I'm trying to implement a NodeJS microservice, and I need it to use RabbitMQ.
For the rabbit integration, I'm using 'rascal' (https://github.com/guidesmiths/rascal) since it solves lots of my concerns out of the box.
I noticed that rascal is driven by a config file where you declare the rabbit URL, username, password, and more.
My question is, what is the best practice for protecting those passwords in the rascal config file so it will be
a) not be pushed to git
b) not be exposed so easily
I suggest that loading secrets as environment variables. Rather than JSON, Rascal configurations can also be defined as JavaScript files (see the example from Rascal's repository). Then, secrets can be accessed inside of config file at runtime via process.env.<SECRET_NAME>.
Use amqplib npm module to use a rabbitmq integration on nodejs. I give sample publish consume code on rabbitmq.
Publish code:
var amqp = require('amqplib/callback_api');
amqp.connect('amqp://username:password@localhost:5672', function(err, connection) {
if (err) throw err;
connection.createChannel(function(err, channel) {
if (err) throw err;
var exchange = 'data';
var msg = "Welcome to Node and rabbitMQ";
channel.assertExchange(exchange, 'fanout', {
durable: false
})
channel.publish(exchange, '', Buffer.from(msg));
console.log(msg)
})
})
Consume Code
var amqp = require('amqplib/callback_api');
amqp.connect('amqp://username:password@localhost:5672', function(err0, connection) {
if (err0) throw err0;
connection.createChannel(function(err1, channel) {
if (err1) throw err1;
var exchange = 'data';
channel.assertExchange(exchange, 'fanout', { durable: false })
channel.assertQueue('', {
exclusive: true
}, function(err2, value) {
channel.bindQueue(value.queue, exchange, '');
channel.consume(value.queue, function(msg) {
console.log("message:", msg.content.toString())
}, { noAck: true })
})
})
})
