In order to support GCP secrets manager on Cloud Run, this adds a key service option which takes a key encryption key (KEK) as a base64 encoded string. This is to support storing the KEK in GCP secrets manager and then attaching it to the cloud run service as an env var at runtime.
Test Plan
run the tests npm test
run the example node examples/kekService/index.js (should output Hello, world!)
Summary
In order to support GCP secrets manager on Cloud Run, this adds a key service option which takes a key encryption key (KEK) as a base64 encoded string. This is to support storing the KEK in GCP secrets manager and then attaching it to the cloud run service as an env var at runtime.
Test Plan
npm test
node examples/kekService/index.js
(should outputHello, world!
)