@lucern/contracts 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/dist/function-registry/worktrees.js +1 -1
- package/dist/function-registry/worktrees.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.js +2815 -336
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -1
- package/dist/index.js +3250 -510
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.base.d.ts +1 -1
- package/dist/infisical-runtime.base.js +3 -0
- package/dist/infisical-runtime.base.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +188 -2
- package/dist/infisical-runtime.contract.js +494 -233
- package/dist/infisical-runtime.contract.js.map +1 -1
- package/dist/infisical-runtime.platform-automation-secrets.d.ts +436 -0
- package/dist/infisical-runtime.platform-automation-secrets.js +596 -0
- package/dist/infisical-runtime.platform-automation-secrets.js.map +1 -0
- package/dist/infisical-runtime.platform-observability-secrets.d.ts +323 -0
- package/dist/infisical-runtime.platform-observability-secrets.js +417 -0
- package/dist/infisical-runtime.platform-observability-secrets.js.map +1 -0
- package/dist/infisical-runtime.platform-ops-secrets.d.ts +4 -569
- package/dist/infisical-runtime.platform-ops-secrets.js +440 -183
- package/dist/infisical-runtime.platform-ops-secrets.js.map +1 -1
- package/dist/infisical-runtime.tenant-secrets.js.map +1 -1
- package/dist/manifests/infisical-runtime-manifest.d.ts +188 -2
- package/dist/manifests/infisical-runtime-manifest.js +439 -181
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -1
- package/dist/proof-attestation.json +1 -1
- package/package.json +1 -1
|
@@ -1252,203 +1252,282 @@ var PLATFORM_LANGFUSE_SECRET_DEFINITIONS = [
|
|
|
1252
1252
|
}
|
|
1253
1253
|
];
|
|
1254
1254
|
|
|
1255
|
-
// src/infisical-runtime.platform-
|
|
1256
|
-
var
|
|
1255
|
+
// src/infisical-runtime.platform-observability-secrets.ts
|
|
1256
|
+
var PLATFORM_SENTRY_SECRET_DEFINITIONS = [
|
|
1257
1257
|
{
|
|
1258
|
-
id: "platform.
|
|
1259
|
-
canonicalName: "
|
|
1260
|
-
|
|
1258
|
+
id: "platform.sentry.dsn",
|
|
1259
|
+
canonicalName: "NEXT_PUBLIC_SENTRY_DSN",
|
|
1260
|
+
aliases: ["SENTRY_DSN", "NEXT_PUBLIC_SENTRY_DSN_NEXTJS"],
|
|
1261
|
+
owner: "provider",
|
|
1261
1262
|
scope: "environment",
|
|
1262
|
-
sourcePath: "/platform/
|
|
1263
|
+
sourcePath: "/platform/observability/sentry",
|
|
1263
1264
|
environmentPolicy: "environment_specific",
|
|
1264
1265
|
required: false,
|
|
1265
1266
|
secret: false,
|
|
1266
|
-
public:
|
|
1267
|
-
consumers: ["lucern-
|
|
1267
|
+
public: true,
|
|
1268
|
+
consumers: ["lucern-web", "lucern-gateway", "lucern-observability"],
|
|
1268
1269
|
destinations: [
|
|
1269
1270
|
{
|
|
1270
|
-
kind: "
|
|
1271
|
-
target: "lucern
|
|
1271
|
+
kind: "vercel",
|
|
1272
|
+
target: "lucern",
|
|
1272
1273
|
environmentPolicy: "environment_specific"
|
|
1273
1274
|
},
|
|
1274
1275
|
{
|
|
1275
|
-
kind: "
|
|
1276
|
-
target: "
|
|
1276
|
+
kind: "vercel",
|
|
1277
|
+
target: "lucern-gateway",
|
|
1277
1278
|
environmentPolicy: "environment_specific"
|
|
1278
1279
|
}
|
|
1279
1280
|
],
|
|
1280
|
-
description: "Lucern-owned
|
|
1281
|
+
description: "Lucern-owned Sentry DSN for browser/server error telemetry."
|
|
1281
1282
|
},
|
|
1282
1283
|
{
|
|
1283
|
-
id: "platform.
|
|
1284
|
-
canonicalName: "
|
|
1285
|
-
|
|
1286
|
-
owner: "lucern_platform",
|
|
1284
|
+
id: "platform.sentry.auth-token",
|
|
1285
|
+
canonicalName: "SENTRY_AUTH_TOKEN",
|
|
1286
|
+
owner: "provider",
|
|
1287
1287
|
scope: "environment",
|
|
1288
|
-
sourcePath: "/platform/
|
|
1289
|
-
environmentPolicy: "
|
|
1288
|
+
sourcePath: "/platform/observability/sentry",
|
|
1289
|
+
environmentPolicy: "same_all_environments",
|
|
1290
1290
|
required: false,
|
|
1291
|
-
secret:
|
|
1291
|
+
secret: true,
|
|
1292
1292
|
public: false,
|
|
1293
|
-
consumers: ["lucern-
|
|
1293
|
+
consumers: ["lucern-repo-ci", "lucern-observability"],
|
|
1294
1294
|
destinations: [
|
|
1295
|
-
{
|
|
1296
|
-
kind: "runtime_fetch",
|
|
1297
|
-
target: "lucern-graph-sync",
|
|
1298
|
-
environmentPolicy: "environment_specific"
|
|
1299
|
-
},
|
|
1300
1295
|
{
|
|
1301
1296
|
kind: "github_actions",
|
|
1302
1297
|
target: "LucernAI/lucern",
|
|
1303
|
-
environmentPolicy: "
|
|
1298
|
+
environmentPolicy: "same_all_environments"
|
|
1299
|
+
},
|
|
1300
|
+
{
|
|
1301
|
+
kind: "vercel",
|
|
1302
|
+
target: "lucern",
|
|
1303
|
+
environmentPolicy: "same_all_environments"
|
|
1304
1304
|
}
|
|
1305
1305
|
],
|
|
1306
|
-
description: "
|
|
1306
|
+
description: "Sentry release-upload token. Runtime services must not use it for authorization."
|
|
1307
1307
|
},
|
|
1308
1308
|
{
|
|
1309
|
-
id: "platform.
|
|
1310
|
-
canonicalName: "
|
|
1311
|
-
|
|
1312
|
-
|
|
1313
|
-
|
|
1314
|
-
|
|
1309
|
+
id: "platform.sentry.org",
|
|
1310
|
+
canonicalName: "SENTRY_ORG",
|
|
1311
|
+
aliases: ["SENTRY_ORG_SLUG"],
|
|
1312
|
+
owner: "provider",
|
|
1313
|
+
scope: "global",
|
|
1314
|
+
sourcePath: "/platform/observability/sentry",
|
|
1315
|
+
environmentPolicy: "same_all_environments",
|
|
1315
1316
|
required: false,
|
|
1316
|
-
secret:
|
|
1317
|
+
secret: false,
|
|
1317
1318
|
public: false,
|
|
1318
|
-
consumers: ["lucern-
|
|
1319
|
+
consumers: ["lucern-repo-ci", "lucern-observability"],
|
|
1319
1320
|
destinations: [
|
|
1320
1321
|
{
|
|
1321
|
-
kind: "
|
|
1322
|
-
target: "lucern
|
|
1323
|
-
environmentPolicy: "
|
|
1322
|
+
kind: "github_actions",
|
|
1323
|
+
target: "LucernAI/lucern",
|
|
1324
|
+
environmentPolicy: "same_all_environments"
|
|
1324
1325
|
},
|
|
1326
|
+
{
|
|
1327
|
+
kind: "vercel",
|
|
1328
|
+
target: "lucern",
|
|
1329
|
+
environmentPolicy: "same_all_environments"
|
|
1330
|
+
}
|
|
1331
|
+
],
|
|
1332
|
+
description: "Sentry organization slug for Lucern release uploads."
|
|
1333
|
+
},
|
|
1334
|
+
{
|
|
1335
|
+
id: "platform.sentry.project",
|
|
1336
|
+
canonicalName: "SENTRY_PROJECT",
|
|
1337
|
+
aliases: ["SENTRY_PROJECT_NEXTJS"],
|
|
1338
|
+
owner: "provider",
|
|
1339
|
+
scope: "global",
|
|
1340
|
+
sourcePath: "/platform/observability/sentry",
|
|
1341
|
+
environmentPolicy: "same_all_environments",
|
|
1342
|
+
required: false,
|
|
1343
|
+
secret: false,
|
|
1344
|
+
public: false,
|
|
1345
|
+
consumers: ["lucern-repo-ci", "lucern-observability"],
|
|
1346
|
+
destinations: [
|
|
1325
1347
|
{
|
|
1326
1348
|
kind: "github_actions",
|
|
1327
1349
|
target: "LucernAI/lucern",
|
|
1328
|
-
environmentPolicy: "
|
|
1350
|
+
environmentPolicy: "same_all_environments"
|
|
1351
|
+
},
|
|
1352
|
+
{
|
|
1353
|
+
kind: "vercel",
|
|
1354
|
+
target: "lucern",
|
|
1355
|
+
environmentPolicy: "same_all_environments"
|
|
1329
1356
|
}
|
|
1330
1357
|
],
|
|
1331
|
-
description: "
|
|
1358
|
+
description: "Sentry project slug for Lucern release uploads."
|
|
1332
1359
|
},
|
|
1333
1360
|
{
|
|
1334
|
-
id: "platform.
|
|
1335
|
-
canonicalName: "
|
|
1336
|
-
|
|
1361
|
+
id: "platform.sentry.environment",
|
|
1362
|
+
canonicalName: "SENTRY_ENVIRONMENT",
|
|
1363
|
+
aliases: ["NEXT_PUBLIC_SENTRY_ENVIRONMENT"],
|
|
1364
|
+
owner: "provider",
|
|
1337
1365
|
scope: "environment",
|
|
1338
|
-
sourcePath: "/platform/
|
|
1366
|
+
sourcePath: "/platform/observability/sentry",
|
|
1339
1367
|
environmentPolicy: "environment_specific",
|
|
1340
1368
|
required: false,
|
|
1341
|
-
secret:
|
|
1369
|
+
secret: false,
|
|
1342
1370
|
public: false,
|
|
1343
|
-
consumers: ["lucern-
|
|
1371
|
+
consumers: ["lucern-web", "lucern-gateway", "lucern-observability"],
|
|
1344
1372
|
destinations: [
|
|
1345
1373
|
{
|
|
1346
|
-
kind: "
|
|
1347
|
-
target: "lucern
|
|
1348
|
-
environmentPolicy: "environment_specific"
|
|
1374
|
+
kind: "vercel",
|
|
1375
|
+
target: "lucern",
|
|
1376
|
+
environmentPolicy: "environment_specific",
|
|
1377
|
+
writeNames: ["SENTRY_ENVIRONMENT", "NEXT_PUBLIC_SENTRY_ENVIRONMENT"]
|
|
1349
1378
|
},
|
|
1350
1379
|
{
|
|
1351
|
-
kind: "
|
|
1352
|
-
target: "
|
|
1380
|
+
kind: "vercel",
|
|
1381
|
+
target: "lucern-gateway",
|
|
1353
1382
|
environmentPolicy: "environment_specific"
|
|
1354
1383
|
}
|
|
1355
1384
|
],
|
|
1356
|
-
description: "
|
|
1385
|
+
description: "Lucern-owned Sentry environment label."
|
|
1357
1386
|
},
|
|
1358
1387
|
{
|
|
1359
|
-
id: "platform.
|
|
1360
|
-
canonicalName: "
|
|
1361
|
-
|
|
1388
|
+
id: "platform.sentry.release",
|
|
1389
|
+
canonicalName: "SENTRY_RELEASE",
|
|
1390
|
+
aliases: ["LUCERN_RELEASE", "NEXT_PUBLIC_SENTRY_RELEASE"],
|
|
1391
|
+
owner: "provider",
|
|
1362
1392
|
scope: "environment",
|
|
1363
|
-
sourcePath: "/platform/
|
|
1393
|
+
sourcePath: "/platform/observability/sentry",
|
|
1364
1394
|
environmentPolicy: "environment_specific",
|
|
1365
1395
|
required: false,
|
|
1366
1396
|
secret: false,
|
|
1367
1397
|
public: false,
|
|
1368
|
-
consumers: ["lucern-
|
|
1398
|
+
consumers: ["lucern-web", "lucern-gateway", "lucern-observability"],
|
|
1369
1399
|
destinations: [
|
|
1370
1400
|
{
|
|
1371
|
-
kind: "
|
|
1372
|
-
target: "lucern
|
|
1373
|
-
environmentPolicy: "environment_specific"
|
|
1401
|
+
kind: "vercel",
|
|
1402
|
+
target: "lucern",
|
|
1403
|
+
environmentPolicy: "environment_specific",
|
|
1404
|
+
writeNames: [
|
|
1405
|
+
"LUCERN_RELEASE",
|
|
1406
|
+
"SENTRY_RELEASE",
|
|
1407
|
+
"NEXT_PUBLIC_SENTRY_RELEASE"
|
|
1408
|
+
]
|
|
1374
1409
|
},
|
|
1375
1410
|
{
|
|
1376
|
-
kind: "
|
|
1377
|
-
target: "
|
|
1411
|
+
kind: "vercel",
|
|
1412
|
+
target: "lucern-gateway",
|
|
1378
1413
|
environmentPolicy: "environment_specific"
|
|
1379
1414
|
}
|
|
1380
1415
|
],
|
|
1381
|
-
description: "
|
|
1416
|
+
description: "Lucern-owned Sentry release name."
|
|
1382
1417
|
}
|
|
1383
1418
|
];
|
|
1384
|
-
var
|
|
1419
|
+
var PLATFORM_AXIOM_SECRET_DEFINITIONS = [
|
|
1385
1420
|
{
|
|
1386
|
-
id: "platform.
|
|
1387
|
-
canonicalName: "
|
|
1388
|
-
|
|
1421
|
+
id: "platform.axiom.token",
|
|
1422
|
+
canonicalName: "AXIOM_TOKEN",
|
|
1423
|
+
aliases: ["LUCERN_AXIOM_TOKEN"],
|
|
1424
|
+
owner: "provider",
|
|
1389
1425
|
scope: "environment",
|
|
1390
|
-
sourcePath: "/platform/
|
|
1426
|
+
sourcePath: "/platform/observability",
|
|
1391
1427
|
environmentPolicy: "environment_specific",
|
|
1392
1428
|
required: false,
|
|
1393
1429
|
secret: true,
|
|
1394
1430
|
public: false,
|
|
1395
|
-
consumers: [
|
|
1431
|
+
consumers: [
|
|
1432
|
+
"lucern-cli",
|
|
1433
|
+
"lucern-gateway",
|
|
1434
|
+
"lucern-sdk",
|
|
1435
|
+
"lucern-mcp",
|
|
1436
|
+
"lucern-agent",
|
|
1437
|
+
"lucern-railway-pdp",
|
|
1438
|
+
"lucern-repo-ci",
|
|
1439
|
+
"lucern-observability"
|
|
1440
|
+
],
|
|
1396
1441
|
destinations: [
|
|
1397
1442
|
{
|
|
1398
1443
|
kind: "runtime_fetch",
|
|
1399
|
-
target: "lucern-
|
|
1444
|
+
target: "lucern-cli-mcp-sdk",
|
|
1445
|
+
environmentPolicy: "environment_specific"
|
|
1446
|
+
},
|
|
1447
|
+
{
|
|
1448
|
+
kind: "vercel",
|
|
1449
|
+
target: "lucern-gateway",
|
|
1400
1450
|
environmentPolicy: "environment_specific"
|
|
1401
1451
|
},
|
|
1402
1452
|
{
|
|
1403
1453
|
kind: "github_actions",
|
|
1404
1454
|
target: "LucernAI/lucern",
|
|
1405
1455
|
environmentPolicy: "environment_specific"
|
|
1456
|
+
},
|
|
1457
|
+
{
|
|
1458
|
+
kind: "operator_local",
|
|
1459
|
+
target: "lucern-repo",
|
|
1460
|
+
environmentPolicy: "environment_specific"
|
|
1406
1461
|
}
|
|
1407
1462
|
],
|
|
1408
|
-
description: "Lucern
|
|
1463
|
+
description: "Axiom ingest/query token for Lucern operational telemetry. Runtime code must treat it as write/query telemetry authority, not graph-state authority."
|
|
1409
1464
|
},
|
|
1410
1465
|
{
|
|
1411
|
-
id: "platform.
|
|
1412
|
-
canonicalName: "
|
|
1413
|
-
aliases: ["
|
|
1414
|
-
owner: "
|
|
1466
|
+
id: "platform.axiom.events-dataset",
|
|
1467
|
+
canonicalName: "LUCERN_AXIOM_EVENTS_DATASET",
|
|
1468
|
+
aliases: ["AXIOM_DATASET", "AXIOM_EVENTS_DATASET", "LUCERN_AXIOM_DATASET"],
|
|
1469
|
+
owner: "provider",
|
|
1415
1470
|
scope: "environment",
|
|
1416
|
-
sourcePath: "/platform/
|
|
1471
|
+
sourcePath: "/platform/observability",
|
|
1417
1472
|
environmentPolicy: "environment_specific",
|
|
1418
1473
|
required: false,
|
|
1419
1474
|
secret: false,
|
|
1420
1475
|
public: false,
|
|
1421
|
-
consumers: [
|
|
1476
|
+
consumers: [
|
|
1477
|
+
"lucern-cli",
|
|
1478
|
+
"lucern-gateway",
|
|
1479
|
+
"lucern-sdk",
|
|
1480
|
+
"lucern-mcp",
|
|
1481
|
+
"lucern-agent",
|
|
1482
|
+
"lucern-railway-pdp",
|
|
1483
|
+
"lucern-repo-ci",
|
|
1484
|
+
"lucern-observability"
|
|
1485
|
+
],
|
|
1422
1486
|
destinations: [
|
|
1423
1487
|
{
|
|
1424
1488
|
kind: "runtime_fetch",
|
|
1425
|
-
target: "lucern-
|
|
1489
|
+
target: "lucern-cli-mcp-sdk",
|
|
1490
|
+
environmentPolicy: "environment_specific"
|
|
1491
|
+
},
|
|
1492
|
+
{
|
|
1493
|
+
kind: "vercel",
|
|
1494
|
+
target: "lucern-gateway",
|
|
1426
1495
|
environmentPolicy: "environment_specific"
|
|
1427
1496
|
},
|
|
1428
1497
|
{
|
|
1429
1498
|
kind: "github_actions",
|
|
1430
1499
|
target: "LucernAI/lucern",
|
|
1431
1500
|
environmentPolicy: "environment_specific"
|
|
1501
|
+
},
|
|
1502
|
+
{
|
|
1503
|
+
kind: "operator_local",
|
|
1504
|
+
target: "lucern-repo",
|
|
1505
|
+
environmentPolicy: "environment_specific"
|
|
1432
1506
|
}
|
|
1433
1507
|
],
|
|
1434
|
-
description: "
|
|
1508
|
+
description: "Primary Axiom event dataset for non-sensitive CLI, gateway, SDK retry, PDP, deploy, and agent-run telemetry."
|
|
1435
1509
|
},
|
|
1436
1510
|
{
|
|
1437
|
-
id: "platform.
|
|
1438
|
-
canonicalName: "
|
|
1439
|
-
aliases: ["
|
|
1440
|
-
owner: "
|
|
1511
|
+
id: "platform.axiom.logs-dataset",
|
|
1512
|
+
canonicalName: "LUCERN_AXIOM_LOGS_DATASET",
|
|
1513
|
+
aliases: ["AXIOM_LOGS_DATASET"],
|
|
1514
|
+
owner: "provider",
|
|
1441
1515
|
scope: "environment",
|
|
1442
|
-
sourcePath: "/platform/
|
|
1516
|
+
sourcePath: "/platform/observability",
|
|
1443
1517
|
environmentPolicy: "environment_specific",
|
|
1444
1518
|
required: false,
|
|
1445
1519
|
secret: false,
|
|
1446
1520
|
public: false,
|
|
1447
|
-
consumers: ["lucern-
|
|
1521
|
+
consumers: ["lucern-observability", "lucern-gateway", "lucern-repo-ci"],
|
|
1448
1522
|
destinations: [
|
|
1449
1523
|
{
|
|
1450
1524
|
kind: "runtime_fetch",
|
|
1451
|
-
target: "lucern-
|
|
1525
|
+
target: "lucern-cli-mcp-sdk",
|
|
1526
|
+
environmentPolicy: "environment_specific"
|
|
1527
|
+
},
|
|
1528
|
+
{
|
|
1529
|
+
kind: "vercel",
|
|
1530
|
+
target: "lucern-gateway",
|
|
1452
1531
|
environmentPolicy: "environment_specific"
|
|
1453
1532
|
},
|
|
1454
1533
|
{
|
|
@@ -1457,168 +1536,137 @@ var PLATFORM_VECTOR_STORE_SECRET_DEFINITIONS = [
|
|
|
1457
1536
|
environmentPolicy: "environment_specific"
|
|
1458
1537
|
}
|
|
1459
1538
|
],
|
|
1460
|
-
description: "
|
|
1461
|
-
}
|
|
1462
|
-
];
|
|
1463
|
-
var PLATFORM_SENTRY_SECRET_DEFINITIONS = [
|
|
1539
|
+
description: "Axiom OpenTelemetry log dataset for Lucern services."
|
|
1540
|
+
},
|
|
1464
1541
|
{
|
|
1465
|
-
id: "platform.
|
|
1466
|
-
canonicalName: "
|
|
1467
|
-
aliases: ["
|
|
1542
|
+
id: "platform.axiom.traces-dataset",
|
|
1543
|
+
canonicalName: "LUCERN_AXIOM_TRACES_DATASET",
|
|
1544
|
+
aliases: ["AXIOM_TRACES_DATASET"],
|
|
1468
1545
|
owner: "provider",
|
|
1469
1546
|
scope: "environment",
|
|
1470
|
-
sourcePath: "/platform/observability
|
|
1547
|
+
sourcePath: "/platform/observability",
|
|
1471
1548
|
environmentPolicy: "environment_specific",
|
|
1472
1549
|
required: false,
|
|
1473
1550
|
secret: false,
|
|
1474
|
-
public:
|
|
1475
|
-
consumers: ["lucern-
|
|
1551
|
+
public: false,
|
|
1552
|
+
consumers: ["lucern-observability", "lucern-gateway", "lucern-repo-ci"],
|
|
1476
1553
|
destinations: [
|
|
1477
1554
|
{
|
|
1478
|
-
kind: "
|
|
1479
|
-
target: "lucern",
|
|
1555
|
+
kind: "runtime_fetch",
|
|
1556
|
+
target: "lucern-cli-mcp-sdk",
|
|
1480
1557
|
environmentPolicy: "environment_specific"
|
|
1481
1558
|
},
|
|
1482
1559
|
{
|
|
1483
1560
|
kind: "vercel",
|
|
1484
1561
|
target: "lucern-gateway",
|
|
1485
1562
|
environmentPolicy: "environment_specific"
|
|
1486
|
-
}
|
|
1487
|
-
],
|
|
1488
|
-
description: "Lucern-owned Sentry DSN for browser/server error telemetry."
|
|
1489
|
-
},
|
|
1490
|
-
{
|
|
1491
|
-
id: "platform.sentry.auth-token",
|
|
1492
|
-
canonicalName: "SENTRY_AUTH_TOKEN",
|
|
1493
|
-
owner: "provider",
|
|
1494
|
-
scope: "environment",
|
|
1495
|
-
sourcePath: "/platform/observability/sentry",
|
|
1496
|
-
environmentPolicy: "same_all_environments",
|
|
1497
|
-
required: false,
|
|
1498
|
-
secret: true,
|
|
1499
|
-
public: false,
|
|
1500
|
-
consumers: ["lucern-repo-ci", "lucern-observability"],
|
|
1501
|
-
destinations: [
|
|
1502
|
-
{
|
|
1503
|
-
kind: "github_actions",
|
|
1504
|
-
target: "LucernAI/lucern",
|
|
1505
|
-
environmentPolicy: "same_all_environments"
|
|
1506
1563
|
},
|
|
1507
|
-
{
|
|
1508
|
-
kind: "vercel",
|
|
1509
|
-
target: "lucern",
|
|
1510
|
-
environmentPolicy: "same_all_environments"
|
|
1511
|
-
}
|
|
1512
|
-
],
|
|
1513
|
-
description: "Sentry release-upload token. Runtime services must not use it for authorization."
|
|
1514
|
-
},
|
|
1515
|
-
{
|
|
1516
|
-
id: "platform.sentry.org",
|
|
1517
|
-
canonicalName: "SENTRY_ORG",
|
|
1518
|
-
aliases: ["SENTRY_ORG_SLUG"],
|
|
1519
|
-
owner: "provider",
|
|
1520
|
-
scope: "global",
|
|
1521
|
-
sourcePath: "/platform/observability/sentry",
|
|
1522
|
-
environmentPolicy: "same_all_environments",
|
|
1523
|
-
required: false,
|
|
1524
|
-
secret: false,
|
|
1525
|
-
public: false,
|
|
1526
|
-
consumers: ["lucern-repo-ci", "lucern-observability"],
|
|
1527
|
-
destinations: [
|
|
1528
1564
|
{
|
|
1529
1565
|
kind: "github_actions",
|
|
1530
1566
|
target: "LucernAI/lucern",
|
|
1531
|
-
environmentPolicy: "
|
|
1532
|
-
},
|
|
1533
|
-
{
|
|
1534
|
-
kind: "vercel",
|
|
1535
|
-
target: "lucern",
|
|
1536
|
-
environmentPolicy: "same_all_environments"
|
|
1567
|
+
environmentPolicy: "environment_specific"
|
|
1537
1568
|
}
|
|
1538
1569
|
],
|
|
1539
|
-
description: "
|
|
1570
|
+
description: "Axiom OpenTelemetry trace dataset for Lucern services."
|
|
1540
1571
|
},
|
|
1541
1572
|
{
|
|
1542
|
-
id: "platform.
|
|
1543
|
-
canonicalName: "
|
|
1544
|
-
aliases: ["
|
|
1573
|
+
id: "platform.axiom.metrics-dataset",
|
|
1574
|
+
canonicalName: "LUCERN_AXIOM_METRICS_DATASET",
|
|
1575
|
+
aliases: ["AXIOM_METRICS_DATASET"],
|
|
1545
1576
|
owner: "provider",
|
|
1546
|
-
scope: "
|
|
1547
|
-
sourcePath: "/platform/observability
|
|
1548
|
-
environmentPolicy: "
|
|
1577
|
+
scope: "environment",
|
|
1578
|
+
sourcePath: "/platform/observability",
|
|
1579
|
+
environmentPolicy: "environment_specific",
|
|
1549
1580
|
required: false,
|
|
1550
1581
|
secret: false,
|
|
1551
1582
|
public: false,
|
|
1552
|
-
consumers: ["lucern-
|
|
1583
|
+
consumers: ["lucern-observability", "lucern-gateway", "lucern-repo-ci"],
|
|
1553
1584
|
destinations: [
|
|
1554
1585
|
{
|
|
1555
|
-
kind: "
|
|
1556
|
-
target: "
|
|
1557
|
-
environmentPolicy: "
|
|
1586
|
+
kind: "runtime_fetch",
|
|
1587
|
+
target: "lucern-cli-mcp-sdk",
|
|
1588
|
+
environmentPolicy: "environment_specific"
|
|
1558
1589
|
},
|
|
1559
1590
|
{
|
|
1560
1591
|
kind: "vercel",
|
|
1561
|
-
target: "lucern",
|
|
1562
|
-
environmentPolicy: "
|
|
1592
|
+
target: "lucern-gateway",
|
|
1593
|
+
environmentPolicy: "environment_specific"
|
|
1594
|
+
},
|
|
1595
|
+
{
|
|
1596
|
+
kind: "github_actions",
|
|
1597
|
+
target: "LucernAI/lucern",
|
|
1598
|
+
environmentPolicy: "environment_specific"
|
|
1563
1599
|
}
|
|
1564
1600
|
],
|
|
1565
|
-
description: "
|
|
1601
|
+
description: "Axiom OpenTelemetry metric dataset for Lucern services."
|
|
1566
1602
|
},
|
|
1567
1603
|
{
|
|
1568
|
-
id: "platform.
|
|
1569
|
-
canonicalName: "
|
|
1570
|
-
aliases: ["
|
|
1604
|
+
id: "platform.axiom.api-url",
|
|
1605
|
+
canonicalName: "LUCERN_AXIOM_API_URL",
|
|
1606
|
+
aliases: ["AXIOM_URL"],
|
|
1571
1607
|
owner: "provider",
|
|
1572
1608
|
scope: "environment",
|
|
1573
|
-
sourcePath: "/platform/observability
|
|
1609
|
+
sourcePath: "/platform/observability",
|
|
1574
1610
|
environmentPolicy: "environment_specific",
|
|
1575
1611
|
required: false,
|
|
1576
1612
|
secret: false,
|
|
1577
1613
|
public: false,
|
|
1578
|
-
consumers: [
|
|
1614
|
+
consumers: [
|
|
1615
|
+
"lucern-cli",
|
|
1616
|
+
"lucern-gateway",
|
|
1617
|
+
"lucern-sdk",
|
|
1618
|
+
"lucern-mcp",
|
|
1619
|
+
"lucern-agent",
|
|
1620
|
+
"lucern-repo-ci"
|
|
1621
|
+
],
|
|
1579
1622
|
destinations: [
|
|
1580
1623
|
{
|
|
1581
|
-
kind: "
|
|
1582
|
-
target: "lucern",
|
|
1583
|
-
environmentPolicy: "environment_specific"
|
|
1584
|
-
writeNames: ["SENTRY_ENVIRONMENT", "NEXT_PUBLIC_SENTRY_ENVIRONMENT"]
|
|
1624
|
+
kind: "runtime_fetch",
|
|
1625
|
+
target: "lucern-cli-mcp-sdk",
|
|
1626
|
+
environmentPolicy: "environment_specific"
|
|
1585
1627
|
},
|
|
1586
1628
|
{
|
|
1587
1629
|
kind: "vercel",
|
|
1588
1630
|
target: "lucern-gateway",
|
|
1589
1631
|
environmentPolicy: "environment_specific"
|
|
1632
|
+
},
|
|
1633
|
+
{
|
|
1634
|
+
kind: "operator_local",
|
|
1635
|
+
target: "lucern-repo",
|
|
1636
|
+
environmentPolicy: "environment_specific"
|
|
1590
1637
|
}
|
|
1591
1638
|
],
|
|
1592
|
-
description: "
|
|
1639
|
+
description: "Axiom API URL. Defaults to https://api.axiom.co when unset."
|
|
1593
1640
|
},
|
|
1594
1641
|
{
|
|
1595
|
-
id: "platform.
|
|
1596
|
-
canonicalName: "
|
|
1597
|
-
aliases: ["
|
|
1642
|
+
id: "platform.axiom.otlp-endpoint",
|
|
1643
|
+
canonicalName: "OTEL_EXPORTER_OTLP_ENDPOINT",
|
|
1644
|
+
aliases: ["LUCERN_AXIOM_OTLP_ENDPOINT"],
|
|
1598
1645
|
owner: "provider",
|
|
1599
1646
|
scope: "environment",
|
|
1600
|
-
sourcePath: "/platform/observability
|
|
1647
|
+
sourcePath: "/platform/observability",
|
|
1601
1648
|
environmentPolicy: "environment_specific",
|
|
1602
1649
|
required: false,
|
|
1603
1650
|
secret: false,
|
|
1604
1651
|
public: false,
|
|
1605
|
-
consumers: ["lucern-
|
|
1652
|
+
consumers: ["lucern-gateway", "lucern-railway-pdp", "lucern-observability"],
|
|
1606
1653
|
destinations: [
|
|
1607
1654
|
{
|
|
1608
1655
|
kind: "vercel",
|
|
1609
|
-
target: "lucern",
|
|
1610
|
-
environmentPolicy: "environment_specific"
|
|
1611
|
-
writeNames: ["SENTRY_RELEASE", "NEXT_PUBLIC_SENTRY_RELEASE"]
|
|
1656
|
+
target: "lucern-gateway",
|
|
1657
|
+
environmentPolicy: "environment_specific"
|
|
1612
1658
|
},
|
|
1613
1659
|
{
|
|
1614
|
-
kind: "
|
|
1615
|
-
target: "lucern-
|
|
1660
|
+
kind: "operator_local",
|
|
1661
|
+
target: "lucern-repo",
|
|
1616
1662
|
environmentPolicy: "environment_specific"
|
|
1617
1663
|
}
|
|
1618
1664
|
],
|
|
1619
|
-
description: "
|
|
1665
|
+
description: "OTLP endpoint used by services that emit OpenTelemetry logs, metrics, and traces to Axiom."
|
|
1620
1666
|
}
|
|
1621
1667
|
];
|
|
1668
|
+
|
|
1669
|
+
// src/infisical-runtime.platform-automation-secrets.ts
|
|
1622
1670
|
var PLATFORM_DEPLOY_AUTOMATION_SECRET_DEFINITIONS = [
|
|
1623
1671
|
{
|
|
1624
1672
|
id: "platform.deploy.vercel-token",
|
|
@@ -2211,6 +2259,215 @@ var PLATFORM_LOCAL_OPERATOR_CONFIG_SECRET_DEFINITIONS = [
|
|
|
2211
2259
|
}
|
|
2212
2260
|
];
|
|
2213
2261
|
|
|
2262
|
+
// src/infisical-runtime.platform-ops-secrets.ts
|
|
2263
|
+
var PLATFORM_GRAPH_STORE_SECRET_DEFINITIONS = [
|
|
2264
|
+
{
|
|
2265
|
+
id: "platform.neo4j.uri",
|
|
2266
|
+
canonicalName: "NEO4J_URI",
|
|
2267
|
+
owner: "lucern_platform",
|
|
2268
|
+
scope: "environment",
|
|
2269
|
+
sourcePath: "/platform/graph/neo4j",
|
|
2270
|
+
environmentPolicy: "environment_specific",
|
|
2271
|
+
required: false,
|
|
2272
|
+
secret: false,
|
|
2273
|
+
public: false,
|
|
2274
|
+
consumers: ["lucern-graph-sync", "lucern-repo-ci"],
|
|
2275
|
+
destinations: [
|
|
2276
|
+
{
|
|
2277
|
+
kind: "runtime_fetch",
|
|
2278
|
+
target: "lucern-graph-sync",
|
|
2279
|
+
environmentPolicy: "environment_specific"
|
|
2280
|
+
},
|
|
2281
|
+
{
|
|
2282
|
+
kind: "github_actions",
|
|
2283
|
+
target: "LucernAI/lucern",
|
|
2284
|
+
environmentPolicy: "environment_specific"
|
|
2285
|
+
}
|
|
2286
|
+
],
|
|
2287
|
+
description: "Lucern-owned Neo4j URI for platform graph-sync surfaces."
|
|
2288
|
+
},
|
|
2289
|
+
{
|
|
2290
|
+
id: "platform.neo4j.user",
|
|
2291
|
+
canonicalName: "NEO4J_USER",
|
|
2292
|
+
aliases: ["NEO4J_USERNAME"],
|
|
2293
|
+
owner: "lucern_platform",
|
|
2294
|
+
scope: "environment",
|
|
2295
|
+
sourcePath: "/platform/graph/neo4j",
|
|
2296
|
+
environmentPolicy: "environment_specific",
|
|
2297
|
+
required: false,
|
|
2298
|
+
secret: false,
|
|
2299
|
+
public: false,
|
|
2300
|
+
consumers: ["lucern-graph-sync", "lucern-repo-ci"],
|
|
2301
|
+
destinations: [
|
|
2302
|
+
{
|
|
2303
|
+
kind: "runtime_fetch",
|
|
2304
|
+
target: "lucern-graph-sync",
|
|
2305
|
+
environmentPolicy: "environment_specific"
|
|
2306
|
+
},
|
|
2307
|
+
{
|
|
2308
|
+
kind: "github_actions",
|
|
2309
|
+
target: "LucernAI/lucern",
|
|
2310
|
+
environmentPolicy: "environment_specific"
|
|
2311
|
+
}
|
|
2312
|
+
],
|
|
2313
|
+
description: "Lucern-owned Neo4j username for platform graph-sync surfaces."
|
|
2314
|
+
},
|
|
2315
|
+
{
|
|
2316
|
+
id: "platform.neo4j.password",
|
|
2317
|
+
canonicalName: "NEO4J_PASSWORD",
|
|
2318
|
+
owner: "lucern_platform",
|
|
2319
|
+
scope: "environment",
|
|
2320
|
+
sourcePath: "/platform/graph/neo4j",
|
|
2321
|
+
environmentPolicy: "environment_specific",
|
|
2322
|
+
required: false,
|
|
2323
|
+
secret: true,
|
|
2324
|
+
public: false,
|
|
2325
|
+
consumers: ["lucern-graph-sync", "lucern-repo-ci"],
|
|
2326
|
+
destinations: [
|
|
2327
|
+
{
|
|
2328
|
+
kind: "runtime_fetch",
|
|
2329
|
+
target: "lucern-graph-sync",
|
|
2330
|
+
environmentPolicy: "environment_specific"
|
|
2331
|
+
},
|
|
2332
|
+
{
|
|
2333
|
+
kind: "github_actions",
|
|
2334
|
+
target: "LucernAI/lucern",
|
|
2335
|
+
environmentPolicy: "environment_specific"
|
|
2336
|
+
}
|
|
2337
|
+
],
|
|
2338
|
+
description: "Lucern-owned Neo4j password for platform graph-sync surfaces."
|
|
2339
|
+
},
|
|
2340
|
+
{
|
|
2341
|
+
id: "platform.neo4j.sync-secret",
|
|
2342
|
+
canonicalName: "NEO4J_SYNC_SECRET",
|
|
2343
|
+
owner: "lucern_platform",
|
|
2344
|
+
scope: "environment",
|
|
2345
|
+
sourcePath: "/platform/graph/neo4j",
|
|
2346
|
+
environmentPolicy: "environment_specific",
|
|
2347
|
+
required: false,
|
|
2348
|
+
secret: true,
|
|
2349
|
+
public: false,
|
|
2350
|
+
consumers: ["lucern-graph-sync", "lucern-repo-ci"],
|
|
2351
|
+
destinations: [
|
|
2352
|
+
{
|
|
2353
|
+
kind: "runtime_fetch",
|
|
2354
|
+
target: "lucern-graph-sync",
|
|
2355
|
+
environmentPolicy: "environment_specific"
|
|
2356
|
+
},
|
|
2357
|
+
{
|
|
2358
|
+
kind: "github_actions",
|
|
2359
|
+
target: "LucernAI/lucern",
|
|
2360
|
+
environmentPolicy: "environment_specific"
|
|
2361
|
+
}
|
|
2362
|
+
],
|
|
2363
|
+
description: "Shared secret protecting Lucern-owned graph-sync HTTP/query proxy calls."
|
|
2364
|
+
},
|
|
2365
|
+
{
|
|
2366
|
+
id: "platform.neo4j.database",
|
|
2367
|
+
canonicalName: "NEO4J_DATABASE",
|
|
2368
|
+
owner: "lucern_platform",
|
|
2369
|
+
scope: "environment",
|
|
2370
|
+
sourcePath: "/platform/graph/neo4j",
|
|
2371
|
+
environmentPolicy: "environment_specific",
|
|
2372
|
+
required: false,
|
|
2373
|
+
secret: false,
|
|
2374
|
+
public: false,
|
|
2375
|
+
consumers: ["lucern-graph-sync", "lucern-repo-ci"],
|
|
2376
|
+
destinations: [
|
|
2377
|
+
{
|
|
2378
|
+
kind: "runtime_fetch",
|
|
2379
|
+
target: "lucern-graph-sync",
|
|
2380
|
+
environmentPolicy: "environment_specific"
|
|
2381
|
+
},
|
|
2382
|
+
{
|
|
2383
|
+
kind: "github_actions",
|
|
2384
|
+
target: "LucernAI/lucern",
|
|
2385
|
+
environmentPolicy: "environment_specific"
|
|
2386
|
+
}
|
|
2387
|
+
],
|
|
2388
|
+
description: "Optional Neo4j database name for Lucern-owned graph-sync surfaces."
|
|
2389
|
+
}
|
|
2390
|
+
];
|
|
2391
|
+
var PLATFORM_VECTOR_STORE_SECRET_DEFINITIONS = [
|
|
2392
|
+
{
|
|
2393
|
+
id: "platform.pinecone.api-key",
|
|
2394
|
+
canonicalName: "PINECONE_API_KEY",
|
|
2395
|
+
owner: "lucern_platform",
|
|
2396
|
+
scope: "environment",
|
|
2397
|
+
sourcePath: "/platform/vector/pinecone",
|
|
2398
|
+
environmentPolicy: "environment_specific",
|
|
2399
|
+
required: false,
|
|
2400
|
+
secret: true,
|
|
2401
|
+
public: false,
|
|
2402
|
+
consumers: ["lucern-ai-runtime", "lucern-repo-ci"],
|
|
2403
|
+
destinations: [
|
|
2404
|
+
{
|
|
2405
|
+
kind: "runtime_fetch",
|
|
2406
|
+
target: "lucern-ai-runtime",
|
|
2407
|
+
environmentPolicy: "environment_specific"
|
|
2408
|
+
},
|
|
2409
|
+
{
|
|
2410
|
+
kind: "github_actions",
|
|
2411
|
+
target: "LucernAI/lucern",
|
|
2412
|
+
environmentPolicy: "environment_specific"
|
|
2413
|
+
}
|
|
2414
|
+
],
|
|
2415
|
+
description: "Lucern-owned Pinecone API key for platform vector search."
|
|
2416
|
+
},
|
|
2417
|
+
{
|
|
2418
|
+
id: "platform.pinecone.index-name",
|
|
2419
|
+
canonicalName: "PINECONE_INDEX_NAME",
|
|
2420
|
+
aliases: ["PINECONE_INDEX"],
|
|
2421
|
+
owner: "lucern_platform",
|
|
2422
|
+
scope: "environment",
|
|
2423
|
+
sourcePath: "/platform/vector/pinecone",
|
|
2424
|
+
environmentPolicy: "environment_specific",
|
|
2425
|
+
required: false,
|
|
2426
|
+
secret: false,
|
|
2427
|
+
public: false,
|
|
2428
|
+
consumers: ["lucern-ai-runtime", "lucern-repo-ci"],
|
|
2429
|
+
destinations: [
|
|
2430
|
+
{
|
|
2431
|
+
kind: "runtime_fetch",
|
|
2432
|
+
target: "lucern-ai-runtime",
|
|
2433
|
+
environmentPolicy: "environment_specific"
|
|
2434
|
+
},
|
|
2435
|
+
{
|
|
2436
|
+
kind: "github_actions",
|
|
2437
|
+
target: "LucernAI/lucern",
|
|
2438
|
+
environmentPolicy: "environment_specific"
|
|
2439
|
+
}
|
|
2440
|
+
],
|
|
2441
|
+
description: "Lucern-owned Pinecone index name."
|
|
2442
|
+
},
|
|
2443
|
+
{
|
|
2444
|
+
id: "platform.pinecone.host",
|
|
2445
|
+
canonicalName: "PINECONE_HOST",
|
|
2446
|
+
aliases: ["PINECONE_INDEX_HOST"],
|
|
2447
|
+
owner: "lucern_platform",
|
|
2448
|
+
scope: "environment",
|
|
2449
|
+
sourcePath: "/platform/vector/pinecone",
|
|
2450
|
+
environmentPolicy: "environment_specific",
|
|
2451
|
+
required: false,
|
|
2452
|
+
secret: false,
|
|
2453
|
+
public: false,
|
|
2454
|
+
consumers: ["lucern-ai-runtime", "lucern-repo-ci"],
|
|
2455
|
+
destinations: [
|
|
2456
|
+
{
|
|
2457
|
+
kind: "runtime_fetch",
|
|
2458
|
+
target: "lucern-ai-runtime",
|
|
2459
|
+
environmentPolicy: "environment_specific"
|
|
2460
|
+
},
|
|
2461
|
+
{
|
|
2462
|
+
kind: "github_actions",
|
|
2463
|
+
target: "LucernAI/lucern",
|
|
2464
|
+
environmentPolicy: "environment_specific"
|
|
2465
|
+
}
|
|
2466
|
+
],
|
|
2467
|
+
description: "Lucern-owned Pinecone host/index host."
|
|
2468
|
+
}
|
|
2469
|
+
];
|
|
2470
|
+
|
|
2214
2471
|
// src/infisical-runtime.tenant-secrets.ts
|
|
2215
2472
|
var TENANT_SHARED_SECRET_DEFINITION_TEMPLATES = [
|
|
2216
2473
|
{
|
|
@@ -3127,6 +3384,7 @@ var INFISICAL_SECRET_DEFINITIONS = [
|
|
|
3127
3384
|
...PLATFORM_GRAPH_STORE_SECRET_DEFINITIONS,
|
|
3128
3385
|
...PLATFORM_VECTOR_STORE_SECRET_DEFINITIONS,
|
|
3129
3386
|
...PLATFORM_SENTRY_SECRET_DEFINITIONS,
|
|
3387
|
+
...PLATFORM_AXIOM_SECRET_DEFINITIONS,
|
|
3130
3388
|
...PLATFORM_DEPLOY_AUTOMATION_SECRET_DEFINITIONS,
|
|
3131
3389
|
...PLATFORM_LOCAL_OPERATOR_CONFIG_SECRET_DEFINITIONS,
|
|
3132
3390
|
...TENANT_SHARED_SECRET_DEFINITIONS,
|