serverless-plugin-deploy-environment

serverless Coverage Status Build Status

This plugin exposes per-stage deployment variables and deployment environment, and allows users to run commands with the environment of a given stage. The defined deployment environment is automatically merged with the serverless provider environment. It also optionally resolves credstash variables. The benefit of this is that its simpler to manage different variables for each environment, and makes the addition of default environment variables simple.

See our docs for full documentation.

Usage

Basic Usage

provider:
region: us-west-2
custom:
deploy:
variables:
dev:
role: "devRole"
streamArn: "devStream"
staging:
role: "stagingRole"
streamArn: "stagingStream"
environments:
# These will be added to all environments
default:
LAMBDA_LOG_LEVEL: info
LAMBDA_REGION: ${self:provider.region} # All references are resolved
LAMBDA_ES_HOST:
'Fn::GetAtt': [ 'ESCluster', 'DomainEndpoint' ]
dev:
LAMBDA_ES_HOST: localhost
plugins:
- serverless-plugin-deploy-environment

Given this config, running with sls deploy --stage dev would yield the following resolved configuration

deployVariables:
role: "devRole"
streamArn: "devStream"
deployEnvironment:
LAMBDA_LOG_LEVEL: info
LAMBDA_REGION: us-west-2
LAMBDA_ES_HOST: localhost

Running in an Environment

This plugin also exposes a command to run with the stage environment exposed. Give the above config, the command sls runWithEnvironment --command 'echo $LAMBDA_ES_HOST' --stage 'dev' will output localhost.

Production Usage

The way that we use this at Doppler is that we have two separate configuration files at config/deploy.yml and config/variables.yml. All of the variables defined in deploy.yml will become environment variables, and everything in variables.yml are internal variables used to resolve references elsewhere in serverless.yml. Then, in our main serverless.yml file, we have

custom:
deploy:
variables: ${file(config/variables.yml)}
environments: ${file(config/deploy.yml)}
provider:
# ... Other static properties
domain: ${self:deployVariables.domain}
role: ${self:deployVariables.role}

Credstash

This plugin also offers the ability to resolve credstash secrets anywhere in the Serverless configuration. First, set up credstash by following the instructions here. Then, in your configuration file, you can add:

custom:
deploy:
environments:
staging:
MY_PASSWORD: ${credstash:stagingPassword}
production:
MY_PASSWORD: ${credstash:productionPassword}

Please note that because these are resolved at build time, the plain-text passwords WILL be viewable in Cloudformation and on the Lambda dashboard.

Version History

  • 2.1.0
    • Fix merge mutation issue (Thanks @onhate!)
  • 2.0.2
    • Fix CLI warning (Thanks @onhate!)
  • 2.0.1
    • Dependency security updates
  • 2.0.0
    • Require a more modern version of node and remove the old babel runtime dependency.
  • 1.2.0
    • Allow default stage population for variables (Thanks @FluxAugur!)
  • 1.1.0
    • Change invocation target, to play nicely with other offline plugins (like serverless-offline-sns)
  • 1.0.3
    • Fix packaging issue
  • 1.0.2
    • Bump version of credstash to deal with change in API (Thanks @concon121)
  • 1.0.1
    • Fix publishing issue
  • 1.0.0
    • Initial release