fix(secretmanagement): Refactor secret bundle actions and improve authorization handling

changelog.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## 2024-12-28 - 4.7.1 - fix(secretmanagement)
+Refactor secret bundle actions and improve authorization handling
+
+- Refactored secret bundle handling by renaming methods and reorganizing static and instance methods in SecretBundle class.
+- Added getSecretBundleByAuthorization method to SecretBundle.
+- Improved getFlatKeyValueObjectForEnvironment to accurately retrieve key-value pairs for specified environments.
+- Removed deprecated IEnvBundle interface and related request handler for better clarity and code usage.
+- Updated request interfaces related to secret bundles for consistent method naming and arguments.
+
 ## 2024-12-22 - 4.7.0 - feat(apiclient)
 Add method to flatten secret bundles into key-value objects.
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/cloudly',
-  version: '4.7.0',
+  version: '4.7.1',
   description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
 }

ts/manager.secret/classes.secretmanager.ts

@@ -148,30 +148,26 @@ export class CloudlySecretManager {
     );
 
     this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetEnvBundle>(
-        'getEnvBundle',
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetFlatKeyValueObject>(
+        'getFlatKeyValueObject',
         async (dataArg) => {
           const wantedBundle = await SecretBundle.getInstance({
             data: {
               authorizations: {
                 // @ts-ignore
                 $elemMatch: {
-                  secretAccessKey: dataArg.authorization,
+                  secretAccessKey: dataArg.secretBundleAuthorization.secretAccessKey,
                 },
               },
             },
           });
           const authorization = await wantedBundle.getAuthorizationFromAuthKey(
-            dataArg.authorization,
+            dataArg.secretBundleAuthorization.secretAccessKey,
           );
           return {
-            envBundle: {
-              configKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
-                authorization.environment,
-              ),
-              environment: authorization.environment,
-              timeSensitive: false,
-            },
+            flatKeyValueObject:  await wantedBundle.getKeyValueObjectForEnvironment(
+              authorization.environment,
+            ),
           };
         },
       ),

ts_apiclient/classes.secretbundle.ts

@@ -1,16 +1,9 @@
 import * as plugins from './plugins.js';
 import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
+import { SecretGroup } from './classes.secretgroup.js';
 
 export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBundle {
-  public cloudlyClientRef: CloudlyApiClient;
-  
-  public id: string;
-  public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
-
-  constructor(cloudlyClientRef: CloudlyApiClient) {
-    this.cloudlyClientRef = cloudlyClientRef;
-  }
-
+  // STATIC
   public static async getSecretBundleById(cloudlyClientRef: CloudlyApiClient, secretBundleIdArg: string) {
     const getSecretBundleByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleById>(
       'getSecretBundleById'
@@ -24,6 +17,19 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
     return newSecretBundle;
   }
 
+  public static async getSecretBundleByAuthorization(cloudlyClientRef: CloudlyApiClient, secretBundleAuthorizationArg: plugins.servezoneInterfaces.data.ISecretBundleAuthorization) {
+    const getSecretBundleByAuthorizationTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleByAuthorization>(
+      'getSecretBundleByAuthorization'
+    );
+    const response = await getSecretBundleByAuthorizationTR.fire({
+      identity: cloudlyClientRef.identity,
+      secretBundleAuthorization: secretBundleAuthorizationArg,
+    });
+    const newSecretBundle = new SecretBundle(cloudlyClientRef);
+    Object.assign(newSecretBundle, response.secretBundle);
+    return newSecretBundle;
+  }
+
   public static async getSecretBundles(cloudlyClientRef: CloudlyApiClient) {
     const getSecretBundlesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundles>(
       'getSecretBundles'
@@ -64,6 +70,17 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
     return newSecretBundle;
   }
 
+  // INSTANCE
+
+  public cloudlyClientRef: CloudlyApiClient;
+  
+  public id: string;
+  public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
+
+  constructor(cloudlyClientRef: CloudlyApiClient) {
+    this.cloudlyClientRef = cloudlyClientRef;
+  }
+
   public async update() {
     const updateSecretBundleTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_UpdateSecretBundle>(
       'updateSecretBundle'
@@ -94,9 +111,25 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
     return null;
   }
 
-  public async toFlatKeyValueObject() {
-    return {
-      // TODO: implement
-    };
+  public async getFlatKeyValueObjectForEnvironment(environmentArg: string = 'production') {
+    const bundleAuthorization = this.data.authorizations.find(authorization => {
+      return authorization.environment === environmentArg;
+    });
+    if (bundleAuthorization) {
+      throw new Error(`no matching environment >>${environmentArg} found in secret bundle`);
+    }
+
+    const getFlatKeyValueObjectTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetFlatKeyValueObject>(
+      'getFlatKeyValueObject'
+    );
+    const response = await getFlatKeyValueObjectTR.fire({
+      identity: this.cloudlyClientRef.identity,
+      seccretBundleId: this.id,
+      secretBundleAuthorization: bundleAuthorization,
+    });
+
+    const flatKeyValueObject: {[key: string]: string} = response.flatKeyValueObject;
+
+    return flatKeyValueObject;
   }
 }

ts_interfaces/data/env.ts

@@ -1,6 +0,0 @@
-
-export interface IEnvBundle {
-  environment: string;
-  timeSensitive: boolean;
-  configKeyValueObject: {[key: string]: string};
-}

ts_interfaces/data/index.ts

@@ -3,7 +3,6 @@ export * from './cluster.js';
 export * from './config.js';
 export * from './deployment.js';
 export * from './docker.js';
-export * from './env.js';
 export * from './event.js';
 export * from './image.js';
 export * from './secretbundle.js';

ts_interfaces/data/secretbundle.ts

@@ -45,9 +45,11 @@ export interface ISecretBundle {
     /**
      * authrozations select a specific environment of a config bundle
      */
-    authorizations: Array<{
-      secretAccessKey: string;
-      environment: string;
-    }>;
+    authorizations: Array<ISecretBundleAuthorization>;
   };
 }
+
+export interface ISecretBundleAuthorization {
+  secretAccessKey: string;
+  environment: string;
+}

ts_interfaces/requests/secretbundle.ts

@@ -2,26 +2,6 @@ import * as plugins from '../plugins.js';
 import * as data from '../data/index.js';
 import * as userInterfaces from '../data/user.js';
 
-/**
- * when retrieving secrets for actual use, you do this in the form of an envBundle.
- */
-export interface IReq_GetEnvBundle extends plugins.typedrequestInterfaces.implementsTR<
-  plugins.typedrequestInterfaces.ITypedRequest,
-  IReq_GetEnvBundle
-> {
-  method: 'getEnvBundle';
-  request: {
-    authorization: string;
-    /**
-     * specify this if you want to get a warning, if the envBundle is for an unexpected environment
-     */
-    environment?: string;
-  };
-  response: {
-    envBundle: data.IEnvBundle;
-  };
-}
-
 export interface IReq_GetSecretBundles extends plugins.typedrequestInterfaces.implementsTR<
   plugins.typedrequestInterfaces.ITypedRequest,
   IReq_GetSecretBundles
@@ -92,3 +72,32 @@ export interface IReq_DeleteSecretBundleById extends plugins.typedrequestInterfa
     ok: boolean;
   };
 }
+
+export interface IReq_GetSecretBundleByAuthorization extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_GetSecretBundleByAuthorization
+> {
+  method: 'getSecretBundleByAuthorization';
+  request: {
+    identity: userInterfaces.IIdentity;
+    secretBundleAuthorization: data.ISecretBundleAuthorization;
+  };
+  response: {
+    secretBundle: data.ISecretBundle;
+  };
+}
+
+export interface IReq_GetFlatKeyValueObject extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_GetFlatKeyValueObject
+> {
+  method: 'getFlatKeyValueObject';
+  request: {
+    identity: userInterfaces.IIdentity;
+    seccretBundleId: string;
+    secretBundleAuthorization: data.ISecretBundleAuthorization;
+  };
+  response: {
+    flatKeyValueObject: {[key: string]: string};
+  };
+}

ts_web/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/cloudly',
-  version: '4.7.0',
+  version: '4.7.1',
   description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
 }