@adobe/helix-config 5.6.10 → 5.7.0

package/CHANGELOG.md

@@ -1,3 +1,17 @@
+# [5.7.0](https://github.com/adobe/helix-config/compare/v5.6.11...v5.7.0) (2025-11-11)
+
+
+### Features
+
+* include org and site apiKeys into admin scope ([#337](https://github.com/adobe/helix-config/issues/337)) ([ceed54e](https://github.com/adobe/helix-config/commit/ceed54ed5533da5cf9cd4702946af2165290722e))
+
+## [5.6.11](https://github.com/adobe/helix-config/compare/v5.6.10...v5.6.11) (2025-11-05)
+
+
+### Bug Fixes
+
+* load head in delivery scope ([#334](https://github.com/adobe/helix-config/issues/334)) ([c3bba6d](https://github.com/adobe/helix-config/commit/c3bba6dc7b1e9d8c8954fde32625d5fea49246c9))
+
 ## [5.6.10](https://github.com/adobe/helix-config/compare/v5.6.9...v5.6.10) (2025-11-05)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/helix-config",
-  "version": "5.6.10",
+  "version": "5.7.0",
   "description": "Helix Config",
   "main": "src/index.js",
   "types": "src/index.d.ts",
@@ -44,7 +44,7 @@
     "eslint": "9.4.0",
     "husky": "9.1.7",
     "junit-report-builder": "5.1.1",
-    "lint-staged": "16.2.5",
+    "lint-staged": "16.2.6",
     "mocha": "11.7.4",
     "mocha-multi-reporters": "1.5.1",
     "mocha-suppress-logs": "0.6.0",

package/src/config-view.js

@@ -336,9 +336,13 @@ async function resolveConfig(ctx, rso, scope) {
         config.robots = robots;
       }
     }
+  }
+  if (scope === SCOPE_PIPELINE || scope === SCOPE_RAW || scope === SCOPE_DELIVERY) {
+    // although not used in delivery, load in order to set correct last-modified
     ctx.timer?.update('head.html');
     config.head = await loadHeadHtml(ctx, config, rso.ref);
   }
+
   return site;
 }
 
@@ -388,6 +392,25 @@ function computeOrgAdminRoles(adminConfig, orgConfig) {
   }
 }
 
+/**
+ * Apply org config apiKeys.
+ * @param adminConfig
+ * @param orgConfig
+ */
+function applyOrgAPIKeys(adminConfig, orgConfig) {
+  const orgKeys = Object.keys(orgConfig.apiKeys ?? {});
+  if (orgKeys.length) {
+    const admin = deepGetOrCreate(adminConfig, ['access', 'admin'], true);
+    const apiKeyId = new Set([
+      ...admin.apiKeyId ?? [],
+      ...orgKeys,
+    ]);
+    if (apiKeyId.size) {
+      admin.apiKeyId = Array.from(apiKeyId).sort();
+    }
+  }
+}
+
 /**
  * Extract the email addresses of the users for the given group.
  * @param groups
@@ -496,9 +519,14 @@ async function computeSiteAdminRoles(ctx, siteConfig, admin, orgConfig, configGr
     role: roles,
   };
 
-  const apiKeyId = new Set([...admin.apiKeyId ?? [], ...orgConfig?.access?.admin?.apiKeyId ?? []]);
+  const apiKeyId = new Set([
+    ...admin.apiKeyId ?? [],
+    ...orgConfig?.access?.admin?.apiKeyId ?? [],
+    ...Object.keys(orgConfig?.apiKeys || {}),
+    ...Object.keys(siteConfig?.apiKeys || {}),
+  ]);
   if (apiKeyId.size) {
-    ret.apiKeyId = Array.from(apiKeyId);
+    ret.apiKeyId = Array.from(apiKeyId).sort();
   }
   // if there are only roles from the org, ensure that they don't enforce auth
   if (hasOrgUsers && !hasRoles && (!admin.requireAuth || admin.requireAuth === 'auto')) {
@@ -728,6 +756,7 @@ export async function getOrgConfigResponse(ctx, opts) {
   };
 
   computeOrgAdminRoles(adminConfig, orgConfig);
+  applyOrgAPIKeys(adminConfig, orgConfig);
   delete adminConfig.tokens;
   delete adminConfig.users;
   delete adminConfig.groups;