cloudly/ts_interfaces/data/secretbundle.ts

62 lines
1.6 KiB
TypeScript

export interface ISecretBundle {
id: string;
data: {
name: string;
description: string;
/**
* determines if the secret is a service or an external secret
* if external secret additional checks are put in place to protect the secret
*
* * service:
* the bundle belongs to a service and can only be used by that service
* * npmci:
* the bundle is a secret bundle that is used by an npmci pipeline
* production secrets will be omitted in any case
* * gitzone:
* the bundle is a secret bundle that is used by a gitzone.
* Only local environment variables are allowed
* * external:
* the bundle is a secret bundle that is used by an external service
*/
type: 'service' | 'npmci' | 'gitzone' | 'external';
/**
* set this if the secretBundle belongs to a service
*/
serviceId?: string;
/**
* You can add specific secret groups using this
*/
includedSecretGroupIds: string[];
/**
* access to this secretBundle also grants access to resources with matching tags
*/
includedTags: {
key: string;
value?: string;
}[];
/**
* access to this secretBundle also grants access to the images
*/
imageClaims: {
imageId: string;
permissions: ('read' | 'write')[];
}[];
/**
* authrozations select a specific environment of a config bundle
*/
authorizations: Array<ISecretBundleAuthorization>;
};
}
export interface ISecretBundleAuthorization {
secretAccessKey: string;
environment: string;
}