@fentaris/cli 0.2.3 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/main.js +4 -4
- package/dist/app/main.js.map +1 -1
- package/dist/commands/doctor.d.ts.map +1 -1
- package/dist/commands/doctor.js +1 -0
- package/dist/commands/doctor.js.map +1 -1
- package/dist/commands/secrets.d.ts.map +1 -1
- package/dist/commands/secrets.js +139 -7
- package/dist/commands/secrets.js.map +1 -1
- package/dist/domain/auth/local-store.d.ts +10 -3
- package/dist/domain/auth/local-store.d.ts.map +1 -1
- package/dist/domain/auth/local-store.js +47 -11
- package/dist/domain/auth/local-store.js.map +1 -1
- package/dist/domain/health/checks.d.ts +1 -0
- package/dist/domain/health/checks.d.ts.map +1 -1
- package/dist/domain/health/checks.js +26 -11
- package/dist/domain/health/checks.js.map +1 -1
- package/dist/domain/project/project.js +2 -0
- package/dist/domain/project/project.js.map +1 -1
- package/dist/domain/secrets/backend.d.ts +9 -0
- package/dist/domain/secrets/backend.d.ts.map +1 -0
- package/dist/domain/secrets/backend.js +38 -0
- package/dist/domain/secrets/backend.js.map +1 -0
- package/dist/domain/secrets/doctor.d.ts +22 -0
- package/dist/domain/secrets/doctor.d.ts.map +1 -0
- package/dist/domain/secrets/doctor.js +216 -0
- package/dist/domain/secrets/doctor.js.map +1 -0
- package/dist/domain/secrets/manifest-scan.d.ts +16 -0
- package/dist/domain/secrets/manifest-scan.d.ts.map +1 -0
- package/dist/domain/secrets/manifest-scan.js +38 -0
- package/dist/domain/secrets/manifest-scan.js.map +1 -0
- package/dist/domain/template/template.d.ts.map +1 -1
- package/dist/domain/template/template.js +13 -1
- package/dist/domain/template/template.js.map +1 -1
- package/dist/shared/constants.d.ts +1 -1
- package/dist/shared/constants.d.ts.map +1 -1
- package/dist/shared/constants.js +3 -1
- package/dist/shared/constants.js.map +1 -1
- package/dist/shared/parse.d.ts.map +1 -1
- package/dist/shared/parse.js +4 -0
- package/dist/shared/parse.js.map +1 -1
- package/dist/shared/types.d.ts +7 -0
- package/dist/shared/types.d.ts.map +1 -1
- package/dist/ui/format.d.ts.map +1 -1
- package/dist/ui/format.js +6 -0
- package/dist/ui/format.js.map +1 -1
- package/package.json +2 -2
package/dist/app/main.js
CHANGED
|
@@ -23,12 +23,12 @@ export async function main(argv, runtime) {
|
|
|
23
23
|
}
|
|
24
24
|
}
|
|
25
25
|
async function route(command, runtime) {
|
|
26
|
-
if (command.name === "help" || command.options.
|
|
27
|
-
|
|
26
|
+
if (command.name === "version" || (command.name === "help" && (command.options.version === true || command.options.v === true))) {
|
|
27
|
+
runtime.out.log(cliVersion);
|
|
28
28
|
return;
|
|
29
29
|
}
|
|
30
|
-
if (command.name === "
|
|
31
|
-
runtime
|
|
30
|
+
if (command.name === "help" || command.options.help === true || command.options.h === true) {
|
|
31
|
+
printHelp(runtime);
|
|
32
32
|
return;
|
|
33
33
|
}
|
|
34
34
|
if (command.name === "auth") {
|
package/dist/app/main.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"main.js","sourceRoot":"","sources":["../../src/app/main.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAEnD,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,IAAc,EAAE,OAAgB;IACzD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IAEnC,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtF,OAAO,CAAC,CAAC;IACX,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,KAAK,CAAC,OAAmB,EAAE,OAAgB;IACxD,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"main.js","sourceRoot":"","sources":["../../src/app/main.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAEnD,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,IAAc,EAAE,OAAgB;IACzD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IAEnC,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtF,OAAO,CAAC,CAAC;IACX,CAAC;YAAS,CAAC;QACT,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,KAAK,CAAC,OAAmB,EAAE,OAAgB;IACxD,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,EAAE,CAAC;QAChI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3F,SAAS,CAAC,OAAO,CAAC,CAAC;QACnB,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,MAAM,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACnC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAChC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAClC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC7B,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACjC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QACtB,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC7B,MAAM,QAAQ,CAAC,OAAO,CAAC,CAAC;QACxB,OAAO;IACT,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,CAAC,IAAI,uBAAuB,CAAC,CAAC;AAC3E,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"doctor.d.ts","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAI9D,wBAAsB,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"doctor.d.ts","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAI9D,wBAAsB,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAgBpF"}
|
package/dist/commands/doctor.js
CHANGED
|
@@ -6,6 +6,7 @@ export async function runDoctor(command, runtime) {
|
|
|
6
6
|
fix: command.options.fix === true,
|
|
7
7
|
runtime: command.options.runtime === true,
|
|
8
8
|
timeoutMs: numberOption(command.options, "timeout", 10_000),
|
|
9
|
+
strict: command.options.strict === true,
|
|
9
10
|
});
|
|
10
11
|
if (command.options.json === true) {
|
|
11
12
|
runtime.out.log(JSON.stringify({ results }, null, 2));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"doctor.js","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAEtF,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE9D,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAmB,EAAE,OAAgB;IACnE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE;QAC9C,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,KAAK,IAAI;QACjC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,KAAK,IAAI;QACzC,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"doctor.js","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAEtF,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE9D,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAmB,EAAE,OAAgB;IACnE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE;QAC9C,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,KAAK,IAAI;QACjC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,KAAK,IAAI;QACzC,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC;QAC3D,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,IAAI;KACxC,CAAC,CAAC;IACH,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC3B,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,IAAI,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACpF,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../src/commands/secrets.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../src/commands/secrets.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAI9D,wBAAsB,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CA4BrF"}
|
package/dist/commands/secrets.js
CHANGED
|
@@ -1,21 +1,153 @@
|
|
|
1
|
+
import { mkdir, readFile, writeFile } from "node:fs/promises";
|
|
1
2
|
import path from "node:path";
|
|
2
|
-
import {
|
|
3
|
+
import { manifestFromSecretRefs, manifestsEqual, parseManifest, serializeManifest } from "@fentaris/core";
|
|
4
|
+
import { secretScope } from "../domain/auth/local-store.js";
|
|
5
|
+
import { manifestPath, openLocalSecretsBackend, scopeFromOptions } from "../domain/secrets/backend.js";
|
|
6
|
+
import { buildListRows, getSecretsDoctorIssues, loadRequiredReferences } from "../domain/secrets/doctor.js";
|
|
7
|
+
import { scanEntrypointForSecrets } from "../domain/secrets/manifest-scan.js";
|
|
3
8
|
import { discoverProject } from "../domain/project/project.js";
|
|
9
|
+
import { exists } from "../shared/utils.js";
|
|
4
10
|
import { section, style } from "../ui/format.js";
|
|
5
11
|
export async function runSecrets(command, runtime) {
|
|
6
12
|
const [action, reference] = command.args;
|
|
7
|
-
if (action
|
|
8
|
-
throw new Error("Usage: fentaris secrets set
|
|
13
|
+
if (!action) {
|
|
14
|
+
throw new Error("Usage: fentaris secrets <set|list|unset|manifest|doctor> ...");
|
|
15
|
+
}
|
|
16
|
+
if (action === "set") {
|
|
17
|
+
await runSecretsSet(command, reference, runtime);
|
|
18
|
+
return;
|
|
19
|
+
}
|
|
20
|
+
if (action === "list") {
|
|
21
|
+
await runSecretsList(command, runtime);
|
|
22
|
+
return;
|
|
23
|
+
}
|
|
24
|
+
if (action === "unset") {
|
|
25
|
+
await runSecretsUnset(command, reference, runtime);
|
|
26
|
+
return;
|
|
9
27
|
}
|
|
10
|
-
if (
|
|
11
|
-
|
|
28
|
+
if (action === "manifest") {
|
|
29
|
+
await runSecretsManifest(command, runtime);
|
|
30
|
+
return;
|
|
31
|
+
}
|
|
32
|
+
if (action === "doctor") {
|
|
33
|
+
await runSecretsDoctor(command, runtime);
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
36
|
+
throw new Error(`Unknown secrets command "${action}". Run fentaris help.`);
|
|
37
|
+
}
|
|
38
|
+
async function runSecretsSet(command, reference, runtime) {
|
|
39
|
+
if (!reference) {
|
|
40
|
+
throw new Error("Usage: fentaris secrets set <reference> [--user <id> | --group <id>]");
|
|
12
41
|
}
|
|
13
42
|
const project = await discoverProject(runtime.cwd);
|
|
14
|
-
const
|
|
43
|
+
const backend = await openLocalSecretsBackend(project, runtime, command.options);
|
|
44
|
+
if (!(await backend.credentialsExist())) {
|
|
45
|
+
await backend.initEmpty();
|
|
46
|
+
}
|
|
15
47
|
const value = typeof command.options.value === "string" ? command.options.value : await runtime.prompt.text(`Secret value for ${reference}`, { secret: true });
|
|
16
|
-
await
|
|
48
|
+
await backend.set(reference, value, scopeFromOptions(command.options));
|
|
17
49
|
section(runtime, "Secrets");
|
|
18
50
|
runtime.out.log(` ${style.pass(`Stored ${reference} as ${secretScope(command.options)} credential.`)}`);
|
|
19
51
|
runtime.out.log("Value: <redacted>");
|
|
20
52
|
}
|
|
53
|
+
async function runSecretsUnset(command, reference, runtime) {
|
|
54
|
+
if (!reference) {
|
|
55
|
+
throw new Error("Usage: fentaris secrets unset <reference> [--user <id> | --group <id>]");
|
|
56
|
+
}
|
|
57
|
+
const project = await discoverProject(runtime.cwd);
|
|
58
|
+
const backend = await openLocalSecretsBackend(project, runtime, command.options);
|
|
59
|
+
await backend.unset(reference, scopeFromOptions(command.options));
|
|
60
|
+
section(runtime, "Secrets");
|
|
61
|
+
runtime.out.log(` ${style.pass(`Removed ${reference} from ${secretScope(command.options)} credentials.`)}`);
|
|
62
|
+
}
|
|
63
|
+
async function runSecretsList(command, runtime) {
|
|
64
|
+
const project = await discoverProject(runtime.cwd);
|
|
65
|
+
const backend = await openLocalSecretsBackend(project, runtime, command.options);
|
|
66
|
+
const stored = await backend.listRefs();
|
|
67
|
+
const required = await loadRequiredReferences(project);
|
|
68
|
+
const rows = buildListRows(required, stored);
|
|
69
|
+
if (command.options.json === true) {
|
|
70
|
+
runtime.out.log(JSON.stringify({ provider: "local", secrets: rows }, null, 2));
|
|
71
|
+
return;
|
|
72
|
+
}
|
|
73
|
+
section(runtime, "Secrets (local)");
|
|
74
|
+
if (rows.length === 0) {
|
|
75
|
+
runtime.out.log(` ${style.hint("No secrets stored yet. Run fentaris secrets set <reference>.")}`);
|
|
76
|
+
return;
|
|
77
|
+
}
|
|
78
|
+
runtime.out.log(` ${style.label("REF".padEnd(24))}${style.label("SCOPE".padEnd(18))}${style.label("STATUS")}`);
|
|
79
|
+
for (const row of rows) {
|
|
80
|
+
const status = row.status === "missing" ? style.fail("missing") : row.status === "set" ? style.pass("set") : style.pass(row.status);
|
|
81
|
+
runtime.out.log(` ${row.ref.padEnd(24)}${row.scope.padEnd(18)}${status}`);
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
async function runSecretsManifest(command, runtime) {
|
|
85
|
+
const project = await discoverProject(runtime.cwd);
|
|
86
|
+
const entrypoint = path.join(project.root, project.config.entrypoint);
|
|
87
|
+
if (!(await exists(entrypoint))) {
|
|
88
|
+
throw new Error(`Entrypoint not found: ${project.config.entrypoint}`);
|
|
89
|
+
}
|
|
90
|
+
const scanned = await scanEntrypointForSecrets(entrypoint);
|
|
91
|
+
const manifest = manifestFromSecretRefs(scanned.references.map((entry) => ({
|
|
92
|
+
ref: entry.ref,
|
|
93
|
+
scope: decodeManifestScope(entry.scope),
|
|
94
|
+
kind: "credential",
|
|
95
|
+
count: 1,
|
|
96
|
+
})), scanned.envVars);
|
|
97
|
+
const target = manifestPath(project);
|
|
98
|
+
if (command.options.check === true) {
|
|
99
|
+
if (!(await exists(target))) {
|
|
100
|
+
throw new Error("secrets.manifest.json is missing. Run fentaris secrets manifest.");
|
|
101
|
+
}
|
|
102
|
+
const current = parseManifest(JSON.parse(await readFile(target, "utf8")));
|
|
103
|
+
if (!manifestsEqual(current, manifest)) {
|
|
104
|
+
throw new Error("secrets.manifest.json is out of date. Run fentaris secrets manifest.");
|
|
105
|
+
}
|
|
106
|
+
section(runtime, "Secrets manifest");
|
|
107
|
+
runtime.out.log(` ${style.pass("secrets.manifest.json matches entrypoint.")}`);
|
|
108
|
+
return;
|
|
109
|
+
}
|
|
110
|
+
await mkdir(path.dirname(target), { recursive: true });
|
|
111
|
+
await writeFile(target, serializeManifest(manifest));
|
|
112
|
+
section(runtime, "Secrets manifest");
|
|
113
|
+
runtime.out.log(` ${style.pass(`Wrote ${path.relative(project.root, target)}`)}`);
|
|
114
|
+
runtime.out.log(` ${style.hint(`${manifest.references.length} credential reference(s)${manifest.envVars?.length ? `, ${manifest.envVars.length} env var(s)` : ""}.`)}`);
|
|
115
|
+
}
|
|
116
|
+
async function runSecretsDoctor(command, runtime) {
|
|
117
|
+
const project = await discoverProject(runtime.cwd);
|
|
118
|
+
const issues = await getSecretsDoctorIssues(project, runtime, { strict: command.options.strict === true });
|
|
119
|
+
if (command.options.json === true) {
|
|
120
|
+
runtime.out.log(JSON.stringify({ issues }, null, 2));
|
|
121
|
+
}
|
|
122
|
+
else {
|
|
123
|
+
section(runtime, "Secrets doctor");
|
|
124
|
+
if (issues.length === 0) {
|
|
125
|
+
runtime.out.log(` ${style.pass("All secrets checks passed.")}`);
|
|
126
|
+
}
|
|
127
|
+
else {
|
|
128
|
+
for (const issue of issues) {
|
|
129
|
+
const marker = issue.status === "pass" ? style.pass : issue.status === "warn" ? style.warn : style.fail;
|
|
130
|
+
runtime.out.log(` ${marker(`${issue.ref} (${issue.scope})`)} ${style.hint(issue.detail)}`);
|
|
131
|
+
if (issue.hint) {
|
|
132
|
+
runtime.out.log(` ${style.hint(`→ ${issue.hint}`)}`);
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
if (issues.some((issue) => issue.status === "fail") || (command.options.strict === true && issues.some((issue) => issue.status === "warn"))) {
|
|
138
|
+
throw new Error("Secrets doctor reported issues.");
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
function decodeManifestScope(scope) {
|
|
142
|
+
if (scope === "default") {
|
|
143
|
+
return { kind: "default" };
|
|
144
|
+
}
|
|
145
|
+
if (scope.startsWith("user:")) {
|
|
146
|
+
return { kind: "user", id: scope.slice("user:".length) };
|
|
147
|
+
}
|
|
148
|
+
if (scope.startsWith("group:")) {
|
|
149
|
+
return { kind: "group", id: scope.slice("group:".length) };
|
|
150
|
+
}
|
|
151
|
+
return { kind: "default" };
|
|
152
|
+
}
|
|
21
153
|
//# sourceMappingURL=secrets.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/commands/secrets.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/commands/secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,sBAAsB,EAAE,cAAc,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAC1G,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AACvG,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAC5G,OAAO,EAAE,wBAAwB,EAAE,MAAM,oCAAoC,CAAC;AAC9E,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAE/D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAEjD,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAmB,EAAE,OAAgB;IACpE,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IACzC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,MAAM,aAAa,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACvC,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,MAAM,eAAe,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;QAC1B,MAAM,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,MAAM,gBAAgB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,uBAAuB,CAAC,CAAC;AAC7E,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,OAAmB,EAAE,SAA6B,EAAE,OAAgB;IAC/F,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;IAC1F,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACjF,IAAI,CAAC,CAAC,MAAM,OAAO,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC;QACxC,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;IAC5B,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/J,MAAM,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IACvE,OAAO,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,UAAU,SAAS,OAAO,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;IACzG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,OAAmB,EAAE,SAA6B,EAAE,OAAgB;IACjG,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;IAC5F,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACjF,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAClE,OAAO,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,WAAW,SAAS,SAAS,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;AAC/G,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,OAAmB,EAAE,OAAgB;IACjE,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACjF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,CAAC;IACxC,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;IACvD,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAE7C,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/E,OAAO;IACT,CAAC;IAED,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IACpC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,8DAA8D,CAAC,EAAE,CAAC,CAAC;QACnG,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChH,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACpI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,OAAmB,EAAE,OAAgB;IACrE,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACtE,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,UAAU,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,sBAAsB,CACrC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACjC,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC;QACvC,IAAI,EAAE,YAAqB;QAC3B,KAAK,EAAE,CAAC;KACT,CAAC,CAAC,EACH,OAAO,CAAC,OAAO,CAChB,CAAC;IACF,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAErC,IAAI,OAAO,CAAC,OAAO,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;QACtF,CAAC;QACD,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,CAAY,CAAC,CAAC;QACrF,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;QAC1F,CAAC;QACD,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,2CAA2C,CAAC,EAAE,CAAC,CAAC;QAChF,OAAO;IACT,CAAC;IAED,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACvD,MAAM,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;IACrD,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACnF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,MAAM,2BAA2B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,OAAO,CAAC,MAAM,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;AAC3K,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,OAAmB,EAAE,OAAgB;IACnE,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC,CAAC;IAE3G,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC;gBACxG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,GAAG,KAAK,CAAC,GAAG,KAAK,KAAK,CAAC,KAAK,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBAC5F,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;oBACf,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC;QAC5I,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa;IACxC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,EAAE,IAAI,EAAE,SAAkB,EAAE,CAAC;IACtC,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,OAAO,EAAE,IAAI,EAAE,MAAe,EAAE,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;IACpE,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAE,IAAI,EAAE,OAAgB,EAAE,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;IACtE,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,SAAkB,EAAE,CAAC;AACtC,CAAC"}
|
|
@@ -1,11 +1,18 @@
|
|
|
1
|
-
import { type LocalCredentials } from "@fentaris/core";
|
|
2
1
|
import type { CliOptions, Runtime } from "../../shared/types.js";
|
|
3
2
|
export declare function initLocalAuth(options: CliOptions): Promise<void>;
|
|
4
3
|
export declare function storeCredential(dir: string, key: string, reference: string, value: string, options: CliOptions): Promise<void>;
|
|
4
|
+
export declare function unsetCredential(dir: string, key: string, reference: string, options: CliOptions): Promise<void>;
|
|
5
5
|
export declare function addUserApiKey(dir: string, key: string, userId: string, apiKey: string): Promise<void>;
|
|
6
6
|
export declare function inspectAuthFiles(dir: string, key: string): Promise<unknown>;
|
|
7
7
|
export declare function authKeyFromRuntime(runtime: Runtime, options: CliOptions): Promise<string>;
|
|
8
8
|
export declare function secretScope(options: CliOptions): string;
|
|
9
|
-
export declare function readCredentials(dir: string, key: string): Promise<
|
|
10
|
-
|
|
9
|
+
export declare function readCredentials(dir: string, key: string): Promise<{
|
|
10
|
+
users: Record<string, {
|
|
11
|
+
apiKeys: string[];
|
|
12
|
+
credentials: Record<string, string>;
|
|
13
|
+
}>;
|
|
14
|
+
groups: Record<string, Record<string, string>>;
|
|
15
|
+
defaults: Record<string, string>;
|
|
16
|
+
}>;
|
|
17
|
+
export declare function writeCredentials(dir: string, key: string, credentials: Awaited<ReturnType<typeof readCredentials>>): Promise<void>;
|
|
11
18
|
//# sourceMappingURL=local-store.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"local-store.d.ts","sourceRoot":"","sources":["../../../src/domain/auth/local-store.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"local-store.d.ts","sourceRoot":"","sources":["../../../src/domain/auth/local-store.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAGjE,wBAAsB,aAAa,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAMtE;AAED,wBAAsB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAiBpI;AAED,wBAAsB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAcrH;AAED,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAU3G;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CA0BjF;AAED,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAQ/F;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,UAAU,GAAG,MAAM,CAQvD;AAED,wBAAsB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;;;;;GAG7D;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAIxI"}
|
|
@@ -1,30 +1,51 @@
|
|
|
1
1
|
import { mkdir, readFile, writeFile } from "node:fs/promises";
|
|
2
2
|
import path from "node:path";
|
|
3
|
-
import {
|
|
3
|
+
import { LocalSecretsBackend } from "@fentaris/core";
|
|
4
4
|
import { redactRecord, required } from "../../shared/utils.js";
|
|
5
5
|
export async function initLocalAuth(options) {
|
|
6
6
|
const dir = required(options, "dir");
|
|
7
7
|
const key = required(options, "key");
|
|
8
|
-
await
|
|
9
|
-
|
|
8
|
+
await LocalSecretsBackend.open({ dir, key });
|
|
9
|
+
const backend = new LocalSecretsBackend({ dir, key });
|
|
10
|
+
await backend.initEmpty();
|
|
10
11
|
}
|
|
11
12
|
export async function storeCredential(dir, key, reference, value, options) {
|
|
12
|
-
const
|
|
13
|
+
const backend = await openBackend(dir, key);
|
|
14
|
+
if (!(await backend.credentialsExist())) {
|
|
15
|
+
await backend.initEmpty();
|
|
16
|
+
}
|
|
17
|
+
if (typeof options.user === "string" && typeof options.group === "string") {
|
|
18
|
+
throw new Error("Use either --user or --group, not both.");
|
|
19
|
+
}
|
|
13
20
|
if (typeof options.user === "string") {
|
|
14
|
-
|
|
15
|
-
|
|
21
|
+
await backend.set(reference, value, { kind: "user", id: options.user });
|
|
22
|
+
return;
|
|
16
23
|
}
|
|
17
|
-
|
|
18
|
-
|
|
24
|
+
if (typeof options.group === "string") {
|
|
25
|
+
await backend.set(reference, value, { kind: "group", id: options.group });
|
|
26
|
+
return;
|
|
19
27
|
}
|
|
20
|
-
|
|
21
|
-
|
|
28
|
+
await backend.set(reference, value, { kind: "default" });
|
|
29
|
+
}
|
|
30
|
+
export async function unsetCredential(dir, key, reference, options) {
|
|
31
|
+
const backend = await openBackend(dir, key);
|
|
32
|
+
if (typeof options.user === "string" && typeof options.group === "string") {
|
|
33
|
+
throw new Error("Use either --user or --group, not both.");
|
|
22
34
|
}
|
|
23
|
-
|
|
35
|
+
if (typeof options.user === "string") {
|
|
36
|
+
await backend.unset(reference, { kind: "user", id: options.user });
|
|
37
|
+
return;
|
|
38
|
+
}
|
|
39
|
+
if (typeof options.group === "string") {
|
|
40
|
+
await backend.unset(reference, { kind: "group", id: options.group });
|
|
41
|
+
return;
|
|
42
|
+
}
|
|
43
|
+
await backend.unset(reference, { kind: "default" });
|
|
24
44
|
}
|
|
25
45
|
export async function addUserApiKey(dir, key, userId, apiKey) {
|
|
26
46
|
const credentials = await readCredentials(dir, key);
|
|
27
47
|
const user = credentials.users[userId] ?? { apiKeys: [], credentials: {} };
|
|
48
|
+
const { FentarisAuth } = await import("@fentaris/core");
|
|
28
49
|
const hashed = FentarisAuth.hashApiKey(apiKey);
|
|
29
50
|
credentials.users[userId] = {
|
|
30
51
|
...user,
|
|
@@ -33,6 +54,8 @@ export async function addUserApiKey(dir, key, userId, apiKey) {
|
|
|
33
54
|
await writeCredentials(dir, key, credentials);
|
|
34
55
|
}
|
|
35
56
|
export async function inspectAuthFiles(dir, key) {
|
|
57
|
+
const backend = await openBackend(dir, key);
|
|
58
|
+
const refs = await backend.listRefs();
|
|
36
59
|
const credentials = await readCredentials(dir, key);
|
|
37
60
|
return {
|
|
38
61
|
credentials: {
|
|
@@ -46,6 +69,12 @@ export async function inspectAuthFiles(dir, key) {
|
|
|
46
69
|
groups: Object.fromEntries(Object.entries(credentials.groups).map(([groupId, values]) => [groupId, redactRecord(values)])),
|
|
47
70
|
defaults: redactRecord(credentials.defaults),
|
|
48
71
|
},
|
|
72
|
+
refs: refs.map((entry) => ({
|
|
73
|
+
ref: entry.ref,
|
|
74
|
+
scope: entry.scope,
|
|
75
|
+
kind: entry.kind,
|
|
76
|
+
count: entry.count,
|
|
77
|
+
})),
|
|
49
78
|
};
|
|
50
79
|
}
|
|
51
80
|
export async function authKeyFromRuntime(runtime, options) {
|
|
@@ -67,9 +96,16 @@ export function secretScope(options) {
|
|
|
67
96
|
return "default";
|
|
68
97
|
}
|
|
69
98
|
export async function readCredentials(dir, key) {
|
|
99
|
+
const { FentarisAuth } = await import("@fentaris/core");
|
|
70
100
|
return FentarisAuth.decryptCredentials(JSON.parse(await readFile(path.join(dir, "credentials.enc.json"), "utf8")), key);
|
|
71
101
|
}
|
|
72
102
|
export async function writeCredentials(dir, key, credentials) {
|
|
103
|
+
const { FentarisAuth } = await import("@fentaris/core");
|
|
104
|
+
await mkdir(dir, { recursive: true });
|
|
73
105
|
await writeFile(path.join(dir, "credentials.enc.json"), JSON.stringify(FentarisAuth.encryptCredentials(credentials, key), null, 2));
|
|
74
106
|
}
|
|
107
|
+
async function openBackend(dir, key) {
|
|
108
|
+
await mkdir(dir, { recursive: true });
|
|
109
|
+
return LocalSecretsBackend.open({ dir, key });
|
|
110
|
+
}
|
|
75
111
|
//# sourceMappingURL=local-store.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"local-store.js","sourceRoot":"","sources":["../../../src/domain/auth/local-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"local-store.js","sourceRoot":"","sources":["../../../src/domain/auth/local-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAE/D,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAmB;IACrD,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,mBAAmB,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IACtD,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAW,EAAE,GAAW,EAAE,SAAiB,EAAE,KAAa,EAAE,OAAmB;IACnH,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5C,IAAI,CAAC,CAAC,MAAM,OAAO,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC;QACxC,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACxE,OAAO;IACT,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QAC1E,OAAO;IACT,CAAC;IACD,MAAM,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAW,EAAE,GAAW,EAAE,SAAiB,EAAE,OAAmB;IACpG,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5C,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACnE,OAAO;IACT,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QACrE,OAAO;IACT,CAAC;IACD,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;AACtD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAW,EAAE,GAAW,EAAE,MAAc,EAAE,MAAc;IAC1F,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC;IAC3E,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACxD,MAAM,MAAM,GAAG,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC/C,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG;QAC1B,GAAG,IAAI;QACP,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;KAClF,CAAC;IACF,MAAM,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW,EAAE,GAAW;IAC7D,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,CAAC;IACtC,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAEpD,OAAO;QACL,WAAW,EAAE;YACX,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC;gBAC7D,MAAM;gBACN;oBACE,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,YAAY,CAAC;oBAClD,WAAW,EAAE,YAAY,CAAC,SAAS,CAAC,WAAW,CAAC;iBACjD;aACF,CAAC,CACH;YACD,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAC1H,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,QAAQ,CAAC;SAC7C;QACD,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACzB,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC,CAAC;KACJ,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,OAAgB,EAAE,OAAmB;IAC5E,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,OAAO,CAAC,GAAG,CAAC;IACrB,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,EAAE,CAAC;QAC9F,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IACvC,CAAC;IACD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAmB;IAC7C,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,OAAO,QAAQ,OAAO,CAAC,IAAI,EAAE,CAAC;IAChC,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,SAAS,OAAO,CAAC,KAAK,EAAE,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAW,EAAE,GAAW;IAC5D,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACxD,OAAO,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,EAAE,MAAM,CAAC,CAAY,EAAE,GAAG,CAAC,CAAC;AACrI,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW,EAAE,GAAW,EAAE,WAAwD;IACvH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACxD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AACtI,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,GAAW;IACjD,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,OAAO,mBAAmB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;AAChD,CAAC"}
|
|
@@ -3,6 +3,7 @@ export type DoctorOptions = {
|
|
|
3
3
|
fix?: boolean;
|
|
4
4
|
runtime?: boolean;
|
|
5
5
|
timeoutMs?: number;
|
|
6
|
+
strict?: boolean;
|
|
6
7
|
};
|
|
7
8
|
export declare function getDoctorResults(runtime: Runtime, options?: boolean | DoctorOptions): Promise<HealthResult[]>;
|
|
8
9
|
export declare function getProjectCheckResults(project: ProjectDiscovery, offline: boolean, runtime?: Runtime): Promise<HealthResult[]>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checks.d.ts","sourceRoot":"","sources":["../../../src/domain/health/checks.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,YAAY,EAAiC,gBAAgB,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"checks.d.ts","sourceRoot":"","sources":["../../../src/domain/health/checks.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,YAAY,EAAiC,gBAAgB,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAIpH,MAAM,MAAM,aAAa,GAAG;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,CAAC;AAWF,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,GAAE,OAAO,GAAG,aAAkB,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CA0CvH;AAED,wBAAsB,sBAAsB,CAAC,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CA8BpI;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,OAAO,CAE3D;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,OAAO,CAE3D"}
|
|
@@ -6,6 +6,7 @@ import path from "node:path";
|
|
|
6
6
|
import { FentarisAuth } from "@fentaris/core";
|
|
7
7
|
import { authDir, supportedPackageManagers } from "../../shared/constants.js";
|
|
8
8
|
import { canAccess, exists, isNodeError, readJson } from "../../shared/utils.js";
|
|
9
|
+
import { secretsDoctorHealthResults } from "../secrets/doctor.js";
|
|
9
10
|
export async function getDoctorResults(runtime, options = {}) {
|
|
10
11
|
const normalized = normalizeDoctorOptions(options);
|
|
11
12
|
const results = [
|
|
@@ -21,7 +22,7 @@ export async function getDoctorResults(runtime, options = {}) {
|
|
|
21
22
|
const validation = await configResults(project.discovery);
|
|
22
23
|
results.push(...validation.results);
|
|
23
24
|
results.push(...await packageResults(project.discovery));
|
|
24
|
-
results.push(...await authResults(project.discovery, runtime));
|
|
25
|
+
results.push(...await authResults(project.discovery, runtime, { strict: normalized.strict }));
|
|
25
26
|
results.push(await portResult(project.discovery.config.port));
|
|
26
27
|
if (normalized.runtime) {
|
|
27
28
|
results.push(await runtimeEndpointResult(project.discovery, runtime, normalized.timeoutMs));
|
|
@@ -80,12 +81,13 @@ export function hasWarning(results) {
|
|
|
80
81
|
}
|
|
81
82
|
function normalizeDoctorOptions(options) {
|
|
82
83
|
if (typeof options === "boolean") {
|
|
83
|
-
return { fix: options, runtime: false, timeoutMs: 10_000 };
|
|
84
|
+
return { fix: options, runtime: false, timeoutMs: 10_000, strict: false };
|
|
84
85
|
}
|
|
85
86
|
return {
|
|
86
87
|
fix: options.fix === true,
|
|
87
88
|
runtime: options.runtime === true,
|
|
88
89
|
timeoutMs: normalizeTimeout(options.timeoutMs),
|
|
90
|
+
strict: options.strict === true,
|
|
89
91
|
};
|
|
90
92
|
}
|
|
91
93
|
function environmentResults(runtime) {
|
|
@@ -328,7 +330,7 @@ async function packageResults(project) {
|
|
|
328
330
|
];
|
|
329
331
|
return results;
|
|
330
332
|
}
|
|
331
|
-
async function authResults(project, runtime) {
|
|
333
|
+
async function authResults(project, runtime, options = {}) {
|
|
332
334
|
const authPath = path.join(project.root, project.config.authDir);
|
|
333
335
|
const credentialsPath = path.join(authPath, "credentials.enc.json");
|
|
334
336
|
const authDirectoryExists = await exists(authPath);
|
|
@@ -376,6 +378,17 @@ async function authResults(project, runtime) {
|
|
|
376
378
|
hint: "Set FENTARIS_AUTH_KEY to verify encrypted credentials locally.",
|
|
377
379
|
});
|
|
378
380
|
}
|
|
381
|
+
if (runtime) {
|
|
382
|
+
const extended = await secretsDoctorHealthResults(project, runtime, { strict: options.strict });
|
|
383
|
+
for (const result of extended) {
|
|
384
|
+
if (result.label.startsWith("credentials.enc.json")) {
|
|
385
|
+
continue;
|
|
386
|
+
}
|
|
387
|
+
if (!results.some((existing) => existing.label === result.label && existing.detail === result.detail)) {
|
|
388
|
+
results.push(result);
|
|
389
|
+
}
|
|
390
|
+
}
|
|
391
|
+
}
|
|
379
392
|
return results;
|
|
380
393
|
}
|
|
381
394
|
async function runtimeEndpointResult(project, runtime, timeoutMs) {
|
|
@@ -541,7 +554,10 @@ async function lockfileResult(root, packageManager) {
|
|
|
541
554
|
}
|
|
542
555
|
async function gitignoreAuthResult(root, configuredAuthDir) {
|
|
543
556
|
const gitignorePath = path.join(root, ".gitignore");
|
|
544
|
-
const
|
|
557
|
+
const normalizedAuthDir = configuredAuthDir.replace(/\\/g, "/").replace(/\/+$/u, "");
|
|
558
|
+
const gitignoreDirectoryEntry = `${normalizedAuthDir}/`;
|
|
559
|
+
const gitignoreContentsEntry = `${normalizedAuthDir}/*`;
|
|
560
|
+
const manifestEntry = `!${normalizedAuthDir}/secrets.manifest.json`;
|
|
545
561
|
const present = await exists(gitignorePath);
|
|
546
562
|
if (!present) {
|
|
547
563
|
return {
|
|
@@ -549,25 +565,24 @@ async function gitignoreAuthResult(root, configuredAuthDir) {
|
|
|
549
565
|
label: ".gitignore auth entry",
|
|
550
566
|
status: "warn",
|
|
551
567
|
detail: ".gitignore is missing.",
|
|
552
|
-
hint: `doctor --fix can create .gitignore with ${
|
|
568
|
+
hint: `doctor --fix can create .gitignore with ${gitignoreContentsEntry} ignored.`,
|
|
553
569
|
fix: async () => {
|
|
554
|
-
await writeFile(gitignorePath, `${
|
|
570
|
+
await writeFile(gitignorePath, `${gitignoreContentsEntry}\n${manifestEntry}\n`);
|
|
555
571
|
},
|
|
556
572
|
};
|
|
557
573
|
}
|
|
558
574
|
const contents = await readFile(gitignorePath, "utf8");
|
|
559
|
-
const gitignoreEntryWithoutSlash = gitignoreEntry.slice(0, -1);
|
|
560
575
|
const ignoresAuth = contents
|
|
561
576
|
.split(/\r?\n/)
|
|
562
|
-
.some((line) => line.trim() ===
|
|
577
|
+
.some((line) => line.trim() === gitignoreDirectoryEntry || line.trim() === normalizedAuthDir || line.trim() === gitignoreContentsEntry);
|
|
563
578
|
return {
|
|
564
579
|
group: "Auth",
|
|
565
580
|
label: ".gitignore auth entry",
|
|
566
581
|
status: ignoresAuth ? "pass" : "warn",
|
|
567
|
-
detail: ignoresAuth ? `${
|
|
568
|
-
hint: ignoresAuth ? undefined : `doctor --fix can add ${
|
|
582
|
+
detail: ignoresAuth ? `${gitignoreContentsEntry} is ignored.` : `${gitignoreContentsEntry} is not ignored.`,
|
|
583
|
+
hint: ignoresAuth ? undefined : `doctor --fix can add ${gitignoreContentsEntry} to .gitignore.`,
|
|
569
584
|
fix: async () => {
|
|
570
|
-
await writeFile(gitignorePath, `${contents.trimEnd()}\n${
|
|
585
|
+
await writeFile(gitignorePath, `${contents.trimEnd()}\n${gitignoreContentsEntry}\n${manifestEntry}\n`);
|
|
571
586
|
},
|
|
572
587
|
};
|
|
573
588
|
}
|