17.0
+  PNPM_VERSION: 10.6.0

 permissions:
  contents: write
@@ -56,8 +56,8 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: "${{ env.NODE_VERSION }}"
-          registry-url: "${{ env.NODE_REGISTRY }}"
+          node-version: '${{ env.NODE_VERSION }}'
+          registry-url: '${{ env.NODE_REGISTRY }}'

      - uses: pnpm/action-setup@v4
        name: Install pnpm
@@ -83,4 +83,3 @@ jobs:
          pnpm publish -r --no-git-checks --access public
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-
--- a/.npmrc
+++ b/.npmrc
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ that get resolved at runtime.
 ## Installation

 ```bash
-npm install -g @morten-olsen/with-ssm
+npm install -g @0morten-olsen/with-ssm
 ```

 ## Quick Start
@@ -117,7 +117,7 @@ override the SSM-resolved values. To avoid this:

 - Use `.env.with-ssm` instead of `.env` for SSM references
 - Or use environment variable substitution if your app supports it:
-  `API_KEY=${API_KEY:-SSM:/myapp/api-key}`
+  `${API_KEY:-SSM:/myapp/api-key}`

 ### 🚀 Deployment Considerations

--- a/bin/bin.js
+++ b/bin/bin.js
@@ -1,2 +1,2 @@
 #!/usr/bin/env node
-import '../dist/index.js';
+import '../dist/start.js';
--- a/package.json
+++ b/package.json
@@ -6,37 +6,37 @@
  "license": "GPL-3.0",
  "scripts": {
    "test:lint": "eslint",
-    "build": "ncc build src/start.ts -s -o dist",
-    "build:dev": "ncc build src/start.ts -s -o dist --watch",
+    "build": "tsc --build",
+    "build:dev": "tsc --build --watch",
    "test:unit": "vitest --run --passWithNoTests",
    "test": "pnpm run \"/^test:/\""
  },
-  "packageManager": "pnpm@10.17.0",
+  "packageManager": "pnpm@10.6.0",
  "files": [
    "dist"
  ],
  "devDependencies": {
-    "@aws-sdk/client-ssm": "^3.947.0",
-    "@aws-sdk/client-sts": "^3.947.0",
-    "@dotenvx/dotenvx": "^1.51.1",
    "@eslint/eslintrc": "3.3.1",
-    "@eslint/js": "9.36.0",
+    "@eslint/js": "9.32.0",
    "@pnpm/find-workspace-packages": "6.0.9",
-    "@types/node": "24.6.2",
-    "@types/yargs": "^17.0.35",
-    "@vercel/ncc": "^0.38.4",
+    "@types/node": "24.2.0",
+    "@types/yargs": "^17.0.33",
    "@vitest/coverage-v8": "3.2.4",
-    "eslint": "9.36.0",
+    "eslint": "9.32.0",
    "eslint-config-prettier": "10.1.8",
    "eslint-plugin-import": "2.32.0",
    "eslint-plugin-prettier": "5.5.4",
-    "execa": "^9.6.1",
    "prettier": "3.6.2",
-    "typescript": "5.9.3",
-    "typescript-eslint": "8.45.0",
-    "vitest": "3.2.4",
-    "yargs": "^18.0.0"
+    "typescript": "5.9.2",
+    "typescript-eslint": "8.39.0",
+    "vitest": "3.2.4"
  },
  "name": "@morten-olsen/with-ssm",
-  "version": "1.0.0"
+  "version": "1.0.0",
+  "dependencies": {
+    "@aws-sdk/client-ssm": "^3.859.0",
+    "dotenv": "^17.2.1",
+    "execa": "^9.6.0",
+    "yargs": "^18.0.0"
+  }
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -1,2 +0,0 @@
-onlyBuiltDependencies:
-  - esbuild
--- a/src/start.ts
+++ b/src/start.ts
@@ -19,7 +19,7 @@ const argv = await yargs(hideBin(process.argv))
    alias: 'f',
    type: 'string',
    description: 'The file to use for environment variables. (multiple files can be specified)',
-    default: ['.env.with-ssm', '.env'],
+    default: ['.env', '.env.with-ssm'],
  })
  .demandCommand(1, 'Error: You must provide a command to execute after --')
  .alias('h', 'help')
@@ -36,10 +36,7 @@ if (!command) {

 const files = argv.file && Array.isArray(argv.file) ? argv.file : [argv.file];
 const hostEnv = await getEnv(files);
-const env = await replaceParams(hostEnv, {
-  region: argv.region,
-  profile: argv.profile,
-});
+const env = await replaceParams(hostEnv);

 exec({
  command,
--- a/src/utils/aws.ts
+++ b/src/utils/aws.ts
@@ -1,20 +0,0 @@
-import { STSClient, GetCallerIdentityCommand } from '@aws-sdk/client-sts';
-
-const ensureAWS = async (region?: string, profile?: string) => {
-  const sts = new STSClient({
-    region,
-    profile,
-  });
-
-  const command = new GetCallerIdentityCommand({});
-
-  try {
-    await sts.send(command);
-  } catch (error) {
-    const errorMessage = error instanceof Error ? error.message : 'Unknown error';
-    console.error('Failed to get caller identity', errorMessage);
-    process.exit(1);
-  }
-};
-
-export { ensureAWS };
--- a/src/utils/cli.ts
+++ b/src/utils/cli.ts
@@ -0,0 +1,14 @@
+const splitArgs = (args: string[]) => {
+  const separatorIndex = args.indexOf('--');
+  const actionArgs = args.slice(0, separatorIndex);
+  const command = args[separatorIndex + 1];
+  const commandArgs = args.slice(separatorIndex + 2);
+
+  return {
+    actionArgs,
+    command,
+    commandArgs,
+  };
+};
+
+export { splitArgs };
--- a/src/utils/env.ts
+++ b/src/utils/env.ts
@@ -2,7 +2,7 @@ import { existsSync } from 'node:fs';
 import { readFile } from 'node:fs/promises';
 import { resolve } from 'node:path';

-import { parse } from '@dotenvx/dotenvx';
+import { parse } from 'dotenv';

 import { debug } from './debug.js';

--- a/src/utils/ssm.ts
+++ b/src/utils/ssm.ts
@@ -1,7 +1,6 @@
-import { GetParametersCommand, SSMClient, type Parameter } from '@aws-sdk/client-ssm';
+import { GetParametersCommand, SSMClient } from '@aws-sdk/client-ssm';

 import { debug } from './debug.js';
-import { ensureAWS } from './aws.js';

 const PREFIX = 'SSM:';

@@ -14,6 +13,11 @@ const replaceParams = async (
  env: Record<string, string | undefined>,
  { region, profile }: ReplaceParamsOptions = {},
 ) => {
+  const ssm = new SSMClient({
+    region,
+    profile,
+  });
+
  const names = Object.entries(env)
    .filter(([, value]) => value?.startsWith(PREFIX))
    .map(([, value]) => value?.slice(PREFIX.length))
@@ -26,47 +30,18 @@ const replaceParams = async (
    return env;
  }

-  await ensureAWS(region, profile);
-  const ssm = new SSMClient({
-    region,
-    profile,
-  });
-  // Chunk names into groups of 10 (AWS SSM GetParametersCommand limit)
-  const chunks: string[][] = [];
-  debug(`Chunking ${names.length} names into groups of 10`);
-  for (let i = 0; i < names.length; i += 10) {
-    chunks.push(names.slice(i, i + 10));
-  }
-
-  debug(`Processing ${chunks.length} chunks`);
-
-  // Fetch parameters in chunks and combine results
-  const allParams: Parameter[] = [];
-  const allInvalidParams: string[] = [];
-
-  for (const chunk of chunks) {
  const command = new GetParametersCommand({
-      Names: chunk,
+    Names: names,
    WithDecryption: true,
  });

  const response = await ssm.send(command);
-
-    if (response.Parameters) {
-      allParams.push(...response.Parameters);
-    }
-
-    if (response.InvalidParameters) {
-      allInvalidParams.push(...response.InvalidParameters);
-    }
-  }
-
-  if (allInvalidParams.length > 0) {
-    console.error('Invalid SSM parameters', allInvalidParams);
+  if (response.InvalidParameters?.length || 0 > 0) {
+    console.error('Invalid SSM parameters', response.InvalidParameters);
    process.exit(1);
  }

-  const params = allParams;
+  const params = response.Parameters ?? [];

  return Object.fromEntries(
    Object.entries(env).map(([key, value]) => {
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -10,7 +10,6 @@
    "resolveJsonModule": true,
    "allowSyntheticDefaultImports": true,
    "skipLibCheck": true,
-    "noEmit": true,
    "outDir": "dist",
    "jsx": "react-jsx",
    "isolatedModules": true,