Newer
Older
Connor Brathwaite
committed
const is = require('@sindresorhus/is');
const crypto = require('crypto');
const { maskToken } = require('../datasource/npm');
module.exports = {
decryptConfig,
};
function decryptConfig(config, privateKey) {
logger.trace({ config }, 'decryptConfig()');
const decryptedConfig = { ...config };
for (const [key, val] of Object.entries(config)) {
Connor Brathwaite
committed
if (key === 'encrypted' && is.object(val)) {
logger.debug({ config: val }, 'Found encrypted config');
if (privateKey) {
for (const [eKey, eVal] of Object.entries(val)) {
.privateDecrypt(privateKey, Buffer.from(eVal, 'base64'))
logger.info(`Decrypted ${eKey}`);
if (eKey === 'npmToken') {
const token = decryptedStr.replace(/\n$/, '');
logger.info({ token: maskToken(token) }, 'Migrating npmToken to npmrc');
decryptedConfig.npmrc = `//registry.npmjs.org/:_authToken=${token}\n`;
decryptedConfig[eKey] = decryptedStr;
logger.warn({ err }, `Error decrypting ${eKey}`);
}
}
} else {
logger.error('Found encrypted data but no privateKey');
}
delete decryptedConfig.encrypted;
Connor Brathwaite
committed
} else if (is.array(val)) {
decryptedConfig[key] = [];
val.forEach(item => {
Connor Brathwaite
committed
if (is.object(item) && !is.array(item)) {
decryptedConfig[key].push(decryptConfig(item, privateKey));
} else {
decryptedConfig[key].push(item);
}
});
Connor Brathwaite
committed
} else if (is.object(val) && key !== 'content') {
decryptedConfig[key] = decryptConfig(val, privateKey);
}
}
delete decryptedConfig.encrypted;
logger.trace({ config: decryptedConfig }, 'decryptedConfig');