@kibibit/configit 1.0.0-beta.26 → 1.0.0-beta.27

package/lib/src/vault/secret-refresh-manager.js

@@ -0,0 +1,149 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecretRefreshManager = void 0;
+class SecretRefreshManager {
+    constructor(provider, cache, refreshBuffer) {
+        this.refreshTimers = new Map();
+        this.refreshLocks = new Map();
+        this.refreshCounts = new Map();
+        this.lastRefreshTimes = new Map();
+        this.refreshContexts = new Map();
+        this.vaultProvider = provider;
+        this.cache = cache;
+        this.refreshBuffer = refreshBuffer || 300;
+    }
+    scheduleRefresh(propertyName, metadata, targetInstance) {
+        const entry = this.cache.getEntry(propertyName);
+        if (!entry) {
+            return;
+        }
+        this.refreshContexts.set(propertyName, {
+            metadata,
+            targetInstance,
+            fullPath: entry.vaultPath
+        });
+        this.cancelRefresh(propertyName);
+        const now = Date.now();
+        const timeUntilRefresh = Math.max(0, entry.refreshAt - now);
+        if (timeUntilRefresh <= 0) {
+            this.executeRefresh(propertyName);
+            return;
+        }
+        const timer = setTimeout(() => {
+            this.executeRefresh(propertyName);
+        }, timeUntilRefresh);
+        this.refreshTimers.set(propertyName, timer);
+    }
+    cancelRefresh(propertyName) {
+        const timer = this.refreshTimers.get(propertyName);
+        if (timer) {
+            clearTimeout(timer);
+            this.refreshTimers.delete(propertyName);
+        }
+    }
+    async executeRefresh(propertyName) {
+        const existingLock = this.refreshLocks.get(propertyName);
+        if (existingLock) {
+            await existingLock;
+            return;
+        }
+        const refreshPromise = this.performRefresh(propertyName)
+            .finally(() => {
+            this.refreshLocks.delete(propertyName);
+            this.refreshTimers.delete(propertyName);
+        });
+        this.refreshLocks.set(propertyName, refreshPromise);
+        await refreshPromise;
+    }
+    async performRefresh(propertyName) {
+        const context = this.refreshContexts.get(propertyName);
+        if (!context) {
+            console.error(`No refresh context for ${propertyName}`);
+            return;
+        }
+        const { metadata, targetInstance, fullPath } = context;
+        const refreshCount = (this.refreshCounts.get(propertyName) || 0) + 1;
+        this.refreshCounts.set(propertyName, refreshCount);
+        try {
+            const secret = await this.vaultProvider.read(fullPath);
+            this.cache.set(propertyName, fullPath, secret, metadata);
+            if (targetInstance) {
+                const key = metadata.key || metadata.propertyName;
+                const value = secret.data[key];
+                targetInstance[propertyName] = value;
+            }
+            this.lastRefreshTimes.set(propertyName, Date.now());
+            this.scheduleRefresh(propertyName, metadata, targetInstance);
+        }
+        catch (error) {
+            const errorMessage = (error === null || error === void 0 ? void 0 : error.message) || 'Unknown error';
+            console.error(`Failed to refresh secret for ${propertyName}: ${this.sanitizeError(errorMessage)}`);
+            const retryDelay = Math.min(1000 * Math.pow(2, refreshCount - 1), 30000);
+            setTimeout(() => {
+                this.scheduleRefresh(propertyName, metadata, targetInstance);
+            }, retryDelay);
+        }
+    }
+    getRefreshStatus() {
+        const statuses = [];
+        const cachedProperties = this.cache.getCachedProperties();
+        for (const propertyName of cachedProperties) {
+            const entry = this.cache.getEntry(propertyName);
+            if (!entry) {
+                continue;
+            }
+            const timer = this.refreshTimers.get(propertyName);
+            const now = Date.now();
+            const refreshAt = entry.refreshAt;
+            const timeUntilRefresh = Math.max(0, refreshAt - now);
+            statuses.push({
+                propertyName,
+                vaultPath: entry.vaultPath,
+                scheduled: timer !== undefined,
+                refreshAt,
+                timeUntilRefresh,
+                lastRefresh: this.lastRefreshTimes.get(propertyName) || entry.cachedAt,
+                refreshCount: this.refreshCounts.get(propertyName) || 0
+            });
+        }
+        return statuses;
+    }
+    getRefreshStatusForProperty(propertyName) {
+        const entry = this.cache.getEntry(propertyName);
+        if (!entry) {
+            return null;
+        }
+        const timer = this.refreshTimers.get(propertyName);
+        const now = Date.now();
+        const refreshAt = entry.refreshAt;
+        const timeUntilRefresh = Math.max(0, refreshAt - now);
+        return {
+            propertyName,
+            vaultPath: entry.vaultPath,
+            scheduled: timer !== undefined,
+            refreshAt,
+            timeUntilRefresh,
+            lastRefresh: this.lastRefreshTimes.get(propertyName) || entry.cachedAt,
+            refreshCount: this.refreshCounts.get(propertyName) || 0
+        };
+    }
+    shutdown() {
+        for (const [propertyName, timer] of this.refreshTimers.entries()) {
+            clearTimeout(timer);
+        }
+        this.refreshTimers.clear();
+        this.refreshLocks.clear();
+        this.refreshCounts.clear();
+        this.lastRefreshTimes.clear();
+    }
+    sanitizeError(message) {
+        const sensitivePatterns = [/password/i, /secret/i, /key/i, /token/i, /credential/i];
+        let sanitized = message;
+        sensitivePatterns.forEach((pattern) => {
+            sanitized = sanitized.replace(new RegExp(`${pattern.source}[:=]\\s*[^\\s,}]+`, 'gi'), `${pattern.source}: ***`);
+        });
+        return sanitized;
+    }
+}
+exports.SecretRefreshManager = SecretRefreshManager;
+//# sourceMappingURL=secret-refresh-manager.js.map

package/lib/src/vault/secret-refresh-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-refresh-manager.js","sourceRoot":"","sources":["../../../src/vault/secret-refresh-manager.ts"],"names":[],"mappings":";;;AAkBA,MAAa,oBAAoB;IAU/B,YAAY,QAAuB,EAAE,KAAiB,EAAE,aAAsB;QATtE,kBAAa,GAAgC,IAAI,GAAG,EAAE,CAAC;QACvD,iBAAY,GAA+B,IAAI,GAAG,EAAE,CAAC;QACrD,kBAAa,GAAwB,IAAI,GAAG,EAAE,CAAC;QAC/C,qBAAgB,GAAwB,IAAI,GAAG,EAAE,CAAC;QAClD,oBAAe,GAAiC,IAAI,GAAG,EAAE,CAAC;QAMhE,IAAI,CAAC,aAAa,GAAG,QAAQ,CAAC;QAC9B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QAEnB,IAAI,CAAC,aAAa,GAAG,aAAa,IAAI,GAAG,CAAC;IAC5C,CAAC;IAKD,eAAe,CAAC,YAAoB,EAAE,QAA+B,EAAE,cAAuB;QAC5F,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,CAAC,KAAK,EAAE;YACV,OAAO;SACR;QAGD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,EAAE;YACrC,QAAQ;YACR,cAAc;YACd,QAAQ,EAAE,KAAK,CAAC,SAAS;SAC1B,CAAC,CAAC;QAGH,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;QAGjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC;QAE5D,IAAI,gBAAgB,IAAI,CAAC,EAAE;YAEzB,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YAClC,OAAO;SACR;QAGD,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QACpC,CAAC,EAAE,gBAAgB,CAAC,CAAC;QAErB,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IAC9C,CAAC;IAKD,aAAa,CAAC,YAAoB;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,KAAK,EAAE;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;SACzC;IACH,CAAC;IAKO,KAAK,CAAC,cAAc,CAAC,YAAoB;QAE/C,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACzD,IAAI,YAAY,EAAE;YAChB,MAAM,YAAY,CAAC;YACnB,OAAO;SACR;QAGD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC;aACrD,OAAO,CAAC,GAAG,EAAE;YACZ,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACvC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEL,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QACpD,MAAM,cAAc,CAAC;IACvB,CAAC;IAKO,KAAK,CAAC,cAAc,CAAC,YAAoB;QAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACvD,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,CAAC,KAAK,CAAC,0BAA2B,YAAa,EAAE,CAAC,CAAC;YAC1D,OAAO;SACR;QAED,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACvD,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACrE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QAEnD,IAAI;YAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAGvD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAGzD,IAAI,cAAc,EAAE;gBAClB,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,IAAI,QAAQ,CAAC,YAAY,CAAC;gBAClD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC9B,cAAsB,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC;aAC/C;YAGD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAGpD,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;SAC9D;QAAC,OAAO,KAAU,EAAE;YAEnB,MAAM,YAAY,GAAG,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,KAAI,eAAe,CAAC;YACvD,OAAO,CAAC,KAAK,CAAC,gCAAiC,YAAa,KAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CAAE,EAAE,CAAC,CAAC;YAGvG,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YACzE,UAAU,CAAC,GAAG,EAAE;gBACd,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;YAC/D,CAAC,EAAE,UAAU,CAAC,CAAC;SAChB;IACH,CAAC;IAKD,gBAAgB;QACd,MAAM,QAAQ,GAAqB,EAAE,CAAC;QACtC,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;QAE1D,KAAK,MAAM,YAAY,IAAI,gBAAgB,EAAE;YAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAChD,IAAI,CAAC,KAAK,EAAE;gBACV,SAAS;aACV;YAED,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC;YAClC,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,GAAG,CAAC,CAAC;YAEtD,QAAQ,CAAC,IAAI,CAAC;gBACZ,YAAY;gBACZ,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,SAAS,EAAE,KAAK,KAAK,SAAS;gBAC9B,SAAS;gBACT,gBAAgB;gBAChB,WAAW,EAAE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,QAAQ;gBACtE,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC;aACxD,CAAC,CAAC;SACJ;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAKD,2BAA2B,CAAC,YAAoB;QAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,IAAI,CAAC;SACb;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC;QAClC,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,GAAG,CAAC,CAAC;QAEtD,OAAO;YACL,YAAY;YACZ,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,KAAK,SAAS;YAC9B,SAAS;YACT,gBAAgB;YAChB,WAAW,EAAE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,QAAQ;YACtE,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC;SACxD,CAAC;IACJ,CAAC;IAKD,QAAQ;QAEN,KAAK,MAAM,CAAE,YAAY,EAAE,KAAK,CAAE,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE;YAClE,YAAY,CAAC,KAAK,CAAC,CAAC;SACrB;QAED,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QAC1B,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;IAChC,CAAC;IAKO,aAAa,CAAC,OAAe;QAEnC,MAAM,iBAAiB,GAAG,CAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAE,CAAC;QACtF,IAAI,SAAS,GAAG,OAAO,CAAC;QAExB,iBAAiB,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YACpC,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,GAAI,OAAO,CAAC,MAAO,mBAAmB,EAAE,IAAI,CAAC,EACxD,GAAI,OAAO,CAAC,MAAO,OAAO,CAC3B,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AA9ND,oDA8NC"}

package/lib/src/vault/types.d.ts

@@ -0,0 +1,149 @@
+/// <reference types="node" />
+import 'reflect-metadata';
+export type VaultEngineType = 'kv1' | 'kv-v1' | 'kv2' | 'kv-v2' | 'database' | 'aws' | 'azure' | 'gcp' | 'transit' | 'pki' | 'custom';
+export interface IVaultConfigOptions {
+    endpoint: string;
+    auth: IVaultAuthConfig;
+    tls?: IVaultTLSConfig;
+    refreshBuffer?: number;
+    fallback?: IVaultFallbackConfig;
+    retry?: IRetryPolicy;
+    circuitBreaker?: ICircuitBreakerConfig;
+}
+export type IVaultAuthConfig = IVaultAuthConfigSimple | IVaultAuthConfigMethods;
+export type IVaultAuthConfigSimple = ({
+    method: 'gcp';
+} & IGCPAuthConfig) | ({
+    method: 'aws';
+} & IAWSAuthConfig) | ({
+    method: 'approle';
+} & IAppRoleAuthConfig) | ({
+    method: 'token';
+} & ITokenAuthConfig);
+export interface IVaultAuthConfigMethods {
+    methods: IVaultAuthMethod[];
+}
+export interface IVaultAuthMethod {
+    type: 'gcp' | 'aws' | 'approle' | 'token';
+    config: IGCPAuthConfig | IAWSAuthConfig | IAppRoleAuthConfig | ITokenAuthConfig;
+}
+export interface IGCPAuthConfig {
+    type?: 'gcp';
+    role: string;
+    serviceAccountKeyFile?: string;
+    serviceAccountEmail?: string;
+    jwtExpiration?: number;
+}
+export interface IAWSAuthConfig {
+    type?: 'aws';
+    role: string;
+}
+export interface IAppRoleAuthConfig {
+    type?: 'approle';
+    roleId: string;
+    secretId: string;
+    mountPath?: string;
+}
+export interface ITokenAuthConfig {
+    type?: 'token';
+    token: string;
+}
+export interface IVaultTLSConfig {
+    enabled: boolean;
+    verifyCertificate: boolean;
+    certificateFingerprint?: string;
+    caCert?: string | Buffer;
+    minVersion?: 'TLSv1.2' | 'TLSv1.3';
+}
+export interface IVaultFallbackConfig {
+    required: boolean;
+    useCacheOnFailure: boolean;
+    maxCacheAge: number;
+    failFast: boolean;
+}
+export interface IRetryPolicy {
+    maxAttempts: number;
+    backoff: {
+        strategy: 'exponential' | 'linear' | 'fixed';
+        initial: number;
+        max: number;
+        multiplier: number;
+    };
+    retryableErrors: string[];
+}
+export interface ICircuitBreakerConfig {
+    enabled: boolean;
+    failureThreshold: number;
+    resetTimeout: number;
+    halfOpenMaxRequests: number;
+}
+export interface IVaultSecretResponse {
+    data: Record<string, any>;
+    lease_id?: string;
+    lease_duration?: number;
+    renewable?: boolean;
+    request_id?: string;
+}
+export interface IVaultSecret {
+    data: Record<string, any>;
+    leaseId?: string;
+    leaseDuration: number;
+    renewable: boolean;
+    metadata?: {
+        createdTime: string;
+        deletionTime: string;
+        destroyed: boolean;
+        version: number;
+    };
+}
+export interface VaultPropertyMetadata {
+    path: string;
+    engine: VaultEngineType;
+    key?: string;
+    refreshBuffer?: number;
+    required: boolean;
+    propertyName: string;
+    propertyType: string;
+}
+export interface VaultCacheEntry {
+    value: any;
+    secret: IVaultSecret;
+    cachedAt: number;
+    expiresAt: number;
+    refreshAt: number;
+    propertyName: string;
+    vaultPath: string;
+}
+export interface VaultHealth {
+    connected: boolean;
+    authenticated: boolean;
+    cacheSize: number;
+    refreshQueueSize: number;
+    lastRefreshTime: number;
+    errors: VaultError[];
+}
+export interface VaultError {
+    timestamp: number;
+    path: string;
+    error: string;
+    retryable: boolean;
+}
+export interface IRefreshStatus {
+    propertyName: string;
+    vaultPath: string;
+    scheduled: boolean;
+    refreshAt: number;
+    timeUntilRefresh: number;
+    lastRefresh: number;
+    refreshCount: number;
+}
+export interface IVaultHealthDetails {
+    connected: boolean;
+    authenticated: boolean;
+    cacheSize: number;
+    refreshQueueSize: number;
+    lastRefreshTime: number;
+    errors: VaultError[];
+    refreshStatus: IRefreshStatus[];
+}
+//# sourceMappingURL=types.d.ts.map

package/lib/src/vault/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/vault/types.ts"],"names":[],"mappings":";AAKA,OAAO,kBAAkB,CAAC;AAc1B,MAAM,MAAM,eAAe,GACvB,KAAK,GACL,OAAO,GACP,KAAK,GACL,OAAO,GACP,UAAU,GACV,KAAK,GACL,OAAO,GACP,KAAK,GACL,SAAS,GACT,KAAK,GACL,QAAQ,CAAC;AAKb,MAAM,WAAW,mBAAmB;IAIlC,QAAQ,EAAE,MAAM,CAAC;IAKjB,IAAI,EAAE,gBAAgB,CAAC;IAKvB,GAAG,CAAC,EAAE,eAAe,CAAC;IAKtB,aAAa,CAAC,EAAE,MAAM,CAAC;IAKvB,QAAQ,CAAC,EAAE,oBAAoB,CAAC;IAKhC,KAAK,CAAC,EAAE,YAAY,CAAC;IAKrB,cAAc,CAAC,EAAE,qBAAqB,CAAC;CACxC;AAMD,MAAM,MAAM,gBAAgB,GAAG,sBAAsB,GAAG,uBAAuB,CAAC;AAKhF,MAAM,MAAM,sBAAsB,GAC9B,CAAC;IAAE,MAAM,EAAE,KAAK,CAAA;CAAE,GAAG,cAAc,CAAC,GACpC,CAAC;IAAE,MAAM,EAAE,KAAK,CAAA;CAAE,GAAG,cAAc,CAAC,GACpC,CAAC;IAAE,MAAM,EAAE,SAAS,CAAA;CAAE,GAAG,kBAAkB,CAAC,GAC5C,CAAC;IAAE,MAAM,EAAE,OAAO,CAAA;CAAE,GAAG,gBAAgB,CAAC,CAAC;AAK7C,MAAM,WAAW,uBAAuB;IAKtC,OAAO,EAAE,gBAAgB,EAAE,CAAC;CAC7B;AAKD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,KAAK,GAAG,KAAK,GAAG,SAAS,GAAG,OAAO,CAAC;IAC1C,MAAM,EAAE,cAAc,GAAG,cAAc,GAAG,kBAAkB,GAAG,gBAAgB,CAAC;CACjF;AAKD,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,EAAE,KAAK,CAAC;IAEb,IAAI,EAAE,MAAM,CAAC;IAEb,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAKD,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,EAAE,KAAK,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CAEd;AAKD,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,MAAM,EAAE,MAAM,CAAC;IAEf,QAAQ,EAAE,MAAM,CAAC;IAEjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAKD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,CAAC,EAAE,OAAO,CAAC;IAEf,KAAK,EAAE,MAAM,CAAC;CACf;AAKD,MAAM,WAAW,eAAe;IAI9B,OAAO,EAAE,OAAO,CAAC;IAKjB,iBAAiB,EAAE,OAAO,CAAC;IAK3B,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAKhC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAKzB,UAAU,CAAC,EAAE,SAAS,GAAG,SAAS,CAAC;CACpC;AAKD,MAAM,WAAW,oBAAoB;IAKnC,QAAQ,EAAE,OAAO,CAAC;IAKlB,iBAAiB,EAAE,OAAO,CAAC;IAK3B,WAAW,EAAE,MAAM,CAAC;IAKpB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAKD,MAAM,WAAW,YAAY;IAE3B,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE;QACP,QAAQ,EAAE,aAAa,GAAG,QAAQ,GAAG,OAAO,CAAC;QAE7C,OAAO,EAAE,MAAM,CAAC;QAEhB,GAAG,EAAE,MAAM,CAAC;QAEZ,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IAEF,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAKD,MAAM,WAAW,qBAAqB;IAEpC,OAAO,EAAE,OAAO,CAAC;IAEjB,gBAAgB,EAAE,MAAM,CAAC;IAEzB,YAAY,EAAE,MAAM,CAAC;IAErB,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAKD,MAAM,WAAW,oBAAoB;IAInC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAK1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAKlB,cAAc,CAAC,EAAE,MAAM,CAAC;IAKxB,SAAS,CAAC,EAAE,OAAO,CAAC;IAKpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAKD,MAAM,WAAW,YAAY;IAI3B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAK1B,OAAO,CAAC,EAAE,MAAM,CAAC;IAKjB,aAAa,EAAE,MAAM,CAAC;IAKtB,SAAS,EAAE,OAAO,CAAC;IAKnB,QAAQ,CAAC,EAAE;QACT,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,OAAO,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAKD,MAAM,WAAW,qBAAqB;IAIpC,IAAI,EAAE,MAAM,CAAC;IAKb,MAAM,EAAE,eAAe,CAAC;IAKxB,GAAG,CAAC,EAAE,MAAM,CAAC;IAKb,aAAa,CAAC,EAAE,MAAM,CAAC;IAKvB,QAAQ,EAAE,OAAO,CAAC;IAKlB,YAAY,EAAE,MAAM,CAAC;IAKrB,YAAY,EAAE,MAAM,CAAC;CACtB;AAKD,MAAM,WAAW,eAAe;IAI9B,KAAK,EAAE,GAAG,CAAC;IAKX,MAAM,EAAE,YAAY,CAAC;IAKrB,QAAQ,EAAE,MAAM,CAAC;IAKjB,SAAS,EAAE,MAAM,CAAC;IAKlB,SAAS,EAAE,MAAM,CAAC;IAKlB,YAAY,EAAE,MAAM,CAAC;IAKrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAKD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,OAAO,CAAC;IACnB,aAAa,EAAE,OAAO,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,eAAe,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,UAAU,EAAE,CAAC;CACtB;AAKD,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,OAAO,CAAC;CACpB;AAKD,MAAM,WAAW,cAAc;IAI7B,YAAY,EAAE,MAAM,CAAC;IAKrB,SAAS,EAAE,MAAM,CAAC;IAKlB,SAAS,EAAE,OAAO,CAAC;IAKnB,SAAS,EAAE,MAAM,CAAC;IAKlB,gBAAgB,EAAE,MAAM,CAAC;IAKzB,WAAW,EAAE,MAAM,CAAC;IAKpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAKD,MAAM,WAAW,mBAAmB;IAIlC,SAAS,EAAE,OAAO,CAAC;IAKnB,aAAa,EAAE,OAAO,CAAC;IAKvB,SAAS,EAAE,MAAM,CAAC;IAKlB,gBAAgB,EAAE,MAAM,CAAC;IAKzB,eAAe,EAAE,MAAM,CAAC;IAKxB,MAAM,EAAE,UAAU,EAAE,CAAC;IAKrB,aAAa,EAAE,cAAc,EAAE,CAAC;CACjC"}

package/lib/src/vault/types.js

@@ -0,0 +1,4 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+require("reflect-metadata");
+//# sourceMappingURL=types.js.map

package/lib/src/vault/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/vault/types.ts"],"names":[],"mappings":";;AAKA,4BAA0B"}

package/lib/src/vault/vault-cache.d.ts

@@ -0,0 +1,20 @@
+import { IVaultSecret, VaultCacheEntry, VaultPropertyMetadata } from './types';
+export declare class VaultCache {
+    private cache;
+    private propertyToPath;
+    private pathToProperties;
+    get(propertyName: string): any | null;
+    set(propertyName: string, vaultPath: string, secret: IVaultSecret, metadata: VaultPropertyMetadata): void;
+    private extractValue;
+    invalidate(vaultPath: string): void;
+    invalidateProperty(propertyName: string): void;
+    getEntry(propertyName: string): VaultCacheEntry | undefined;
+    getPropertiesForPath(vaultPath: string): string[];
+    getPathForProperty(propertyName: string): string | undefined;
+    has(propertyName: string): boolean;
+    getEntriesNeedingRefresh(): VaultCacheEntry[];
+    clear(): void;
+    size(): number;
+    getCachedProperties(): string[];
+}
+//# sourceMappingURL=vault-cache.d.ts.map

package/lib/src/vault/vault-cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault-cache.d.ts","sourceRoot":"","sources":["../../../src/vault/vault-cache.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAK/E,qBAAa,UAAU;IACrB,OAAO,CAAC,KAAK,CAA2C;IACxD,OAAO,CAAC,cAAc,CAAkC;IACxD,OAAO,CAAC,gBAAgB,CAAuC;IAO/D,GAAG,CAAC,YAAY,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI;IAkBrC,GAAG,CACD,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,qBAAqB,GAC9B,IAAI;IAoDP,OAAO,CAAC,YAAY;IA6BpB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAmBnC,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAc9C,QAAQ,CAAC,YAAY,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;IAO3D,oBAAoB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE;IAQjD,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAO5D,GAAG,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAkBlC,wBAAwB,IAAI,eAAe,EAAE;IAgB7C,KAAK,IAAI,IAAI;IAcb,IAAI,IAAI,MAAM;IAOd,mBAAmB,IAAI,MAAM,EAAE;CAGhC"}

package/lib/src/vault/vault-cache.js

@@ -0,0 +1,139 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VaultCache = void 0;
+const nconf_1 = __importDefault(require("nconf"));
+class VaultCache {
+    constructor() {
+        this.cache = new Map();
+        this.propertyToPath = new Map();
+        this.pathToProperties = new Map();
+    }
+    get(propertyName) {
+        const entry = this.cache.get(propertyName);
+        if (!entry) {
+            return null;
+        }
+        if (Date.now() > entry.expiresAt) {
+            this.cache.delete(propertyName);
+            return null;
+        }
+        return entry.value;
+    }
+    set(propertyName, vaultPath, secret, metadata) {
+        var _a;
+        const value = this.extractValue(secret, metadata);
+        const now = Date.now();
+        const leaseDurationMs = secret.leaseDuration * 1000;
+        const expiresAt = secret.leaseDuration > 0 ? now + leaseDurationMs : now + 3600000;
+        const defaultBufferMs = Math.min(leaseDurationMs * 0.1, 300000);
+        const refreshBufferMs = metadata.refreshBuffer ? metadata.refreshBuffer * 1000 : defaultBufferMs;
+        const refreshAt = secret.leaseDuration > 0 ? expiresAt - refreshBufferMs : expiresAt;
+        const entry = {
+            value,
+            secret,
+            cachedAt: now,
+            expiresAt,
+            refreshAt,
+            propertyName,
+            vaultPath
+        };
+        this.cache.set(propertyName, entry);
+        this.propertyToPath.set(propertyName, vaultPath);
+        const properties = this.pathToProperties.get(vaultPath) || new Set();
+        properties.add(propertyName);
+        this.pathToProperties.set(vaultPath, properties);
+        const overridesStore = (_a = nconf_1.default.stores) === null || _a === void 0 ? void 0 : _a.overrides;
+        const existingOverrides = (overridesStore === null || overridesStore === void 0 ? void 0 : overridesStore.store) || {};
+        nconf_1.default.overrides(Object.assign(Object.assign({}, existingOverrides), { [propertyName]: value }));
+    }
+    extractValue(secret, metadata) {
+        var _a;
+        const { engine, key } = metadata;
+        switch (engine) {
+            case 'kv-v1':
+                return key ? secret.data[key] : secret.data;
+            case 'kv-v2':
+                const kv2Data = ((_a = secret.data) === null || _a === void 0 ? void 0 : _a.data) || secret.data;
+                return key ? kv2Data[key] : kv2Data;
+            case 'database':
+            case 'aws':
+            case 'azure':
+            case 'gcp':
+                return key ? secret.data[key] : secret.data;
+            default:
+                return key ? secret.data[key] : secret.data;
+        }
+    }
+    invalidate(vaultPath) {
+        const properties = this.pathToProperties.get(vaultPath);
+        if (!properties) {
+            return;
+        }
+        for (const propertyName of properties) {
+            this.cache.delete(propertyName);
+            this.propertyToPath.delete(propertyName);
+            nconf_1.default.remove(propertyName);
+        }
+        this.pathToProperties.delete(vaultPath);
+    }
+    invalidateProperty(propertyName) {
+        const vaultPath = this.propertyToPath.get(propertyName);
+        if (vaultPath) {
+            this.invalidate(vaultPath);
+        }
+        else {
+            this.cache.delete(propertyName);
+            nconf_1.default.remove(propertyName);
+        }
+    }
+    getEntry(propertyName) {
+        return this.cache.get(propertyName);
+    }
+    getPropertiesForPath(vaultPath) {
+        const properties = this.pathToProperties.get(vaultPath);
+        return properties ? Array.from(properties) : [];
+    }
+    getPathForProperty(propertyName) {
+        return this.propertyToPath.get(propertyName);
+    }
+    has(propertyName) {
+        const entry = this.cache.get(propertyName);
+        if (!entry) {
+            return false;
+        }
+        if (Date.now() > entry.expiresAt) {
+            this.cache.delete(propertyName);
+            return false;
+        }
+        return true;
+    }
+    getEntriesNeedingRefresh() {
+        const now = Date.now();
+        const entries = [];
+        for (const entry of this.cache.values()) {
+            if (entry.refreshAt <= now && entry.expiresAt > now) {
+                entries.push(entry);
+            }
+        }
+        return entries;
+    }
+    clear() {
+        for (const propertyName of this.cache.keys()) {
+            nconf_1.default.remove(propertyName);
+        }
+        this.cache.clear();
+        this.propertyToPath.clear();
+        this.pathToProperties.clear();
+    }
+    size() {
+        return this.cache.size;
+    }
+    getCachedProperties() {
+        return Array.from(this.cache.keys());
+    }
+}
+exports.VaultCache = VaultCache;
+//# sourceMappingURL=vault-cache.js.map

package/lib/src/vault/vault-cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault-cache.js","sourceRoot":"","sources":["../../../src/vault/vault-cache.ts"],"names":[],"mappings":";;;;;;AAKA,kDAA0B;AAO1B,MAAa,UAAU;IAAvB;QACU,UAAK,GAAiC,IAAI,GAAG,EAAE,CAAC;QAChD,mBAAc,GAAwB,IAAI,GAAG,EAAE,CAAC;QAChD,qBAAgB,GAA6B,IAAI,GAAG,EAAE,CAAC;IAgOjE,CAAC;IAzNC,GAAG,CAAC,YAAoB;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,IAAI,CAAC;SACb;QAGD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE;YAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;SACb;QAED,OAAO,KAAK,CAAC,KAAK,CAAC;IACrB,CAAC;IAKD,GAAG,CACD,YAAoB,EACpB,SAAiB,EACjB,MAAoB,EACpB,QAA+B;;QAG/B,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAGlD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,eAAe,GAAG,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC;QAEpD,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,eAAe,CAAC,CAAC,CAAC,GAAG,GAAG,OAAO,CAAC;QAKnF,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,eAAe,GAAG,GAAG,EAAE,MAAM,CAAC,CAAC;QAChE,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACjG,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;QAErF,MAAM,KAAK,GAAoB;YAC7B,KAAK;YACL,MAAM;YACN,QAAQ,EAAE,GAAG;YACb,SAAS;YACT,SAAS;YACT,YAAY;YACZ,SAAS;SACV,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAGpC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAEjD,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,IAAI,GAAG,EAAE,CAAC;QACrE,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC7B,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QAKjD,MAAM,cAAc,GAAG,MAAC,eAAa,CAAC,MAAM,0CAAE,SAAS,CAAC;QACxD,MAAM,iBAAiB,GAAG,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,KAAK,KAAI,EAAE,CAAC;QAGtD,eAAK,CAAC,SAAS,iCACV,iBAAiB,KACpB,CAAC,YAAY,CAAC,EAAE,KAAK,IACrB,CAAC;IACL,CAAC;IAKO,YAAY,CAAC,MAAoB,EAAE,QAA+B;;QACxE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC;QAEjC,QAAQ,MAAM,EAAE;YACd,KAAK,OAAO;gBAEV,OAAO,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;YAE9C,KAAK,OAAO;gBAEV,MAAM,OAAO,GAAG,CAAA,MAAA,MAAM,CAAC,IAAI,0CAAE,IAAI,KAAI,MAAM,CAAC,IAAI,CAAC;gBACjD,OAAO,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;YAEtC,KAAK,UAAU,CAAC;YAChB,KAAK,KAAK,CAAC;YACX,KAAK,OAAO,CAAC;YACb,KAAK,KAAK;gBAER,OAAO,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;YAE9C;gBAEE,OAAO,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;SAC/C;IACH,CAAC;IAKD,UAAU,CAAC,SAAiB;QAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACxD,IAAI,CAAC,UAAU,EAAE;YACf,OAAO;SACR;QAED,KAAK,MAAM,YAAY,IAAI,UAAU,EAAE;YACrC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAChC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAEzC,eAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;SAC5B;QAED,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC;IAKD,kBAAkB,CAAC,YAAoB;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACxD,IAAI,SAAS,EAAE;YACb,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;SAC5B;aAAM;YAEL,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAChC,eAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;SAC5B;IACH,CAAC;IAKD,QAAQ,CAAC,YAAoB;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACtC,CAAC;IAKD,oBAAoB,CAAC,SAAiB;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACxD,OAAO,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAClD,CAAC;IAKD,kBAAkB,CAAC,YAAoB;QACrC,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC/C,CAAC;IAKD,GAAG,CAAC,YAAoB;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,KAAK,CAAC;SACd;QAGD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE;YAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAChC,OAAO,KAAK,CAAC;SACd;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,wBAAwB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAsB,EAAE,CAAC;QAEtC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE;YACvC,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE;gBACnD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACrB;SACF;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAKD,KAAK;QAEH,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE;YAC5C,eAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;SAC5B;QAED,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACnB,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;QAC5B,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;IAChC,CAAC;IAKD,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACzB,CAAC;IAKD,mBAAmB;QACjB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACvC,CAAC;CACF;AAnOD,gCAmOC"}

package/lib/src/vault/vault-integration.d.ts

@@ -0,0 +1,27 @@
+import { IVaultConfigOptions, IVaultHealthDetails, VaultHealth } from './types';
+export declare class VaultIntegration {
+    private provider;
+    private cache;
+    private refreshManager;
+    private initialized;
+    private config;
+    private errors;
+    constructor(config: IVaultConfigOptions);
+    initialize(): Promise<void>;
+    loadSecrets<T extends object>(configOrClass: T | (new () => T)): Promise<void>;
+    getSecret(propertyName: string): any | null;
+    isInitialized(): boolean;
+    getHealth(): VaultHealth;
+    getHealthDetails(): IVaultHealthDetails;
+    invalidateCache(vaultPath: string): void;
+    invalidateProperty(propertyName: string): void;
+    shutdown(): void;
+    private groupByPath;
+    private groupByFullPath;
+    private constructFullPath;
+    private recordError;
+    private isRetryableError;
+    private sanitizeError;
+    private sanitizePath;
+}
+//# sourceMappingURL=vault-integration.d.ts.map

package/lib/src/vault/vault-integration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault-integration.d.ts","sourceRoot":"","sources":["../../../src/vault/vault-integration.ts"],"names":[],"mappings":"AAOA,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,WAAW,EAEZ,MAAM,SAAS,CAAC;AAOjB,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAgB;IAChC,OAAO,CAAC,KAAK,CAAa;IAC1B,OAAO,CAAC,cAAc,CAAuB;IAC7C,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,MAAM,CAAqF;gBAEvF,MAAM,EAAE,mBAAmB;IAYjC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAmB3B,WAAW,CAAC,CAAC,SAAS,MAAM,EAAE,aAAa,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAsEpF,SAAS,CAAC,YAAY,EAAE,MAAM,GAAG,GAAG,GAAG,IAAI;IAO3C,aAAa,IAAI,OAAO;IAOxB,SAAS,IAAI,WAAW;IAmBxB,gBAAgB,IAAI,mBAAmB;IAmBvC,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAYxC,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAQ9C,QAAQ,IAAI,IAAI;IAShB,OAAO,CAAC,WAAW;IAiBnB,OAAO,CAAC,eAAe;IAiBvB,OAAO,CAAC,iBAAiB;IAkBzB,OAAO,CAAC,WAAW;IAiBnB,OAAO,CAAC,gBAAgB;IAyBxB,OAAO,CAAC,aAAa;IAiBrB,OAAO,CAAC,YAAY;CAWrB"}