fix(secretmanagement): Refactor secret bundle actions and improve authorization handling
This commit is contained in:
@@ -1,5 +1,14 @@
|
||||
# Changelog
|
||||
|
||||
## 2024-12-28 - 4.7.1 - fix(secretmanagement)
|
||||
Refactor secret bundle actions and improve authorization handling
|
||||
|
||||
- Refactored secret bundle handling by renaming methods and reorganizing static and instance methods in SecretBundle class.
|
||||
- Added getSecretBundleByAuthorization method to SecretBundle.
|
||||
- Improved getFlatKeyValueObjectForEnvironment to accurately retrieve key-value pairs for specified environments.
|
||||
- Removed deprecated IEnvBundle interface and related request handler for better clarity and code usage.
|
||||
- Updated request interfaces related to secret bundles for consistent method naming and arguments.
|
||||
|
||||
## 2024-12-22 - 4.7.0 - feat(apiclient)
|
||||
Add method to flatten secret bundles into key-value objects.
|
||||
|
||||
|
||||
@@ -3,6 +3,6 @@
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@serve.zone/cloudly',
|
||||
version: '4.7.0',
|
||||
version: '4.7.1',
|
||||
description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
|
||||
}
|
||||
|
||||
@@ -148,30 +148,26 @@ export class CloudlySecretManager {
|
||||
);
|
||||
|
||||
this.typedrouter.addTypedHandler(
|
||||
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetEnvBundle>(
|
||||
'getEnvBundle',
|
||||
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetFlatKeyValueObject>(
|
||||
'getFlatKeyValueObject',
|
||||
async (dataArg) => {
|
||||
const wantedBundle = await SecretBundle.getInstance({
|
||||
data: {
|
||||
authorizations: {
|
||||
// @ts-ignore
|
||||
$elemMatch: {
|
||||
secretAccessKey: dataArg.authorization,
|
||||
secretAccessKey: dataArg.secretBundleAuthorization.secretAccessKey,
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
const authorization = await wantedBundle.getAuthorizationFromAuthKey(
|
||||
dataArg.authorization,
|
||||
dataArg.secretBundleAuthorization.secretAccessKey,
|
||||
);
|
||||
return {
|
||||
envBundle: {
|
||||
configKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
|
||||
authorization.environment,
|
||||
),
|
||||
environment: authorization.environment,
|
||||
timeSensitive: false,
|
||||
},
|
||||
flatKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
|
||||
authorization.environment,
|
||||
),
|
||||
};
|
||||
},
|
||||
),
|
||||
|
||||
@@ -1,16 +1,9 @@
|
||||
import * as plugins from './plugins.js';
|
||||
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
|
||||
import { SecretGroup } from './classes.secretgroup.js';
|
||||
|
||||
export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBundle {
|
||||
public cloudlyClientRef: CloudlyApiClient;
|
||||
|
||||
public id: string;
|
||||
public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
|
||||
|
||||
constructor(cloudlyClientRef: CloudlyApiClient) {
|
||||
this.cloudlyClientRef = cloudlyClientRef;
|
||||
}
|
||||
|
||||
// STATIC
|
||||
public static async getSecretBundleById(cloudlyClientRef: CloudlyApiClient, secretBundleIdArg: string) {
|
||||
const getSecretBundleByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleById>(
|
||||
'getSecretBundleById'
|
||||
@@ -24,6 +17,19 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
|
||||
return newSecretBundle;
|
||||
}
|
||||
|
||||
public static async getSecretBundleByAuthorization(cloudlyClientRef: CloudlyApiClient, secretBundleAuthorizationArg: plugins.servezoneInterfaces.data.ISecretBundleAuthorization) {
|
||||
const getSecretBundleByAuthorizationTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleByAuthorization>(
|
||||
'getSecretBundleByAuthorization'
|
||||
);
|
||||
const response = await getSecretBundleByAuthorizationTR.fire({
|
||||
identity: cloudlyClientRef.identity,
|
||||
secretBundleAuthorization: secretBundleAuthorizationArg,
|
||||
});
|
||||
const newSecretBundle = new SecretBundle(cloudlyClientRef);
|
||||
Object.assign(newSecretBundle, response.secretBundle);
|
||||
return newSecretBundle;
|
||||
}
|
||||
|
||||
public static async getSecretBundles(cloudlyClientRef: CloudlyApiClient) {
|
||||
const getSecretBundlesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundles>(
|
||||
'getSecretBundles'
|
||||
@@ -64,6 +70,17 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
|
||||
return newSecretBundle;
|
||||
}
|
||||
|
||||
// INSTANCE
|
||||
|
||||
public cloudlyClientRef: CloudlyApiClient;
|
||||
|
||||
public id: string;
|
||||
public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
|
||||
|
||||
constructor(cloudlyClientRef: CloudlyApiClient) {
|
||||
this.cloudlyClientRef = cloudlyClientRef;
|
||||
}
|
||||
|
||||
public async update() {
|
||||
const updateSecretBundleTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_UpdateSecretBundle>(
|
||||
'updateSecretBundle'
|
||||
@@ -94,9 +111,25 @@ export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBun
|
||||
return null;
|
||||
}
|
||||
|
||||
public async toFlatKeyValueObject() {
|
||||
return {
|
||||
// TODO: implement
|
||||
};
|
||||
public async getFlatKeyValueObjectForEnvironment(environmentArg: string = 'production') {
|
||||
const bundleAuthorization = this.data.authorizations.find(authorization => {
|
||||
return authorization.environment === environmentArg;
|
||||
});
|
||||
if (bundleAuthorization) {
|
||||
throw new Error(`no matching environment >>${environmentArg} found in secret bundle`);
|
||||
}
|
||||
|
||||
const getFlatKeyValueObjectTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetFlatKeyValueObject>(
|
||||
'getFlatKeyValueObject'
|
||||
);
|
||||
const response = await getFlatKeyValueObjectTR.fire({
|
||||
identity: this.cloudlyClientRef.identity,
|
||||
seccretBundleId: this.id,
|
||||
secretBundleAuthorization: bundleAuthorization,
|
||||
});
|
||||
|
||||
const flatKeyValueObject: {[key: string]: string} = response.flatKeyValueObject;
|
||||
|
||||
return flatKeyValueObject;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
|
||||
export interface IEnvBundle {
|
||||
environment: string;
|
||||
timeSensitive: boolean;
|
||||
configKeyValueObject: {[key: string]: string};
|
||||
}
|
||||
@@ -3,7 +3,6 @@ export * from './cluster.js';
|
||||
export * from './config.js';
|
||||
export * from './deployment.js';
|
||||
export * from './docker.js';
|
||||
export * from './env.js';
|
||||
export * from './event.js';
|
||||
export * from './image.js';
|
||||
export * from './secretbundle.js';
|
||||
|
||||
@@ -45,9 +45,11 @@ export interface ISecretBundle {
|
||||
/**
|
||||
* authrozations select a specific environment of a config bundle
|
||||
*/
|
||||
authorizations: Array<{
|
||||
secretAccessKey: string;
|
||||
environment: string;
|
||||
}>;
|
||||
authorizations: Array<ISecretBundleAuthorization>;
|
||||
};
|
||||
}
|
||||
|
||||
export interface ISecretBundleAuthorization {
|
||||
secretAccessKey: string;
|
||||
environment: string;
|
||||
}
|
||||
|
||||
@@ -2,26 +2,6 @@ import * as plugins from '../plugins.js';
|
||||
import * as data from '../data/index.js';
|
||||
import * as userInterfaces from '../data/user.js';
|
||||
|
||||
/**
|
||||
* when retrieving secrets for actual use, you do this in the form of an envBundle.
|
||||
*/
|
||||
export interface IReq_GetEnvBundle extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetEnvBundle
|
||||
> {
|
||||
method: 'getEnvBundle';
|
||||
request: {
|
||||
authorization: string;
|
||||
/**
|
||||
* specify this if you want to get a warning, if the envBundle is for an unexpected environment
|
||||
*/
|
||||
environment?: string;
|
||||
};
|
||||
response: {
|
||||
envBundle: data.IEnvBundle;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_GetSecretBundles extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetSecretBundles
|
||||
@@ -92,3 +72,32 @@ export interface IReq_DeleteSecretBundleById extends plugins.typedrequestInterfa
|
||||
ok: boolean;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_GetSecretBundleByAuthorization extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetSecretBundleByAuthorization
|
||||
> {
|
||||
method: 'getSecretBundleByAuthorization';
|
||||
request: {
|
||||
identity: userInterfaces.IIdentity;
|
||||
secretBundleAuthorization: data.ISecretBundleAuthorization;
|
||||
};
|
||||
response: {
|
||||
secretBundle: data.ISecretBundle;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_GetFlatKeyValueObject extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetFlatKeyValueObject
|
||||
> {
|
||||
method: 'getFlatKeyValueObject';
|
||||
request: {
|
||||
identity: userInterfaces.IIdentity;
|
||||
seccretBundleId: string;
|
||||
secretBundleAuthorization: data.ISecretBundleAuthorization;
|
||||
};
|
||||
response: {
|
||||
flatKeyValueObject: {[key: string]: string};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -3,6 +3,6 @@
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@serve.zone/cloudly',
|
||||
version: '4.7.0',
|
||||
version: '4.7.1',
|
||||
description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user