feat: ability to pass in API key via env vars

README.md

@@ -98,6 +98,12 @@ For local CLI usage with a single project, you can authenticate `rdme` to your R
 > **Warning**
 > For security reasons, we strongly recommend providing a project API key via the `--key` option in automations or CI environments (GitHub Actions, CircleCI, Travis CI, etc.). It's also recommended if you're working with multiple ReadMe projects to avoid accidentally overwriting existing data.
 
+You can also pass in your API key via the `RDME_API_KEY` environmental variable. Here is the order of precedence when passing your API key into `rdme`:
+
+1. The `--key` option. If that isn't present, we look for...
+1. The `RDME_API_KEY` environmental variable. If that isn't present, we look for...
+1. The API key value stored in your local configuration file (i.e., the one set via `rdme login`)
+
 `rdme whoami` is also available to you to determine who is logged in, and to what project. You can clear your stored credentials with `rdme logout`.
 
 ### Proxy

__tests__/index.test.ts

@@ -92,16 +92,16 @@ describe('cli', () => {
     await expect(cli([])).resolves.toContain('OpenAPI / Swagger');
   });
 
-  describe('stored API key', () => {
+  describe('stored API key via configstore', () => {
     let consoleInfoSpy;
     const key = '123456';
     const getCommandOutput = () => {
       return [consoleInfoSpy.mock.calls.join('\n\n')].filter(Boolean).join('\n\n');
     };
 
     beforeEach(() => {
-      conf.set('email', '[email protected]');
-      conf.set('project', 'project-owlbert');
+      conf.set('email', 'owlbert-store@readme.io');
+      conf.set('project', 'project-owlbert-store');
       conf.set('apiKey', key);
       consoleInfoSpy = jest.spyOn(console, 'info').mockImplementation();
     });
@@ -134,7 +134,7 @@ describe('cli', () => {
       );
 
       expect(getCommandOutput()).toMatch(
-        '[email protected] is currently logged in, using the stored API key for this project: project-owlbert'
+        'owlbert-store@readme.io is currently logged in, using the stored API key for this project: project-owlbert-store'
       );
     });
 
@@ -147,6 +147,61 @@ describe('cli', () => {
     });
   });
 
+  describe('stored API key via env vars', () => {
+    let consoleInfoSpy;
+    const key = '123456-env';
+    const getCommandOutput = () => {
+      return [consoleInfoSpy.mock.calls.join('\n\n')].filter(Boolean).join('\n\n');
+    };
+
+    beforeEach(() => {
+      process.env.RDME_API_KEY = key;
+      process.env.RDME_EMAIL = '[email protected]';
+      process.env.RDME_PROJECT = 'project-owlbert-env';
+      consoleInfoSpy = jest.spyOn(console, 'info').mockImplementation();
+    });
+
+    afterEach(() => {
+      consoleInfoSpy.mockRestore();
+      delete process.env.RDME_API_KEY;
+      delete process.env.RDME_EMAIL;
+      delete process.env.RDME_PROJECT;
+    });
+
+    it('should add stored apiKey to opts', async () => {
+      expect.assertions(1);
+      const version = '1.0.0';
+
+      const versionMock = getAPIMock()
+        .get(`/api/v1/version/${version}`)
+        .basicAuth({ user: key })
+        .reply(200, { version });
+
+      await expect(cli(['docs', `--version=${version}`])).rejects.toStrictEqual(
+        new Error('No path provided. Usage `rdme docs <path> [options]`.')
+      );
+
+      conf.clear();
+      versionMock.done();
+    });
+
+    it('should not inform a logged in user which project is being updated', async () => {
+      await expect(cli(['openapi', '--create', '--update'])).rejects.toThrow(
+        'The `--create` and `--update` options cannot be used simultaneously. Please use one or the other!'
+      );
+
+      expect(getCommandOutput()).toBe('');
+    });
+
+    it('should not inform a logged in user when they pass their own key', async () => {
+      await expect(cli(['openapi', '--create', '--update', '--key=asdf'])).rejects.toThrow(
+        'The `--create` and `--update` options cannot be used simultaneously. Please use one or the other!'
+      );
+
+      expect(getCommandOutput()).toBe('');
+    });
+  });
+
   it('should error with `rdme oas` arguments passed in', async () => {
     await expect(cli(['oas', 'endpoint'])).rejects.toThrow(/.*/);
   });

src/cmds/open.ts

@@ -5,7 +5,7 @@ import config from 'config';
 import open from 'open';
 
 import Command, { CommandCategories } from '../lib/baseCommand';
-import configStore from '../lib/configstore';
+import getStoredConfig from '../lib/getStoredConfig';
 import { getProjectVersion } from '../lib/versionSelect';
 
 export interface Options {
@@ -35,7 +35,7 @@ export default class OpenCommand extends Command {
     await super.run(opts);
 
     const { dash } = opts;
-    const project = configStore.get('project');
+    const { apiKey, project } = getStoredConfig();
     Command.debug(`project: ${project}`);
 
     if (!project) {
@@ -45,7 +45,7 @@ export default class OpenCommand extends Command {
     let url: string;
 
     if (dash) {
-      const key = configStore.get('apiKey');
+      const key = apiKey;
       if (!key) {
         return Promise.reject(new Error(`Please login using \`${config.get('cli')} login\`.`));
       }

src/cmds/whoami.ts

@@ -4,7 +4,7 @@ import chalk from 'chalk';
 import config from 'config';
 
 import Command, { CommandCategories } from '../lib/baseCommand';
-import configStore from '../lib/configstore';
+import getStoredConfig from '../lib/getStoredConfig';
 
 export default class WhoAmICommand extends Command {
   constructor() {
@@ -21,14 +21,14 @@ export default class WhoAmICommand extends Command {
   async run(opts: CommandOptions<{}>) {
     await super.run(opts);
 
-    if (!configStore.has('email') || !configStore.has('project')) {
+    const { email, project } = getStoredConfig();
+
+    if (!email || !project) {
       return Promise.reject(new Error(`Please login using \`${config.get('cli')} login\`.`));
     }
 
     return Promise.resolve(
-      `You are currently logged in as ${chalk.green(configStore.get('email'))} to the ${chalk.blue(
-        configStore.get('project')
-      )} project.`
+      `You are currently logged in as ${chalk.green(email)} to the ${chalk.blue(project)} project.`
     );
   }
 }

src/index.ts

@@ -21,12 +21,12 @@ process.env.NODE_CONFIG_DIR = configDir;
 import { version } from '../package.json';
 
 import * as commands from './lib/commands';
-import configStore from './lib/configstore';
 import * as help from './lib/help';
 import { debug } from './lib/logger';
 import createGHA from './lib/createGHA';
 import type Command from './lib/baseCommand';
 import type { CommandOptions } from './lib/baseCommand';
+import getStoredConfig from './lib/getStoredConfig';
 
 /**
  * @param {Array} processArgv - An array of arguments from the current process. Can be used to mock
@@ -117,7 +117,9 @@ export default function rdme(processArgv: NodeJS.Process['argv']) {
       cmdArgv = cliArgs(bin.args, { partial: true, argv: processArgv.slice(1) });
     }
 
-    cmdArgv = { key: configStore.get('apiKey'), ...cmdArgv };
+    const { apiKey: key } = getStoredConfig();
+
+    cmdArgv = { key, ...cmdArgv };
 
     return bin.run(cmdArgv).then((msg: string) => {
       if (bin.supportsGHA) {

src/lib/baseCommand.ts

@@ -6,6 +6,7 @@ import type { OptionDefinition } from 'command-line-usage';
 import chalk from 'chalk';
 
 import configstore from './configstore';
+import getStoredConfig from './getStoredConfig';
 import isCI from './isCI';
 import { debug, info, warn } from './logger';
 import loginFlow from './loginFlow';
@@ -88,12 +89,13 @@ export default class Command {
     Command.debug(`opts: ${JSON.stringify(opts)}`);
 
     if (this.args.some(arg => arg.name === 'key')) {
+      const { apiKey, email, project } = getStoredConfig();
+
+      // We only want to log this if the API key is stored in the configstore, **not** in an env var.
       if (opts.key && configstore.get('apiKey') === opts.key) {
         info(
-          `🔑 ${chalk.green(
-            configstore.get('email')
-          )} is currently logged in, using the stored API key for this project: ${chalk.blue(
-            configstore.get('project')
+          `🔑 ${chalk.green(email)} is currently logged in, using the stored API key for this project: ${chalk.blue(
+            project
           )}`,
           { includeEmojiPrefix: false }
         );
@@ -107,7 +109,7 @@ export default class Command {
         const result = await loginFlow();
         info(result, { includeEmojiPrefix: false });
         // eslint-disable-next-line no-param-reassign
-        opts.key = configstore.get('apiKey');
+        opts.key = apiKey;
       }
     }
 

src/lib/getStoredConfig.ts

@@ -0,0 +1,13 @@
+import configstore from './configstore';
+
+/**
+ * Retrieves stored user data values from env variables or configstore,
+ * with env variables taking precedent
+ */
+export default function getStoredConfig(): { apiKey?: string; email?: string; project?: string } {
+  const apiKey = process.env.RDME_API_KEY || configstore.get('apiKey');
+  const email = process.env.RDME_EMAIL || configstore.get('email');
+  const project = process.env.RDME_PROJECT || configstore.get('project');
+
+  return { apiKey, email, project };
+}

src/lib/loginFlow.ts

@@ -4,6 +4,7 @@ import isEmail from 'validator/lib/isEmail';
 
 import configStore from './configstore';
 import fetch, { handleRes } from './fetch';
+import getStoredConfig from './getStoredConfig';
 import { debug } from './logger';
 import promptTerminal from './promptWrapper';
 
@@ -29,12 +30,13 @@ function loginFetch(body: LoginBody) {
  * @returns A Promise-wrapped string with the logged-in user's credentials
  */
 export default async function loginFlow() {
+  const storedConfig = getStoredConfig();
   const { email, password, project } = await promptTerminal([
     {
       type: 'text',
       name: 'email',
       message: 'What is your email address?',
-      initial: configStore.get('email'),
+      initial: storedConfig.email,
       validate(val) {
         return isEmail(val) ? true : 'Please provide a valid email address.';
       },
@@ -48,7 +50,7 @@ export default async function loginFlow() {
       type: 'text',
       name: 'project',
       message: 'What project are you logging into?',
-      initial: configStore.get('project'),
+      initial: storedConfig.project,
     },
   ]);