@codemowers/oidc-key-manager 0.2.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/README.md +36 -32
  2. package/bin/dev.cmd +2 -2
  3. package/bin/run.cmd +3 -3
  4. package/dist/commands/initialize.d.ts +4 -3
  5. package/dist/commands/initialize.js +4 -3
  6. package/dist/commands/rotate.d.ts +8 -7
  7. package/dist/commands/rotate.js +3 -4
  8. package/dist/helpers/common-flags.d.ts +4 -3
  9. package/dist/helpers/common-flags.js +2 -1
  10. package/dist/helpers/kube-api-service.d.ts +2 -2
  11. package/dist/helpers/kube-api-service.js +4 -5
  12. package/dist/helpers/secret.d.ts +1 -1
  13. package/dist/helpers/secret.js +6 -3
  14. package/oclif.manifest.json +129 -76
  15. package/package.json +68 -68
package/README.md CHANGED
@@ -1,27 +1,27 @@
1
- oidc-key-manager
2
- =================
3
-
4
- CLI to manage secret keys required by oidc-gateway
5
-
1
+ oidc-key-manager
2
+ =================
3
+
4
+ CLI to manage secret keys required by oidc-gateway
5
+
6
6
  <!-- toc -->
7
7
  * [Usage](#usage)
8
8
  * [Commands](#commands)
9
- <!-- tocstop -->
10
- # Usage
9
+ <!-- tocstop -->
10
+ # Usage
11
11
  <!-- usage -->
12
12
  ```sh-session
13
13
  $ npm install -g @codemowers/oidc-key-manager
14
14
  $ key-manager COMMAND
15
15
  running command...
16
16
  $ key-manager (--version)
17
- @codemowers/oidc-key-manager/0.2.2 linux-x64 node-v16.17.0
17
+ @codemowers/oidc-key-manager/1.1.0 linux-x64 node-v22.17.1
18
18
  $ key-manager --help [COMMAND]
19
19
  USAGE
20
20
  $ key-manager COMMAND
21
21
  ...
22
22
  ```
23
- <!-- usagestop -->
24
- # Commands
23
+ <!-- usagestop -->
24
+ # Commands
25
25
  <!-- commands -->
26
26
  * [`key-manager initialize`](#key-manager-initialize)
27
27
  * [`key-manager rotate`](#key-manager-rotate)
@@ -32,14 +32,15 @@ Initialize the secret with initial keys
32
32
 
33
33
  ```
34
34
  USAGE
35
- $ key-manager initialize -c local|cluster [--json] [-n <value>] [-s <value>] [--recreate]
35
+ $ key-manager initialize -c local|cluster [--json] [-n <value>] [-s <value>] [-l <value>] [--recreate]
36
36
 
37
37
  FLAGS
38
- -c, --config=<option> (required) use local or in-cluster Kubernetes config
39
- <options: local|cluster>
40
- -n, --namespace=<value> namespace, defaults to current namespace if service account is used
41
- -s, --secret=<value> [default: oidc-keys] secret name
42
- --recreate recreate the secret if it exists
38
+ -c, --config=<option> (required) use local or in-cluster Kubernetes config
39
+ <options: local|cluster>
40
+ -l, --additionalLabel=<value>... Add custom Kubernetes label (may be repeated)
41
+ -n, --namespace=<value> namespace, defaults to current namespace if service account is used
42
+ -s, --secret=<value> [default: oidc-keys] secret name
43
+ --recreate recreate the secret if it exists
43
44
 
44
45
  GLOBAL FLAGS
45
46
  --json Format output as json.
@@ -55,9 +56,11 @@ EXAMPLES
55
56
  $ key-manager initialize -n <kube namespace> -s <secret name>
56
57
 
57
58
  $ key-manager initialize --namespace <kube namespace> --secret <secret name> --recreate
59
+
60
+ $ key-manager initialize --additional-label "app.kubernetes.io/instance: passmower"
58
61
  ```
59
62
 
60
- _See code: [dist/commands/initialize.ts](https://github.com/codemowers/oidc-key-manager/blob/v0.2.2/dist/commands/initialize.ts)_
63
+ _See code: [src/commands/initialize.ts](https://github.com/codemowers/oidc-key-manager/blob/v1.1.0/src/commands/initialize.ts)_
61
64
 
62
65
  ## `key-manager rotate`
63
66
 
@@ -65,22 +68,23 @@ Append new JWK|cookie key|both and rotate the array, optionally restarting the d
65
68
 
66
69
  ```
67
70
  USAGE
68
- $ key-manager rotate -c local|cluster [-n <value>] [-s <value>] [--both] [--jwks] [--cookie-keys]
69
- [--max-number-of-jwks <value>] [--max-number-of-cookie-keys <value>] [--restart-deployment-backoff <value>
70
- --restart-deployment <value>]
71
+ $ key-manager rotate -c local|cluster [-n <value>] [-s <value>] [-l <value>] [--both] [--jwks]
72
+ [--cookie-keys] [--max-number-of-jwks <value>] [--max-number-of-cookie-keys <value>] [--restart-deployment-backoff
73
+ <value> --restart-deployment <value>]
71
74
 
72
75
  FLAGS
73
- -c, --config=<option> (required) use local or in-cluster Kubernetes config
74
- <options: local|cluster>
75
- -n, --namespace=<value> namespace, defaults to current namespace if service account is used
76
- -s, --secret=<value> [default: oidc-keys] secret name
77
- --both rotate both JWKs and cookie keys
78
- --cookie-keys rotate cookie keys
79
- --jwks rotate JWKs
80
- --max-number-of-cookie-keys=<value> [default: 3]
81
- --max-number-of-jwks=<value> [default: 3]
82
- --restart-deployment=<value> Kubernetes deployment name to restart while rotating
83
- --restart-deployment-backoff=<value> [default: 60] Seconds to wait for deployment to restart
76
+ -c, --config=<option> (required) use local or in-cluster Kubernetes config
77
+ <options: local|cluster>
78
+ -l, --additionalLabel=<value>... Add custom Kubernetes label (may be repeated)
79
+ -n, --namespace=<value> namespace, defaults to current namespace if service account is used
80
+ -s, --secret=<value> [default: oidc-keys] secret name
81
+ --both rotate both JWKs and cookie keys
82
+ --cookie-keys rotate cookie keys
83
+ --jwks rotate JWKs
84
+ --max-number-of-cookie-keys=<value> [default: 3]
85
+ --max-number-of-jwks=<value> [default: 3]
86
+ --restart-deployment=<value> Kubernetes deployment name to restart while rotating
87
+ --restart-deployment-backoff=<value> [default: 60] Seconds to wait for deployment to restart
84
88
 
85
89
  DESCRIPTION
86
90
  Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment
@@ -89,5 +93,5 @@ EXAMPLES
89
93
  $ key-manager rotate
90
94
  ```
91
95
 
92
- _See code: [dist/commands/rotate.ts](https://github.com/codemowers/oidc-key-manager/blob/v0.2.2/dist/commands/rotate.ts)_
96
+ _See code: [src/commands/rotate.ts](https://github.com/codemowers/oidc-key-manager/blob/v1.1.0/src/commands/rotate.ts)_
93
97
  <!-- commandsstop -->
package/bin/dev.cmd CHANGED
@@ -1,3 +1,3 @@
1
- @echo off
2
-
1
+ @echo off
2
+
3
3
  node "%~dp0\dev" %*
package/bin/run.cmd CHANGED
@@ -1,3 +1,3 @@
1
- @echo off
2
-
3
- node "%~dp0\run" %*
1
+ @echo off
2
+
3
+ node "%~dp0\run" %*
package/dist/commands/initialize.d.ts CHANGED
@@ -5,9 +5,10 @@ export default class Initialize extends Command {
5
5
  static examples: string[];
6
6
  static flags: {
7
7
  recreate: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
8
- namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
9
- secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
10
- config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
8
+ namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
9
+ secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
10
+ config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
11
+ additionalLabel: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
11
12
  };
12
13
  static args: {};
13
14
  run(): Promise<void>;
package/dist/commands/initialize.js CHANGED
@@ -12,7 +12,7 @@ class Initialize extends core_1.Command {
12
12
  kubeApiService.printConfiguration();
13
13
  const exists = await kubeApiService.getSecret();
14
14
  if (exists && !flags.recreate) {
15
- this.exit(0);
15
+ return;
16
16
  }
17
17
  if (exists) {
18
18
  await kubeApiService.deleteSecret();
@@ -20,10 +20,9 @@ class Initialize extends core_1.Command {
20
20
  const secret = new secret_1.Secret(this);
21
21
  this.log('Generating secret');
22
22
  secret.generateNew();
23
- await kubeApiService.createSecret(secret);
23
+ await kubeApiService.createSecret(secret, flags.additionalLabel);
24
24
  }
25
25
  }
26
- exports.default = Initialize;
27
26
  Initialize.description = 'Initialize the secret with initial keys';
28
27
  Initialize.enableJsonFlag = true;
29
28
  Initialize.examples = [
@@ -31,9 +30,11 @@ Initialize.examples = [
31
30
  '<%= config.bin %> <%= command.id %>',
32
31
  '<%= config.bin %> <%= command.id %> -n <kube namespace> -s <secret name>',
33
32
  '<%= config.bin %> <%= command.id %> --namespace <kube namespace> --secret <secret name> --recreate',
33
+ '<%= config.bin %> <%= command.id %> --additional-label "app.kubernetes.io/instance: passmower"',
34
34
  ];
35
35
  Initialize.flags = {
36
36
  ...common_flags_1.default,
37
37
  recreate: core_1.Flags.boolean({ description: 'recreate the secret if it exists', aliases: ['recreate'], required: false }),
38
38
  };
39
39
  Initialize.args = {};
40
+ exports.default = Initialize;
package/dist/commands/rotate.d.ts CHANGED
@@ -6,13 +6,14 @@ export default class Rotate extends Command {
6
6
  both: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
7
7
  jwks: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
8
8
  'cookie-keys': import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
9
- 'max-number-of-jwks': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
10
- 'max-number-of-cookie-keys': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
11
- 'restart-deployment': import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
12
- 'restart-deployment-backoff': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
13
- namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
14
- secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
15
- config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
9
+ 'max-number-of-jwks': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
10
+ 'max-number-of-cookie-keys': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
11
+ 'restart-deployment': import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
12
+ 'restart-deployment-backoff': import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
13
+ namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
14
+ secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
15
+ config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
16
+ additionalLabel: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
16
17
  };
17
18
  static args: {};
18
19
  run(): Promise<void>;
package/dist/commands/rotate.js CHANGED
@@ -13,7 +13,6 @@ class Rotate extends core_1.Command {
13
13
  const kubeSecret = await kubeApiService.getSecret();
14
14
  if (!kubeSecret) {
15
15
  this.error('Secret does not exist');
16
- this.exit(1);
17
16
  }
18
17
  const secret = new secret_1.Secret(this);
19
18
  secret.fromKubeSecret(kubeSecret);
@@ -23,7 +22,7 @@ class Rotate extends core_1.Command {
23
22
  if (flags.both || flags['cookie-keys']) {
24
23
  secret.appendCookieKey(flags['max-number-of-cookie-keys']);
25
24
  }
26
- await kubeApiService.replaceSecret(secret);
25
+ await kubeApiService.replaceSecret(secret, flags.additionalLabel);
27
26
  let restarted = false;
28
27
  if (flags['restart-deployment']) {
29
28
  try {
@@ -41,7 +40,7 @@ class Rotate extends core_1.Command {
41
40
  if (flags.both || flags.jwks) {
42
41
  secret.rotateCookieKeys();
43
42
  }
44
- await kubeApiService.replaceSecret(secret);
43
+ await kubeApiService.replaceSecret(secret, flags.additionalLabel);
45
44
  if (flags['restart-deployment']) {
46
45
  try {
47
46
  await kubeApiService.restartDeployment(flags['restart-deployment'], flags['restart-deployment-backoff']);
@@ -55,7 +54,6 @@ class Rotate extends core_1.Command {
55
54
  this.log('Keys rotated' + (restarted ? '' : ', but deployment not restarted'));
56
55
  }
57
56
  }
58
- exports.default = Rotate;
59
57
  Rotate.description = 'Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment';
60
58
  Rotate.examples = [
61
59
  '<%= config.bin %> <%= command.id %>',
@@ -71,3 +69,4 @@ Rotate.flags = {
71
69
  'restart-deployment-backoff': core_1.Flags.integer({ description: 'Seconds to wait for deployment to restart', default: 60, dependsOn: ['restart-deployment'] }),
72
70
  };
73
71
  Rotate.args = {};
72
+ exports.default = Rotate;
package/dist/helpers/common-flags.d.ts CHANGED
@@ -8,8 +8,9 @@ export declare enum ConfigType {
8
8
  InCluster = "cluster"
9
9
  }
10
10
  declare const _default: {
11
- namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
12
- secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
13
- config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces/parser").CustomOptions>;
11
+ namespace: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
12
+ secret: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
13
+ config: import("@oclif/core/lib/interfaces").OptionFlag<string, import("@oclif/core/lib/interfaces").CustomOptions>;
14
+ additionalLabel: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
14
15
  };
15
16
  export default _default;
package/dist/helpers/common-flags.js CHANGED
@@ -6,9 +6,10 @@ var ConfigType;
6
6
  (function (ConfigType) {
7
7
  ConfigType["Local"] = "local";
8
8
  ConfigType["InCluster"] = "cluster";
9
- })(ConfigType = exports.ConfigType || (exports.ConfigType = {}));
9
+ })(ConfigType || (exports.ConfigType = ConfigType = {}));
10
10
  exports.default = {
11
11
  namespace: core_1.Flags.string({ char: 'n', description: 'namespace, defaults to current namespace if service account is used', aliases: ['namespace'], required: false }),
12
12
  secret: core_1.Flags.string({ char: 's', description: 'secret name', aliases: ['secret'], default: 'oidc-keys', required: false }),
13
13
  config: core_1.Flags.string({ char: 'c', description: 'use local or in-cluster Kubernetes config', aliases: ['config'], required: true, options: [ConfigType.Local, ConfigType.InCluster] }),
14
+ additionalLabel: core_1.Flags.string({ char: 'l', description: 'Add custom Kubernetes label (may be repeated)', aliases: ['additional-label'], required: false, multiple: true }),
14
15
  };
package/dist/helpers/kube-api-service.d.ts CHANGED
@@ -15,6 +15,6 @@ export declare class KubeApiService {
15
15
  restartDeployment(deploymentName: string, timeoutInSeconds: number): Promise<any>;
16
16
  getSecret(): Promise<V1Secret | undefined | null>;
17
17
  deleteSecret(): Promise<void>;
18
- createSecret(secret: Secret): Promise<void>;
19
- replaceSecret(secret: Secret): Promise<void>;
18
+ createSecret(secret: Secret, labels?: any): Promise<void>;
19
+ replaceSecret(secret: Secret, labels?: any): Promise<void>;
20
20
  }
package/dist/helpers/kube-api-service.js CHANGED
@@ -72,7 +72,6 @@ class KubeApiService {
72
72
  .catch(error => {
73
73
  if (error.statusCode !== 404) {
74
74
  this.command.error(error);
75
- this.command.exit(1);
76
75
  }
77
76
  return null;
78
77
  });
@@ -84,14 +83,14 @@ class KubeApiService {
84
83
  await this.coreV1Api.deleteNamespacedSecret(this.secretName, this.namespace).then(() => true);
85
84
  this.command.log(`Existing secret ${this.secretName} deleted`);
86
85
  }
87
- async createSecret(secret) {
86
+ async createSecret(secret, labels) {
88
87
  this.command.log(`Creating secret ${this.secretName}`);
89
- await this.coreV1Api.createNamespacedSecret(this.namespace, secret.toKubeSecret(this.secretName));
88
+ await this.coreV1Api.createNamespacedSecret(this.namespace, secret.toKubeSecret(this.secretName, labels));
90
89
  this.command.log(`Created secret ${this.secretName}`);
91
90
  }
92
- async replaceSecret(secret) {
91
+ async replaceSecret(secret, labels) {
93
92
  this.command.log(`Replacing secret ${this.secretName}`);
94
- await this.coreV1Api.replaceNamespacedSecret(this.secretName, this.namespace, secret.toKubeSecret(this.secretName));
93
+ await this.coreV1Api.replaceNamespacedSecret(this.secretName, this.namespace, secret.toKubeSecret(this.secretName, labels));
95
94
  }
96
95
  }
97
96
  exports.KubeApiService = KubeApiService;
package/dist/helpers/secret.d.ts CHANGED
@@ -7,7 +7,7 @@ export declare class Secret {
7
7
  private command;
8
8
  constructor(command: Command);
9
9
  generateNew(): void;
10
- toKubeSecret(secretName: string): V1Secret;
10
+ toKubeSecret(secretName: string, labels?: any): V1Secret;
11
11
  fromKubeSecret(kubeSecret: V1Secret): void;
12
12
  appendJWK(maxNumber: number): void;
13
13
  appendCookieKey(maxNumber: number): void;
package/dist/helpers/secret.js CHANGED
@@ -19,9 +19,9 @@ class Secret {
19
19
  this.JWKs = [tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_generateRSAJwk).call(this, 4096)];
20
20
  this.CookieKeys = [tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_generateCookieKey).call(this, 32)];
21
21
  }
22
- toKubeSecret(secretName) {
22
+ toKubeSecret(secretName, labels) {
23
23
  const secret = new client_node_1.V1Secret();
24
- secret.metadata = tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_getKubeSecretMetadata).call(this, secretName);
24
+ secret.metadata = tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_getKubeSecretMetadata).call(this, secretName, labels);
25
25
  secret.data = {};
26
26
  secret.data[JWKSKeyName] = tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_arrayToB64String).call(this, this.JWKs);
27
27
  secret.data[CookieKeysKeyName] = tslib_1.__classPrivateFieldGet(this, _Secret_instances, "m", _Secret_arrayToB64String).call(this, this.CookieKeys);
@@ -73,8 +73,11 @@ _Secret_instances = new WeakSet(), _Secret_append = function _Secret_append(prop
73
73
  }, _Secret_arrayToB64String = function _Secret_arrayToB64String(array) {
74
74
  const b = Buffer.from(JSON.stringify(array));
75
75
  return b.toString('base64');
76
- }, _Secret_getKubeSecretMetadata = function _Secret_getKubeSecretMetadata(secretName) {
76
+ }, _Secret_getKubeSecretMetadata = function _Secret_getKubeSecretMetadata(secretName, labels) {
77
77
  const metaData = new client_node_1.V1ObjectMeta();
78
78
  metaData.name = secretName;
79
+ if (labels) {
80
+ metaData.labels = labels;
81
+ }
79
82
  return metaData;
80
83
  };
package/oclif.manifest.json CHANGED
@@ -1,177 +1,230 @@
1
1
  {
2
- "version": "0.2.2",
3
2
  "commands": {
4
3
  "initialize": {
5
- "id": "initialize",
6
- "description": "Initialize the secret with initial keys",
7
- "strict": true,
8
- "pluginName": "@codemowers/oidc-key-manager",
9
- "pluginAlias": "@codemowers/oidc-key-manager",
10
- "pluginType": "core",
11
4
  "aliases": [],
5
+ "args": {},
6
+ "description": "Initialize the secret with initial keys",
12
7
  "examples": [
13
8
  "<%= config.bin %> <%= command.id %>",
14
9
  "<%= config.bin %> <%= command.id %>",
15
10
  "<%= config.bin %> <%= command.id %> -n <kube namespace> -s <secret name>",
16
- "<%= config.bin %> <%= command.id %> --namespace <kube namespace> --secret <secret name> --recreate"
11
+ "<%= config.bin %> <%= command.id %> --namespace <kube namespace> --secret <secret name> --recreate",
12
+ "<%= config.bin %> <%= command.id %> --additional-label \"app.kubernetes.io/instance: passmower\""
17
13
  ],
18
14
  "flags": {
19
15
  "json": {
20
- "name": "json",
21
- "type": "boolean",
22
16
  "description": "Format output as json.",
23
17
  "helpGroup": "GLOBAL",
24
- "allowNo": false
18
+ "name": "json",
19
+ "allowNo": false,
20
+ "type": "boolean"
25
21
  },
26
22
  "namespace": {
27
- "name": "namespace",
28
- "type": "option",
23
+ "aliases": [
24
+ "namespace"
25
+ ],
29
26
  "char": "n",
30
27
  "description": "namespace, defaults to current namespace if service account is used",
28
+ "name": "namespace",
31
29
  "required": false,
30
+ "hasDynamicHelp": false,
32
31
  "multiple": false,
33
- "aliases": [
34
- "namespace"
35
- ]
32
+ "type": "option"
36
33
  },
37
34
  "secret": {
38
- "name": "secret",
39
- "type": "option",
35
+ "aliases": [
36
+ "secret"
37
+ ],
40
38
  "char": "s",
41
39
  "description": "secret name",
40
+ "name": "secret",
42
41
  "required": false,
43
- "multiple": false,
44
42
  "default": "oidc-keys",
45
- "aliases": [
46
- "secret"
47
- ]
43
+ "hasDynamicHelp": false,
44
+ "multiple": false,
45
+ "type": "option"
48
46
  },
49
47
  "config": {
50
- "name": "config",
51
- "type": "option",
48
+ "aliases": [
49
+ "config"
50
+ ],
52
51
  "char": "c",
53
52
  "description": "use local or in-cluster Kubernetes config",
53
+ "name": "config",
54
54
  "required": true,
55
+ "hasDynamicHelp": false,
55
56
  "multiple": false,
56
57
  "options": [
57
58
  "local",
58
59
  "cluster"
59
60
  ],
61
+ "type": "option"
62
+ },
63
+ "additionalLabel": {
60
64
  "aliases": [
61
- "config"
62
- ]
65
+ "additional-label"
66
+ ],
67
+ "char": "l",
68
+ "description": "Add custom Kubernetes label (may be repeated)",
69
+ "name": "additionalLabel",
70
+ "required": false,
71
+ "hasDynamicHelp": false,
72
+ "multiple": true,
73
+ "type": "option"
63
74
  },
64
75
  "recreate": {
65
- "name": "recreate",
66
- "type": "boolean",
76
+ "aliases": [
77
+ "recreate"
78
+ ],
67
79
  "description": "recreate the secret if it exists",
80
+ "name": "recreate",
68
81
  "required": false,
69
82
  "allowNo": false,
70
- "aliases": [
71
- "recreate"
72
- ]
83
+ "type": "boolean"
73
84
  }
74
85
  },
75
- "args": {}
76
- },
77
- "rotate": {
78
- "id": "rotate",
79
- "description": "Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment",
80
- "strict": true,
81
- "pluginName": "@codemowers/oidc-key-manager",
86
+ "hasDynamicHelp": false,
87
+ "hiddenAliases": [],
88
+ "id": "initialize",
82
89
  "pluginAlias": "@codemowers/oidc-key-manager",
90
+ "pluginName": "@codemowers/oidc-key-manager",
83
91
  "pluginType": "core",
92
+ "strict": true,
93
+ "enableJsonFlag": true,
94
+ "isESM": false,
95
+ "relativePath": [
96
+ "dist",
97
+ "commands",
98
+ "initialize.js"
99
+ ]
100
+ },
101
+ "rotate": {
84
102
  "aliases": [],
103
+ "args": {},
104
+ "description": "Append new JWK|cookie key|both and rotate the array, optionally restarting the deployment",
85
105
  "examples": [
86
106
  "<%= config.bin %> <%= command.id %>"
87
107
  ],
88
108
  "flags": {
89
109
  "namespace": {
90
- "name": "namespace",
91
- "type": "option",
110
+ "aliases": [
111
+ "namespace"
112
+ ],
92
113
  "char": "n",
93
114
  "description": "namespace, defaults to current namespace if service account is used",
115
+ "name": "namespace",
94
116
  "required": false,
117
+ "hasDynamicHelp": false,
95
118
  "multiple": false,
96
- "aliases": [
97
- "namespace"
98
- ]
119
+ "type": "option"
99
120
  },
100
121
  "secret": {
101
- "name": "secret",
102
- "type": "option",
122
+ "aliases": [
123
+ "secret"
124
+ ],
103
125
  "char": "s",
104
126
  "description": "secret name",
127
+ "name": "secret",
105
128
  "required": false,
106
- "multiple": false,
107
129
  "default": "oidc-keys",
108
- "aliases": [
109
- "secret"
110
- ]
130
+ "hasDynamicHelp": false,
131
+ "multiple": false,
132
+ "type": "option"
111
133
  },
112
134
  "config": {
113
- "name": "config",
114
- "type": "option",
135
+ "aliases": [
136
+ "config"
137
+ ],
115
138
  "char": "c",
116
139
  "description": "use local or in-cluster Kubernetes config",
140
+ "name": "config",
117
141
  "required": true,
142
+ "hasDynamicHelp": false,
118
143
  "multiple": false,
119
144
  "options": [
120
145
  "local",
121
146
  "cluster"
122
147
  ],
148
+ "type": "option"
149
+ },
150
+ "additionalLabel": {
123
151
  "aliases": [
124
- "config"
125
- ]
152
+ "additional-label"
153
+ ],
154
+ "char": "l",
155
+ "description": "Add custom Kubernetes label (may be repeated)",
156
+ "name": "additionalLabel",
157
+ "required": false,
158
+ "hasDynamicHelp": false,
159
+ "multiple": true,
160
+ "type": "option"
126
161
  },
127
162
  "both": {
128
- "name": "both",
129
- "type": "boolean",
130
163
  "description": "rotate both JWKs and cookie keys",
131
- "allowNo": false
164
+ "name": "both",
165
+ "allowNo": false,
166
+ "type": "boolean"
132
167
  },
133
168
  "jwks": {
134
- "name": "jwks",
135
- "type": "boolean",
136
169
  "description": "rotate JWKs",
137
- "allowNo": false
170
+ "name": "jwks",
171
+ "allowNo": false,
172
+ "type": "boolean"
138
173
  },
139
174
  "cookie-keys": {
140
- "name": "cookie-keys",
141
- "type": "boolean",
142
175
  "description": "rotate cookie keys",
143
- "allowNo": false
176
+ "name": "cookie-keys",
177
+ "allowNo": false,
178
+ "type": "boolean"
144
179
  },
145
180
  "max-number-of-jwks": {
146
181
  "name": "max-number-of-jwks",
147
- "type": "option",
182
+ "default": 3,
183
+ "hasDynamicHelp": false,
148
184
  "multiple": false,
149
- "default": 3
185
+ "type": "option"
150
186
  },
151
187
  "max-number-of-cookie-keys": {
152
188
  "name": "max-number-of-cookie-keys",
153
- "type": "option",
189
+ "default": 3,
190
+ "hasDynamicHelp": false,
154
191
  "multiple": false,
155
- "default": 3
192
+ "type": "option"
156
193
  },
157
194
  "restart-deployment": {
158
- "name": "restart-deployment",
159
- "type": "option",
160
195
  "description": "Kubernetes deployment name to restart while rotating",
161
- "multiple": false
196
+ "name": "restart-deployment",
197
+ "hasDynamicHelp": false,
198
+ "multiple": false,
199
+ "type": "option"
162
200
  },
163
201
  "restart-deployment-backoff": {
164
- "name": "restart-deployment-backoff",
165
- "type": "option",
166
- "description": "Seconds to wait for deployment to restart",
167
- "multiple": false,
168
202
  "dependsOn": [
169
203
  "restart-deployment"
170
204
  ],
171
- "default": 60
205
+ "description": "Seconds to wait for deployment to restart",
206
+ "name": "restart-deployment-backoff",
207
+ "default": 60,
208
+ "hasDynamicHelp": false,
209
+ "multiple": false,
210
+ "type": "option"
172
211
  }
173
212
  },
174
- "args": {}
213
+ "hasDynamicHelp": false,
214
+ "hiddenAliases": [],
215
+ "id": "rotate",
216
+ "pluginAlias": "@codemowers/oidc-key-manager",
217
+ "pluginName": "@codemowers/oidc-key-manager",
218
+ "pluginType": "core",
219
+ "strict": true,
220
+ "enableJsonFlag": false,
221
+ "isESM": false,
222
+ "relativePath": [
223
+ "dist",
224
+ "commands",
225
+ "rotate.js"
226
+ ]
175
227
  }
176
- }
228
+ },
229
+ "version": "1.1.0"
177
230
  }
package/package.json CHANGED
@@ -1,68 +1,68 @@
1
- {
2
- "name": "@codemowers/oidc-key-manager",
3
- "version": "0.2.2",
4
- "description": "CLI to manage secret keys required by oidc-gateway",
5
- "author": "Erki Aas",
6
- "bin": {
7
- "key-manager": "./bin/run"
8
- },
9
- "homepage": "https://github.com/codemowers/oidc-key-manager",
10
- "license": "MIT",
11
- "main": "dist/index.js",
12
- "repository": "codemowers/oidc-key-manager",
13
- "files": [
14
- "/bin",
15
- "/dist",
16
- "/npm-shrinkwrap.json",
17
- "/oclif.manifest.json"
18
- ],
19
- "dependencies": {
20
- "@kubernetes/client-node": "^0.18.1",
21
- "@oclif/core": "^2.8.4",
22
- "@oclif/plugin-help": "^5",
23
- "@oclif/plugin-plugins": "^2.4.7",
24
- "@types/jsrsasign": "^10.5.8",
25
- "jsrsasign": "^10.8.6"
26
- },
27
- "devDependencies": {
28
- "@oclif/test": "^2.3.17",
29
- "@types/chai": "^4",
30
- "@types/mocha": "^9.0.0",
31
- "@types/node": "^16.18.25",
32
- "chai": "^4",
33
- "eslint": "^7.32.0",
34
- "eslint-config-oclif": "^4",
35
- "eslint-config-oclif-typescript": "^1.0.3",
36
- "mocha": "^9",
37
- "oclif": "^3",
38
- "shx": "^0.3.4",
39
- "ts-node": "^10.9.1",
40
- "tslib": "^2.5.0",
41
- "typescript": "^4.9.5"
42
- },
43
- "oclif": {
44
- "bin": "key-manager",
45
- "dirname": "key-manager",
46
- "commands": "./dist/commands",
47
- "topicSeparator": " ",
48
- "topics": {
49
- "hello": {
50
- "description": "Say hello to the world and others"
51
- }
52
- }
53
- },
54
- "scripts": {
55
- "build": "shx rm -rf dist && tsc -b",
56
- "lint": "eslint . --ext .ts --config .eslintrc",
57
- "postpack": "shx rm -f oclif.manifest.json",
58
- "posttest": "npm run lint",
59
- "prepack": "npm run build && oclif manifest && oclif readme",
60
- "test": "mocha --forbid-only \"test/**/*.test.ts\"",
61
- "version": "oclif readme && git add README.md"
62
- },
63
- "engines": {
64
- "node": ">=12.0.0"
65
- },
66
- "bugs": "https://github.com/codemowers/oidc-key-manager/issues",
67
- "types": "dist/index.d.ts"
68
- }
1
+ {
2
+ "name": "@codemowers/oidc-key-manager",
3
+ "version": "1.1.0",
4
+ "description": "CLI to manage secret keys required by oidc-gateway",
5
+ "author": "Erki Aas",
6
+ "bin": {
7
+ "key-manager": "./bin/run"
8
+ },
9
+ "homepage": "https://github.com/codemowers/oidc-key-manager",
10
+ "license": "MIT",
11
+ "main": "dist/index.js",
12
+ "repository": "codemowers/oidc-key-manager",
13
+ "files": [
14
+ "/bin",
15
+ "/dist",
16
+ "/npm-shrinkwrap.json",
17
+ "/oclif.manifest.json"
18
+ ],
19
+ "dependencies": {
20
+ "@kubernetes/client-node": "^0.20.0",
21
+ "@oclif/core": "^3.26.0",
22
+ "@oclif/plugin-help": "^6.0.20",
23
+ "@oclif/plugin-plugins": "^2.4.7",
24
+ "@types/jsrsasign": "^10.5.13",
25
+ "jsrsasign": "^11.1.0"
26
+ },
27
+ "devDependencies": {
28
+ "@oclif/test": "^3.2.8",
29
+ "@types/chai": "^4.3.14",
30
+ "@types/mocha": "^10.0.6",
31
+ "@types/node": "^20.12.2",
32
+ "chai": "^5.1.0",
33
+ "eslint": "^8.57.0",
34
+ "eslint-config-oclif": "^5.1.1",
35
+ "eslint-config-oclif-typescript": "^2.0.1",
36
+ "mocha": "^10.4.0",
37
+ "oclif": "^4.7.5",
38
+ "shx": "^0.3.4",
39
+ "ts-node": "^10.9.2",
40
+ "tslib": "^2.6.2",
41
+ "typescript": "^5.4.3"
42
+ },
43
+ "oclif": {
44
+ "bin": "key-manager",
45
+ "dirname": "key-manager",
46
+ "commands": "./dist/commands",
47
+ "topicSeparator": " ",
48
+ "topics": {
49
+ "hello": {
50
+ "description": "Say hello to the world and others"
51
+ }
52
+ }
53
+ },
54
+ "scripts": {
55
+ "build": "shx rm -rf dist && tsc -b",
56
+ "lint": "eslint . --ext .ts --config .eslintrc",
57
+ "postpack": "shx rm -f oclif.manifest.json",
58
+ "posttest": "npm run lint",
59
+ "prepack": "npm run build && oclif manifest && oclif readme",
60
+ "test": "mocha --forbid-only \"test/**/*.test.ts\"",
61
+ "version": "oclif readme && git add README.md"
62
+ },
63
+ "engines": {
64
+ "node": ">=12.0.0"
65
+ },
66
+ "bugs": "https://github.com/codemowers/oidc-key-manager/issues",
67
+ "types": "dist/index.d.ts"
68
+ }