npm - @rockcarver/frodo-cli - Versions diffs - 2.0.0-65 → 2.0.0-66 - Mend

@rockcarver/frodo-cli 2.0.0-65 → 2.0.0-66

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -7,6 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+### Added
+- \#404: Frodo now saves the `-k`/`--insecure` option in connection profiles.
+### Changed
+- Update to frodo-lib 2.0.0-92
+### Fixed
+- \#400: Frodo now properly honors the `-k`/`--insecure` option and allows connecting to platform instances using self-signed certificates.
+## [2.0.0-65] - 2024-07-06
 ### Add
 - rockcarver/frodo-lib#387: Support import of ESVs (variables and secrets). Frodo now supports importing ESV variables and secrets with two new commands:
@@ -14,17 +28,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - `frodo esv secret import`
 - Frodo now supports exporting (and importing) of ESV secret values. To leave stuartship of secret values with the cloud environment where they belong, frodo will always encrypt values using either encryption keys from the source environment (default) or the target environment (export option). Frodo will never export secrets in the clear. However, frodo supports importing clear values (as well as importing encrypted values). Use these new commands and parameters to export/import variables and secrets including secret values:
   - New parameters for existing `frodo esv secret export` and `frodo config export` commands:
-      - `--include-active-values` Include the currently active (and loaded) secret value in the export. By default, secret values are encrypted server-side in the environment they are exported from. Use `--target <host url>` to have another environment perform the encryption.
-      - `--target <host url>` Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment.
+    - `--include-active-values` Include the currently active (and loaded) secret value in the export. By default, secret values are encrypted server-side in the environment they are exported from. Use `--target <host url>` to have another environment perform the encryption.
+    - `--target <host url>` Host URL of the environment to perform secret value encryption. The URL must resolve to an existing connection profile. Use this option to generate an export that can be imported into the target environment without requiring admin access to the source environment.
   - New `frodo esv secret import` and updated existing `frodo config import` command and note-worthy parameters:
-      - `--include-active-values` Import any secret values contained in the import file. By default, secret values are encrypted server-side in the environment they are exported from. Use `--source <host url>` to import a file exported from another environment than the one you are importing to.
+    - `--include-active-values` Import any secret values contained in the import file. By default, secret values are encrypted server-side in the environment they are exported from. Use `--source <host url>` to import a file exported from another environment than the one you are importing to.
-      - `--source <host url>` Host URL of the environment which performed secret value encryption. The URL must resolve to an existing connection profile. Use this option to import a file that was exported from a different source environment than the one you are importing to.
+    - `--source <host url>` Host URL of the environment which performed secret value encryption. The URL must resolve to an existing connection profile. Use this option to import a file that was exported from a different source environment than the one you are importing to.
 - rockcarver/frodo-lib#394: Support for `base64aes` encoding for ESV secrets
@@ -1614,7 +1629,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed problem with adding connection profiles
 - Miscellaneous bug fixes
-[unreleased]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-64...HEAD
+[unreleased]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-65...HEAD
+[2.0.0-65]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-64...v2.0.0-65
 [2.0.0-64]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-63...v2.0.0-64
 [2.0.0-63]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-62...v2.0.0-63
 [2.0.0-62]: https://github.com/rockcarver/frodo-cli/compare/v2.0.0-61...v2.0.0-62

package/dist/app.cjs CHANGED Viewed

@@ -125545,7 +125545,7 @@ function stringify(obj) {
 }
 var package_default = {
   name: "@rockcarver/frodo-lib",
-  version: "2.0.0-91",
+  version: "2.0.0-92",
   type: "commonjs",
   main: "./dist/index.js",
   module: "./dist/esm/index.js",
@@ -143046,8 +143046,12 @@ function getHttpAgent() {
   });
   return httpAgent;
 }
-function getHttpsAgent(allowInsecureConnection) {
-  if (httpsAgent) return httpsAgent;
+function getHttpsAgent(allowInsecureConnection, shareAgent = true) {
+  if (httpsAgent && shareAgent) return httpsAgent;
+  let agent;
+  if (allowInsecureConnection) {
+    console.error(`Allowing insecure connection`["yellow"]);
+  }
   const options2 = {
     rejectUnauthorized: !allowInsecureConnection
   };
@@ -143055,17 +143059,19 @@ function getHttpsAgent(allowInsecureConnection) {
   if (httpsProxy) {
     console.error(`Using proxy ${httpsProxy}`["yellow"]);
     options2.rejectUnauthorized = !allowInsecureConnection;
-    httpsAgent = new import_https_proxy_agent.HttpsProxyAgent(httpsProxy, options2);
-    return httpsAgent;
+    agent = new import_https_proxy_agent.HttpsProxyAgent(httpsProxy, options2);
+    if (shareAgent) httpsAgent = agent;
+    return agent;
   }
-  httpsAgent = new import_agentkeepalive.default.HttpsAgent({
+  agent = new import_agentkeepalive.default.HttpsAgent({
     ...options2,
     maxSockets,
     maxFreeSockets,
     timeout: timeout3,
     freeSocketTimeout
   });
-  return httpsAgent;
+  if (shareAgent) httpsAgent = agent;
+  return agent;
 }
 function getProxy() {
   if (process.env.HTTPS_PROXY || process.env.https_proxy) return false;
@@ -143305,7 +143311,7 @@ function generateReleaseApi({
     },
     ...requestOverride,
     httpAgent: getHttpAgent(),
-    httpsAgent: getHttpsAgent(state2.getAllowInsecureConnection()),
+    httpsAgent: getHttpsAgent(false, false),
     proxy: getProxy()
   };
   const request = axios_default.create(requestDetails);
@@ -155174,6 +155180,7 @@ Specify a sub-string uniquely identifying a single connection profile host URL.`
   }
   return {
     tenant: profiles[0].tenant,
+    allowInsecureConnection: profiles[0].allowInsecureConnection,
     deploymentType: profiles[0].deploymentType,
     username: profiles[0].username ? profiles[0].username : null,
     password: profiles[0].encodedPassword ? await dataProtection.decrypt(profiles[0].encodedPassword) : null,
@@ -155245,6 +155252,8 @@ async function saveConnectionProfile({
         state: state2
       });
     }
+    if (state2.getAllowInsecureConnection())
+      profile.allowInsecureConnection = state2.getAllowInsecureConnection();
     if (state2.getDeploymentType())
       profile.deploymentType = state2.getDeploymentType();
     if (state2.getUsername()) profile.username = state2.getUsername();
@@ -156691,6 +156700,7 @@ async function getTokens({
       const conn = await getConnectionProfile({ state: state2 });
       usingConnectionProfile = true;
       state2.setHost(conn.tenant);
+      state2.setAllowInsecureConnection(conn.allowInsecureConnection);
       state2.setDeploymentType(conn.deploymentType);
       state2.setUsername(conn.username);
       state2.setPassword(conn.password);
@@ -156705,6 +156715,7 @@ async function getTokens({
     if (!isValidUrl(state2.getHost())) {
       const conn = await getConnectionProfile({ state: state2 });
       state2.setHost(conn.tenant);
+      state2.setAllowInsecureConnection(conn.allowInsecureConnection);
       state2.setDeploymentType(conn.deploymentType);
     }
     state2.setCookieName(await determineCookieName(state2));
@@ -167492,11 +167503,11 @@ async function getAllVersions({
   state: state2
 }) {
   const reqPromises = [];
-  endpoints.forEach((item) => {
+  for (const item of endpoints) {
     reqPromises.push(
       generateReleaseApi({ baseUrl: item.base, state: state2 }).get(item.path)
     );
-  });
+  }
   const result2 = await Promise.allSettled(reqPromises);
   return result2;
 }
@@ -187433,7 +187444,7 @@ var compareVersions = (v12, v2) => {
 // package.json
 var package_default2 = {
   name: "@rockcarver/frodo-cli",
-  version: "2.0.0-65",
+  version: "2.0.0-66",
   type: "module",
   description: "A command line interface to manage ForgeRock Identity Cloud tenants, ForgeOps deployments, and classic deployments.",
   keywords: [
@@ -187547,7 +187558,7 @@ var package_default2 = {
     ]
   },
   devDependencies: {
-    "@rockcarver/frodo-lib": "2.0.0-91",
+    "@rockcarver/frodo-lib": "2.0.0-92",
     "@types/colors": "^1.2.1",
     "@types/fs-extra": "^11.0.1",
     "@types/jest": "^29.2.3",