@kitsy/cnos 1.9.2 → 1.11.0

package/dist/{chunk-7KVM5PUW.js → chunk-WPB4HB2K.js}

@@ -1355,6 +1355,134 @@ function resolveRemoteRootCachePaths(uri, processEnv = process.env) {
 import { readFile as readFile3 } from "fs/promises";
 import path6 from "path";
 
+// ../core/src/spec/normalizeSpecRule.ts
+var ALLOWED_TYPES = /* @__PURE__ */ new Set(["string", "number", "boolean", "object", "array"]);
+var SECRET_FORBIDDEN_FIELDS = ["default", "examples", "enum"];
+function hasOwn(target, key) {
+  return Object.prototype.hasOwnProperty.call(target, key);
+}
+function normalizeOptionalString(value, fieldName, logicalKey) {
+  if (value === void 0) {
+    return void 0;
+  }
+  if (typeof value !== "string") {
+    throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: "${fieldName}" must be a string.`);
+  }
+  const nextValue = value.trim();
+  return nextValue.length > 0 ? nextValue : void 0;
+}
+function normalizeStringArray(value, fieldName, logicalKey) {
+  if (value === void 0) {
+    return void 0;
+  }
+  if (!Array.isArray(value)) {
+    throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: "${fieldName}" must be an array.`);
+  }
+  const nextValue = value.map((entry) => {
+    if (typeof entry !== "string") {
+      throw new CnosManifestError(
+        `Invalid schema rule for ${logicalKey}: "${fieldName}" entries must be strings.`
+      );
+    }
+    return entry.trim();
+  }).filter(Boolean);
+  return nextValue.length > 0 ? nextValue : void 0;
+}
+function normalizeUnknownArray(value, fieldName, logicalKey) {
+  if (value === void 0) {
+    return void 0;
+  }
+  if (!Array.isArray(value)) {
+    throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: "${fieldName}" must be an array.`);
+  }
+  return value.length > 0 ? value : void 0;
+}
+function assertValidPatternRegex(pattern, logicalKey) {
+  try {
+    void new RegExp(pattern);
+  } catch (error) {
+    const reason = error instanceof Error ? error.message : String(error);
+    throw new CnosManifestError(
+      `Invalid schema rule for ${logicalKey}: "pattern" must be a valid regex (${reason}).`
+    );
+  }
+}
+function assertSecretRuleSafety(logicalKey, rule) {
+  if (!logicalKey.startsWith("secret.")) {
+    return;
+  }
+  const offendingFields = SECRET_FORBIDDEN_FIELDS.filter((field) => hasOwn(rule, field));
+  if (offendingFields.length === 0) {
+    return;
+  }
+  throw new CnosManifestError(
+    `Invalid schema rule for ${logicalKey}: secret specs cannot include ${offendingFields.join(", ")}. Store secret values in the vault, not schema metadata. Remove ${offendingFields.map((field) => `schema.${logicalKey}.${field}`).join(", ")} to continue.`
+  );
+}
+function normalizeSpecRule(logicalKey, rule) {
+  if (!rule || typeof rule !== "object" || Array.isArray(rule)) {
+    throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: expected an object.`);
+  }
+  const candidate = rule;
+  assertSecretRuleSafety(logicalKey, candidate);
+  const normalized = {};
+  if (candidate.type !== void 0) {
+    if (typeof candidate.type !== "string" || !ALLOWED_TYPES.has(candidate.type)) {
+      throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: unsupported type "${String(candidate.type)}".`);
+    }
+    normalized.type = candidate.type;
+  }
+  if (candidate.required !== void 0) {
+    if (typeof candidate.required !== "boolean") {
+      throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: "required" must be a boolean.`);
+    }
+    normalized.required = candidate.required;
+  }
+  if (hasOwn(candidate, "default")) {
+    normalized.default = candidate.default;
+  }
+  const normalizedEnum = normalizeUnknownArray(candidate.enum, "enum", logicalKey);
+  if (normalizedEnum !== void 0) {
+    normalized.enum = normalizedEnum;
+  }
+  const normalizedPattern = normalizeOptionalString(candidate.pattern, "pattern", logicalKey);
+  if (normalizedPattern !== void 0) {
+    assertValidPatternRegex(normalizedPattern, logicalKey);
+    normalized.pattern = normalizedPattern;
+  }
+  const normalizedSummary = normalizeOptionalString(candidate.summary, "summary", logicalKey);
+  if (normalizedSummary !== void 0) {
+    normalized.summary = normalizedSummary;
+  }
+  const normalizedDescription = normalizeOptionalString(candidate.description, "description", logicalKey);
+  if (normalizedDescription !== void 0) {
+    normalized.description = normalizedDescription;
+  }
+  const normalizedExamples = normalizeUnknownArray(candidate.examples, "examples", logicalKey);
+  if (normalizedExamples !== void 0) {
+    normalized.examples = normalizedExamples;
+  }
+  const normalizedUsedBy = normalizeStringArray(candidate.usedBy, "usedBy", logicalKey);
+  if (normalizedUsedBy !== void 0) {
+    normalized.usedBy = normalizedUsedBy;
+  }
+  if (candidate.deprecated !== void 0) {
+    if (typeof candidate.deprecated !== "boolean") {
+      throw new CnosManifestError(`Invalid schema rule for ${logicalKey}: "deprecated" must be a boolean.`);
+    }
+    normalized.deprecated = candidate.deprecated;
+  }
+  const normalizedDeprecationMessage = normalizeOptionalString(
+    candidate.deprecationMessage,
+    "deprecationMessage",
+    logicalKey
+  );
+  if (normalizedDeprecationMessage !== void 0) {
+    normalized.deprecationMessage = normalizedDeprecationMessage;
+  }
+  return normalized;
+}
+
 // ../core/src/manifest/normalizeManifest.ts
 var DEFAULT_RESOLVE_FROM = ["cli.profile", "env.CNOS_PROFILE", "default"];
 var DEFAULT_LOADERS = [
@@ -1488,11 +1616,19 @@ function normalizeVaults(vaults) {
         throw new CnosManifestError(`Vault "${name}" requires a provider`);
       }
       const normalizedAuth = normalizeVaultAuth(name, provider, definition.auth);
-      const normalizedMapping = Object.fromEntries(
-        Object.entries(definition.mapping ?? {}).filter(
-          (entry) => typeof entry[0] === "string" && typeof entry[1] === "string"
-        ).map(([envVar, logicalRef]) => [envVar.trim(), logicalRef.trim()]).filter(([envVar, logicalRef]) => envVar.length > 0 && logicalRef.length > 0)
-      );
+      const normalizedMapping = normalizeVaultMapping(definition.mapping);
+      const fallback = (definition.fallback ?? []).map((entry, index) => {
+        const fallbackProvider = entry.provider?.trim();
+        if (!fallbackProvider) {
+          throw new CnosManifestError(`Vault "${name}" fallback ${index + 1} requires a provider`);
+        }
+        const fallbackMapping = normalizeVaultMapping(entry.mapping);
+        return {
+          provider: fallbackProvider,
+          auth: normalizeVaultAuth(name, fallbackProvider, entry.auth),
+          ...Object.keys(fallbackMapping).length > 0 ? { mapping: fallbackMapping } : {}
+        };
+      });
       return [
         name,
         {
@@ -1500,12 +1636,20 @@ function normalizeVaults(vaults) {
           auth: normalizedAuth,
           ...Object.keys(normalizedMapping).length > 0 ? {
             mapping: normalizedMapping
-          } : {}
+          } : {},
+          ...fallback.length > 0 ? { fallback } : {}
         }
       ];
     })
   );
 }
+function normalizeVaultMapping(mapping) {
+  return Object.fromEntries(
+    Object.entries(mapping ?? {}).filter(
+      (entry) => typeof entry[0] === "string" && typeof entry[1] === "string"
+    ).map(([envVar, logicalRef]) => [envVar.trim(), logicalRef.trim()]).filter(([envVar, logicalRef]) => envVar.length > 0 && logicalRef.length > 0)
+  );
+}
 function normalizeAuthSources(value) {
   if (!value || typeof value !== "object" || Array.isArray(value)) {
     return void 0;
@@ -1553,6 +1697,14 @@ function normalizeVaultAuth(vaultName, provider, auth) {
     ...auth?.config ? { config: auth.config } : {}
   };
 }
+function normalizeSchema(schema) {
+  return Object.fromEntries(
+    Object.entries(schema ?? {}).map(([logicalKey, rule]) => [
+      logicalKey,
+      normalizeSpecRule(logicalKey, rule)
+    ])
+  );
+}
 function normalizeManifest(manifest) {
   const version = manifest.version ?? 1;
   if (version !== 1) {
@@ -1650,7 +1802,7 @@ function normalizeManifest(manifest) {
         }
       }
     },
-    schema: manifest.schema ?? {}
+    schema: normalizeSchema(manifest.schema)
   };
 }
 
@@ -1803,7 +1955,7 @@ function isObject(value) {
   return Boolean(value) && typeof value === "object" && !Array.isArray(value);
 }
 function isSecretReference(value) {
-  return isObject(value) && typeof value.provider === "string" && value.provider.trim().length > 0 && typeof value.ref === "string" && value.ref.trim().length > 0 && (value.vault === void 0 && true || typeof value.vault === "string" && value.vault.trim().length > 0) && Object.keys(value).every((key) => ["provider", "ref", "vault"].includes(key));
+  return isObject(value) && (value.provider === void 0 || typeof value.provider === "string" && value.provider.trim().length > 0) && typeof value.ref === "string" && value.ref.trim().length > 0 && (value.vault === void 0 && true || typeof value.vault === "string" && value.vault.trim().length > 0) && Object.keys(value).every((key) => ["provider", "ref", "vault"].includes(key));
 }
 function resolveSecretStoreRoot(processEnv = process.env) {
   return path8.resolve(expandHomePath2(processEnv.CNOS_SECRET_HOME ?? "~/.cnos/secrets"));
@@ -2201,16 +2353,19 @@ import { appendFile, mkdir as mkdir5 } from "fs/promises";
 import path9 from "path";
 async function appendAuditEvent(event, processEnv = process.env) {
   const auditFile = processEnv.CNOS_AUDIT_FILE ?? path9.join(resolveSecretStoreRoot(processEnv), "audit", "access.log");
-  await mkdir5(path9.dirname(auditFile), { recursive: true });
-  await appendFile(
-    auditFile,
-    `${JSON.stringify({
-      ts: (/* @__PURE__ */ new Date()).toISOString(),
-      ...event
-    })}
+  try {
+    await mkdir5(path9.dirname(auditFile), { recursive: true });
+    await appendFile(
+      auditFile,
+      `${JSON.stringify({
+        ts: (/* @__PURE__ */ new Date()).toISOString(),
+        ...event
+      })}
 `,
-    "utf8"
-  );
+      "utf8"
+    );
+  } catch {
+  }
 }
 
 // ../core/src/secrets/providers/local.ts
@@ -2304,7 +2459,7 @@ var LocalSecretVaultProvider = class _LocalSecretVaultProvider {
 };
 
 // ../core/src/secrets/providers/registry.ts
-function createSecretVaultProvider(vaultId, definition, processEnv) {
+function createSecretVaultProvider(vaultId, definition, processEnv, factories = []) {
   if (definition.provider === "local") {
     return new LocalSecretVaultProvider(vaultId, definition, processEnv);
   }
@@ -2314,9 +2469,30 @@ function createSecretVaultProvider(vaultId, definition, processEnv) {
   if (definition.provider === "github-secrets") {
     return new GithubSecretsVaultProvider(vaultId, definition, processEnv);
   }
+  const factory = factories.find((candidate) => candidate.provider === definition.provider);
+  if (factory) {
+    return factory.create(vaultId, definition, processEnv);
+  }
   throw new CnosManifestError(`Unsupported vault provider: ${definition.provider}`);
 }
 
+// ../core/src/secrets/providerCompatibility.ts
+function assertSecretRefVaultProviderCompatible(manifest, ref, logicalKey = "secret ref") {
+  if (!ref.vault || !ref.provider) {
+    return;
+  }
+  const definition = manifest.vaults[ref.vault];
+  if (!definition || definition.provider === ref.provider) {
+    return;
+  }
+  throw new CnosManifestError(
+    `Secret ref "${logicalKey}" declares provider "${ref.provider}" but vault "${ref.vault}" uses provider "${definition.provider}". Remove the ref provider or use a matching vault.`
+  );
+}
+
+// ../core/src/secrets/resolveAuth.ts
+import { readFile as readFile6 } from "fs/promises";
+
 // ../core/src/secrets/prompt.ts
 import readline from "readline";
 import { Writable } from "stream";
@@ -2357,6 +2533,23 @@ function toAuthError(vaultId, sources) {
     `Cannot authenticate to vault "${vaultId}". Tried: ${sources.join(", ")}. Set ${getVaultPassphraseEnvVar(vaultId)} or run cnos vault auth ${vaultId}.`
   );
 }
+async function resolveTokenFromSource(source, processEnv) {
+  if (source.startsWith("env:")) {
+    return processEnv[source.slice(4)] || void 0;
+  }
+  if (source.startsWith("file:")) {
+    try {
+      const value = await readFile6(expandHomePath2(source.slice("file:".length)), "utf8");
+      return value.trim() || void 0;
+    } catch {
+      return void 0;
+    }
+  }
+  if (source.startsWith("keychain:")) {
+    return readKeychain(source.slice("keychain:".length));
+  }
+  return void 0;
+}
 async function resolveVaultAuth(vaultId, definition, processEnv = process.env) {
   const sessionKey = await resolveVaultSessionKey(vaultId, processEnv);
   if (sessionKey) {
@@ -2372,6 +2565,32 @@ async function resolveVaultAuth(vaultId, definition, processEnv = process.env) {
       ...definition.auth?.config ? { config: definition.auth.config } : {}
     };
   }
+  if (definition.auth?.method === "iam") {
+    return {
+      method: "iam",
+      ...definition.auth?.config ? { config: definition.auth.config } : {}
+    };
+  }
+  if (definition.auth?.method === "environment") {
+    return {
+      method: "environment",
+      ...definition.auth?.config ? { config: definition.auth.config } : {}
+    };
+  }
+  const tokenSources = definition.auth?.token?.from ?? [];
+  for (const source of tokenSources) {
+    const token = await resolveTokenFromSource(source, processEnv);
+    if (token) {
+      return {
+        token,
+        method: "token",
+        ...definition.auth?.config ? { config: definition.auth.config } : {}
+      };
+    }
+  }
+  if (definition.auth?.method === "token") {
+    throw toAuthError(vaultId, [getVaultSessionKeyEnvVar(vaultId), ...tokenSources]);
+  }
   const sources = definition.auth?.passphrase?.from ?? [getVaultPassphraseEnvVar(vaultId)];
   for (const source of sources) {
     if (source.startsWith("env:")) {
@@ -2825,12 +3044,12 @@ function createProvenanceInspector() {
 }
 
 // ../core/src/manifest/loadWorkspaceFile.ts
-import { readFile as readFile6 } from "fs/promises";
+import { readFile as readFile7 } from "fs/promises";
 import path11 from "path";
 async function loadWorkspaceFile(repoRoot) {
   const workspaceFilePath = path11.join(repoRoot, ".cnos-workspace.yml");
   try {
-    const source = await readFile6(workspaceFilePath, "utf8");
+    const source = await readFile7(workspaceFilePath, "utf8");
     const parsed = parseYaml(source);
     if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
       throw new CnosManifestError(".cnos-workspace.yml must be a YAML object", workspaceFilePath);
@@ -2853,7 +3072,7 @@ async function loadWorkspaceFile(repoRoot) {
 }
 
 // ../core/src/profiles/expandProfileChain.ts
-import { access as access4, readFile as readFile7 } from "fs/promises";
+import { access as access4, readFile as readFile8 } from "fs/promises";
 import path12 from "path";
 async function fileExists(targetPath) {
   try {
@@ -2895,7 +3114,7 @@ async function loadProfileDefinition(profileName, options) {
     if (!await fileExists(profilePath)) {
       continue;
     }
-    const document = await readFile7(profilePath, "utf8");
+    const document = await readFile8(profilePath, "utf8");
     const parsed = parseYaml(document);
     if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
       throw new CnosManifestError("Profile definition must be a YAML object", profilePath);
@@ -3380,6 +3599,13 @@ function enumMatches(value, allowed) {
   const serialized = JSON.stringify(value);
   return allowed.some((candidate) => JSON.stringify(candidate) === serialized);
 }
+function testPattern(pattern, value) {
+  try {
+    return new RegExp(pattern).test(value);
+  } catch {
+    return false;
+  }
+}
 function applySchemaRules(graph, schema) {
   const nextEntries = new Map(graph.entries);
   const issues = [];
@@ -3446,11 +3672,11 @@ function applySchemaRules(graph, schema) {
           key,
           message: `Config key ${key} must be a string to match pattern ${rule.pattern}`
         });
-      } else if (!new RegExp(rule.pattern).test(coercedValue)) {
+      } else if (!testPattern(rule.pattern, coercedValue)) {
         issues.push({
           code: "schema.pattern",
           key,
-          message: `Config key ${key} does not match pattern ${rule.pattern}`
+          message: `Config key ${key} does not match pattern ${rule.pattern} (or the pattern is invalid).`
         });
       }
     }
@@ -3504,6 +3730,23 @@ var SecretCache = class {
   get(vaultId, ref) {
     return this.cache.get(`${vaultId}:${ref}`);
   }
+  delete(vaultId, ref) {
+    this.cache.delete(`${vaultId}:${ref}`);
+  }
+  replace(vaultId, secrets) {
+    this.clear(vaultId);
+    this.load(vaultId, secrets);
+  }
+  entriesForVault(vaultId) {
+    const entries = /* @__PURE__ */ new Map();
+    for (const [key, value] of this.cache) {
+      const prefix = `${vaultId}:`;
+      if (key.startsWith(prefix)) {
+        entries.set(key.slice(prefix.length), value);
+      }
+    }
+    return entries;
+  }
   clear(vaultId) {
     if (!vaultId) {
       this.cache.clear();
@@ -3526,22 +3769,76 @@ function collectSecretDescriptors(graph) {
     ref: entry.value
   }));
 }
-async function batchResolveSecrets(graph, manifest, processEnv = process.env) {
+function secretGroupKey(manifest, descriptor) {
+  assertSecretRefVaultProviderCompatible(manifest, descriptor.ref, descriptor.logicalKey);
+  const vaultId = descriptor.ref.vault ?? "default";
+  const provider = descriptor.ref.provider ?? manifest.vaults[vaultId]?.provider ?? "local";
+  return `${vaultId}\0${provider}`;
+}
+function vaultDefinitionForRef(manifest, ref) {
+  assertSecretRefVaultProviderCompatible(manifest, ref);
+  const vaultId = ref.vault ?? "default";
+  const base = manifest.vaults[vaultId] ?? { provider: "local", auth: { passphrase: { from: [] } } };
+  if (!ref.provider || ref.provider === base.provider) {
+    return base;
+  }
+  return {
+    ...base,
+    provider: ref.provider
+  };
+}
+async function resolveFromDefinition(vaultId, definition, refs, processEnv, factories) {
+  const runtimeDefinition = {
+    provider: definition.provider,
+    ...definition.auth ? { auth: definition.auth } : {},
+    ...definition.mapping ? { mapping: definition.mapping } : {}
+  };
+  const provider = createSecretVaultProvider(vaultId, runtimeDefinition, processEnv, factories);
+  const auth = await resolveVaultAuth(vaultId, runtimeDefinition, processEnv);
+  await provider.authenticate(auth);
+  return provider.batchGet(refs.map((entry) => entry.ref.ref));
+}
+async function batchResolveSecrets(graph, manifest, processEnv = process.env, factories = []) {
   const cache = new SecretCache();
   const descriptors = collectSecretDescriptors(graph);
   const grouped = descriptors.reduce((accumulator, descriptor) => {
-    const vaultId = descriptor.ref.vault ?? "default";
-    const bucket = accumulator.get(vaultId) ?? [];
+    const key = secretGroupKey(manifest, descriptor);
+    const bucket = accumulator.get(key) ?? [];
     bucket.push(descriptor);
-    accumulator.set(vaultId, bucket);
+    accumulator.set(key, bucket);
     return accumulator;
   }, /* @__PURE__ */ new Map());
-  for (const [vaultId, refs] of grouped) {
-    const definition = manifest.vaults[vaultId] ?? { provider: "local", auth: { passphrase: { from: [] } } };
-    const provider = createSecretVaultProvider(vaultId, definition, processEnv);
-    const auth = await resolveVaultAuth(vaultId, definition, processEnv);
-    await provider.authenticate(auth);
-    const resolved = await provider.batchGet(refs.map((entry) => entry.ref.ref));
+  for (const refs of grouped.values()) {
+    const first = refs[0];
+    if (!first) {
+      continue;
+    }
+    const vaultId = first.ref.vault ?? "default";
+    const definition = vaultDefinitionForRef(manifest, first.ref);
+    const definitions = [definition, ...definition.fallback ?? []];
+    const resolved = /* @__PURE__ */ new Map();
+    let remaining = refs;
+    let lastError;
+    for (const candidate of definitions) {
+      try {
+        const candidateValues = await resolveFromDefinition(vaultId, candidate, remaining, processEnv, factories);
+        for (const descriptor of remaining) {
+          const value = candidateValues.get(descriptor.ref.ref);
+          if (value !== void 0) {
+            resolved.set(descriptor.ref.ref, value);
+          }
+        }
+        remaining = remaining.filter((descriptor) => !resolved.has(descriptor.ref.ref));
+        if (remaining.length === 0) {
+          break;
+        }
+      } catch (error) {
+        lastError = error;
+      }
+    }
+    if (resolved.size === 0 && lastError) {
+      throw lastError;
+    }
     cache.load(vaultId, resolved);
     await appendAuditEvent(
       {
@@ -3562,7 +3859,11 @@ function resolveSecretEntryValue(key, value, cache) {
     return value;
   }
   const vaultId = value.vault ?? "default";
-  return cache.get(vaultId, value.ref) ?? value;
+  const resolved = cache.get(vaultId, value.ref);
+  if (resolved !== void 0 || cache.isVaultAuthenticated(vaultId)) {
+    return resolved;
+  }
+  return value;
 }
 
 // ../core/src/runtime/toServerProjection.ts
@@ -3587,19 +3888,117 @@ function configHash(values) {
 function shouldProjectResolvedValue(sourceId) {
   return sourceId !== "process-env";
 }
+var SAFE_PROJECTED_CONFIG_KEYS = /* @__PURE__ */ new Set([
+  "address",
+  "audience",
+  "clientid",
+  "endpoint",
+  "mount",
+  "namespace",
+  "path",
+  "projectid",
+  "region",
+  "scope",
+  "scopes",
+  "serviceaccountemail",
+  "tenant",
+  "tenantid",
+  "url",
+  "version",
+  "vaulturl"
+]);
+function isSafeProjectedConfigKey(key) {
+  return SAFE_PROJECTED_CONFIG_KEYS.has(key.replace(/[^A-Za-z0-9]/g, "").toLowerCase());
+}
+function sanitizeProjectedConfigValue(value) {
+  if (Array.isArray(value)) {
+    return value.map((item) => sanitizeProjectedConfigValue(item));
+  }
+  if (!value || typeof value !== "object") {
+    return value;
+  }
+  return stableSortObject(
+    Object.fromEntries(
+      Object.entries(value).map(([key, item]) => [key, sanitizeProjectedConfigValue(item)]).filter(([key, item]) => {
+        if (item && typeof item === "object" && !Array.isArray(item)) {
+          return Object.keys(item).length > 0;
+        }
+        return isSafeProjectedConfigKey(key);
+      })
+    )
+  );
+}
+function sanitizeProjectedConfig(config) {
+  const sanitized = sanitizeProjectedConfigValue(config);
+  if (!sanitized || typeof sanitized !== "object" || Array.isArray(sanitized)) {
+    return void 0;
+  }
+  return Object.keys(sanitized).length > 0 ? sanitized : void 0;
+}
+function projectVaultAuth(definition) {
+  const auth = definition.auth;
+  if (!auth) {
+    return void 0;
+  }
+  const config = auth.config ? sanitizeProjectedConfig(auth.config) : void 0;
+  const projected = {
+    ...auth.method ? { method: auth.method } : {},
+    ...auth.passphrase?.from ? {
+      passphrase: {
+        from: [...auth.passphrase.from]
+      }
+    } : {},
+    ...auth.token?.from ? {
+      token: {
+        from: [...auth.token.from]
+      }
+    } : {},
+    ...config ? { config } : {}
+  };
+  return Object.keys(projected).length > 0 ? projected : void 0;
+}
+function projectVaultDefinition(definition) {
+  const auth = projectVaultAuth(definition);
+  const mapping = definition.mapping ? stableSortObject(definition.mapping) : void 0;
+  const fallback = definition.fallback?.map((entry) => projectVaultDefinition({
+    provider: entry.provider,
+    ...entry.auth ? { auth: entry.auth } : {},
+    ...entry.mapping ? { mapping: entry.mapping } : {}
+  }));
+  return {
+    provider: definition.provider,
+    ...auth ? { auth } : {},
+    ...mapping && Object.keys(mapping).length > 0 ? { mapping } : {},
+    ...fallback && fallback.length > 0 ? { fallback } : {}
+  };
+}
+function projectReferencedVaults(manifest, vaultIds) {
+  const projected = {};
+  for (const vaultId of Array.from(vaultIds).sort((left, right) => left.localeCompare(right))) {
+    const definition = manifest.vaults[vaultId];
+    if (definition) {
+      projected[vaultId] = projectVaultDefinition(definition);
+    }
+  }
+  return Object.keys(projected).length > 0 ? projected : void 0;
+}
 function toServerProjection(graph, manifest, cnosVersion = "0.0.0-dev", helpers = {}) {
   const values = {};
   const derived = {};
   const secretRefs = {};
+  const referencedVaultIds = /* @__PURE__ */ new Set();
   const namespaces = /* @__PURE__ */ new Set();
   const runtimeNamespaces = /* @__PURE__ */ new Set();
   const publicKeys = Array.from(graph.entries.values()).filter((entry) => entry.namespace === "public").map((entry) => entry.key.slice("public.".length)).sort((left, right) => left.localeCompare(right));
   for (const [key, entry] of graph.entries) {
     if (entry.namespace === "secret" && isSecretReference(entry.value)) {
+      assertSecretRefVaultProviderCompatible(manifest, entry.value, key);
       const vaultId = entry.value.vault ?? "default";
+      const provider = entry.value.provider ?? manifest.vaults[vaultId]?.provider ?? "local";
       const envVar = resolveProjectedEnvVar(manifest, vaultId, entry.value.ref);
+      referencedVaultIds.add(vaultId);
       secretRefs[key.slice("secret.".length)] = {
-        provider: entry.value.provider,
+        provider,
         vault: vaultId,
         ref: entry.value.ref,
         ...envVar ? {
@@ -3645,6 +4044,7 @@ function toServerProjection(graph, manifest, cnosVersion = "0.0.0-dev", helpers
       namespaces.add(entry.namespace);
     }
   }
+  const vaults = projectReferencedVaults(manifest, referencedVaultIds);
   return {
     version: 1,
     workspace: graph.workspace.workspaceId,
@@ -3654,6 +4054,7 @@ function toServerProjection(graph, manifest, cnosVersion = "0.0.0-dev", helpers
     values: stableSortObject(values),
     derived: stableSortObject(derived),
     secretRefs: stableSortObject(secretRefs),
+    ...vaults ? { vaults } : {},
     publicKeys,
     runtimeNamespaces: Array.from(runtimeNamespaces).sort((left, right) => left.localeCompare(right)),
     meta: {
@@ -3666,9 +4067,10 @@ function toServerProjection(graph, manifest, cnosVersion = "0.0.0-dev", helpers
 }
 
 // ../core/src/orchestrator/runtime.ts
-function createRuntime(manifest, graph, plugins = [], secretCache, processEnv = process.env, cnosVersion = "0.0.0-dev") {
+function createRuntime(manifest, graph, plugins = [], secretCache, processEnv = process.env, cnosVersion = "0.0.0-dev", secretVaultProviders = []) {
   const runtimeProviders = createDefaultRuntimeProviders(manifest, processEnv);
   const derivedSupport = createDerivedRuntimeSupport(graph, manifest, runtimeProviders);
+  let activeSecretCache = secretCache;
   function resolveProjectedSourceKey(key) {
     if (!key.startsWith("public.")) {
       return key;
@@ -3685,30 +4087,38 @@ function createRuntime(manifest, graph, plugins = [], secretCache, processEnv =
     if (!entry || entry.namespace !== "secret" || !isSecretReference(entry.value)) {
       return;
     }
-    if (!secretCache) {
+    if (!activeSecretCache) {
       return;
     }
     const vaultId = entry.value.vault ?? "default";
-    const definition = manifest.vaults[vaultId] ?? {
-      provider: entry.value.provider,
-      auth: { passphrase: { from: [] } }
-    };
-    const provider = createSecretVaultProvider(vaultId, definition, processEnv);
-    const auth = await resolveVaultAuth(vaultId, definition, processEnv);
-    await provider.authenticate(auth);
-    const value = await provider.get(entry.value.ref);
-    if (value !== void 0) {
-      secretCache.load(vaultId, /* @__PURE__ */ new Map([[entry.value.ref, value]]));
+    const refreshed = await batchResolveSecrets(
+      {
+        ...graph,
+        entries: /* @__PURE__ */ new Map([[key, entry]])
+      },
+      manifest,
+      processEnv,
+      secretVaultProviders
+    );
+    const resolved = refreshed.get(vaultId, entry.value.ref);
+    const existing = activeSecretCache.entriesForVault(vaultId);
+    existing.delete(entry.value.ref);
+    if (resolved !== void 0) {
+      existing.set(entry.value.ref, resolved);
     }
+    activeSecretCache.replace(vaultId, existing);
   }
   async function refreshAllSecrets() {
-    if (!secretCache) {
+    if (!activeSecretCache) {
       return;
     }
-    const secretKeys = Array.from(graph.entries.values()).filter((entry) => entry.namespace === "secret" && isSecretReference(entry.value)).map((entry) => entry.key);
-    for (const key of secretKeys) {
-      await refreshSecretEntry(key);
-    }
+    const refreshed = await batchResolveSecrets(
+      graph,
+      manifest,
+      processEnv,
+      secretVaultProviders
+    );
+    activeSecretCache = refreshed;
   }
   function readLogicalKey(key) {
     const resolved = derivedSupport.read(key, (ref) => {
@@ -3716,10 +4126,10 @@ function createRuntime(manifest, graph, plugins = [], secretCache, processEnv =
       if (!entry2) {
         return void 0;
       }
-      if (!secretCache) {
+      if (!activeSecretCache) {
         return entry2.value;
       }
-      return resolveSecretEntryValue(ref, entry2.value, secretCache);
+      return resolveSecretEntryValue(ref, entry2.value, activeSecretCache);
     });
     if (resolved !== void 0 || graph.entries.has(key) || manifest.runtimeNamespaces[key.split(".")[0] ?? ""]) {
       return resolved;
@@ -3728,10 +4138,10 @@ function createRuntime(manifest, graph, plugins = [], secretCache, processEnv =
     if (!entry) {
       return void 0;
     }
-    if (!secretCache) {
+    if (!activeSecretCache) {
       return entry.value;
     }
-    return resolveSecretEntryValue(key, entry.value, secretCache);
+    return resolveSecretEntryValue(key, entry.value, activeSecretCache);
   }
   return {
     manifest,
@@ -3768,10 +4178,10 @@ function createRuntime(manifest, graph, plugins = [], secretCache, processEnv =
           if (!entry) {
             return void 0;
           }
-          if (!secretCache) {
+          if (!activeSecretCache) {
             return entry.value;
           }
-          return resolveSecretEntryValue(candidate, entry.value, secretCache);
+          return resolveSecretEntryValue(candidate, entry.value, activeSecretCache);
         })
       });
     },
@@ -3962,7 +4372,12 @@ async function createCnos(options = {}) {
   });
   const schemaApplied = applySchemaRules(graph, loadedManifest.manifest.schema);
   const promotedGraph = promoteToPublic(schemaApplied.graph, loadedManifest.manifest);
-  const secretCache = options.secretResolution === "lazy" ? new SecretCache() : await batchResolveSecrets(promotedGraph, loadedManifest.manifest, options.processEnv);
+  const secretCache = options.secretResolution === "lazy" ? new SecretCache() : await batchResolveSecrets(
+    promotedGraph,
+    loadedManifest.manifest,
+    options.processEnv,
+    options.secretVaultProviders
+  );
   return createRuntime(
     loadedManifest.manifest,
     appendMetaEntries({
@@ -3972,7 +4387,8 @@ async function createCnos(options = {}) {
     plugins,
     secretCache,
     options.processEnv,
-    options.cnosVersion
+    options.cnosVersion,
+    options.secretVaultProviders
   );
 }
 
@@ -4035,6 +4451,7 @@ export {
   resolveVaultDefinition,
   removeLocalVaultFiles,
   createSecretVaultProvider,
+  assertSecretRefVaultProviderCompatible,
   resolveVaultAuth,
   toNamespaceObject,
   readValue,