@p0security/cli 0.5.1 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/commands/__tests__/ssh.test.js +4 -8
  2. package/dist/commands/index.js +0 -2
  3. package/dist/commands/ssh.js +4 -4
  4. package/dist/plugins/aws/__mocks__/assumeRole.js +1 -0
  5. package/dist/plugins/aws/assumeRole.js +1 -0
  6. package/dist/plugins/aws/types.d.ts +1 -0
  7. package/dist/plugins/ssh/types.d.ts +2 -6
  8. package/package.json +1 -1
package/dist/commands/__tests__/ssh.test.js CHANGED
@@ -40,14 +40,10 @@ const mockSsm = ssm_1.ssm;
40
40
  const mockPrint1 = stdio_1.print1;
41
41
  const mockPrint2 = stdio_1.print2;
42
42
  (0, firestore_1.mockGetDoc)({
43
- workflows: {
44
- items: [
45
- {
46
- state: "installed",
47
- type: "aws",
48
- identifier: "test-account",
49
- },
50
- ],
43
+ "iam-write": {
44
+ ["aws:test-account"]: {
45
+ state: "installed",
46
+ },
51
47
  },
52
48
  });
53
49
  mockSsm.mockResolvedValue({});
package/dist/commands/index.js CHANGED
@@ -21,7 +21,6 @@ const login_1 = require("./login");
21
21
  const ls_1 = require("./ls");
22
22
  const request_1 = require("./request");
23
23
  const ssh_1 = require("./ssh");
24
- const lodash_1 = require("lodash");
25
24
  const typescript_1 = require("typescript");
26
25
  const yargs_1 = __importDefault(require("yargs"));
27
26
  const helpers_1 = require("yargs/helpers");
@@ -36,7 +35,6 @@ exports.cli = commands
36
35
  .reduce((m, c) => c(m), (0, yargs_1.default)((0, helpers_1.hideBin)(process.argv)))
37
36
  .middleware(version_1.checkVersion)
38
37
  .strict()
39
- .version(lodash_1.VERSION)
40
38
  .demandCommand(1)
41
39
  .fail((message, error, yargs) => {
42
40
  if (error)
package/dist/commands/ssh.js CHANGED
@@ -80,11 +80,11 @@ const sshCommand = (yargs) => yargs.command("ssh <destination> [command [argumen
80
80
  }), (0, firestore_1.guard)(ssh));
81
81
  exports.sshCommand = sshCommand;
82
82
  const validateSshInstall = (authn) => __awaiter(void 0, void 0, void 0, function* () {
83
- var _a, _b;
83
+ var _a;
84
84
  const configDoc = yield (0, firestore_2.getDoc)((0, firestore_1.doc)(`o/${authn.identity.org.tenantId}/integrations/ssh`));
85
- const items = (_b = (_a = configDoc
86
- .data()) === null || _a === void 0 ? void 0 : _a.workflows) === null || _b === void 0 ? void 0 : _b.items.filter((i) => i.state === "installed" && i.type === "aws");
87
- if (!(items === null || items === void 0 ? void 0 : items.length)) {
85
+ const configItems = (_a = configDoc.data()) === null || _a === void 0 ? void 0 : _a["iam-write"];
86
+ const items = Object.entries(configItems !== null && configItems !== void 0 ? configItems : {}).filter(([key, value]) => value.state == "installed" && key.startsWith("aws"));
87
+ if (items.length === 0) {
88
88
  throw "This organization is not configured for SSH access via the P0 CLI";
89
89
  }
90
90
  });
package/dist/plugins/aws/__mocks__/assumeRole.js CHANGED
@@ -15,6 +15,7 @@ const assumeRoleWithSaml = () => __awaiter(void 0, void 0, void 0, function* ()
15
15
  AWS_ACCESS_KEY_ID: "test-access-key-id",
16
16
  AWS_SECRET_ACCESS_KEY: "test-secret-access-key",
17
17
  AWS_SESSION_TOKEN: "test-session-token",
18
+ AWS_SECURITY_TOKEN: "test-session-token",
18
19
  });
19
20
  });
20
21
  exports.assumeRoleWithSaml = assumeRoleWithSaml;
package/dist/plugins/aws/assumeRole.js CHANGED
@@ -38,6 +38,7 @@ const stsAssume = (params) => __awaiter(void 0, void 0, void 0, function* () {
38
38
  AWS_ACCESS_KEY_ID: stsCredentials.AccessKeyId,
39
39
  AWS_SECRET_ACCESS_KEY: stsCredentials.SecretAccessKey,
40
40
  AWS_SESSION_TOKEN: stsCredentials.SessionToken,
41
+ AWS_SECURITY_TOKEN: stsCredentials.SessionToken,
41
42
  };
42
43
  });
43
44
  /** Assumes an AWS role via SAML login */
package/dist/plugins/aws/types.d.ts CHANGED
@@ -12,6 +12,7 @@ export declare type AwsCredentials = {
12
12
  AWS_ACCESS_KEY_ID: string;
13
13
  AWS_SECRET_ACCESS_KEY: string;
14
14
  AWS_SESSION_TOKEN: string;
15
+ AWS_SECURITY_TOKEN: string;
15
16
  };
16
17
  export declare type AwsIamLogin = {
17
18
  type: "iam";
package/dist/plugins/ssh/types.d.ts CHANGED
@@ -9,14 +9,10 @@ This file is part of @p0security/cli
9
9
  You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
10
10
  **/
11
11
  declare type SshItemConfig = {
12
- alias?: string;
13
- identifier: string;
12
+ label?: string;
14
13
  state: string;
15
- type: "aws" | "gcloud";
16
14
  };
17
15
  export declare type SshConfig = {
18
- workflows?: {
19
- items: SshItemConfig[];
20
- };
16
+ "iam-write": Record<string, SshItemConfig>;
21
17
  };
22
18
  export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@p0security/cli",
3
- "version": "0.5.1",
3
+ "version": "0.5.2",
4
4
  "description": "Execute infra CLI commands with P0 grants",
5
5
  "main": "index.ts",
6
6
  "repository": {