@clef-sh/agent 0.1.20-beta.142 → 0.1.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.cjs +68 -13
- package/dist/agent.cjs.map +2 -2
- package/dist/main.js +3 -1
- package/dist/main.js.map +1 -1
- package/dist/server.d.ts +6 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +37 -4
- package/dist/server.js.map +1 -1
- package/package.json +2 -2
package/dist/main.js
CHANGED
|
@@ -113,7 +113,9 @@ async function main() {
|
|
|
113
113
|
token: config.token,
|
|
114
114
|
cache,
|
|
115
115
|
cacheTtl: config.cacheTtl,
|
|
116
|
-
...(jitMode
|
|
116
|
+
...(jitMode
|
|
117
|
+
? { decryptor: poller.getDecryptor(), encryptedStore }
|
|
118
|
+
: { refresh: () => poller.fetchAndDecrypt() }),
|
|
117
119
|
});
|
|
118
120
|
const onLog = (msg) => console.log(`[clef-agent] ${msg}`);
|
|
119
121
|
telemetry?.agentStarted({ version: package_json_1.version });
|
package/dist/main.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;AAAA,iGAAiG;AACjG;;;;;;;GAOG;AACH,qCAAsD;AACtD,8CAa0B;AAE1B,qCAA4C;AAC5C,+CAA4C;AAC5C,mEAA+D;AAC/D,mDAA+C;AAE/C,kDAA0D;AAE1D,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;AAEtD,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,IAAA,sBAAa,GAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC;IAEtC,8DAA8D;IAC9D,IAAI,UAA8B,CAAC;IACnC,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,sBAAY,EAAE,CAAC;QACrC,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACP,0DAA0D;IAC5D,CAAC;IAED,4BAA4B;IAC5B,IAAI,MAAsB,CAAC;IAC3B,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;QACf,MAAM,QAAQ,GAAG,IAAA,2BAAiB,EAAC;YACjC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ;YAC7B,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI;YACrB,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,KAAK;YACvB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;YACnB,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,MAAM,GAAG,IAAI,2BAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACxF,CAAC;SAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,IAAI,0BAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC/C,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACvF,MAAM,GAAG,IAAI,4BAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,IAAI,4BAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,oBAAW,CAAC,gCAAgC,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,SAAS,GACb,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG;QAC5B,CAAC,CAAC,IAAI,mBAAS,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QAC9E,CAAC,CAAC,SAAS,CAAC;IAEhB,MAAM,KAAK,GAAG,IAAI,sBAAY,EAAE,CAAC;IACjC,MAAM,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,gCAAsB,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,MAAM,MAAM,GAAG,IAAI,wBAAc,CAAC;QAChC,MAAM;QACN,UAAU;QACV,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,cAAc;QACd,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,4BAA4B,GAAG,CAAC,OAAO,EAAE,CAAC;KAC3E,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,wBAAwB,UAAU,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;IAEzD,MAAM,IAAA,4BAAY,EAAC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;IAEvE,wFAAwF;IACxF,IAAI,SAAuC,CAAC;IAE5C,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,2CAA2C;QAC3C,MAAM,OAAO,GAA2B,EAAE,CAAC;QAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACnD,IAAI,UAAU,EAAE,CAAC;YACf,oDAAoD;YACpD,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzC,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC7B,IAAI,EAAE,GAAG,CAAC;oBAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5E,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,QAAQ,EAAE,CAAC;QAClD,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QAC5F,SAAS,GAAG,IAAI,0BAAgB,CAAC;YAC/B,GAAG,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG;YACzB,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC9D,OAAO,EAAE,sBAAY;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,QAAQ,EAAE,MAAM,CAAC,GAAG,EAAE,QAAQ,IAAI,SAAS;YAC3C,WAAW,EAAE,MAAM,CAAC,GAAG,EAAE,WAAW,IAAI,SAAS;YACjD,UAAU;SACX,CAAC,CAAC;QACH,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED,gFAAgF;IAChF,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,CAAC,IAAI,EAAE,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,IAAA,yBAAgB,EAAC;QACpC,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,OAAO,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;AAAA,iGAAiG;AACjG;;;;;;;GAOG;AACH,qCAAsD;AACtD,8CAa0B;AAE1B,qCAA4C;AAC5C,+CAA4C;AAC5C,mEAA+D;AAC/D,mDAA+C;AAE/C,kDAA0D;AAE1D,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;AAEtD,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,IAAA,sBAAa,GAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC;IAEtC,8DAA8D;IAC9D,IAAI,UAA8B,CAAC;IACnC,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,sBAAY,EAAE,CAAC;QACrC,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACP,0DAA0D;IAC5D,CAAC;IAED,4BAA4B;IAC5B,IAAI,MAAsB,CAAC;IAC3B,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;QACf,MAAM,QAAQ,GAAG,IAAA,2BAAiB,EAAC;YACjC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ;YAC7B,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI;YACrB,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,KAAK;YACvB,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG;YACnB,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,MAAM,GAAG,IAAI,2BAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACxF,CAAC;SAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,MAAM,GAAG,IAAI,0BAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC/C,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACvF,MAAM,GAAG,IAAI,4BAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,IAAI,4BAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,oBAAW,CAAC,gCAAgC,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,SAAS,GACb,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG;QAC5B,CAAC,CAAC,IAAI,mBAAS,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QAC9E,CAAC,CAAC,SAAS,CAAC;IAEhB,MAAM,KAAK,GAAG,IAAI,sBAAY,EAAE,CAAC;IACjC,MAAM,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,gCAAsB,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,MAAM,MAAM,GAAG,IAAI,wBAAc,CAAC;QAChC,MAAM;QACN,UAAU;QACV,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,cAAc;QACd,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,4BAA4B,GAAG,CAAC,OAAO,EAAE,CAAC;KAC3E,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,wBAAwB,UAAU,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;IAEzD,MAAM,IAAA,4BAAY,EAAC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;IAEvE,wFAAwF;IACxF,IAAI,SAAuC,CAAC;IAE5C,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,2CAA2C;QAC3C,MAAM,OAAO,GAA2B,EAAE,CAAC;QAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACnD,IAAI,UAAU,EAAE,CAAC;YACf,oDAAoD;YACpD,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzC,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC7B,IAAI,EAAE,GAAG,CAAC;oBAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5E,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,QAAQ,EAAE,CAAC;QAClD,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QAC5F,SAAS,GAAG,IAAI,0BAAgB,CAAC;YAC/B,GAAG,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG;YACzB,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC9D,OAAO,EAAE,sBAAY;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,QAAQ,EAAE,MAAM,CAAC,GAAG,EAAE,QAAQ,IAAI,SAAS;YAC3C,WAAW,EAAE,MAAM,CAAC,GAAG,EAAE,WAAW,IAAI,SAAS;YACjD,UAAU;SACX,CAAC,CAAC;QACH,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED,gFAAgF;IAChF,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,CAAC,IAAI,EAAE,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,IAAA,yBAAgB,EAAC;QACpC,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,OAAO;YACT,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,YAAY,EAAE,EAAE,cAAc,EAAE;YACtD,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC;KACjD,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,CAAC,GAAW,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC;IAElE,SAAS,EAAE,YAAY,CAAC,EAAE,OAAO,EAAE,sBAAY,EAAE,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,sBAAsB,SAAS,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAEzC,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,IAAI,kCAAe,CAAC;YACpC,MAAM;YACN,MAAM;YACN,UAAU,EAAE,MAAM,CAAC,QAAQ;YAC3B,SAAS;YACT,KAAK;YACL,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAC;QACH,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC;YACxB,MAAM;YACN,MAAM;YACN,SAAS;YACT,KAAK;SACN,CAAC,CAAC;QACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,IAAI,GAAG,YAAY,oBAAW,EAAE,CAAC;QAC/B,OAAO,CAAC,KAAK,CAAC,8BAA8B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,uBAAuB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACpD,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;YACzB,wEAAwE;YACxE,yEAAyE;YACzE,IAAI,GAAG,CAAC,KAAK;gBAAE,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YAClD,IAAI,GAAG,CAAC,KAAK;gBAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/server.d.ts
CHANGED
|
@@ -11,6 +11,12 @@ export interface AgentServerOptions {
|
|
|
11
11
|
token: string;
|
|
12
12
|
cache: SecretsCache;
|
|
13
13
|
cacheTtl?: number;
|
|
14
|
+
/**
|
|
15
|
+
* Cached mode: invoked when a request finds the cache expired. The server
|
|
16
|
+
* awaits this before responding and only 503s if the refresh itself fails.
|
|
17
|
+
* Concurrent requests coalesce onto a single refresh promise.
|
|
18
|
+
*/
|
|
19
|
+
refresh?: () => Promise<void>;
|
|
14
20
|
/** JIT mode: decrypt on every request instead of serving from cache. */
|
|
15
21
|
decryptor?: ArtifactDecryptor;
|
|
16
22
|
/** JIT mode: encrypted artifact store (required when decryptor is set). */
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,KAAK,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAGlF,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1B,OAAO,EAAE,MAAM,WAAW,GAAG,MAAM,GAAG,IAAI,CAAC;CAC5C;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,YAAY,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,wEAAwE;IACxE,SAAS,CAAC,EAAE,iBAAiB,CAAC;IAC9B,2EAA2E;IAC3E,cAAc,CAAC,EAAE,sBAAsB,CAAC;CACzC;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,KAAK,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAGlF,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1B,OAAO,EAAE,MAAM,WAAW,GAAG,MAAM,GAAG,IAAI,CAAC;CAC5C;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,YAAY,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9B,wEAAwE;IACxE,SAAS,CAAC,EAAE,iBAAiB,CAAC;IAC9B,2EAA2E;IAC3E,cAAc,CAAC,EAAE,sBAAsB,CAAC;CACzC;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CA0JxF"}
|
package/dist/server.js
CHANGED
|
@@ -17,9 +17,22 @@ const health_1 = require("./health");
|
|
|
17
17
|
* GET /v1/ready → readiness probe (unauthenticated)
|
|
18
18
|
*/
|
|
19
19
|
function startAgentServer(options) {
|
|
20
|
-
const { port, token, cache, cacheTtl, decryptor, encryptedStore } = options;
|
|
20
|
+
const { port, token, cache, cacheTtl, refresh, decryptor, encryptedStore } = options;
|
|
21
21
|
const jitMode = !!decryptor && !!encryptedStore;
|
|
22
22
|
const app = (0, express_1.default)();
|
|
23
|
+
// Coalesce concurrent refresh calls. Multiple requests hitting an expired
|
|
24
|
+
// cache at once should trigger a single refresh, not N parallel fetches.
|
|
25
|
+
let inflightRefresh = null;
|
|
26
|
+
const refreshOnce = () => {
|
|
27
|
+
if (!refresh)
|
|
28
|
+
return Promise.resolve();
|
|
29
|
+
if (!inflightRefresh) {
|
|
30
|
+
inflightRefresh = refresh().finally(() => {
|
|
31
|
+
inflightRefresh = null;
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
return inflightRefresh;
|
|
35
|
+
};
|
|
23
36
|
// Host header validation — block DNS rebinding attacks.
|
|
24
37
|
// Allowed hosts are static after startup; compute once.
|
|
25
38
|
const allowedHosts = new Set([`127.0.0.1:${port}`, "127.0.0.1"]);
|
|
@@ -42,16 +55,36 @@ function startAgentServer(options) {
|
|
|
42
55
|
// Bearer token authentication for secrets endpoints
|
|
43
56
|
app.use("/v1/secrets", authMiddleware(token));
|
|
44
57
|
app.use("/v1/keys", authMiddleware(token));
|
|
45
|
-
// TTL guard —
|
|
58
|
+
// TTL guard — in cached mode, try to refresh the cache before failing.
|
|
59
|
+
// The cache only 503s if the refresh itself fails (IAM denied, envelope
|
|
60
|
+
// gone, decrypt error) — elapsed time alone is never grounds for rejection.
|
|
46
61
|
// In JIT mode, freshness is proved by KMS success on each request.
|
|
47
|
-
const ttlGuard = (_req, res, next) => {
|
|
62
|
+
const ttlGuard = async (_req, res, next) => {
|
|
48
63
|
if (jitMode) {
|
|
49
64
|
if (!encryptedStore.isReady()) {
|
|
50
65
|
res.status(503).json({ error: "Secrets not yet loaded" });
|
|
51
66
|
return;
|
|
52
67
|
}
|
|
68
|
+
next();
|
|
69
|
+
return;
|
|
70
|
+
}
|
|
71
|
+
if (cacheTtl === undefined || !cache.isExpired(cacheTtl)) {
|
|
72
|
+
next();
|
|
73
|
+
return;
|
|
74
|
+
}
|
|
75
|
+
if (!refresh) {
|
|
76
|
+
res.status(503).json({ error: "Secrets expired" });
|
|
77
|
+
return;
|
|
78
|
+
}
|
|
79
|
+
try {
|
|
80
|
+
await refreshOnce();
|
|
81
|
+
}
|
|
82
|
+
catch (err) {
|
|
83
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
84
|
+
res.status(503).json({ error: "Refresh failed", detail: message });
|
|
85
|
+
return;
|
|
53
86
|
}
|
|
54
|
-
|
|
87
|
+
if (cache.isExpired(cacheTtl)) {
|
|
55
88
|
res.status(503).json({ error: "Secrets expired" });
|
|
56
89
|
return;
|
|
57
90
|
}
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;AAwCA,4CA0JC;AAlMD,mCAAyC;AACzC,sDAAmE;AAKnE,qCAAuD;AAyBvD;;;;;;;;GAQG;AACH,SAAgB,gBAAgB,CAAC,OAA2B;IAC1D,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC;IACrF,MAAM,OAAO,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,cAAc,CAAC;IAChD,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;IAEtB,0EAA0E;IAC1E,yEAAyE;IACzE,IAAI,eAAe,GAAyB,IAAI,CAAC;IACjD,MAAM,WAAW,GAAG,GAAkB,EAAE;QACtC,IAAI,CAAC,OAAO;YAAE,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;QACvC,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,eAAe,GAAG,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;gBACvC,eAAe,GAAG,IAAI,CAAC;YACzB,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC;IAEF,wDAAwD;IACxD,wDAAwD;IACxD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,aAAa,IAAI,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC;IACjE,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACjE,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,mEAAmE;IACnE,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAa,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC1E,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC3C,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,yEAAyE;IACzE,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,IAAA,sBAAa,EAAC,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IACtE,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,IAAA,qBAAY,EAAC,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEpE,oDAAoD;IACpD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9C,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAE3C,uEAAuE;IACvE,wEAAwE;IACxE,4EAA4E;IAC5E,mEAAmE;IACnE,MAAM,QAAQ,GAAG,KAAK,EAAE,IAAa,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QACzF,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC,CAAC;gBAC1D,OAAO;YACT,CAAC;YACD,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QACD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QACD,IAAI,CAAC;YACH,MAAM,WAAW,EAAE,CAAC;QACtB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,CAAC;QACD,IAAI,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;IACF,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IACjC,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAE9B,gCAAgC;IAChC,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,EAAE,IAAa,EAAE,GAAa,EAAE,EAAE;QAC5D,IAAI,OAAO,EAAE,CAAC;YACZ,0EAA0E;YAC1E,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,EAAE,CAAC;YACtC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC,CAAC;gBAC1D,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnB,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACxE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,0CAA0C;YAC1C,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAC3B,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC,CAAC;gBAC1D,OAAO;YACT,CAAC;YACD,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,gCAAgC;IAChC,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,IAAa,EAAE,GAAa,EAAE,EAAE;QACzD,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,EAAE,CAAC;YACtC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC,CAAC;gBAC1D,OAAO;YACT,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;YAChC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACxE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,oBAAoB,IAAI,EAAE,CAAC;IAEvC,OAAO,IAAI,OAAO,CAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxD,IAAI,MAAc,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;gBAC1C,OAAO,CAAC;oBACN,GAAG;oBACH,IAAI,EAAE,GAAG,EAAE,CACT,IAAI,OAAO,CAAO,CAAC,WAAW,EAAE,UAAU,EAAE,EAAE;wBAC5C,4EAA4E;wBAC5E,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;wBAC/D,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,EAAE;4BACjC,MAAM,CAAC,mBAAmB,EAAE,CAAC;wBAC/B,CAAC,EAAE,IAAI,CAAC,CAAC;wBACT,UAAU,CAAC,KAAK,EAAE,CAAC;oBACrB,CAAC,CAAC;oBACJ,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE;iBAChC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvC,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7E,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC1C,IACE,CAAC,QAAQ;YACT,WAAW,CAAC,MAAM,KAAK,WAAW,CAAC,MAAM;YACzC,CAAC,IAAA,wBAAe,EAAC,WAAW,EAAE,WAAW,CAAC,EAC1C,CAAC;YACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@clef-sh/agent",
|
|
3
|
-
"version": "0.1.20
|
|
3
|
+
"version": "0.1.20",
|
|
4
4
|
"description": "Runtime secrets sidecar agent for Clef",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -27,7 +27,7 @@
|
|
|
27
27
|
"@aws-sdk/client-kms": "^3.500.0",
|
|
28
28
|
"@azure/identity": "^4.0.0",
|
|
29
29
|
"@azure/keyvault-keys": "^4.8.0",
|
|
30
|
-
"@clef-sh/runtime": "0.1.23
|
|
30
|
+
"@clef-sh/runtime": "0.1.23",
|
|
31
31
|
"@google-cloud/kms": "^4.0.0",
|
|
32
32
|
"express": "^5.1.0"
|
|
33
33
|
},
|