export interface ISecretBundle { id: string; data: { name: string; description: string; /** * determines if the secret is a service or an external secret * if external secret additional checks are put in place to protect the secret * * * service: * the bundle belongs to a service and can only be used by that service * * npmci: * the bundle is a secret bundle that is used by an npmci pipeline * production secrets will be omitted in any case * * gitzone: * the bundle is a secret bundle that is used by a gitzone. * Only local environment variables are allowed * * external: * the bundle is a secret bundle that is used by an external service */ type: 'service' | 'npmci' | 'gitzone' | 'external'; /** * set this if the secretBundle belongs to a service */ serviceId?: string; /** * You can add specific secret groups using this */ includedSecretGroupIds: string[]; /** * access to this secretBundle also grants access to resources with matching tags */ includedTags: { key: string; value?: string; }[]; /** * access to this secretBundle also grants access to the images */ imageClaims: { imageId: string; permissions: ('read' | 'write')[]; }[]; /** * authrozations select a specific environment of a config bundle */ authorizations: Array; }; } export interface ISecretBundleAuthorization { secretAccessKey: string; environment: string; }