npm - @aifabrix/builder - Versions diffs - 2.6.0 → 2.6.1 - Mend

@aifabrix/builder 2.6.0 → 2.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/cli.js +15 -0
package/lib/commands/secrets-set.js +70 -0
package/lib/utils/local-secrets.js +73 -1
package/package.json +1 -1

package/lib/cli.js CHANGED Viewed

@@ -21,6 +21,7 @@ const logger = require('./utils/logger');
 const { validateCommand, handleCommandError } = require('./utils/cli-utils');
 const { handleLogin } = require('./commands/login');
 const { handleSecure } = require('./commands/secure');
+const { handleSecretsSet } = require('./commands/secrets-set');
 /**
  * Sets up all CLI commands on the Commander program instance
@@ -435,6 +436,20 @@ function setupCommands(program) {
       }
     });
+  // Secrets management commands
+  program
+    .command('secrets set <key> <value>')
+    .description('Set a secret value in secrets file')
+    .option('--shared', 'Save to general secrets file (from config.yaml aifabrix-secrets) instead of user secrets')
+    .action(async(key, value, options) => {
+      try {
+        await handleSecretsSet(key, value, options);
+      } catch (error) {
+        handleCommandError(error, 'secrets set');
+        process.exit(1);
+      }
+    });
   // Security command
   program.command('secure')
     .description('Encrypt secrets in secrets.local.yaml files for ISO 27001 compliance')

package/lib/commands/secrets-set.js ADDED Viewed

@@ -0,0 +1,70 @@
+/**
+ * AI Fabrix Builder - Secrets Set Command
+ *
+ * Handles setting secret values in secrets files
+ * Supports both user secrets and general secrets files
+ *
+ * @fileoverview Secrets set command implementation for AI Fabrix Builder
+ * @author AI Fabrix Team
+ * @version 2.0.0
+ */
+const path = require('path');
+const os = require('os');
+const chalk = require('chalk');
+const logger = require('../utils/logger');
+const { getAifabrixSecretsPath } = require('../config');
+const { saveLocalSecret, saveSecret } = require('../utils/local-secrets');
+/**
+ * Handle secrets set command action
+ * Sets a secret value in either user secrets or general secrets file
+ *
+ * @async
+ * @function handleSecretsSet
+ * @param {string} key - Secret key name
+ * @param {string} value - Secret value (supports full URLs or environment variable interpolation)
+ * @param {Object} options - Command options
+ * @param {boolean} [options.shared] - If true, save to general secrets file
+ * @returns {Promise<void>} Resolves when secret is saved
+ * @throws {Error} If save fails or validation fails
+ *
+ * @example
+ * await handleSecretsSet('keycloak-public-server-urlKeyVault', 'https://mydomain.com/keycloak', { shared: false });
+ * await handleSecretsSet('keycloak-public-server-urlKeyVault', 'https://${VAR}:8182', { shared: true });
+ */
+async function handleSecretsSet(key, value, options) {
+  if (!key || typeof key !== 'string') {
+    throw new Error('Secret key is required and must be a string');
+  }
+  if (value === undefined || value === null || value === '') {
+    throw new Error('Secret value is required');
+  }
+  const isShared = options.shared || options['shared'] || false;
+  if (isShared) {
+    // Save to general secrets file
+    const generalSecretsPath = await getAifabrixSecretsPath();
+    if (!generalSecretsPath) {
+      throw new Error('General secrets file not configured. Set aifabrix-secrets in config.yaml or use without --shared flag for user secrets.');
+    }
+    // Resolve path (handle absolute vs relative)
+    const resolvedPath = path.isAbsolute(generalSecretsPath)
+      ? generalSecretsPath
+      : path.resolve(process.cwd(), generalSecretsPath);
+    await saveSecret(key, value, resolvedPath);
+    logger.log(chalk.green(`✓ Secret '${key}' saved to general secrets file: ${resolvedPath}`));
+  } else {
+    // Save to user secrets file
+    await saveLocalSecret(key, value);
+    const userSecretsPath = path.join(os.homedir(), '.aifabrix', 'secrets.local.yaml');
+    logger.log(chalk.green(`✓ Secret '${key}' saved to user secrets file: ${userSecretsPath}`));
+  }
+}
+module.exports = { handleSecretsSet };

package/lib/utils/local-secrets.js CHANGED Viewed

@@ -77,6 +77,78 @@ async function saveLocalSecret(key, value) {
   fs.writeFileSync(secretsPath, yamlContent, { mode: 0o600 });
 }
+/**
+ * Saves a secret to a specified secrets file path
+ * Merges with existing secrets without overwriting other keys
+ *
+ * @async
+ * @function saveSecret
+ * @param {string} key - Secret key name
+ * @param {string} value - Secret value
+ * @param {string} secretsPath - Path to secrets file (absolute or relative)
+ * @returns {Promise<void>} Resolves when secret is saved
+ * @throws {Error} If save fails
+ *
+ * @example
+ * await saveSecret('myapp-client-idKeyVault', 'client-id-value', '/path/to/secrets.yaml');
+ */
+async function saveSecret(key, value, secretsPath) {
+  if (!key || typeof key !== 'string') {
+    throw new Error('Secret key is required and must be a string');
+  }
+  if (value === undefined || value === null) {
+    throw new Error('Secret value is required');
+  }
+  if (!secretsPath || typeof secretsPath !== 'string') {
+    throw new Error('Secrets path is required and must be a string');
+  }
+  // Resolve path (handle absolute vs relative)
+  const resolvedPath = path.isAbsolute(secretsPath)
+    ? secretsPath
+    : path.resolve(process.cwd(), secretsPath);
+  const secretsDir = path.dirname(resolvedPath);
+  // Create directory if needed
+  if (!fs.existsSync(secretsDir)) {
+    fs.mkdirSync(secretsDir, { recursive: true, mode: 0o700 });
+  }
+  // Load existing secrets
+  let existingSecrets = {};
+  if (fs.existsSync(resolvedPath)) {
+    try {
+      const content = fs.readFileSync(resolvedPath, 'utf8');
+      existingSecrets = yaml.load(content) || {};
+      if (typeof existingSecrets !== 'object') {
+        existingSecrets = {};
+      }
+    } catch (error) {
+      logger.warn(`Warning: Could not read existing secrets file: ${error.message}`);
+      existingSecrets = {};
+    }
+  }
+  // Merge with new secret
+  const updatedSecrets = {
+    ...existingSecrets,
+    [key]: value
+  };
+  // Save to file
+  const yamlContent = yaml.dump(updatedSecrets, {
+    indent: 2,
+    lineWidth: 120,
+    noRefs: true,
+    sortKeys: false
+  });
+  fs.writeFileSync(resolvedPath, yamlContent, { mode: 0o600 });
+}
 /**
  * Checks if a URL is localhost
  * @function isLocalhost
@@ -92,5 +164,5 @@ function isLocalhost(url) {
   return urlLower.includes('localhost') || urlLower.includes('127.0.0.1');
 }
-module.exports = { saveLocalSecret, isLocalhost };
+module.exports = { saveLocalSecret, saveSecret, isLocalhost };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aifabrix/builder",
-  "version": "2.6.0",
+  "version": "2.6.1",
   "description": "AI Fabrix Local Fabric & Deployment SDK",
   "main": "lib/index.js",
   "bin": {