pvmount (proprerty volume mount) is a tool created to download azure secrets and mount them to the following path /mnt/secrets
The tool is designed to complement https://github.com/hmcts/properties-volume-nodejs
- Node.js version can be found in .nvmrc (as of writting v18.17.1)
- NVM node version manager (optional but allows swapping node version with a single command)
- Azure CLI
If using NVM the following command can be run in the project root directory to make sure the enviroment has the same nodejs version stated in the .nvmrc file. This command can be skipped if your version of node already matches the required version found in the .nvmrc file.
nvm use
As the application mounts files in the root folder sudo is required
Install dependencies by executing the following command:
npm install
sudo node pvmount.js -h
sudo node pvmount.js -n aac -e aat
sudo node pvmount.js -n aac -e aat -m /some/dir/example
npm run build
This will output an executable file called pvmount with no extension
Copy the new pvmount executable created into the following folder
/user/local/bin
Open a new terminal and run the following to check installation
pvmount -h
This cli tool will work with pre and post catalina. However since Catalina OS. Apple has made the root directory read-only. To bypass this issue the tool will create a file called.
/etc/synthetic.conf
That will contain confirugration to create a readonly symlink from /mnt/secrets -> /Volumes/mnt/secrets
/mnt/secrets -> /Volumes/mnt/secrets
Synthetic.conf is read on boot however the tool will run a command to force the configurations to take place without a reboot and then for safty the tool will delete the newly created /etc/synthetic.conf file.
Although the tool should create the perfect file any sort of issue inside synthetic.conf will prevent Mac OS from booting. it is saver for pvmount to delete the file after it is done forcing a mount. The downside to this is that the pvmount commands has to be run again if a reboot has taken place. going forward a command could be added to turn off auto deletetion of the synthetic.conf file if your feeling lucky it wont break the boot.
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.