@kitsy/cnos 1.10.0 → 1.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build/index.cjs +331 -63
- package/dist/build/index.d.cts +1 -1
- package/dist/build/index.d.ts +1 -1
- package/dist/build/index.js +13 -15
- package/dist/{chunk-A5U7EZCJ.js → chunk-2DMCB3PK.js} +1 -1
- package/dist/{chunk-RTHKUGJV.js → chunk-5JGNRADB.js} +1 -1
- package/dist/{chunk-3EZGPQCE.js → chunk-DPC2BV3S.js} +1 -1
- package/dist/{chunk-FHXLOWAB.js → chunk-KJ57PF47.js} +1 -1
- package/dist/{chunk-CSA4L64V.js → chunk-NFGPS7VJ.js} +10 -10
- package/dist/{chunk-ESBHCFC6.js → chunk-NU25VFA2.js} +1 -1
- package/dist/{chunk-UGLATJJD.js → chunk-RNTTPI5S.js} +1 -1
- package/dist/{chunk-UKNL2Y4N.js → chunk-T3E57MSQ.js} +1 -1
- package/dist/{chunk-MQ4WG3K6.js → chunk-WPB4HB2K.js} +320 -49
- package/dist/{chunk-EIK7OUFP.js → chunk-XGK6DXQL.js} +157 -37
- package/dist/configure/index.cjs +329 -59
- package/dist/configure/index.d.cts +3 -3
- package/dist/configure/index.d.ts +3 -3
- package/dist/configure/index.js +8 -8
- package/dist/{core-Ud1o2MBn.d.cts → core-BW8SLnRx.d.cts} +34 -2
- package/dist/{core-Ud1o2MBn.d.ts → core-BW8SLnRx.d.ts} +34 -2
- package/dist/{envNaming-DxxqiGKN.d.cts → envNaming-1rk7BR0e.d.cts} +1 -1
- package/dist/{envNaming-CPwXl4I6.d.ts → envNaming-CjL28IeH.d.ts} +1 -1
- package/dist/index.cjs +480 -91
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +10 -10
- package/dist/internal.cjs +89 -23
- package/dist/internal.d.cts +3 -3
- package/dist/internal.d.ts +3 -3
- package/dist/internal.js +2 -2
- package/dist/plugin/basic-schema.cjs +4 -1
- package/dist/plugin/basic-schema.d.cts +1 -1
- package/dist/plugin/basic-schema.d.ts +1 -1
- package/dist/plugin/basic-schema.js +2 -2
- package/dist/plugin/cli-args.cjs +4 -1
- package/dist/plugin/cli-args.d.cts +1 -1
- package/dist/plugin/cli-args.d.ts +1 -1
- package/dist/plugin/cli-args.js +2 -2
- package/dist/plugin/dotenv.cjs +6 -3
- package/dist/plugin/dotenv.d.cts +2 -2
- package/dist/plugin/dotenv.d.ts +2 -2
- package/dist/plugin/dotenv.js +2 -2
- package/dist/plugin/env-export.cjs +5 -2
- package/dist/plugin/env-export.d.cts +2 -2
- package/dist/plugin/env-export.d.ts +2 -2
- package/dist/plugin/env-export.js +2 -2
- package/dist/plugin/filesystem.cjs +13 -10
- package/dist/plugin/filesystem.d.cts +1 -1
- package/dist/plugin/filesystem.d.ts +1 -1
- package/dist/plugin/filesystem.js +2 -2
- package/dist/plugin/process-env.cjs +4 -1
- package/dist/plugin/process-env.d.cts +2 -2
- package/dist/plugin/process-env.d.ts +2 -2
- package/dist/plugin/process-env.js +2 -2
- package/dist/runtime/index.cjs +480 -91
- package/dist/runtime/index.d.cts +13 -6
- package/dist/runtime/index.d.ts +13 -6
- package/dist/runtime/index.js +10 -10
- package/dist/{toPublicEnv-fUZMRUOz.d.cts → toPublicEnv-CZzpvhGg.d.cts} +1 -1
- package/dist/{toPublicEnv-C9wPSpRo.d.ts → toPublicEnv-CmydGcxg.d.ts} +1 -1
- package/package.json +1 -1
package/dist/configure/index.js
CHANGED
|
@@ -1,19 +1,19 @@
|
|
|
1
1
|
import {
|
|
2
2
|
createCnos,
|
|
3
3
|
defaultPlugins
|
|
4
|
-
} from "../chunk-
|
|
5
|
-
import "../chunk-
|
|
6
|
-
import "../chunk-
|
|
7
|
-
import "../chunk-
|
|
8
|
-
import "../chunk-
|
|
9
|
-
import "../chunk-
|
|
10
|
-
import "../chunk-
|
|
4
|
+
} from "../chunk-NFGPS7VJ.js";
|
|
5
|
+
import "../chunk-5JGNRADB.js";
|
|
6
|
+
import "../chunk-NU25VFA2.js";
|
|
7
|
+
import "../chunk-RNTTPI5S.js";
|
|
8
|
+
import "../chunk-2DMCB3PK.js";
|
|
9
|
+
import "../chunk-KJ57PF47.js";
|
|
10
|
+
import "../chunk-DPC2BV3S.js";
|
|
11
11
|
import {
|
|
12
12
|
planDump,
|
|
13
13
|
toEnv,
|
|
14
14
|
toPublicEnv,
|
|
15
15
|
writeDump
|
|
16
|
-
} from "../chunk-
|
|
16
|
+
} from "../chunk-WPB4HB2K.js";
|
|
17
17
|
export {
|
|
18
18
|
createCnos,
|
|
19
19
|
defaultPlugins,
|
|
@@ -87,6 +87,11 @@ interface VaultAuthDefinition {
|
|
|
87
87
|
token?: VaultAuthSourceConfig;
|
|
88
88
|
config?: Record<string, unknown>;
|
|
89
89
|
}
|
|
90
|
+
interface VaultFallbackDefinition {
|
|
91
|
+
provider: VaultProviderName;
|
|
92
|
+
auth?: VaultAuthDefinition;
|
|
93
|
+
mapping?: Record<string, string>;
|
|
94
|
+
}
|
|
90
95
|
interface NamespaceDefinition {
|
|
91
96
|
kind: NamespaceKind;
|
|
92
97
|
shareable: boolean;
|
|
@@ -98,6 +103,7 @@ interface VaultDefinition {
|
|
|
98
103
|
provider: VaultProviderName;
|
|
99
104
|
auth?: VaultAuthDefinition;
|
|
100
105
|
mapping?: Record<string, string>;
|
|
106
|
+
fallback?: VaultFallbackDefinition[];
|
|
101
107
|
}
|
|
102
108
|
interface ManifestFile {
|
|
103
109
|
version?: number;
|
|
@@ -280,10 +286,28 @@ interface ExporterPlugin extends CnosPlugin {
|
|
|
280
286
|
}
|
|
281
287
|
|
|
282
288
|
interface SecretReference {
|
|
283
|
-
provider
|
|
289
|
+
provider?: string;
|
|
284
290
|
ref: string;
|
|
285
291
|
vault?: string;
|
|
286
292
|
}
|
|
293
|
+
/** Auth metadata safe to serialize into server projections. */
|
|
294
|
+
interface ProjectedVaultAuthDefinition {
|
|
295
|
+
method?: VaultAuthConfig['method'];
|
|
296
|
+
passphrase?: {
|
|
297
|
+
from: string[];
|
|
298
|
+
};
|
|
299
|
+
token?: {
|
|
300
|
+
from: string[];
|
|
301
|
+
};
|
|
302
|
+
config?: Record<string, unknown>;
|
|
303
|
+
}
|
|
304
|
+
/** Vault metadata required by runtimes to hydrate projected secret refs. */
|
|
305
|
+
interface ProjectedVaultDefinition {
|
|
306
|
+
provider: string;
|
|
307
|
+
auth?: ProjectedVaultAuthDefinition;
|
|
308
|
+
mapping?: Record<string, string>;
|
|
309
|
+
fallback?: ProjectedVaultDefinition[];
|
|
310
|
+
}
|
|
287
311
|
interface VaultAuthConfig {
|
|
288
312
|
passphrase?: string;
|
|
289
313
|
token?: string;
|
|
@@ -302,6 +326,11 @@ interface SecretVaultProvider {
|
|
|
302
326
|
delete(ref: string): Promise<void>;
|
|
303
327
|
list(): Promise<string[]>;
|
|
304
328
|
}
|
|
329
|
+
/** Factory used by runtimes and provider packages to construct vault clients. */
|
|
330
|
+
interface SecretVaultProviderFactory {
|
|
331
|
+
readonly provider: string;
|
|
332
|
+
create(vaultId: string, definition: VaultDefinition, processEnv?: Record<string, string | undefined>): SecretVaultProvider;
|
|
333
|
+
}
|
|
305
334
|
|
|
306
335
|
type LogicalKey = string;
|
|
307
336
|
type NamespaceName = string;
|
|
@@ -413,6 +442,8 @@ interface CnosCreateOptions {
|
|
|
413
442
|
plugins?: CnosPlugin[];
|
|
414
443
|
cliArgs?: string[];
|
|
415
444
|
processEnv?: Record<string, string | undefined>;
|
|
445
|
+
/** Additional secret vault provider factories, usually supplied by provider packages. */
|
|
446
|
+
secretVaultProviders?: SecretVaultProviderFactory[];
|
|
416
447
|
}
|
|
417
448
|
interface ToEnvOptions {
|
|
418
449
|
includeSecrets?: boolean;
|
|
@@ -477,6 +508,7 @@ interface ServerProjection {
|
|
|
477
508
|
secretRefs: Record<string, SecretReference & {
|
|
478
509
|
envVar?: string;
|
|
479
510
|
}>;
|
|
511
|
+
vaults?: Record<string, ProjectedVaultDefinition>;
|
|
480
512
|
publicKeys: string[];
|
|
481
513
|
runtimeNamespaces: string[];
|
|
482
514
|
meta: {
|
|
@@ -487,4 +519,4 @@ interface ServerProjection {
|
|
|
487
519
|
};
|
|
488
520
|
}
|
|
489
521
|
|
|
490
|
-
export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ParsedDerivation as P, ResolvedGraph as R, ServerProjection as S, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, DerivedFormula as i, DerivedValue as j, ExprNode as k, RuntimeProvider as l, NamespaceName as m, LoadManifestOptions as n, LoadedManifest as o, NamespaceDefinition as p, VaultDefinition as q, VaultAuthConfig as r,
|
|
522
|
+
export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ParsedDerivation as P, ResolvedGraph as R, ServerProjection as S, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, DerivedFormula as i, DerivedValue as j, ExprNode as k, RuntimeProvider as l, NamespaceName as m, LoadManifestOptions as n, LoadedManifest as o, NamespaceDefinition as p, VaultDefinition as q, VaultAuthConfig as r, SecretVaultProviderFactory as s, SecretVaultProvider as t, ResolvedRoot as u, RootResolution as v, SecretReference as w, ValidationSummary as x, ValidationIssue as y, WorkspaceFile as z };
|
|
@@ -87,6 +87,11 @@ interface VaultAuthDefinition {
|
|
|
87
87
|
token?: VaultAuthSourceConfig;
|
|
88
88
|
config?: Record<string, unknown>;
|
|
89
89
|
}
|
|
90
|
+
interface VaultFallbackDefinition {
|
|
91
|
+
provider: VaultProviderName;
|
|
92
|
+
auth?: VaultAuthDefinition;
|
|
93
|
+
mapping?: Record<string, string>;
|
|
94
|
+
}
|
|
90
95
|
interface NamespaceDefinition {
|
|
91
96
|
kind: NamespaceKind;
|
|
92
97
|
shareable: boolean;
|
|
@@ -98,6 +103,7 @@ interface VaultDefinition {
|
|
|
98
103
|
provider: VaultProviderName;
|
|
99
104
|
auth?: VaultAuthDefinition;
|
|
100
105
|
mapping?: Record<string, string>;
|
|
106
|
+
fallback?: VaultFallbackDefinition[];
|
|
101
107
|
}
|
|
102
108
|
interface ManifestFile {
|
|
103
109
|
version?: number;
|
|
@@ -280,10 +286,28 @@ interface ExporterPlugin extends CnosPlugin {
|
|
|
280
286
|
}
|
|
281
287
|
|
|
282
288
|
interface SecretReference {
|
|
283
|
-
provider
|
|
289
|
+
provider?: string;
|
|
284
290
|
ref: string;
|
|
285
291
|
vault?: string;
|
|
286
292
|
}
|
|
293
|
+
/** Auth metadata safe to serialize into server projections. */
|
|
294
|
+
interface ProjectedVaultAuthDefinition {
|
|
295
|
+
method?: VaultAuthConfig['method'];
|
|
296
|
+
passphrase?: {
|
|
297
|
+
from: string[];
|
|
298
|
+
};
|
|
299
|
+
token?: {
|
|
300
|
+
from: string[];
|
|
301
|
+
};
|
|
302
|
+
config?: Record<string, unknown>;
|
|
303
|
+
}
|
|
304
|
+
/** Vault metadata required by runtimes to hydrate projected secret refs. */
|
|
305
|
+
interface ProjectedVaultDefinition {
|
|
306
|
+
provider: string;
|
|
307
|
+
auth?: ProjectedVaultAuthDefinition;
|
|
308
|
+
mapping?: Record<string, string>;
|
|
309
|
+
fallback?: ProjectedVaultDefinition[];
|
|
310
|
+
}
|
|
287
311
|
interface VaultAuthConfig {
|
|
288
312
|
passphrase?: string;
|
|
289
313
|
token?: string;
|
|
@@ -302,6 +326,11 @@ interface SecretVaultProvider {
|
|
|
302
326
|
delete(ref: string): Promise<void>;
|
|
303
327
|
list(): Promise<string[]>;
|
|
304
328
|
}
|
|
329
|
+
/** Factory used by runtimes and provider packages to construct vault clients. */
|
|
330
|
+
interface SecretVaultProviderFactory {
|
|
331
|
+
readonly provider: string;
|
|
332
|
+
create(vaultId: string, definition: VaultDefinition, processEnv?: Record<string, string | undefined>): SecretVaultProvider;
|
|
333
|
+
}
|
|
305
334
|
|
|
306
335
|
type LogicalKey = string;
|
|
307
336
|
type NamespaceName = string;
|
|
@@ -413,6 +442,8 @@ interface CnosCreateOptions {
|
|
|
413
442
|
plugins?: CnosPlugin[];
|
|
414
443
|
cliArgs?: string[];
|
|
415
444
|
processEnv?: Record<string, string | undefined>;
|
|
445
|
+
/** Additional secret vault provider factories, usually supplied by provider packages. */
|
|
446
|
+
secretVaultProviders?: SecretVaultProviderFactory[];
|
|
416
447
|
}
|
|
417
448
|
interface ToEnvOptions {
|
|
418
449
|
includeSecrets?: boolean;
|
|
@@ -477,6 +508,7 @@ interface ServerProjection {
|
|
|
477
508
|
secretRefs: Record<string, SecretReference & {
|
|
478
509
|
envVar?: string;
|
|
479
510
|
}>;
|
|
511
|
+
vaults?: Record<string, ProjectedVaultDefinition>;
|
|
480
512
|
publicKeys: string[];
|
|
481
513
|
runtimeNamespaces: string[];
|
|
482
514
|
meta: {
|
|
@@ -487,4 +519,4 @@ interface ServerProjection {
|
|
|
487
519
|
};
|
|
488
520
|
}
|
|
489
521
|
|
|
490
|
-
export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ParsedDerivation as P, ResolvedGraph as R, ServerProjection as S, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, DerivedFormula as i, DerivedValue as j, ExprNode as k, RuntimeProvider as l, NamespaceName as m, LoadManifestOptions as n, LoadedManifest as o, NamespaceDefinition as p, VaultDefinition as q, VaultAuthConfig as r,
|
|
522
|
+
export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ParsedDerivation as P, ResolvedGraph as R, ServerProjection as S, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, DerivedFormula as i, DerivedValue as j, ExprNode as k, RuntimeProvider as l, NamespaceName as m, LoadManifestOptions as n, LoadedManifest as o, NamespaceDefinition as p, VaultDefinition as q, VaultAuthConfig as r, SecretVaultProviderFactory as s, SecretVaultProvider as t, ResolvedRoot as u, RootResolution as v, SecretReference as w, ValidationSummary as x, ValidationIssue as y, WorkspaceFile as z };
|