From 1df2a757e99bb98d6b596f4c95be0bc706ec02da Mon Sep 17 00:00:00 2001
From: Thomas Schaaf <thomas.schaaf@komola.de>
Date: Mon, 8 Oct 2018 14:40:36 +0200
Subject: [PATCH 1/4] Make it possible to disable the plugin via an option in
 the serverless.yml

---
 README.md       |  2 ++
 plugin/index.js | 25 +++++++++++++++----------
 2 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 4dac672..4ae5a4b 100644
--- a/README.md
+++ b/README.md
@@ -137,6 +137,8 @@ is unable to be retrieved. Default value: `true`.
 The following options apply only to the custom section as they are only used in deploy/package CLI
 operations:
 
+- `enabled` - boolean: If set to false, the plugin is disabled. This is useful for local development.
+Default value: `true`.
 - `skipValidation` - boolean: If set to true, validation of the existence of your secrets in
 your provider's secret store will not be performed during deployment/packaging operations.
 Default value: `false`.
diff --git a/plugin/index.js b/plugin/index.js
index 6f0b10f..35b5270 100644
--- a/plugin/index.js
+++ b/plugin/index.js
@@ -110,16 +110,21 @@ class ServerlessSecrets {
       'secrets:delete:delete': this.deleteSecret.bind(this),
       'secrets:list-remote:list-remote': this.listRemoteSecretNames.bind(this),
       'secrets:validate:validate': this.validateSecrets.bind(this),
-      'before:package:setupProviderConfiguration': this.setIamPermissions.bind(this),
-      'before:package:createDeploymentArtifacts': this.packageSecrets.bind(this),
-      'after:package:createDeploymentArtifacts': this.cleanupPackageSecrets.bind(this),
-      'before:deploy:function:packageFunction': this.packageSecrets.bind(this),
-      'after:deploy:function:packageFunction': this.cleanupPackageSecrets.bind(this),
-      'before:offline:start': this.packageSecrets.bind(this),
-      'before:offline:start:init': this.packageSecrets.bind(this),
-      'before:offline:start:end': this.cleanupPackageSecrets.bind(this),
-      'before:invoke:local:invoke': this.packageSecrets.bind(this),
-      'after:invoke:local:invoke': this.cleanupPackageSecrets.bind(this)
+    };
+
+    if (options.enabled) {
+      this.hooks = Object.assign(this.hooks, {
+        'before:package:setupProviderConfiguration': this.setIamPermissions.bind(this),
+        'before:package:createDeploymentArtifacts': this.packageSecrets.bind(this),
+        'after:package:createDeploymentArtifacts': this.cleanupPackageSecrets.bind(this),
+        'before:deploy:function:packageFunction': this.packageSecrets.bind(this),
+        'after:deploy:function:packageFunction': this.cleanupPackageSecrets.bind(this),
+        'before:offline:start': this.packageSecrets.bind(this),
+        'before:offline:start:init': this.packageSecrets.bind(this),
+        'before:offline:start:end': this.cleanupPackageSecrets.bind(this),
+        'before:invoke:local:invoke': this.packageSecrets.bind(this),
+        'after:invoke:local:invoke': this.cleanupPackageSecrets.bind(this)
+      });
     }
   }
 

From f2be6d2849f3db0440e40aabb705279eb3a37384 Mon Sep 17 00:00:00 2001
From: Thomas Schaaf <thomas.schaaf@finanzcheck.de>
Date: Mon, 8 Oct 2018 14:44:14 +0200
Subject: [PATCH 2/4] Use object assign correctly.

---
 plugin/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugin/index.js b/plugin/index.js
index 35b5270..c58fc2d 100644
--- a/plugin/index.js
+++ b/plugin/index.js
@@ -113,7 +113,7 @@ class ServerlessSecrets {
     };
 
     if (options.enabled) {
-      this.hooks = Object.assign(this.hooks, {
+      Object.assign(this.hooks, {
         'before:package:setupProviderConfiguration': this.setIamPermissions.bind(this),
         'before:package:createDeploymentArtifacts': this.packageSecrets.bind(this),
         'after:package:createDeploymentArtifacts': this.cleanupPackageSecrets.bind(this),

From 24c0c4c508c69547227d87c6e6ffb793f60a00e4 Mon Sep 17 00:00:00 2001
From: sebastianhoitz <hoitz@komola.de>
Date: Mon, 22 Oct 2018 11:50:44 +0200
Subject: [PATCH 3/4] Move conditional execution to actual method

---
 plugin/index.js | 41 ++++++++++++++++++++++++++---------------
 1 file changed, 26 insertions(+), 15 deletions(-)

diff --git a/plugin/index.js b/plugin/index.js
index c58fc2d..351271c 100644
--- a/plugin/index.js
+++ b/plugin/index.js
@@ -110,21 +110,16 @@ class ServerlessSecrets {
       'secrets:delete:delete': this.deleteSecret.bind(this),
       'secrets:list-remote:list-remote': this.listRemoteSecretNames.bind(this),
       'secrets:validate:validate': this.validateSecrets.bind(this),
-    };
-
-    if (options.enabled) {
-      Object.assign(this.hooks, {
-        'before:package:setupProviderConfiguration': this.setIamPermissions.bind(this),
-        'before:package:createDeploymentArtifacts': this.packageSecrets.bind(this),
-        'after:package:createDeploymentArtifacts': this.cleanupPackageSecrets.bind(this),
-        'before:deploy:function:packageFunction': this.packageSecrets.bind(this),
-        'after:deploy:function:packageFunction': this.cleanupPackageSecrets.bind(this),
-        'before:offline:start': this.packageSecrets.bind(this),
-        'before:offline:start:init': this.packageSecrets.bind(this),
-        'before:offline:start:end': this.cleanupPackageSecrets.bind(this),
-        'before:invoke:local:invoke': this.packageSecrets.bind(this),
-        'after:invoke:local:invoke': this.cleanupPackageSecrets.bind(this)
-      });
+      'before:package:setupProviderConfiguration': this.setIamPermissions.bind(this),
+      'before:package:createDeploymentArtifacts': this.packageSecrets.bind(this),
+      'after:package:createDeploymentArtifacts': this.cleanupPackageSecrets.bind(this),
+      'before:deploy:function:packageFunction': this.packageSecrets.bind(this),
+      'after:deploy:function:packageFunction': this.cleanupPackageSecrets.bind(this),
+      'before:offline:start': this.packageSecrets.bind(this),
+      'before:offline:start:init': this.packageSecrets.bind(this),
+      'before:offline:start:end': this.cleanupPackageSecrets.bind(this),
+      'before:invoke:local:invoke': this.packageSecrets.bind(this),
+      'after:invoke:local:invoke': this.cleanupPackageSecrets.bind(this)
     }
   }
 
@@ -144,6 +139,10 @@ class ServerlessSecrets {
     }
   }
 
+  isEnabled () {
+    return _.get(this.serverless.service, 'custom.serverlessSecrets.enabled', true)
+  }
+
   setSecret () {
     let value
     if (this.options.file) {
@@ -201,11 +200,19 @@ class ServerlessSecrets {
   }
 
   cleanupPackageSecrets () {
+    if (!this.isEnabled()) {
+      return
+    }
+
     this.serverless.cli.log(`Cleaning up ${constants.CONFIG_FILE_NAME}`)
     if (fs.existsSync(constants.CONFIG_FILE_NAME)) fs.unlinkSync(constants.CONFIG_FILE_NAME)
   }
 
   packageSecrets () {
+    if (!this.isEnabled()) {
+      return
+    }
+
     this.deployMode = true
     this.serverless.cli.log('Serverless Secrets beginning packaging process')
     this.writeConfigFile()
@@ -275,6 +282,10 @@ class ServerlessSecrets {
   }
 
   setIamPermissions () {
+    if (!this.isEnabled()) {
+      return
+    }
+
     let iamRoleStatements = _.get(this.serverless.service, 'provider.iamRoleStatements', null)
     if (!iamRoleStatements) {
       _.set(this.serverless.service, 'provider.iamRoleStatements', [])

From 34d189cac143ff16e1d2e5ebab58761dc377545c Mon Sep 17 00:00:00 2001
From: sebastianhoitz <hoitz@komola.de>
Date: Mon, 22 Oct 2018 12:00:06 +0200
Subject: [PATCH 4/4] Apply lazy-handling of resolved config for skipValidation

---
 plugin/index.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/plugin/index.js b/plugin/index.js
index 351271c..2c39065 100644
--- a/plugin/index.js
+++ b/plugin/index.js
@@ -143,6 +143,10 @@ class ServerlessSecrets {
     return _.get(this.serverless.service, 'custom.serverlessSecrets.enabled', true)
   }
 
+  skipValidation () {
+    return this.options.skipValidation || this.config.options.skipValidation || _.get(this.serverless.service, 'custom.serverlessSecrets.skipValidation', false)
+  }
+
   setSecret () {
     let value
     if (this.options.file) {
@@ -301,7 +305,7 @@ class ServerlessSecrets {
   }
 
   validateSecrets () {
-    if (this.deployMode && (this.options.skipValidation || this.config.options.skipValidation)) {
+    if (this.deployMode && this.skipValidation()) {
       return Promise.resolve()
     }
     this.serverless.cli.log('Validating secrets')