Skip to main content

Function Signature

async function maybeSecretStrings(
  key: string
): Promise<string[] | undefined>

Parameters

key
string
required
The environment variable name that points to the secret file path

Returns

Promise<string[] | undefined> - An array of strings from the secret file, or undefined if not found

How It Works

This is the optional variant of secretStrings. It reads secrets from the filesystem without throwing errors when the file is missing:
  1. Checks if the environment variable key contains a file path
  2. If no path is set, defaults to /run/secrets/{key}
  3. Reads the file contents and splits by comma
  4. Trims whitespace from each value and filters out empty strings
  5. Returns undefined if the secret file doesn’t exist (instead of throwing)

Difference from secretStrings

  • maybeSecretStrings: Returns undefined when the secret file is missing
  • secretStrings: Throws an error when the secret file is missing (unless a fallback is provided)
Use maybeSecretStrings for truly optional list secrets where absence is a valid state.

Example

import { maybeSecretStrings } from "@nore/load-env"

// Returns undefined if the secret doesn't exist
export const ALLOWED_ORIGINS = await maybeSecretStrings("ALLOWED_ORIGINS")

const origins = ALLOWED_ORIGINS ?? ["http://localhost:3000"]
console.log(`Allowed origins: ${origins.join(", ")}`)

Secret File Format

The secret file should contain comma-separated values: 
value1, value2, value3
Or: 
value1,value2,value3
Whitespace around values is automatically trimmed.

Error Handling

Returns undefined if:
  • The secret file doesn’t exist
  • The file is empty
This function does not throw errors for missing secrets, making it ideal for optional configuration.

Build docs developers (and LLMs) love

Get started for freeTalk to us