@highstate/sops 0.9.19 → 0.9.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/highstate.manifest.json +1 -1
  2. package/dist/secrets/index.js +1 -1
  3. package/dist/secrets/index.js.map +1 -1
  4. package/package.json +13 -8
  5. package/src/secrets/index.ts +1 -1
package/dist/highstate.manifest.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
2
  "sourceHashes": {
3
- "./dist/secrets/index.js": 3698576042
3
+ "./dist/secrets/index.js": 3889498475
4
4
  }
5
5
  }
package/dist/secrets/index.js CHANGED
@@ -1,6 +1,6 @@
1
+ import { Command, MaterializedFile } from '@highstate/common';
1
2
  import { sops } from '@highstate/library';
2
3
  import { forUnit, toPromise } from '@highstate/pulumi';
3
- import { Command, MaterializedFile } from '@highstate/common';
4
4
  import { isNonNullish } from 'remeda';
5
5
 
6
6
  // src/secrets/index.ts
package/dist/secrets/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/secrets/index.ts"],"names":[],"mappings":";;;;;;AAKA,IAAM,EAAE,MAAM,MAAA,EAAQ,OAAA,EAAS,SAAQ,GAAI,OAAA,CAAQ,KAAK,OAAO,CAAA;AAE/D,IAAM,UAAU,MAAM,SAAA,CAAU,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AACpD,IAAM,WAAA,GAAc,MAAM,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA;AAEhD,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,EAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AACxD;AAEA,IAAM,iBAAiB,OAAA,CAAQ,MAAA,CAAO,CAAA,MAAA,KAAU,MAAA,CAAO,KAAK,OAAO,CAAA;AACnE,IAAI,cAAA,CAAe,WAAW,CAAA,EAAG;AAC/B,EAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AACvD;AAGA,IAAM,UAAU,MAAM,SAAA;AAAA,EACpB,cAAA,CACG,GAAA,CAAI,CAAA,MAAA,KAAU,MAAA,CAAO,GAAA,EAAK,OAAO,CAAA,CACjC,MAAA,CAAO,YAAY,CAAA,CACnB,GAAA,CAAI,CAAC,SAAS,KAAA,KAAU;AACvB,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,WAAA,EAAc,KAAK,CAAA,CAAA,EAAI;AAAA,MACxC,IAAA,EAAM,OAAA;AAAA,MACN,MAAA,EAAQ,SAAS,OAAO,CAAA,cAAA;AAAA,KACzB,CAAA,CAAE,MAAA;AAAA,EACL,CAAC;AACL,CAAA;AAEA,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA;AAAA,EACtC,WAAA;AAAA,EACA,IAAA,CAAK,SAAA,CAAU,WAAA,EAAa,IAAA,EAAM,CAAC,CAAA;AAAA,EACnC;AACF,CAAA;AAGA,IAAM,cAAA,GAAiB,IAAI,OAAA,CAAQ,cAAA,EAAgB;AAAA,EACjD,IAAA,EAAM,OAAA;AAAA,EACN,MAAA,EAAQ,sBAAsB,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA,CAAA,EAAI,SAAS,IAAI,CAAA;AAClE,CAAC,CAAA;AAED,IAAO,kBAAQ,OAAA,CAAQ;AAAA,EACrB,IAAA,EAAM;AAAA,IACJ,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,GAAG,IAAI,CAAA,KAAA;AAAA,KACf;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAO,cAAA,CAAe;AAAA;AACxB;AAEJ,CAAC","file":"index.js","sourcesContent":["import { sops } from \"@highstate/library\"\nimport { forUnit, toPromise } from \"@highstate/pulumi\"\nimport { Command, MaterializedFile } from \"@highstate/common\"\nimport { isNonNullish } from \"remeda\"\n\nconst { name, inputs, secrets, outputs } = forUnit(sops.secrets)\n\nconst servers = await toPromise(inputs.servers ?? [])\nconst secretsData = await toPromise(secrets.data)\n\nif (servers.length === 0) {\n throw new Error(\"At least one server must be provided\")\n}\n\nconst serversWithSsh = servers.filter(server => server.ssh?.hostKey)\nif (serversWithSsh.length === 0) {\n throw new Error(\"No servers with SSH host keys found\")\n}\n\n// convert each SSH key to age key\nconst ageKeys = await toPromise(\n serversWithSsh\n .map(server => server.ssh?.hostKey)\n .filter(isNonNullish)\n .map((hostKey, index) => {\n return new Command(`ssh-to-age-${index}`, {\n host: \"local\",\n create: `echo \"${hostKey}\" | ssh-to-age`,\n }).stdout\n }),\n)\n\nconst dataFile = await MaterializedFile.create(\n \"data.json\",\n JSON.stringify(secretsData, null, 2),\n 0o600,\n)\n\n// encrypt secrets using sops\nconst encryptCommand = new Command(\"sops-encrypt\", {\n host: \"local\",\n create: `sops encrypt --age ${ageKeys.join(\",\")} ${dataFile.path}`,\n})\n\nexport default outputs({\n file: {\n meta: {\n name: `${name}.json`,\n },\n content: {\n type: \"embedded\",\n value: encryptCommand.stdout,\n },\n },\n})\n"]}
1
+ {"version":3,"sources":["../../src/secrets/index.ts"],"names":[],"mappings":";;;;;;AAKA,IAAM,EAAE,MAAM,MAAA,EAAQ,OAAA,EAAS,SAAQ,GAAI,OAAA,CAAQ,KAAK,OAAO,CAAA;AAE/D,IAAM,UAAU,MAAM,SAAA,CAAU,MAAA,CAAO,OAAA,IAAW,EAAE,CAAA;AACpD,IAAM,WAAA,GAAc,MAAM,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA;AAEhD,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxB,EAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AACxD;AAEA,IAAM,iBAAiB,OAAA,CAAQ,MAAA,CAAO,CAAA,MAAA,KAAU,MAAA,CAAO,KAAK,OAAO,CAAA;AACnE,IAAI,cAAA,CAAe,WAAW,CAAA,EAAG;AAC/B,EAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AACvD;AAGA,IAAM,UAAU,MAAM,SAAA;AAAA,EACpB,cAAA,CACG,GAAA,CAAI,CAAA,MAAA,KAAU,MAAA,CAAO,GAAA,EAAK,OAAO,CAAA,CACjC,MAAA,CAAO,YAAY,CAAA,CACnB,GAAA,CAAI,CAAC,SAAS,KAAA,KAAU;AACvB,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,WAAA,EAAc,KAAK,CAAA,CAAA,EAAI;AAAA,MACxC,IAAA,EAAM,OAAA;AAAA,MACN,MAAA,EAAQ,SAAS,OAAO,CAAA,cAAA;AAAA,KACzB,CAAA,CAAE,MAAA;AAAA,EACL,CAAC;AACL,CAAA;AAEA,IAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,MAAA;AAAA,EACtC,WAAA;AAAA,EACA,IAAA,CAAK,SAAA,CAAU,WAAA,EAAa,IAAA,EAAM,CAAC,CAAA;AAAA,EACnC;AACF,CAAA;AAGA,IAAM,cAAA,GAAiB,IAAI,OAAA,CAAQ,cAAA,EAAgB;AAAA,EACjD,IAAA,EAAM,OAAA;AAAA,EACN,MAAA,EAAQ,sBAAsB,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAC,CAAA,CAAA,EAAI,SAAS,IAAI,CAAA;AAClE,CAAC,CAAA;AAED,IAAO,kBAAQ,OAAA,CAAQ;AAAA,EACrB,IAAA,EAAM;AAAA,IACJ,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,GAAG,IAAI,CAAA,KAAA;AAAA,KACf;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAO,cAAA,CAAe;AAAA;AACxB;AAEJ,CAAC","file":"index.js","sourcesContent":["import { Command, MaterializedFile } from \"@highstate/common\"\nimport { sops } from \"@highstate/library\"\nimport { forUnit, toPromise } from \"@highstate/pulumi\"\nimport { isNonNullish } from \"remeda\"\n\nconst { name, inputs, secrets, outputs } = forUnit(sops.secrets)\n\nconst servers = await toPromise(inputs.servers ?? [])\nconst secretsData = await toPromise(secrets.data)\n\nif (servers.length === 0) {\n throw new Error(\"At least one server must be provided\")\n}\n\nconst serversWithSsh = servers.filter(server => server.ssh?.hostKey)\nif (serversWithSsh.length === 0) {\n throw new Error(\"No servers with SSH host keys found\")\n}\n\n// convert each SSH key to age key\nconst ageKeys = await toPromise(\n serversWithSsh\n .map(server => server.ssh?.hostKey)\n .filter(isNonNullish)\n .map((hostKey, index) => {\n return new Command(`ssh-to-age-${index}`, {\n host: \"local\",\n create: `echo \"${hostKey}\" | ssh-to-age`,\n }).stdout\n }),\n)\n\nconst dataFile = await MaterializedFile.create(\n \"data.json\",\n JSON.stringify(secretsData, null, 2),\n 0o600,\n)\n\n// encrypt secrets using sops\nconst encryptCommand = new Command(\"sops-encrypt\", {\n host: \"local\",\n create: `sops encrypt --age ${ageKeys.join(\",\")} ${dataFile.path}`,\n})\n\nexport default outputs({\n file: {\n meta: {\n name: `${name}.json`,\n },\n content: {\n type: \"embedded\",\n value: encryptCommand.stdout,\n },\n },\n})\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@highstate/sops",
3
- "version": "0.9.19",
3
+ "version": "0.9.21",
4
4
  "type": "module",
5
5
  "files": [
6
6
  "dist",
@@ -13,17 +13,22 @@
13
13
  "access": "public"
14
14
  },
15
15
  "scripts": {
16
- "build": "highstate build"
16
+ "build": "highstate build",
17
+ "typecheck": "tsgo --noEmit --skipLibCheck",
18
+ "biome": "biome check --write --unsafe --error-on-warnings",
19
+ "biome:check": "biome check --error-on-warnings"
17
20
  },
18
21
  "dependencies": {
19
- "@highstate/common": "^0.9.19",
20
- "@highstate/contract": "^0.9.19",
21
- "@highstate/library": "^0.9.19",
22
- "@highstate/pulumi": "^0.9.19",
22
+ "@highstate/common": "^0.9.21",
23
+ "@highstate/contract": "^0.9.21",
24
+ "@highstate/library": "^0.9.21",
25
+ "@highstate/pulumi": "^0.9.21",
23
26
  "remeda": "^2.21.0"
24
27
  },
25
28
  "devDependencies": {
26
- "@highstate/cli": "^0.9.19"
29
+ "@biomejs/biome": "2.2.0",
30
+ "@highstate/cli": "^0.9.21",
31
+ "@typescript/native-preview": "^7.0.0-dev.20250920.1"
27
32
  },
28
- "gitHead": "e77d292335556c6e5b6275acda1a3d1609d786a1"
33
+ "gitHead": "390ff15c0e0076822a682f9d4e19260942a8d6c2"
29
34
  }
package/src/secrets/index.ts CHANGED
@@ -1,6 +1,6 @@
1
+ import { Command, MaterializedFile } from "@highstate/common"
1
2
  import { sops } from "@highstate/library"
2
3
  import { forUnit, toPromise } from "@highstate/pulumi"
3
- import { Command, MaterializedFile } from "@highstate/common"
4
4
  import { isNonNullish } from "remeda"
5
5
 
6
6
  const { name, inputs, secrets, outputs } = forUnit(sops.secrets)