Fetch AWS Secrets from Secrets Manager

const AWS = require("aws-sdk");
const fs = require("fs");
const path = require("path");
const dotenv = require("dotenv");

dotenv.config();

// Replace with your AWS access credentials
const accessKeyId = process.env.AWS_ACCESS_KEY_ID;
const secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
const region = process.env.AWS_REGION;

// Initialize the AWS SDK Secrets Manager client
const secretsManager = new AWS.SecretsManager({
  accessKeyId,
  secretAccessKey,
  region,
});

// Function to convert secret object to KEY="VALUE" format
function formatSecretContent(secretObj) {
  return Object.entries(secretObj)
    .map(([key, value]) => `${key}="${value}"`)
    .join("\n");
}

// Function to fetch all secrets
async function fetchAndStoreSecrets() {
  let secrets = [];
  let nextToken = null;

  try {
    // Create the secrets folder if it doesn't exist
    const secretsFolderPath = path.join(__dirname, "secrets");
    if (!fs.existsSync(secretsFolderPath)) {
      fs.mkdirSync(secretsFolderPath, { recursive: true });
    }

    do {
      const params = nextToken ? { NextToken: nextToken } : {};
      const data = await secretsManager.listSecrets(params).promise();
      secrets = secrets.concat(data.SecretList);
      nextToken = data.NextToken;
    } while (nextToken);

    await Promise.all(
      secrets.map(async (secret) => {
        try {
          const secretValue = await secretsManager
            .getSecretValue({ SecretId: secret.ARN })
            .promise();
          const secretContent =
            secretValue.SecretString ||
            Buffer.from(secretValue.SecretBinary, "base64").toString("utf-8");

          // Parse the secret content and format it
          const parsedSecret = JSON.parse(secretContent);
          const formattedContent = formatSecretContent(parsedSecret);

          // Write the secret to a .env file inside the secrets folder
          const envFilePath = path.join(
            secretsFolderPath,
            `${secret.Name}.env`
          );
          fs.writeFileSync(envFilePath, formattedContent);

          console.log(`Stored secret: ${secret.Name} in: ${envFilePath}`);
        } catch (err) {
          console.error(`Failed to fetch or store secret: ${secret.Name}`, err);
        }
      })
    );

    console.log("All secrets fetched and stored successfully.");
  } catch (error) {
    console.error("Error fetching secrets:", error);
  }
}

// Invoke the function
fetchAndStoreSecrets();