Not working in combination with `serverless-secrets-plugin`?

QAnders commented 6 years ago

`plugins:

serverless-secrets-plugin
serverless-kms-secrets`

If I have serverless-secrets-plugin as well as serverless-kms-secrets and try to add a "KMS variable" I get error:

ServerlessError: This command requires the --password option / -p shortcut. Usage: Password to encrypt the file.
    at _.forEach (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/classes/PluginManager.js:428:15)
    at /mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/lodash/lodash.js:4925:15
    at baseForOwn (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/lodash/lodash.js:3010:24)
    at /mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/lodash/lodash.js:4894:18
    at Function.forEach (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/lodash/lodash.js:9342:14)
    at PluginManager.validateOptions (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/classes/PluginManager.js:415:7)
    at PluginManager.invoke (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/classes/PluginManager.js:359:10)
    at PluginManager.run (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/classes/PluginManager.js:403:17)
    at variables.populateService.then (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/Serverless.js:102:33)
    at runCallback (timers.js:756:18)
    at tryOnImmediate (timers.js:717:5)
    at processImmediate [as _immediateCallback] (timers.js:697:5)
From previous event:
    at Serverless.run (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/lib/Serverless.js:89:74)
    at serverless.init.then (/mnt/d/Q/GitHub-Repos/qvalia-peppol-serverless/node_modules/serverless/bin/serverless:42:50)
    at <anonymous>

QAnders commented 6 years ago

I've tried to just rename the commands and hooks to kmsencrypt and kmsdecrypt and that seems to do it. It no longer "collides" with serverless-secrets-plugin

mpuittinen commented 6 years ago

What's the use cases of using both serverless-secrets and serverless-kms-secrets?

QAnders commented 6 years ago

We have the "common/not so secret" parameters in serverless-secrets and want to have "more secret" things (e.g. private keys, passwords, API keys) in KMS. The main reason for not using only KMS is latency as pretty much all our Lambdas are using some env.var from "secrets" but only a few are using "KMS secrets"... Does that make sense?

(Kiitos Paljon!)

nordcloud / serverless-kms-secrets

Not working in combination with `serverless-secrets-plugin`? #17