@incanta/config 0.6.4 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/config.d.ts +0 -2
- package/lib/config.d.ts.map +1 -1
- package/lib/config.js +21 -18
- package/lib/config.js.map +1 -1
- package/lib/secrets/aws-secrets-manager.d.ts +7 -0
- package/lib/secrets/aws-secrets-manager.d.ts.map +1 -0
- package/lib/secrets/aws-secrets-manager.js +28 -0
- package/lib/secrets/aws-secrets-manager.js.map +1 -0
- package/lib/secrets/azure-key-vault.d.ts +7 -0
- package/lib/secrets/azure-key-vault.d.ts.map +1 -0
- package/lib/secrets/azure-key-vault.js +26 -0
- package/lib/secrets/azure-key-vault.js.map +1 -0
- package/lib/secrets/gcp-secret-manager.d.ts +7 -0
- package/lib/secrets/gcp-secret-manager.d.ts.map +1 -0
- package/lib/secrets/gcp-secret-manager.js +26 -0
- package/lib/secrets/gcp-secret-manager.js.map +1 -0
- package/lib/secrets/local.d.ts +7 -0
- package/lib/secrets/local.d.ts.map +1 -0
- package/lib/secrets/local.js +44 -0
- package/lib/secrets/local.js.map +1 -0
- package/lib/secrets/provider.d.ts +7 -3
- package/lib/secrets/provider.d.ts.map +1 -1
- package/lib/secrets/provider.js +21 -2
- package/lib/secrets/provider.js.map +1 -1
- package/lib/secrets/vault.d.ts +7 -0
- package/lib/secrets/vault.d.ts.map +1 -0
- package/lib/secrets/vault.js +70 -0
- package/lib/secrets/vault.js.map +1 -0
- package/package.json +5 -1
- package/src/config.ts +33 -32
- package/src/secrets/aws-secrets-manager.ts +40 -0
- package/src/secrets/azure-key-vault.ts +33 -0
- package/src/secrets/gcp-secret-manager.ts +35 -0
- package/src/secrets/local.ts +53 -0
- package/src/secrets/provider.ts +25 -5
- package/src/secrets/vault.ts +95 -0
- package/src/secrets/hcp-vault.ts +0 -100
package/lib/config.d.ts
CHANGED
|
@@ -20,7 +20,6 @@ export default class Config {
|
|
|
20
20
|
private envVarConfig;
|
|
21
21
|
private secretsToken;
|
|
22
22
|
private secretsCache;
|
|
23
|
-
private secretsCacheExpiration;
|
|
24
23
|
constructor(options?: IConfigOptions);
|
|
25
24
|
init(options?: IConfigOptions): void;
|
|
26
25
|
dir(): string;
|
|
@@ -29,7 +28,6 @@ export default class Config {
|
|
|
29
28
|
getConfiguredEnv(): any;
|
|
30
29
|
get<T>(key: string): T;
|
|
31
30
|
getWithParts<T>(keyParts: string[]): T;
|
|
32
|
-
refreshSecrets(): Promise<void>;
|
|
33
31
|
getWithSecrets<T>(key: string): Promise<T>;
|
|
34
32
|
processSecrets<T>(v: T): Promise<T>;
|
|
35
33
|
normalizeString(value: string, currentPath: string[]): string;
|
package/lib/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,cAAc;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE;QACT,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAC;IACF,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,cAAc;IAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE;QACT,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAC;IACF,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;AAOD,MAAM,CAAC,OAAO,OAAO,MAAM;IACzB,OAAO,CAAC,SAAS,CAAc;IAC/B,OAAO,CAAC,SAAS,CAAc;IAC/B,OAAO,CAAC,eAAe,CAAgB;IAEvC,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,gBAAgB,CAAM;IAC9B,OAAO,CAAC,YAAY,CAAM;IAE1B,OAAO,CAAC,YAAY,CAAM;IAE1B,OAAO,CAAC,YAAY,CAGJ;IAChB,OAAO,CAAC,YAAY,CAA+B;gBAEhC,OAAO,CAAC,EAAE,cAAc;IAIpC,IAAI,CAAC,OAAO,CAAC,EAAE,cAAc,GAAG,IAAI;IAuIpC,GAAG,IAAI,MAAM;IAIb,GAAG,IAAI,MAAM;IAIb,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IA0B9C,gBAAgB,IAAI,GAAG;IAevB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC;IAKtB,YAAY,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,CAAC;IAyBhC,cAAc,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAW1C,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAmEzC,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM;IAgD7D,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,GAAG,EAAE;IAkBxD,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,GAAG;IA4BrD,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI;IAShC,OAAO,IAAI,GAAG;IAMd,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI;IAKnC,YAAY,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI;IAe7C,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAMnC"}
|
package/lib/config.js
CHANGED
|
@@ -19,7 +19,6 @@ class Config {
|
|
|
19
19
|
envVarConfig;
|
|
20
20
|
secretsToken = null;
|
|
21
21
|
secretsCache = {};
|
|
22
|
-
secretsCacheExpiration = null;
|
|
23
22
|
constructor(options) {
|
|
24
23
|
this.init(options);
|
|
25
24
|
}
|
|
@@ -29,7 +28,6 @@ class Config {
|
|
|
29
28
|
this.customValues = {};
|
|
30
29
|
this.secretsToken = null;
|
|
31
30
|
this.secretsCache = {};
|
|
32
|
-
this.secretsCacheExpiration = null;
|
|
33
31
|
let defaultConfigDir = "config";
|
|
34
32
|
let defaultConfigEnv = "default";
|
|
35
33
|
const cwd = options?.cwd || process.cwd();
|
|
@@ -89,6 +87,17 @@ class Config {
|
|
|
89
87
|
}
|
|
90
88
|
};
|
|
91
89
|
applyBases(this.values);
|
|
90
|
+
const removeIncantaConfigBase = (obj) => {
|
|
91
|
+
for (const key of Object.keys(obj)) {
|
|
92
|
+
if (key === "incantaConfigBase") {
|
|
93
|
+
delete obj[key];
|
|
94
|
+
}
|
|
95
|
+
else if (typeof obj[key] === "object" && obj[key] !== null) {
|
|
96
|
+
removeIncantaConfigBase(obj[key]);
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
};
|
|
100
|
+
removeIncantaConfigBase(this.values);
|
|
92
101
|
this.values = loader_1.Loader.convertKebabToCamelCase(this.values, configFolderOptions);
|
|
93
102
|
this.normalizedValues = this.normalizeObject(this.values, []);
|
|
94
103
|
// load the environment variables that are configured to be injected
|
|
@@ -160,15 +169,6 @@ class Config {
|
|
|
160
169
|
}
|
|
161
170
|
return obj;
|
|
162
171
|
}
|
|
163
|
-
async refreshSecrets() {
|
|
164
|
-
const provider = (0, provider_1.GetSecretsProvider)(this.normalizedValues.secrets.provider);
|
|
165
|
-
if (this.secretsToken === null ||
|
|
166
|
-
this.secretsToken.expires.getTime() < Date.now() + 500) {
|
|
167
|
-
this.secretsToken = await provider.getAuthToken();
|
|
168
|
-
}
|
|
169
|
-
this.secretsCache = await provider.getSecrets(this, this.secretsToken.value);
|
|
170
|
-
this.secretsCacheExpiration = new Date(Date.now() + this.get("secrets.cache-duration-seconds") * 1000);
|
|
171
|
-
}
|
|
172
172
|
async getWithSecrets(key) {
|
|
173
173
|
let value = this.get(key);
|
|
174
174
|
const provider = this.normalizedValues.secrets?.provider;
|
|
@@ -188,18 +188,21 @@ class Config {
|
|
|
188
188
|
const provider = (0, provider_1.GetSecretsProvider)(this.normalizedValues.secrets.provider);
|
|
189
189
|
if (this.secretsToken === null ||
|
|
190
190
|
this.secretsToken.expires.getTime() < Date.now() + 500) {
|
|
191
|
-
this.secretsToken = await provider.getAuthToken();
|
|
191
|
+
this.secretsToken = await provider.getAuthToken(this);
|
|
192
192
|
}
|
|
193
|
-
if (this.
|
|
194
|
-
this.
|
|
195
|
-
this.
|
|
196
|
-
this.secretsCache =
|
|
197
|
-
|
|
193
|
+
if (this.secretsCache[secretKey] === undefined ||
|
|
194
|
+
this.secretsCache[secretKey].expires < new Date()) {
|
|
195
|
+
const secretValue = await provider.getSecret(this, this.secretsToken.value, secretKey);
|
|
196
|
+
this.secretsCache[secretKey] = {
|
|
197
|
+
value: secretValue,
|
|
198
|
+
expires: new Date(Date.now() +
|
|
199
|
+
this.get("secrets.cache-duration-seconds") * 1000),
|
|
200
|
+
};
|
|
198
201
|
}
|
|
199
202
|
if (this.secretsCache[secretKey] === undefined) {
|
|
200
203
|
throw new Error(`Secret ${secretKey} not found`);
|
|
201
204
|
}
|
|
202
|
-
return this.secretsCache[secretKey];
|
|
205
|
+
return this.secretsCache[secretKey].value;
|
|
203
206
|
}
|
|
204
207
|
else if (typeof v === "object" && v !== null) {
|
|
205
208
|
if (Array.isArray(v)) {
|
package/lib/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":";;;;;AAAA,wEAAyC;AACzC,gDAAwB;AACxB,4CAAoB;AACpB,qCAAkC;AAClC,iDAA6E;AAC7E,yDAAyD;AAgBzD,MAAqB,MAAM;IACjB,SAAS,GAAW,EAAE,CAAC;IACvB,SAAS,GAAW,EAAE,CAAC;IACvB,eAAe,GAAa,EAAE,CAAC;IAE/B,MAAM,CAAM;IACZ,gBAAgB,CAAM;IACtB,YAAY,CAAM;IAElB,YAAY,CAAM;IAElB,YAAY,GAGT,IAAI,CAAC;IACR,YAAY,GAAwB,EAAE,CAAC;IACvC,sBAAsB,GAAgB,IAAI,CAAC;IAEnD,YAAmB,OAAwB;QACzC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrB,CAAC;IAEM,IAAI,CAAC,OAAwB;QAClC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,gBAAgB,GAAG,EAAE,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC;QAEnC,IAAI,gBAAgB,GAAG,QAAQ,CAAC;QAChC,IAAI,gBAAgB,GAAG,SAAS,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1C,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC,EAAE;YACzD,MAAM,cAAc,GAAoB,IAAI,CAAC,KAAK,CAChD,YAAE,CAAC,YAAY,CAAC,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,EAAE,OAAO,CAAC,CACjE,CAAC;YAEF,IAAI,cAAc,CAAC,QAAQ,EAAE;gBAC3B,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE;oBAC/B,gBAAgB,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC;iBAChD;gBAED,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE;oBAC/B,gBAAgB,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC;iBAChD;aACF;YAED,IAAI,cAAc,CAAC,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE;gBACvE,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC,SAAS,CAAC;aACjD;SACF;QAED,IAAI,CAAC,SAAS;YACZ,OAAO,EAAE,SAAS;gBAClB,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;oBAC7B,cAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBACrD,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAEnC,IAAI,CAAC,SAAS;YACZ,OAAO,EAAE,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,gBAAgB,CAAC;QAE3E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvD,MAAM,mBAAmB,GAAG,eAAM,CAAC,kBAAkB,CACnD,YAAY,IAAI,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CACrD,CAAC;QAEF,MAAM,aAAa,GAAG,eAAM,CAAC,QAAQ,CACnC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,EACpC;YACE,GAAG,mBAAmB;YACtB,WAAW,EAAE,EAAE;SAChB,EACD,IAAI,CACL,CAAC;QAEF,IAAI,SAAS,GAAyC;YACpD,IAAI,EAAE,EAAE;YACR,WAAW,EAAE,EAAE;SAChB,CAAC;QACF,IAAI,YAAY,EAAE;YAChB,SAAS,GAAG,eAAM,CAAC,QAAQ,CACzB,YAAY,EACZ;gBACE,GAAG,mBAAmB;gBACtB,WAAW,EAAE,aAAa,CAAC,IAAI;aAChC,EACD,IAAI,CACL,CAAC;SACH;QAED,MAAM,cAAc,GAAG,eAAM,CAAC,QAAQ,CACpC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAC1C,EAAE,CACH,CAAC;QAEF,IAAA,0BAAS,EACP,IAAI,CAAC,MAAM,EACX,aAAa,CAAC,IAAI,EAClB,SAAS,CAAC,IAAI,EACd,cAAc,EACd,sCAAmB,CACpB,CAAC;QAEF,MAAM,UAAU,GAAG,CAAC,GAAQ,EAAE,cAAwB,EAAE,EAAQ,EAAE;YAChE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAClC,IAAI,GAAG,KAAK,mBAAmB,EAAE;oBAC/B,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;oBAC1B,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAEhC,KAAK,MAAM,MAAM,IAAI,GAAG,EAAE;wBACxB,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,QAAQ,EAAE;4BACzC,GAAG,CAAC,MAAM,CAAC,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;yBACrD;qBACF;iBACF;qBAAM,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE;oBAC5D,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;iBAC7C;aACF;QACH,CAAC,CAAC;QAEF,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAExB,IAAI,CAAC,MAAM,GAAG,eAAM,CAAC,uBAAuB,CAC1C,IAAI,CAAC,MAAM,EACX,mBAAmB,CACpB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAE9D,oEAAoE;QACpE,mBAAmB;QACnB,MAAM,WAAW,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;YAC9B,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE;gBACnC,IAAI,CAAC,YAAY,GAAG,eAAM,CAAC,QAAQ,CACjC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,EAC/B,EAAE,CACH,CAAC;gBACF,MAAM;aACP;SACF;IACH,CAAC;IAEM,GAAG;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,GAAG;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,YAAY,CAAC,SAAiB;QACnC,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,EAAE;YACvD,OAAO,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;SAC7C;QAED,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,eAAe,EAAE;YAC3C,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,EAAE;gBACjD,OAAO,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;aACvC;SACF;QAED,IAAI,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,KAAK,MAAM,EAAE;YAC1D,OAAO,CAAC,KAAK,CACX,4CAA4C,SAAS,QACnD,IAAI,CAAC,SACP,+BAA+B,IAAI,CAAC,eAAe,CAAC,IAAI,CACtD,IAAI,CACL,yDAAyD;gBACxD,6JAA6J;gBAC7J,iGAAiG,CACpG,CAAC;SACH;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,gBAAgB;QACrB,MAAM,QAAQ,GAAQ,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAE/C,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE;YACzB,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;YAEzC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAM,SAAS,CAAC,CAAC;YAE1C,QAAQ,CAAC,GAAG,CAAC,GAAG,GAAG,QAAQ,EAAE,CAAC;SAC/B;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEM,GAAG,CAAI,GAAW;QACvB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO,IAAI,CAAC,YAAY,CAAI,KAAK,CAAC,CAAC;IACrC,CAAC;IAEM,YAAY,CAAI,QAAkB;QACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,IAAI,GAAG,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,EAAE,sCAAmB,CAAC,CAAC;QAEpE,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE;YAC3B,6BAA6B;YAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,EAAE,KAAK;gBAChE,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC;YAC7B,CAAC,CAAC,CAAC;YAEH,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,WAAW,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;gBAClE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;aACvE;iBAAM,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;gBAChE,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;aACjB;iBAAM;gBACL,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;aACpB;SACF;QAED,OAAO,GAAQ,CAAC;IAClB,CAAC;IAEM,KAAK,CAAC,cAAc;QACzB,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE5E,IACE,IAAI,CAAC,YAAY,KAAK,IAAI;YAC1B,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,EACtD;YACA,IAAI,CAAC,YAAY,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAC;SACnD;QAED,IAAI,CAAC,YAAY,GAAG,MAAM,QAAQ,CAAC,UAAU,CAC3C,IAAI,EACJ,IAAI,CAAC,YAAY,CAAC,KAAK,CACxB,CAAC;QACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,IAAI,CACpC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAS,gCAAgC,CAAC,GAAG,IAAI,CACvE,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,cAAc,CAAI,GAAW;QACxC,IAAI,KAAK,GAAG,IAAI,CAAC,GAAG,CAAI,GAAG,CAAC,CAAC;QAE7B,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACzD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,8BAAmB,CAAC,IAAI,EAAE;YACzE,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;SAC1C;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,cAAc,CAAI,CAAI;QACjC,IACE,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,KAAK,WAAW;YAC9D,CAAC,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,KAAK,QAAQ;gBAC1D,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,KAAK,8BAAmB,CAAC,IAAI,CAAC,EACtE;YACA,OAAO,CAAC,CAAC;SACV;QAED,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YACpD,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAE7B,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EACjC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CACvC,CAAC;YAEF,IACE,IAAI,CAAC,YAAY,KAAK,IAAI;gBAC1B,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,EACtD;gBACA,IAAI,CAAC,YAAY,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAC;aACnD;YAED,IACE,IAAI,CAAC,sBAAsB,KAAK,IAAI;gBACpC,IAAI,CAAC,sBAAsB,GAAG,IAAI,IAAI,EAAE;gBACxC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,SAAS,EAC1C;gBACA,IAAI,CAAC,YAAY,GAAG,MAAM,QAAQ,CAAC,UAAU,CAC3C,IAAI,EACJ,IAAI,CAAC,YAAY,CAAC,KAAK,CACxB,CAAC;gBACF,IAAI,CAAC,sBAAsB,GAAG,IAAI,IAAI,CACpC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAS,gCAAgC,CAAC,GAAG,IAAI,CACvE,CAAC;aACH;YAED,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,SAAS,EAAE;gBAC9C,MAAM,IAAI,KAAK,CAAC,UAAU,SAAS,YAAY,CAAC,CAAC;aAClD;YAED,OAAO,IAAI,CAAC,YAAY,CAAC,SAAS,CAAM,CAAC;SAC1C;aAAM,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,IAAI,EAAE;YAC9C,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,OAAO,GAAU,EAAE,CAAC;gBAC1B,KAAK,MAAM,KAAK,IAAI,CAAC,EAAE;oBACrB,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;iBAChD;gBACD,OAAO,OAAY,CAAC;aACrB;iBAAM;gBACL,MAAM,MAAM,GAAQ,EAAE,CAAC;gBACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;oBAChC,MAAM,KAAK,GAAI,CAAS,CAAC,GAAG,CAAC,CAAC;oBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;iBAChD;gBACD,OAAO,MAAW,CAAC;aACpB;SACF;QAED,OAAO,CAAC,CAAC;IACX,CAAC;IAEM,eAAe,CAAC,KAAa,EAAE,WAAqB;QACzD,IAAI,MAAM,GAAG,KAAK,CAAC;QAEnB,MAAM,aAAa,GAAG,0BAA0B,CAAC;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAClD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE;YAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAEnD,IAAI,eAAuB,CAAC;YAC5B,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;gBACvB,eAAe,GAAG,cAAI;qBACnB,SAAS,CAAC,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC;qBAC5C,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC;qBACrB,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aACzB;iBAAM;gBACL,eAAe,GAAG,GAAG,CAAC;aACvB;YAED,IAAI,GAAG,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,sCAAmB,CAAC,CAAC;YAE1D,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE;gBAC3B,6BAA6B;gBAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,EAAE,KAAK;oBAChE,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC7B,CAAC,CAAC,CAAC;gBAEH,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,WAAW,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;oBAClE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;iBACvE;qBAAM,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;oBAChE,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;iBACjB;qBAAM;oBACL,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;iBACpB;aACF;YAED,IAAI,GAAG,KAAK,IAAI,EAAE;gBAChB,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,IAAI,EAAE;oBAChE,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBAED,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC;aAC7C;SACF;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,cAAc,CAAC,GAAU,EAAE,WAAqB;QACrD,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;aACjD;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBACpC,IAAI,KAAK,KAAK,IAAI,EAAE;oBAClB,OAAO,IAAI,CAAC;iBACb;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBAChD;qBAAM;oBACL,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBACjD;aACF;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,eAAe,CAAC,GAAQ,EAAE,WAAqB;QACpD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE;YAC3C,OAAO,GAAG,CAAC;SACZ;QAED,MAAM,MAAM,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,GAAG,EAAE,sCAAmB,CAAC,CAAC;QAEvD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YAC1C,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC/B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBAC7B,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;aAC7D;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBACpC,IAAI,KAAK,KAAK,IAAI,EAAE;oBAClB,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;iBACzB;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;oBAC/B,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBAC5D;qBAAM;oBACL,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE;wBAC7C,GAAG,WAAW;wBACd,QAAQ;qBACT,CAAC,CAAC;iBACJ;aACF;SACF;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,MAAM,CAAI,GAAW;QAC1B,IAAI;YACF,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAI,GAAG,CAAC,CAAC;YAC/B,OAAO,KAAK,CAAC;SACd;QAAC,MAAM;YACN,OAAO,IAAI,CAAC;SACb;IACH,CAAC;IAEM,OAAO;QACZ,MAAM,MAAM,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,EAAE,sCAAmB,CAAC,CAAC;QAEzE,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,GAAG,CAAI,GAAW,EAAE,KAAQ;QACjC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,YAAY,CAAI,KAAK,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAEM,YAAY,CAAI,QAAkB,EAAE,KAAQ;QACjD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,MAAM,GAAG,GAAQ,EAAE,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;SACvB;QAED,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;QAE3C,IAAA,0BAAS,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,EAAE,sCAAmB,CAAC,CAAC;IACzD,CAAC;IAEM,KAAK,CAAC,IAAI;QACf,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAChE,MAAM,YAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE;YACxD,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;IACL,CAAC;CACF;AApcD,yBAocC"}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":";;;;;AAAA,wEAAyC;AACzC,gDAAwB;AACxB,4CAAoB;AACpB,qCAAkC;AAClC,iDAA6E;AAC7E,yDAAyD;AAqBzD,MAAqB,MAAM;IACjB,SAAS,GAAW,EAAE,CAAC;IACvB,SAAS,GAAW,EAAE,CAAC;IACvB,eAAe,GAAa,EAAE,CAAC;IAE/B,MAAM,CAAM;IACZ,gBAAgB,CAAM;IACtB,YAAY,CAAM;IAElB,YAAY,CAAM;IAElB,YAAY,GAGT,IAAI,CAAC;IACR,YAAY,GAA4B,EAAE,CAAC;IAEnD,YAAmB,OAAwB;QACzC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrB,CAAC;IAEM,IAAI,CAAC,OAAwB;QAClC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,gBAAgB,GAAG,EAAE,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QAEvB,IAAI,gBAAgB,GAAG,QAAQ,CAAC;QAChC,IAAI,gBAAgB,GAAG,SAAS,CAAC;QACjC,MAAM,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1C,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC,EAAE;YACzD,MAAM,cAAc,GAAoB,IAAI,CAAC,KAAK,CAChD,YAAE,CAAC,YAAY,CAAC,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,sBAAsB,CAAC,EAAE,OAAO,CAAC,CACjE,CAAC;YAEF,IAAI,cAAc,CAAC,QAAQ,EAAE;gBAC3B,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE;oBAC/B,gBAAgB,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC;iBAChD;gBAED,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE;oBAC/B,gBAAgB,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC;iBAChD;aACF;YAED,IAAI,cAAc,CAAC,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE;gBACvE,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC,SAAS,CAAC;aACjD;SACF;QAED,IAAI,CAAC,SAAS;YACZ,OAAO,EAAE,SAAS;gBAClB,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;oBAC7B,cAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBACrD,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAEnC,IAAI,CAAC,SAAS;YACZ,OAAO,EAAE,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,gBAAgB,CAAC;QAE3E,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEvD,MAAM,mBAAmB,GAAG,eAAM,CAAC,kBAAkB,CACnD,YAAY,IAAI,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CACrD,CAAC;QAEF,MAAM,aAAa,GAAG,eAAM,CAAC,QAAQ,CACnC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,EACpC;YACE,GAAG,mBAAmB;YACtB,WAAW,EAAE,EAAE;SAChB,EACD,IAAI,CACL,CAAC;QAEF,IAAI,SAAS,GAAyC;YACpD,IAAI,EAAE,EAAE;YACR,WAAW,EAAE,EAAE;SAChB,CAAC;QACF,IAAI,YAAY,EAAE;YAChB,SAAS,GAAG,eAAM,CAAC,QAAQ,CACzB,YAAY,EACZ;gBACE,GAAG,mBAAmB;gBACtB,WAAW,EAAE,aAAa,CAAC,IAAI;aAChC,EACD,IAAI,CACL,CAAC;SACH;QAED,MAAM,cAAc,GAAG,eAAM,CAAC,QAAQ,CACpC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAC1C,EAAE,CACH,CAAC;QAEF,IAAA,0BAAS,EACP,IAAI,CAAC,MAAM,EACX,aAAa,CAAC,IAAI,EAClB,SAAS,CAAC,IAAI,EACd,cAAc,EACd,sCAAmB,CACpB,CAAC;QAEF,MAAM,UAAU,GAAG,CAAC,GAAQ,EAAE,cAAwB,EAAE,EAAQ,EAAE;YAChE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAClC,IAAI,GAAG,KAAK,mBAAmB,EAAE;oBAC/B,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;oBAC1B,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAEhC,KAAK,MAAM,MAAM,IAAI,GAAG,EAAE;wBACxB,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,QAAQ,EAAE;4BACzC,GAAG,CAAC,MAAM,CAAC,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;yBACrD;qBACF;iBACF;qBAAM,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE;oBAC5D,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;iBAC7C;aACF;QACH,CAAC,CAAC;QAEF,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAExB,MAAM,uBAAuB,GAAG,CAAC,GAAQ,EAAQ,EAAE;YACjD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAClC,IAAI,GAAG,KAAK,mBAAmB,EAAE;oBAC/B,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;iBACjB;qBAAM,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE;oBAC5D,uBAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;iBACnC;aACF;QACH,CAAC,CAAC;QAEF,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAErC,IAAI,CAAC,MAAM,GAAG,eAAM,CAAC,uBAAuB,CAC1C,IAAI,CAAC,MAAM,EACX,mBAAmB,CACpB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAE9D,oEAAoE;QACpE,mBAAmB;QACnB,MAAM,WAAW,GAAG,YAAE,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;YAC9B,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE;gBACnC,IAAI,CAAC,YAAY,GAAG,eAAM,CAAC,QAAQ,CACjC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,EAC/B,EAAE,CACH,CAAC;gBACF,MAAM;aACP;SACF;IACH,CAAC;IAEM,GAAG;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,GAAG;QACR,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEM,YAAY,CAAC,SAAiB;QACnC,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,EAAE;YACvD,OAAO,cAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;SAC7C;QAED,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,eAAe,EAAE;YAC3C,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,EAAE;gBACjD,OAAO,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;aACvC;SACF;QAED,IAAI,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,KAAK,MAAM,EAAE;YAC1D,OAAO,CAAC,KAAK,CACX,4CAA4C,SAAS,QACnD,IAAI,CAAC,SACP,+BAA+B,IAAI,CAAC,eAAe,CAAC,IAAI,CACtD,IAAI,CACL,yDAAyD;gBACxD,6JAA6J;gBAC7J,iGAAiG,CACpG,CAAC;SACH;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,gBAAgB;QACrB,MAAM,QAAQ,GAAQ,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAE/C,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE;YACzB,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;YAEzC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAM,SAAS,CAAC,CAAC;YAE1C,QAAQ,CAAC,GAAG,CAAC,GAAG,GAAG,QAAQ,EAAE,CAAC;SAC/B;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEM,GAAG,CAAI,GAAW;QACvB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,OAAO,IAAI,CAAC,YAAY,CAAI,KAAK,CAAC,CAAC;IACrC,CAAC;IAEM,YAAY,CAAI,QAAkB;QACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,IAAI,GAAG,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,EAAE,sCAAmB,CAAC,CAAC;QAEpE,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE;YAC3B,6BAA6B;YAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,EAAE,KAAK;gBAChE,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC;YAC7B,CAAC,CAAC,CAAC;YAEH,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,WAAW,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;gBAClE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;aACvE;iBAAM,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;gBAChE,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;aACjB;iBAAM;gBACL,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;aACpB;SACF;QAED,OAAO,GAAQ,CAAC;IAClB,CAAC;IAEM,KAAK,CAAC,cAAc,CAAI,GAAW;QACxC,IAAI,KAAK,GAAG,IAAI,CAAC,GAAG,CAAI,GAAG,CAAC,CAAC;QAE7B,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACzD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,8BAAmB,CAAC,IAAI,EAAE;YACzE,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;SAC1C;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,KAAK,CAAC,cAAc,CAAI,CAAI;QACjC,IACE,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,KAAK,WAAW;YAC9D,CAAC,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,QAAQ,KAAK,QAAQ;gBAC1D,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,KAAK,8BAAmB,CAAC,IAAI,CAAC,EACtE;YACA,OAAO,CAAC,CAAC;SACV;QAED,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YACpD,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAE7B,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EACjC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CACvC,CAAC;YAEF,IACE,IAAI,CAAC,YAAY,KAAK,IAAI;gBAC1B,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,EACtD;gBACA,IAAI,CAAC,YAAY,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;aACvD;YAED,IACE,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,SAAS;gBAC1C,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,OAAO,GAAG,IAAI,IAAI,EAAE,EACjD;gBACA,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,SAAS,CAC1C,IAAI,EACJ,IAAI,CAAC,YAAY,CAAC,KAAK,EACvB,SAAS,CACV,CAAC;gBAEF,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG;oBAC7B,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE;wBACR,IAAI,CAAC,GAAG,CAAS,gCAAgC,CAAC,GAAG,IAAI,CAC5D;iBACF,CAAC;aACH;YAED,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,SAAS,EAAE;gBAC9C,MAAM,IAAI,KAAK,CAAC,UAAU,SAAS,YAAY,CAAC,CAAC;aAClD;YAED,OAAO,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,KAAU,CAAC;SAChD;aAAM,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,IAAI,EAAE;YAC9C,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACpB,MAAM,OAAO,GAAU,EAAE,CAAC;gBAC1B,KAAK,MAAM,KAAK,IAAI,CAAC,EAAE;oBACrB,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;iBAChD;gBACD,OAAO,OAAY,CAAC;aACrB;iBAAM;gBACL,MAAM,MAAM,GAAQ,EAAE,CAAC;gBACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;oBAChC,MAAM,KAAK,GAAI,CAAS,CAAC,GAAG,CAAC,CAAC;oBAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;iBAChD;gBACD,OAAO,MAAW,CAAC;aACpB;SACF;QAED,OAAO,CAAC,CAAC;IACX,CAAC;IAEM,eAAe,CAAC,KAAa,EAAE,WAAqB;QACzD,IAAI,MAAM,GAAG,KAAK,CAAC;QAEnB,MAAM,aAAa,GAAG,0BAA0B,CAAC;QACjD,MAAM,WAAW,GAAG,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAClD,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE;YAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAEnD,IAAI,eAAuB,CAAC;YAC5B,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;gBACvB,eAAe,GAAG,cAAI;qBACnB,SAAS,CAAC,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC;qBAC5C,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC;qBACrB,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;aACzB;iBAAM;gBACL,eAAe,GAAG,GAAG,CAAC;aACvB;YAED,IAAI,GAAG,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,sCAAmB,CAAC,CAAC;YAE1D,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE;gBAC3B,6BAA6B;gBAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,UAAU,CAAC,EAAE,KAAK;oBAChE,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC7B,CAAC,CAAC,CAAC;gBAEH,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,WAAW,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;oBAClE,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;iBACvE;qBAAM,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE;oBAChE,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;iBACjB;qBAAM;oBACL,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;iBACpB;aACF;YAED,IAAI,GAAG,KAAK,IAAI,EAAE;gBAChB,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,IAAI,EAAE;oBAChE,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;iBACxD;gBAED,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC;aAC7C;SACF;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,cAAc,CAAC,GAAU,EAAE,WAAqB;QACrD,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;aACjD;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBACpC,IAAI,KAAK,KAAK,IAAI,EAAE;oBAClB,OAAO,IAAI,CAAC;iBACb;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;oBAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBAChD;qBAAM;oBACL,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBACjD;aACF;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,eAAe,CAAC,GAAQ,EAAE,WAAqB;QACpD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE;YAC3C,OAAO,GAAG,CAAC;SACZ;QAED,MAAM,MAAM,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,GAAG,EAAE,sCAAmB,CAAC,CAAC;QAEvD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YAC1C,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC/B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBAC7B,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;aAC7D;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;gBACpC,IAAI,KAAK,KAAK,IAAI,EAAE;oBAClB,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;iBACzB;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;oBAC/B,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;iBAC5D;qBAAM;oBACL,MAAM,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE;wBAC7C,GAAG,WAAW;wBACd,QAAQ;qBACT,CAAC,CAAC;iBACJ;aACF;SACF;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,MAAM,CAAI,GAAW;QAC1B,IAAI;YACF,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAI,GAAG,CAAC,CAAC;YAC/B,OAAO,KAAK,CAAC;SACd;QAAC,MAAM;YACN,OAAO,IAAI,CAAC;SACb;IACH,CAAC;IAEM,OAAO;QACZ,MAAM,MAAM,GAAG,IAAA,0BAAS,EAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,EAAE,sCAAmB,CAAC,CAAC;QAEzE,OAAO,MAAM,CAAC;IAChB,CAAC;IAEM,GAAG,CAAI,GAAW,EAAE,KAAQ;QACjC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,YAAY,CAAI,KAAK,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAEM,YAAY,CAAI,QAAkB,EAAE,KAAQ;QACjD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;YACzB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC5C;QAED,MAAM,GAAG,GAAQ,EAAE,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5C,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;SACvB;QAED,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;QAE3C,IAAA,0BAAS,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,EAAE,sCAAmB,CAAC,CAAC;IACzD,CAAC;IAEM,KAAK,CAAC,IAAI;QACf,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAChE,MAAM,YAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE;YACxD,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;IACL,CAAC;CACF;AAhcD,yBAgcC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
export declare class AwsSecretsManagerSecretsProvider implements ISecretsProvider {
|
|
4
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
5
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=aws-secrets-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"aws-secrets-manager.d.ts","sourceRoot":"","sources":["../../src/secrets/aws-secrets-manager.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,MAAM,MAAM,WAAW,CAAC;AAE/B,qBAAa,gCAAiC,YAAW,gBAAgB;IAC1D,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAOpD,SAAS,CACpB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC;CAoBnB"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AwsSecretsManagerSecretsProvider = void 0;
|
|
4
|
+
const client_secrets_manager_1 = require("@aws-sdk/client-secrets-manager");
|
|
5
|
+
class AwsSecretsManagerSecretsProvider {
|
|
6
|
+
async getAuthToken(config) {
|
|
7
|
+
return {
|
|
8
|
+
value: "",
|
|
9
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
10
|
+
};
|
|
11
|
+
}
|
|
12
|
+
async getSecret(config, token, name) {
|
|
13
|
+
const region = config.get("secrets.aws-kms.region");
|
|
14
|
+
const client = new client_secrets_manager_1.SecretsManagerClient({
|
|
15
|
+
region,
|
|
16
|
+
});
|
|
17
|
+
const response = await client.send(new client_secrets_manager_1.GetSecretValueCommand({
|
|
18
|
+
SecretId: name,
|
|
19
|
+
VersionStage: "AWSCURRENT",
|
|
20
|
+
}));
|
|
21
|
+
if (!response.SecretString) {
|
|
22
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
23
|
+
}
|
|
24
|
+
return response.SecretString;
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
exports.AwsSecretsManagerSecretsProvider = AwsSecretsManagerSecretsProvider;
|
|
28
|
+
//# sourceMappingURL=aws-secrets-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"aws-secrets-manager.js","sourceRoot":"","sources":["../../src/secrets/aws-secrets-manager.ts"],"names":[],"mappings":";;;AAAA,4EAGyC;AAIzC,MAAa,gCAAgC;IACpC,KAAK,CAAC,YAAY,CAAC,MAAc;QACtC,OAAO;YACL,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;SAC5C,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,SAAS,CACpB,MAAc,EACd,KAAa,EACb,IAAY;QAEZ,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAS,wBAAwB,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,IAAI,6CAAoB,CAAC;YACtC,MAAM;SACP,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAChC,IAAI,8CAAqB,CAAC;YACxB,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,YAAY;SAC3B,CAAC,CACH,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YAC1B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,EAAE,CAAC,CAAC;SACvD;QAED,OAAO,QAAQ,CAAC,YAAY,CAAC;IAC/B,CAAC;CACF;AAhCD,4EAgCC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
export declare class AzureKeyVaultSecretsProvider implements ISecretsProvider {
|
|
4
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
5
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=azure-key-vault.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"azure-key-vault.d.ts","sourceRoot":"","sources":["../../src/secrets/azure-key-vault.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,MAAM,MAAM,WAAW,CAAC;AAE/B,qBAAa,4BAA6B,YAAW,gBAAgB;IACtD,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAOpD,SAAS,CACpB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC;CAenB"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AzureKeyVaultSecretsProvider = void 0;
|
|
4
|
+
const keyvault_secrets_1 = require("@azure/keyvault-secrets");
|
|
5
|
+
const identity_1 = require("@azure/identity");
|
|
6
|
+
class AzureKeyVaultSecretsProvider {
|
|
7
|
+
async getAuthToken(config) {
|
|
8
|
+
return {
|
|
9
|
+
value: "",
|
|
10
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
async getSecret(config, token, name) {
|
|
14
|
+
// DefaultAzureCredential expects the following three environment variables:
|
|
15
|
+
// - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
|
|
16
|
+
// - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
|
|
17
|
+
// - AZURE_CLIENT_SECRET: The client secret for the registered application
|
|
18
|
+
const credential = new identity_1.DefaultAzureCredential();
|
|
19
|
+
const endpoint = config.get("secrets.azure-key-vault.endpoint");
|
|
20
|
+
const client = new keyvault_secrets_1.SecretClient(endpoint, credential);
|
|
21
|
+
const secret = await client.getSecret(name);
|
|
22
|
+
return secret.value || "";
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
exports.AzureKeyVaultSecretsProvider = AzureKeyVaultSecretsProvider;
|
|
26
|
+
//# sourceMappingURL=azure-key-vault.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"azure-key-vault.js","sourceRoot":"","sources":["../../src/secrets/azure-key-vault.ts"],"names":[],"mappings":";;;AAAA,8DAAuD;AACvD,8CAAyD;AAIzD,MAAa,4BAA4B;IAChC,KAAK,CAAC,YAAY,CAAC,MAAc;QACtC,OAAO;YACL,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;SAC5C,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,SAAS,CACpB,MAAc,EACd,KAAa,EACb,IAAY;QAEZ,4EAA4E;QAC5E,6DAA6D;QAC7D,8EAA8E;QAC9E,0EAA0E;QAC1E,MAAM,UAAU,GAAG,IAAI,iCAAsB,EAAE,CAAC;QAEhD,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAS,kCAAkC,CAAC,CAAC;QAExE,MAAM,MAAM,GAAG,IAAI,+BAAY,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAE5C,OAAO,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;IAC5B,CAAC;CACF;AA3BD,oEA2BC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
export declare class GcpSecretManagerSecretsProvider implements ISecretsProvider {
|
|
4
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
5
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=gcp-secret-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gcp-secret-manager.d.ts","sourceRoot":"","sources":["../../src/secrets/gcp-secret-manager.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,MAAM,MAAM,WAAW,CAAC;AAE/B,qBAAa,+BAAgC,YAAW,gBAAgB;IACzD,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAOpD,SAAS,CACpB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC;CAiBnB"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GcpSecretManagerSecretsProvider = void 0;
|
|
4
|
+
const secret_manager_1 = require("@google-cloud/secret-manager");
|
|
5
|
+
const { SecretManagerServiceClient } = secret_manager_1.v1;
|
|
6
|
+
class GcpSecretManagerSecretsProvider {
|
|
7
|
+
async getAuthToken(config) {
|
|
8
|
+
return {
|
|
9
|
+
value: "",
|
|
10
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
async getSecret(config, token, name) {
|
|
14
|
+
const client = new SecretManagerServiceClient();
|
|
15
|
+
const projectId = config.get("secrets.gcp-secret-manager.project-id");
|
|
16
|
+
const [secret] = await client.accessSecretVersion({
|
|
17
|
+
name: `projects/${projectId}/secrets/${name}/versions/latest`,
|
|
18
|
+
});
|
|
19
|
+
if (!secret.payload || !secret.payload.data) {
|
|
20
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
21
|
+
}
|
|
22
|
+
return secret.payload.data.toString();
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
exports.GcpSecretManagerSecretsProvider = GcpSecretManagerSecretsProvider;
|
|
26
|
+
//# sourceMappingURL=gcp-secret-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gcp-secret-manager.js","sourceRoot":"","sources":["../../src/secrets/gcp-secret-manager.ts"],"names":[],"mappings":";;;AAAA,iEAAkD;AAClD,MAAM,EAAE,0BAA0B,EAAE,GAAG,mBAAE,CAAC;AAI1C,MAAa,+BAA+B;IACnC,KAAK,CAAC,YAAY,CAAC,MAAc;QACtC,OAAO;YACL,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;SAC5C,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,SAAS,CACpB,MAAc,EACd,KAAa,EACb,IAAY;QAEZ,MAAM,MAAM,GAAG,IAAI,0BAA0B,EAAE,CAAC;QAEhD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAC1B,uCAAuC,CACxC,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC;YAChD,IAAI,EAAE,YAAY,SAAS,YAAY,IAAI,kBAAkB;SAC9D,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE;YAC3C,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,EAAE,CAAC,CAAC;SACvD;QAED,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;IACxC,CAAC;CACF;AA7BD,0EA6BC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
export declare class LocalSecretsProvider implements ISecretsProvider {
|
|
4
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
5
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=local.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local.d.ts","sourceRoot":"","sources":["../../src/secrets/local.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,MAAM,MAAM,WAAW,CAAC;AAI/B,qBAAa,oBAAqB,YAAW,gBAAgB;IAC9C,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAOpD,SAAS,CACpB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC;CAmCnB"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.LocalSecretsProvider = void 0;
|
|
7
|
+
const fs_1 = require("fs");
|
|
8
|
+
const path_1 = __importDefault(require("path"));
|
|
9
|
+
class LocalSecretsProvider {
|
|
10
|
+
async getAuthToken(config) {
|
|
11
|
+
return {
|
|
12
|
+
value: "",
|
|
13
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
async getSecret(config, token, name) {
|
|
17
|
+
let filePath = config.tryGet("secrets.local.file-path");
|
|
18
|
+
if (filePath === null) {
|
|
19
|
+
filePath = ".secrets";
|
|
20
|
+
}
|
|
21
|
+
const absolutePath = path_1.default.resolve(process.cwd(), filePath);
|
|
22
|
+
if ((0, fs_1.existsSync)(absolutePath) === false) {
|
|
23
|
+
throw new Error(`Secrets file does not exist: ${absolutePath}`);
|
|
24
|
+
}
|
|
25
|
+
const contents = await fs_1.promises.readFile(absolutePath, "utf8");
|
|
26
|
+
const secretLines = contents.replace(/\r\n/g, "\n").split("\n");
|
|
27
|
+
const secretMap = {};
|
|
28
|
+
for (const line of secretLines) {
|
|
29
|
+
const [key, value] = line.split("=");
|
|
30
|
+
if (key && value) {
|
|
31
|
+
secretMap[key.trim()] = value.trim();
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
if (Object.keys(secretMap).length === 0) {
|
|
35
|
+
throw new Error(`No secrets found in file: ${filePath}`);
|
|
36
|
+
}
|
|
37
|
+
if (!secretMap[name]) {
|
|
38
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
39
|
+
}
|
|
40
|
+
return secretMap[name];
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
exports.LocalSecretsProvider = LocalSecretsProvider;
|
|
44
|
+
//# sourceMappingURL=local.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local.js","sourceRoot":"","sources":["../../src/secrets/local.ts"],"names":[],"mappings":";;;;;;AAEA,2BAAgD;AAChD,gDAAwB;AAExB,MAAa,oBAAoB;IACxB,KAAK,CAAC,YAAY,CAAC,MAAc;QACtC,OAAO;YACL,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;SAC5C,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,SAAS,CACpB,MAAc,EACd,KAAa,EACb,IAAY;QAEZ,IAAI,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAS,yBAAyB,CAAC,CAAC;QAEhE,IAAI,QAAQ,KAAK,IAAI,EAAE;YACrB,QAAQ,GAAG,UAAU,CAAC;SACvB;QAED,MAAM,YAAY,GAAG,cAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;QAE3D,IAAI,IAAA,eAAU,EAAC,YAAY,CAAC,KAAK,KAAK,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,EAAE,CAAC,CAAC;SACjE;QAED,MAAM,QAAQ,GAAG,MAAM,aAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QAEzD,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEhE,MAAM,SAAS,GAA2B,EAAE,CAAC;QAC7C,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;YAC9B,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,GAAG,IAAI,KAAK,EAAE;gBAChB,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;aACtC;SACF;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;YACpB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,EAAE,CAAC,CAAC;SACvD;QAED,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;CACF;AA/CD,oDA+CC"}
|
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
import Config from "../config";
|
|
2
2
|
export declare enum SecretsProviderType {
|
|
3
3
|
HcpVault = "hcp-vault",
|
|
4
|
+
Vault = "vault",
|
|
5
|
+
AwsSecretsManager = "aws-secrets-manager",
|
|
6
|
+
AzureKeyVault = "azure-key-vault",
|
|
7
|
+
GcpSecretManager = "gcp-secret-manager",
|
|
8
|
+
Local = "local",
|
|
4
9
|
None = "none"
|
|
5
10
|
}
|
|
6
11
|
export interface ISecretsToken {
|
|
@@ -8,9 +13,8 @@ export interface ISecretsToken {
|
|
|
8
13
|
expires: Date;
|
|
9
14
|
}
|
|
10
15
|
export interface ISecretsProvider {
|
|
11
|
-
getAuthToken(): Promise<ISecretsToken>;
|
|
12
|
-
|
|
13
|
-
getSecret(config: Config, token: string, secretName: string): Promise<string>;
|
|
16
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
17
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
14
18
|
}
|
|
15
19
|
export declare function GetSecretsProvider(provider: SecretsProviderType): ISecretsProvider;
|
|
16
20
|
//# sourceMappingURL=provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../src/secrets/provider.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../src/secrets/provider.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,WAAW,CAAC;AAO/B,oBAAY,mBAAmB;IAC7B,QAAQ,cAAc;IACtB,KAAK,UAAU;IACf,iBAAiB,wBAAwB;IACzC,aAAa,oBAAoB;IACjC,gBAAgB,uBAAuB;IACvC,KAAK,UAAU;IACf,IAAI,SAAS;CACd;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,IAAI,CAAC;CACf;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IACrD,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACzE;AAED,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,mBAAmB,GAC5B,gBAAgB,CAmBlB"}
|
package/lib/secrets/provider.js
CHANGED
|
@@ -1,16 +1,35 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.GetSecretsProvider = exports.SecretsProviderType = void 0;
|
|
4
|
-
const
|
|
4
|
+
const vault_1 = require("./vault");
|
|
5
|
+
const aws_secrets_manager_1 = require("./aws-secrets-manager");
|
|
6
|
+
const azure_key_vault_1 = require("./azure-key-vault");
|
|
7
|
+
const gcp_secret_manager_1 = require("./gcp-secret-manager");
|
|
8
|
+
const local_1 = require("./local");
|
|
5
9
|
var SecretsProviderType;
|
|
6
10
|
(function (SecretsProviderType) {
|
|
7
11
|
SecretsProviderType["HcpVault"] = "hcp-vault";
|
|
12
|
+
SecretsProviderType["Vault"] = "vault";
|
|
13
|
+
SecretsProviderType["AwsSecretsManager"] = "aws-secrets-manager";
|
|
14
|
+
SecretsProviderType["AzureKeyVault"] = "azure-key-vault";
|
|
15
|
+
SecretsProviderType["GcpSecretManager"] = "gcp-secret-manager";
|
|
16
|
+
SecretsProviderType["Local"] = "local";
|
|
8
17
|
SecretsProviderType["None"] = "none";
|
|
9
18
|
})(SecretsProviderType = exports.SecretsProviderType || (exports.SecretsProviderType = {}));
|
|
10
19
|
function GetSecretsProvider(provider) {
|
|
11
20
|
switch (provider) {
|
|
12
21
|
case SecretsProviderType.HcpVault:
|
|
13
|
-
|
|
22
|
+
throw new Error(`Hashicorp's managed HCP Vault has been discontinued; please use another secrets provider\n\nhttps://developer.hashicorp.com/hcp/docs/vault-secrets/end-of-sale-announcement\n`);
|
|
23
|
+
case SecretsProviderType.Vault:
|
|
24
|
+
return new vault_1.VaultSecretsProvider();
|
|
25
|
+
case SecretsProviderType.AwsSecretsManager:
|
|
26
|
+
return new aws_secrets_manager_1.AwsSecretsManagerSecretsProvider();
|
|
27
|
+
case SecretsProviderType.AzureKeyVault:
|
|
28
|
+
return new azure_key_vault_1.AzureKeyVaultSecretsProvider();
|
|
29
|
+
case SecretsProviderType.GcpSecretManager:
|
|
30
|
+
return new gcp_secret_manager_1.GcpSecretManagerSecretsProvider();
|
|
31
|
+
case SecretsProviderType.Local:
|
|
32
|
+
return new local_1.LocalSecretsProvider();
|
|
14
33
|
default:
|
|
15
34
|
throw new Error(`Unknown secrets provider: ${provider}`);
|
|
16
35
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../src/secrets/provider.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../src/secrets/provider.ts"],"names":[],"mappings":";;;AACA,mCAA+C;AAC/C,+DAAyE;AACzE,uDAAiE;AACjE,6DAAuE;AACvE,mCAA+C;AAE/C,IAAY,mBAQX;AARD,WAAY,mBAAmB;IAC7B,6CAAsB,CAAA;IACtB,sCAAe,CAAA;IACf,gEAAyC,CAAA;IACzC,wDAAiC,CAAA;IACjC,8DAAuC,CAAA;IACvC,sCAAe,CAAA;IACf,oCAAa,CAAA;AACf,CAAC,EARW,mBAAmB,GAAnB,2BAAmB,KAAnB,2BAAmB,QAQ9B;AAYD,SAAgB,kBAAkB,CAChC,QAA6B;IAE7B,QAAQ,QAAQ,EAAE;QAChB,KAAK,mBAAmB,CAAC,QAAQ;YAC/B,MAAM,IAAI,KAAK,CACb,+KAA+K,CAChL,CAAC;QACJ,KAAK,mBAAmB,CAAC,KAAK;YAC5B,OAAO,IAAI,4BAAoB,EAAE,CAAC;QACpC,KAAK,mBAAmB,CAAC,iBAAiB;YACxC,OAAO,IAAI,sDAAgC,EAAE,CAAC;QAChD,KAAK,mBAAmB,CAAC,aAAa;YACpC,OAAO,IAAI,8CAA4B,EAAE,CAAC;QAC5C,KAAK,mBAAmB,CAAC,gBAAgB;YACvC,OAAO,IAAI,oDAA+B,EAAE,CAAC;QAC/C,KAAK,mBAAmB,CAAC,KAAK;YAC5B,OAAO,IAAI,4BAAoB,EAAE,CAAC;QACpC;YACE,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;KAC5D;AACH,CAAC;AArBD,gDAqBC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import Config from "../config";
|
|
2
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
3
|
+
export declare class VaultSecretsProvider implements ISecretsProvider {
|
|
4
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
5
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=vault.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../../src/secrets/vault.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,WAAW,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAO7D,qBAAa,oBAAqB,YAAW,gBAAgB;IAC9C,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAwBpD,SAAS,CACpB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC;CAwDnB"}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.VaultSecretsProvider = void 0;
|
|
7
|
+
const axios_1 = __importDefault(require("axios"));
|
|
8
|
+
var VaultKvEngine;
|
|
9
|
+
(function (VaultKvEngine) {
|
|
10
|
+
VaultKvEngine["V1"] = "v1";
|
|
11
|
+
VaultKvEngine["V2"] = "v2";
|
|
12
|
+
})(VaultKvEngine || (VaultKvEngine = {}));
|
|
13
|
+
class VaultSecretsProvider {
|
|
14
|
+
async getAuthToken(config) {
|
|
15
|
+
const endpoint = config.get("secrets.vault.endpoint");
|
|
16
|
+
const namespace = config.get("secrets.vault.namespace");
|
|
17
|
+
const response = await axios_1.default.post(`${endpoint}/v1/auth/approle/login`, {
|
|
18
|
+
role_id: process.env.VAULT_ROLE_ID,
|
|
19
|
+
secret_id: process.env.VAULT_SECRET_ID,
|
|
20
|
+
}, {
|
|
21
|
+
headers: {
|
|
22
|
+
"Content-Type": "application/json",
|
|
23
|
+
"X-Vault-Namespace": namespace,
|
|
24
|
+
},
|
|
25
|
+
});
|
|
26
|
+
return {
|
|
27
|
+
value: response.data.auth.client_token,
|
|
28
|
+
expires: new Date(Date.now() + response.data.auth.lease_duration * 1000),
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
async getSecret(config, token, name) {
|
|
32
|
+
const kvEngine = config.get("secrets.vault.kv-engine");
|
|
33
|
+
const engineName = config.get("secrets.vault.engine-name");
|
|
34
|
+
if (kvEngine === VaultKvEngine.V1) {
|
|
35
|
+
const response = await axios_1.default.get(`${config.get("secrets.vault.endpoint")}/v1/${engineName}/${name}`, {
|
|
36
|
+
headers: {
|
|
37
|
+
"X-Vault-Token": token,
|
|
38
|
+
"X-Vault-Namespace": config.get("secrets.vault.namespace"),
|
|
39
|
+
},
|
|
40
|
+
});
|
|
41
|
+
if (!response.data.data) {
|
|
42
|
+
throw new Error(`No data found at path: ${name}`);
|
|
43
|
+
}
|
|
44
|
+
if (!response.data.data.value) {
|
|
45
|
+
throw new Error(`No key with name 'value' found in secret key/value at path: ${name}`);
|
|
46
|
+
}
|
|
47
|
+
return response.data.data.value;
|
|
48
|
+
}
|
|
49
|
+
else if (kvEngine === VaultKvEngine.V2) {
|
|
50
|
+
const response = await axios_1.default.get(`${config.get("secrets.vault.endpoint")}/v1/${engineName}/data/${name}`, {
|
|
51
|
+
headers: {
|
|
52
|
+
"X-Vault-Token": token,
|
|
53
|
+
"X-Vault-Namespace": config.get("secrets.vault.namespace"),
|
|
54
|
+
},
|
|
55
|
+
});
|
|
56
|
+
if (!response.data.data || !response.data.data.data) {
|
|
57
|
+
throw new Error(`No data found at path: ${name}`);
|
|
58
|
+
}
|
|
59
|
+
if (!response.data.data.data.value) {
|
|
60
|
+
throw new Error(`No key with name 'value' found in secret key/value at path: ${name}`);
|
|
61
|
+
}
|
|
62
|
+
return response.data.data.data.value;
|
|
63
|
+
}
|
|
64
|
+
else {
|
|
65
|
+
throw new Error(`Unsupported Vault KV engine: ${kvEngine}`);
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
exports.VaultSecretsProvider = VaultSecretsProvider;
|
|
70
|
+
//# sourceMappingURL=vault.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"vault.js","sourceRoot":"","sources":["../../src/secrets/vault.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAI1B,IAAK,aAGJ;AAHD,WAAK,aAAa;IAChB,0BAAS,CAAA;IACT,0BAAS,CAAA;AACX,CAAC,EAHI,aAAa,KAAb,aAAa,QAGjB;AAED,MAAa,oBAAoB;IACxB,KAAK,CAAC,YAAY,CAAC,MAAc;QACtC,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAS,wBAAwB,CAAC,CAAC;QAC9D,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAS,yBAAyB,CAAC,CAAC;QAEhE,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,IAAI,CAC/B,GAAG,QAAQ,wBAAwB,EACnC;YACE,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa;YAClC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;SACvC,EACD;YACE,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,mBAAmB,EAAE,SAAS;aAC/B;SACF,CACF,CAAC;QAEF,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY;YACtC,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;SACzE,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,SAAS,CACpB,MAAc,EACd,KAAa,EACb,IAAY;QAEZ,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAgB,yBAAyB,CAAC,CAAC;QACtE,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAS,2BAA2B,CAAC,CAAC;QAEnE,IAAI,QAAQ,KAAK,aAAa,CAAC,EAAE,EAAE;YACjC,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAC9B,GAAG,MAAM,CAAC,GAAG,CACX,wBAAwB,CACzB,OAAO,UAAU,IAAI,IAAI,EAAE,EAC5B;gBACE,OAAO,EAAE;oBACP,eAAe,EAAE,KAAK;oBACtB,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAS,yBAAyB,CAAC;iBACnE;aACF,CACF,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE;gBACvB,MAAM,IAAI,KAAK,CAAC,0BAA0B,IAAI,EAAE,CAAC,CAAC;aACnD;YAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBAC7B,MAAM,IAAI,KAAK,CACb,+DAA+D,IAAI,EAAE,CACtE,CAAC;aACH;YAED,OAAO,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;SACjC;aAAM,IAAI,QAAQ,KAAK,aAAa,CAAC,EAAE,EAAE;YACxC,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAC9B,GAAG,MAAM,CAAC,GAAG,CACX,wBAAwB,CACzB,OAAO,UAAU,SAAS,IAAI,EAAE,EACjC;gBACE,OAAO,EAAE;oBACP,eAAe,EAAE,KAAK;oBACtB,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAS,yBAAyB,CAAC;iBACnE;aACF,CACF,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,0BAA0B,IAAI,EAAE,CAAC,CAAC;aACnD;YAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBAClC,MAAM,IAAI,KAAK,CACb,+DAA+D,IAAI,EAAE,CACtE,CAAC;aACH;YAED,OAAO,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;SACtC;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,EAAE,CAAC,CAAC;SAC7D;IACH,CAAC;CACF;AArFD,oDAqFC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@incanta/config",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "2.0.0",
|
|
4
4
|
"main": "lib/index.js",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": "./lib/index.js",
|
|
@@ -18,6 +18,10 @@
|
|
|
18
18
|
"test": "jest"
|
|
19
19
|
},
|
|
20
20
|
"dependencies": {
|
|
21
|
+
"@aws-sdk/client-secrets-manager": "^3.839.0",
|
|
22
|
+
"@azure/identity": "^4.10.1",
|
|
23
|
+
"@azure/keyvault-secrets": "^4.10.0",
|
|
24
|
+
"@google-cloud/secret-manager": "^6.0.1",
|
|
21
25
|
"axios": "^1.8.2",
|
|
22
26
|
"js-yaml": "^4.1.0",
|
|
23
27
|
"json5": "^2.2.3",
|
package/src/config.ts
CHANGED
|
@@ -19,6 +19,11 @@ export interface IConfigSettings {
|
|
|
19
19
|
extraDirs?: string[];
|
|
20
20
|
}
|
|
21
21
|
|
|
22
|
+
interface ISecret {
|
|
23
|
+
value: string;
|
|
24
|
+
expires: Date;
|
|
25
|
+
}
|
|
26
|
+
|
|
22
27
|
export default class Config {
|
|
23
28
|
private configDir: string = "";
|
|
24
29
|
private configEnv: string = "";
|
|
@@ -34,8 +39,7 @@ export default class Config {
|
|
|
34
39
|
value: string;
|
|
35
40
|
expires: Date;
|
|
36
41
|
} | null = null;
|
|
37
|
-
private secretsCache: Record<string,
|
|
38
|
-
private secretsCacheExpiration: Date | null = null;
|
|
42
|
+
private secretsCache: Record<string, ISecret> = {};
|
|
39
43
|
|
|
40
44
|
public constructor(options?: IConfigOptions) {
|
|
41
45
|
this.init(options);
|
|
@@ -47,7 +51,6 @@ export default class Config {
|
|
|
47
51
|
this.customValues = {};
|
|
48
52
|
this.secretsToken = null;
|
|
49
53
|
this.secretsCache = {};
|
|
50
|
-
this.secretsCacheExpiration = null;
|
|
51
54
|
|
|
52
55
|
let defaultConfigDir = "config";
|
|
53
56
|
let defaultConfigEnv = "default";
|
|
@@ -143,6 +146,18 @@ export default class Config {
|
|
|
143
146
|
|
|
144
147
|
applyBases(this.values);
|
|
145
148
|
|
|
149
|
+
const removeIncantaConfigBase = (obj: any): void => {
|
|
150
|
+
for (const key of Object.keys(obj)) {
|
|
151
|
+
if (key === "incantaConfigBase") {
|
|
152
|
+
delete obj[key];
|
|
153
|
+
} else if (typeof obj[key] === "object" && obj[key] !== null) {
|
|
154
|
+
removeIncantaConfigBase(obj[key]);
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
};
|
|
158
|
+
|
|
159
|
+
removeIncantaConfigBase(this.values);
|
|
160
|
+
|
|
146
161
|
this.values = Loader.convertKebabToCamelCase(
|
|
147
162
|
this.values,
|
|
148
163
|
configFolderOptions
|
|
@@ -244,25 +259,6 @@ export default class Config {
|
|
|
244
259
|
return obj as T;
|
|
245
260
|
}
|
|
246
261
|
|
|
247
|
-
public async refreshSecrets(): Promise<void> {
|
|
248
|
-
const provider = GetSecretsProvider(this.normalizedValues.secrets.provider);
|
|
249
|
-
|
|
250
|
-
if (
|
|
251
|
-
this.secretsToken === null ||
|
|
252
|
-
this.secretsToken.expires.getTime() < Date.now() + 500
|
|
253
|
-
) {
|
|
254
|
-
this.secretsToken = await provider.getAuthToken();
|
|
255
|
-
}
|
|
256
|
-
|
|
257
|
-
this.secretsCache = await provider.getSecrets(
|
|
258
|
-
this,
|
|
259
|
-
this.secretsToken.value
|
|
260
|
-
);
|
|
261
|
-
this.secretsCacheExpiration = new Date(
|
|
262
|
-
Date.now() + this.get<number>("secrets.cache-duration-seconds") * 1000
|
|
263
|
-
);
|
|
264
|
-
}
|
|
265
|
-
|
|
266
262
|
public async getWithSecrets<T>(key: string): Promise<T> {
|
|
267
263
|
let value = this.get<T>(key);
|
|
268
264
|
|
|
@@ -294,28 +290,33 @@ export default class Config {
|
|
|
294
290
|
this.secretsToken === null ||
|
|
295
291
|
this.secretsToken.expires.getTime() < Date.now() + 500
|
|
296
292
|
) {
|
|
297
|
-
this.secretsToken = await provider.getAuthToken();
|
|
293
|
+
this.secretsToken = await provider.getAuthToken(this);
|
|
298
294
|
}
|
|
299
295
|
|
|
300
296
|
if (
|
|
301
|
-
this.
|
|
302
|
-
this.
|
|
303
|
-
this.secretsCache[secretKey] === undefined
|
|
297
|
+
this.secretsCache[secretKey] === undefined ||
|
|
298
|
+
this.secretsCache[secretKey].expires < new Date()
|
|
304
299
|
) {
|
|
305
|
-
|
|
300
|
+
const secretValue = await provider.getSecret(
|
|
306
301
|
this,
|
|
307
|
-
this.secretsToken.value
|
|
308
|
-
|
|
309
|
-
this.secretsCacheExpiration = new Date(
|
|
310
|
-
Date.now() + this.get<number>("secrets.cache-duration-seconds") * 1000
|
|
302
|
+
this.secretsToken.value,
|
|
303
|
+
secretKey
|
|
311
304
|
);
|
|
305
|
+
|
|
306
|
+
this.secretsCache[secretKey] = {
|
|
307
|
+
value: secretValue,
|
|
308
|
+
expires: new Date(
|
|
309
|
+
Date.now() +
|
|
310
|
+
this.get<number>("secrets.cache-duration-seconds") * 1000
|
|
311
|
+
),
|
|
312
|
+
};
|
|
312
313
|
}
|
|
313
314
|
|
|
314
315
|
if (this.secretsCache[secretKey] === undefined) {
|
|
315
316
|
throw new Error(`Secret ${secretKey} not found`);
|
|
316
317
|
}
|
|
317
318
|
|
|
318
|
-
return this.secretsCache[secretKey] as T;
|
|
319
|
+
return this.secretsCache[secretKey].value as T;
|
|
319
320
|
} else if (typeof v === "object" && v !== null) {
|
|
320
321
|
if (Array.isArray(v)) {
|
|
321
322
|
const newObjs: any[] = [];
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import {
|
|
2
|
+
SecretsManagerClient,
|
|
3
|
+
GetSecretValueCommand,
|
|
4
|
+
} from "@aws-sdk/client-secrets-manager";
|
|
5
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
6
|
+
import Config from "../config";
|
|
7
|
+
|
|
8
|
+
export class AwsSecretsManagerSecretsProvider implements ISecretsProvider {
|
|
9
|
+
public async getAuthToken(config: Config): Promise<ISecretsToken> {
|
|
10
|
+
return {
|
|
11
|
+
value: "", // auth happens automatically with AWS SDK
|
|
12
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
public async getSecret(
|
|
17
|
+
config: Config,
|
|
18
|
+
token: string,
|
|
19
|
+
name: string
|
|
20
|
+
): Promise<string> {
|
|
21
|
+
const region = config.get<string>("secrets.aws-kms.region");
|
|
22
|
+
|
|
23
|
+
const client = new SecretsManagerClient({
|
|
24
|
+
region,
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
const response = await client.send(
|
|
28
|
+
new GetSecretValueCommand({
|
|
29
|
+
SecretId: name,
|
|
30
|
+
VersionStage: "AWSCURRENT",
|
|
31
|
+
})
|
|
32
|
+
);
|
|
33
|
+
|
|
34
|
+
if (!response.SecretString) {
|
|
35
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
return response.SecretString;
|
|
39
|
+
}
|
|
40
|
+
}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { SecretClient } from "@azure/keyvault-secrets";
|
|
2
|
+
import { DefaultAzureCredential } from "@azure/identity";
|
|
3
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
4
|
+
import Config from "../config";
|
|
5
|
+
|
|
6
|
+
export class AzureKeyVaultSecretsProvider implements ISecretsProvider {
|
|
7
|
+
public async getAuthToken(config: Config): Promise<ISecretsToken> {
|
|
8
|
+
return {
|
|
9
|
+
value: "", // auth happens automatically with the Azure SDK
|
|
10
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
public async getSecret(
|
|
15
|
+
config: Config,
|
|
16
|
+
token: string,
|
|
17
|
+
name: string
|
|
18
|
+
): Promise<string> {
|
|
19
|
+
// DefaultAzureCredential expects the following three environment variables:
|
|
20
|
+
// - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
|
|
21
|
+
// - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
|
|
22
|
+
// - AZURE_CLIENT_SECRET: The client secret for the registered application
|
|
23
|
+
const credential = new DefaultAzureCredential();
|
|
24
|
+
|
|
25
|
+
const endpoint = config.get<string>("secrets.azure-key-vault.endpoint");
|
|
26
|
+
|
|
27
|
+
const client = new SecretClient(endpoint, credential);
|
|
28
|
+
|
|
29
|
+
const secret = await client.getSecret(name);
|
|
30
|
+
|
|
31
|
+
return secret.value || "";
|
|
32
|
+
}
|
|
33
|
+
}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { v1 } from "@google-cloud/secret-manager";
|
|
2
|
+
const { SecretManagerServiceClient } = v1;
|
|
3
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
4
|
+
import Config from "../config";
|
|
5
|
+
|
|
6
|
+
export class GcpSecretManagerSecretsProvider implements ISecretsProvider {
|
|
7
|
+
public async getAuthToken(config: Config): Promise<ISecretsToken> {
|
|
8
|
+
return {
|
|
9
|
+
value: "", // auth happens automatically with the Azure SDK
|
|
10
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
public async getSecret(
|
|
15
|
+
config: Config,
|
|
16
|
+
token: string,
|
|
17
|
+
name: string
|
|
18
|
+
): Promise<string> {
|
|
19
|
+
const client = new SecretManagerServiceClient();
|
|
20
|
+
|
|
21
|
+
const projectId = config.get<string>(
|
|
22
|
+
"secrets.gcp-secret-manager.project-id"
|
|
23
|
+
);
|
|
24
|
+
|
|
25
|
+
const [secret] = await client.accessSecretVersion({
|
|
26
|
+
name: `projects/${projectId}/secrets/${name}/versions/latest`,
|
|
27
|
+
});
|
|
28
|
+
|
|
29
|
+
if (!secret.payload || !secret.payload.data) {
|
|
30
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
return secret.payload.data.toString();
|
|
34
|
+
}
|
|
35
|
+
}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
import { existsSync, promises as fs } from "fs";
|
|
4
|
+
import path from "path";
|
|
5
|
+
|
|
6
|
+
export class LocalSecretsProvider implements ISecretsProvider {
|
|
7
|
+
public async getAuthToken(config: Config): Promise<ISecretsToken> {
|
|
8
|
+
return {
|
|
9
|
+
value: "", // there is no auth token for local secrets
|
|
10
|
+
expires: new Date(Date.now() + 3600 * 1000),
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
public async getSecret(
|
|
15
|
+
config: Config,
|
|
16
|
+
token: string,
|
|
17
|
+
name: string
|
|
18
|
+
): Promise<string> {
|
|
19
|
+
let filePath = config.tryGet<string>("secrets.local.file-path");
|
|
20
|
+
|
|
21
|
+
if (filePath === null) {
|
|
22
|
+
filePath = ".secrets";
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
const absolutePath = path.resolve(process.cwd(), filePath);
|
|
26
|
+
|
|
27
|
+
if (existsSync(absolutePath) === false) {
|
|
28
|
+
throw new Error(`Secrets file does not exist: ${absolutePath}`);
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
const contents = await fs.readFile(absolutePath, "utf8");
|
|
32
|
+
|
|
33
|
+
const secretLines = contents.replace(/\r\n/g, "\n").split("\n");
|
|
34
|
+
|
|
35
|
+
const secretMap: Record<string, string> = {};
|
|
36
|
+
for (const line of secretLines) {
|
|
37
|
+
const [key, value] = line.split("=");
|
|
38
|
+
if (key && value) {
|
|
39
|
+
secretMap[key.trim()] = value.trim();
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
if (Object.keys(secretMap).length === 0) {
|
|
44
|
+
throw new Error(`No secrets found in file: ${filePath}`);
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
if (!secretMap[name]) {
|
|
48
|
+
throw new Error(`No secret found with name: ${name}`);
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
return secretMap[name];
|
|
52
|
+
}
|
|
53
|
+
}
|
package/src/secrets/provider.ts
CHANGED
|
@@ -1,8 +1,17 @@
|
|
|
1
1
|
import Config from "../config";
|
|
2
|
-
import {
|
|
2
|
+
import { VaultSecretsProvider } from "./vault";
|
|
3
|
+
import { AwsSecretsManagerSecretsProvider } from "./aws-secrets-manager";
|
|
4
|
+
import { AzureKeyVaultSecretsProvider } from "./azure-key-vault";
|
|
5
|
+
import { GcpSecretManagerSecretsProvider } from "./gcp-secret-manager";
|
|
6
|
+
import { LocalSecretsProvider } from "./local";
|
|
3
7
|
|
|
4
8
|
export enum SecretsProviderType {
|
|
5
9
|
HcpVault = "hcp-vault",
|
|
10
|
+
Vault = "vault",
|
|
11
|
+
AwsSecretsManager = "aws-secrets-manager",
|
|
12
|
+
AzureKeyVault = "azure-key-vault",
|
|
13
|
+
GcpSecretManager = "gcp-secret-manager",
|
|
14
|
+
Local = "local",
|
|
6
15
|
None = "none",
|
|
7
16
|
}
|
|
8
17
|
|
|
@@ -12,9 +21,8 @@ export interface ISecretsToken {
|
|
|
12
21
|
}
|
|
13
22
|
|
|
14
23
|
export interface ISecretsProvider {
|
|
15
|
-
getAuthToken(): Promise<ISecretsToken>;
|
|
16
|
-
|
|
17
|
-
getSecret(config: Config, token: string, secretName: string): Promise<string>;
|
|
24
|
+
getAuthToken(config: Config): Promise<ISecretsToken>;
|
|
25
|
+
getSecret(config: Config, token: string, name: string): Promise<string>;
|
|
18
26
|
}
|
|
19
27
|
|
|
20
28
|
export function GetSecretsProvider(
|
|
@@ -22,7 +30,19 @@ export function GetSecretsProvider(
|
|
|
22
30
|
): ISecretsProvider {
|
|
23
31
|
switch (provider) {
|
|
24
32
|
case SecretsProviderType.HcpVault:
|
|
25
|
-
|
|
33
|
+
throw new Error(
|
|
34
|
+
`Hashicorp's managed HCP Vault has been discontinued; please use another secrets provider\n\nhttps://developer.hashicorp.com/hcp/docs/vault-secrets/end-of-sale-announcement\n`
|
|
35
|
+
);
|
|
36
|
+
case SecretsProviderType.Vault:
|
|
37
|
+
return new VaultSecretsProvider();
|
|
38
|
+
case SecretsProviderType.AwsSecretsManager:
|
|
39
|
+
return new AwsSecretsManagerSecretsProvider();
|
|
40
|
+
case SecretsProviderType.AzureKeyVault:
|
|
41
|
+
return new AzureKeyVaultSecretsProvider();
|
|
42
|
+
case SecretsProviderType.GcpSecretManager:
|
|
43
|
+
return new GcpSecretManagerSecretsProvider();
|
|
44
|
+
case SecretsProviderType.Local:
|
|
45
|
+
return new LocalSecretsProvider();
|
|
26
46
|
default:
|
|
27
47
|
throw new Error(`Unknown secrets provider: ${provider}`);
|
|
28
48
|
}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import axios from "axios";
|
|
2
|
+
import Config from "../config";
|
|
3
|
+
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
4
|
+
|
|
5
|
+
enum VaultKvEngine {
|
|
6
|
+
V1 = "v1",
|
|
7
|
+
V2 = "v2",
|
|
8
|
+
}
|
|
9
|
+
|
|
10
|
+
export class VaultSecretsProvider implements ISecretsProvider {
|
|
11
|
+
public async getAuthToken(config: Config): Promise<ISecretsToken> {
|
|
12
|
+
const endpoint = config.get<string>("secrets.vault.endpoint");
|
|
13
|
+
const namespace = config.get<string>("secrets.vault.namespace");
|
|
14
|
+
|
|
15
|
+
const response = await axios.post(
|
|
16
|
+
`${endpoint}/v1/auth/approle/login`,
|
|
17
|
+
{
|
|
18
|
+
role_id: process.env.VAULT_ROLE_ID,
|
|
19
|
+
secret_id: process.env.VAULT_SECRET_ID,
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
headers: {
|
|
23
|
+
"Content-Type": "application/json",
|
|
24
|
+
"X-Vault-Namespace": namespace,
|
|
25
|
+
},
|
|
26
|
+
}
|
|
27
|
+
);
|
|
28
|
+
|
|
29
|
+
return {
|
|
30
|
+
value: response.data.auth.client_token,
|
|
31
|
+
expires: new Date(Date.now() + response.data.auth.lease_duration * 1000),
|
|
32
|
+
};
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
public async getSecret(
|
|
36
|
+
config: Config,
|
|
37
|
+
token: string,
|
|
38
|
+
name: string
|
|
39
|
+
): Promise<string> {
|
|
40
|
+
const kvEngine = config.get<VaultKvEngine>("secrets.vault.kv-engine");
|
|
41
|
+
const engineName = config.get<string>("secrets.vault.engine-name");
|
|
42
|
+
|
|
43
|
+
if (kvEngine === VaultKvEngine.V1) {
|
|
44
|
+
const response = await axios.get(
|
|
45
|
+
`${config.get<string>(
|
|
46
|
+
"secrets.vault.endpoint"
|
|
47
|
+
)}/v1/${engineName}/${name}`,
|
|
48
|
+
{
|
|
49
|
+
headers: {
|
|
50
|
+
"X-Vault-Token": token,
|
|
51
|
+
"X-Vault-Namespace": config.get<string>("secrets.vault.namespace"),
|
|
52
|
+
},
|
|
53
|
+
}
|
|
54
|
+
);
|
|
55
|
+
|
|
56
|
+
if (!response.data.data) {
|
|
57
|
+
throw new Error(`No data found at path: ${name}`);
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
if (!response.data.data.value) {
|
|
61
|
+
throw new Error(
|
|
62
|
+
`No key with name 'value' found in secret key/value at path: ${name}`
|
|
63
|
+
);
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
return response.data.data.value;
|
|
67
|
+
} else if (kvEngine === VaultKvEngine.V2) {
|
|
68
|
+
const response = await axios.get(
|
|
69
|
+
`${config.get<string>(
|
|
70
|
+
"secrets.vault.endpoint"
|
|
71
|
+
)}/v1/${engineName}/data/${name}`,
|
|
72
|
+
{
|
|
73
|
+
headers: {
|
|
74
|
+
"X-Vault-Token": token,
|
|
75
|
+
"X-Vault-Namespace": config.get<string>("secrets.vault.namespace"),
|
|
76
|
+
},
|
|
77
|
+
}
|
|
78
|
+
);
|
|
79
|
+
|
|
80
|
+
if (!response.data.data || !response.data.data.data) {
|
|
81
|
+
throw new Error(`No data found at path: ${name}`);
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
if (!response.data.data.data.value) {
|
|
85
|
+
throw new Error(
|
|
86
|
+
`No key with name 'value' found in secret key/value at path: ${name}`
|
|
87
|
+
);
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
return response.data.data.data.value;
|
|
91
|
+
} else {
|
|
92
|
+
throw new Error(`Unsupported Vault KV engine: ${kvEngine}`);
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
}
|
package/src/secrets/hcp-vault.ts
DELETED
|
@@ -1,100 +0,0 @@
|
|
|
1
|
-
import axios, { AxiosError } from "axios";
|
|
2
|
-
import Config from "../config";
|
|
3
|
-
import { ISecretsProvider, ISecretsToken } from "./provider";
|
|
4
|
-
|
|
5
|
-
export interface IHcpVaultSecret {
|
|
6
|
-
name: string;
|
|
7
|
-
version: {
|
|
8
|
-
version: string;
|
|
9
|
-
type: string;
|
|
10
|
-
created_at: string;
|
|
11
|
-
value: string;
|
|
12
|
-
created_by: {
|
|
13
|
-
name: string;
|
|
14
|
-
type: string;
|
|
15
|
-
email: string;
|
|
16
|
-
};
|
|
17
|
-
};
|
|
18
|
-
created_at: string;
|
|
19
|
-
latest_version: string;
|
|
20
|
-
created_by: {
|
|
21
|
-
name: string;
|
|
22
|
-
type: string;
|
|
23
|
-
email: string;
|
|
24
|
-
};
|
|
25
|
-
sync_status: any;
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
export class HcpVaultSecretsProvider implements ISecretsProvider {
|
|
29
|
-
public async getAuthToken(): Promise<ISecretsToken> {
|
|
30
|
-
try {
|
|
31
|
-
const response = await axios.post(
|
|
32
|
-
"https://auth.idp.hashicorp.com/oauth2/token",
|
|
33
|
-
{
|
|
34
|
-
client_id: process.env.HCP_CLIENT_ID,
|
|
35
|
-
client_secret: process.env.HCP_CLIENT_SECRET,
|
|
36
|
-
grant_type: "client_credentials",
|
|
37
|
-
audience: "https://api.hashicorp.cloud",
|
|
38
|
-
},
|
|
39
|
-
{
|
|
40
|
-
headers: {
|
|
41
|
-
"Content-Type": "application/x-www-form-urlencoded",
|
|
42
|
-
},
|
|
43
|
-
}
|
|
44
|
-
);
|
|
45
|
-
return {
|
|
46
|
-
value: response.data.access_token,
|
|
47
|
-
expires: new Date(Date.now() + response.data.expires_in * 1000),
|
|
48
|
-
};
|
|
49
|
-
} catch (error: any) {
|
|
50
|
-
const typedError = error as AxiosError;
|
|
51
|
-
throw new Error(
|
|
52
|
-
`Failed to get HCP Vault token: ${typedError.code}; did you set HCP_CLIENT_ID and HCP_CLIENT_SECRET?`
|
|
53
|
-
);
|
|
54
|
-
}
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
public async getSecrets(
|
|
58
|
-
config: Config,
|
|
59
|
-
token: string
|
|
60
|
-
): Promise<Record<string, string>> {
|
|
61
|
-
const orgId = config.get<string>("secrets.hcp-vault.organization-id");
|
|
62
|
-
const projectId = config.get<string>("secrets.hcp-vault.project-id");
|
|
63
|
-
const appName = config.get<string>("secrets.hcp-vault.app-name");
|
|
64
|
-
const response = await axios.get(
|
|
65
|
-
`https://api.cloud.hashicorp.com/secrets/2023-06-13/organizations/${orgId}/projects/${projectId}/apps/${appName}/open`,
|
|
66
|
-
{
|
|
67
|
-
headers: {
|
|
68
|
-
Authorization: `Bearer ${token}`,
|
|
69
|
-
},
|
|
70
|
-
}
|
|
71
|
-
);
|
|
72
|
-
|
|
73
|
-
const secrets: Record<string, string> = {};
|
|
74
|
-
for (const secret of response.data.secrets as IHcpVaultSecret[]) {
|
|
75
|
-
secrets[secret.name] = secret.version.value;
|
|
76
|
-
}
|
|
77
|
-
|
|
78
|
-
return secrets;
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
public async getSecret(
|
|
82
|
-
config: Config,
|
|
83
|
-
token: string,
|
|
84
|
-
secretName: string
|
|
85
|
-
): Promise<string> {
|
|
86
|
-
const orgId = config.get<string>("secrets.hcp-vault.organization-id");
|
|
87
|
-
const projectId = config.get<string>("secrets.hcp-vault.project-id");
|
|
88
|
-
const appName = config.get<string>("secrets.hcp-vault.app-name");
|
|
89
|
-
const response = await axios.get(
|
|
90
|
-
`https://api.cloud.hashicorp.com/secrets/2023-06-13/organizations/${orgId}/projects/${projectId}/apps/${appName}/open/${secretName}`,
|
|
91
|
-
{
|
|
92
|
-
headers: {
|
|
93
|
-
Authorization: `Bearer ${token}`,
|
|
94
|
-
},
|
|
95
|
-
}
|
|
96
|
-
);
|
|
97
|
-
|
|
98
|
-
return (response.data.secret as IHcpVaultSecret).version.value;
|
|
99
|
-
}
|
|
100
|
-
}
|