@shushed/helpers 0.0.198-v2-20251105124853 → 0.0.198-v2-20251107110735
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -111,7 +111,7 @@ class EnvEngine extends runtime_1.default {
|
|
|
111
111
|
expirseAt = now + (options.ephemeralMs || 0);
|
|
112
112
|
if (options.encrypted && !options.encryptionKey) {
|
|
113
113
|
if (!options.ephemeralMs) {
|
|
114
|
-
throw new Error(
|
|
114
|
+
throw new Error(`Invariant while setting the value for ${this.systemEnvName}. If the options.encryptionKey is not set and the encryption with the default key is used, only the ephemeral storage can be used. Set the ephemeralMs`);
|
|
115
115
|
}
|
|
116
116
|
else {
|
|
117
117
|
if (!this._envCache[this.systemEnvName]) {
|
|
@@ -126,7 +126,7 @@ class EnvEngine extends runtime_1.default {
|
|
|
126
126
|
}
|
|
127
127
|
options.encryptionKey = cachedEnv[ENV_NAME_SECRET_ENCRYPTION_KEY];
|
|
128
128
|
if (!options.encryptionKey) {
|
|
129
|
-
throw new Error(
|
|
129
|
+
throw new Error(`Invariant while setting the value for ${this.systemEnvName}. If the options.encryptionKey is not set and the encryption with the default key is used, only the ephemeral storage can be used. Set the ephemeralMs. The default key is missing.`);
|
|
130
130
|
}
|
|
131
131
|
}
|
|
132
132
|
}
|
|
@@ -199,7 +199,7 @@ class EnvEngine extends runtime_1.default {
|
|
|
199
199
|
let aes = null;
|
|
200
200
|
if (options.encrypted && !options.encryptionKey) {
|
|
201
201
|
if (!options.isEphemeral) {
|
|
202
|
-
throw new Error(
|
|
202
|
+
throw new Error(`Invariant while getting the value for ${this.systemEnvName}. If the options.encryptionKey is not set and the encryption with the default key is used, only the ephemeral storage can be used. Set the ephemeralMs`);
|
|
203
203
|
}
|
|
204
204
|
else {
|
|
205
205
|
if (!this._envCache[this.systemEnvName]) {
|
|
@@ -209,6 +209,7 @@ class EnvEngine extends runtime_1.default {
|
|
|
209
209
|
jsonEnv = JSON.parse(process.env[`${this.systemEnvName}ProjectEnv`] || '');
|
|
210
210
|
}
|
|
211
211
|
catch (err) {
|
|
212
|
+
this.logging.error(`Invariant: Cannot parse the ${this.systemEnvName}ProjectEnv as JSON. ${err?.message}`);
|
|
212
213
|
}
|
|
213
214
|
}
|
|
214
215
|
this._envCache[this.systemEnvName] = jsonEnv || {
|
|
@@ -221,7 +222,7 @@ class EnvEngine extends runtime_1.default {
|
|
|
221
222
|
}
|
|
222
223
|
options.encryptionKey = cachedEnv[ENV_NAME_SECRET_ENCRYPTION_KEY];
|
|
223
224
|
if (!options.encryptionKey) {
|
|
224
|
-
throw new Error(
|
|
225
|
+
throw new Error(`Invariant while getting the value for ${this.systemEnvName}. If the options.encryptionKey is not set and the encryption with the default key is used, only the ephemeral storage can be used. Set the ephemeralMs. The default key is missing.`);
|
|
225
226
|
}
|
|
226
227
|
}
|
|
227
228
|
}
|
|
@@ -307,9 +308,10 @@ class EnvEngine extends runtime_1.default {
|
|
|
307
308
|
envName = envName.slice('process.env.'.length);
|
|
308
309
|
}
|
|
309
310
|
if (!this._envCache[this.systemEnvName]) {
|
|
310
|
-
const jsonEnv = JSON.parse(process.env[`${this.systemEnvName}ProjectEnv`] || '{}');
|
|
311
|
+
const jsonEnv = JSON.parse(process.env[`${this.systemEnvName}ProjectEnv`] || '{ "__mock_invalid": true }');
|
|
311
312
|
this._envCache[this.systemEnvName] = jsonEnv;
|
|
312
313
|
}
|
|
314
|
+
this.logging.log('Resolving env name', this.systemEnvName, envName, this._envCache[this.systemEnvName]);
|
|
313
315
|
const envObj = this._envCache[this.systemEnvName];
|
|
314
316
|
return envObj[envName] || envName;
|
|
315
317
|
}
|
|
@@ -323,16 +325,11 @@ class EnvEngine extends runtime_1.default {
|
|
|
323
325
|
const regex = new RegExp(pattern);
|
|
324
326
|
return regex.test(str);
|
|
325
327
|
}
|
|
326
|
-
const defaultServiceAccount = `runtime@${process.env.GCLOUD_PROJECT}.iam.gserviceaccount.com`;
|
|
327
328
|
const audienceNorm = {
|
|
328
329
|
workflowId: audience ? (audience.workflowId || this.workflowId) : null,
|
|
329
330
|
triggerId: audience ? (audience.triggerId || this.triggerId) : null
|
|
330
331
|
};
|
|
331
332
|
const expectedAudience = [process.env.GCLOUD_PROJECT, audienceNorm.triggerId, audienceNorm.workflowId].filter(x => x !== null).join('-');
|
|
332
|
-
const accessTokenInCache = await this.get('google_identity_token_' + expectedAudience, 'env', { encrypted: true, isEphemeral: true, store: 'global' });
|
|
333
|
-
if (accessTokenInCache === accessToken && allowedServiceAccounts.some(x => equalToWildcard(x, defaultServiceAccount))) {
|
|
334
|
-
return defaultServiceAccount;
|
|
335
|
-
}
|
|
336
333
|
const splitted = accessToken.split(".");
|
|
337
334
|
let keyMeta;
|
|
338
335
|
let meta;
|
|
@@ -584,7 +581,6 @@ class EnvEngine extends runtime_1.default {
|
|
|
584
581
|
}
|
|
585
582
|
const rnConfig = this.getRespectfulNudgeConfig(subscriptionName, rnPartialConfig);
|
|
586
583
|
const subscriptionQualifiedName = `projects/${rnConfig.pubSubProjectId}/subscriptions/${subscriptionName}`;
|
|
587
|
-
console.log('JAKUB7', this.runtimeUrl + `/executeWorkflow/${workflowTriggerId}`);
|
|
588
584
|
return this.withGoogleIdentityToken({
|
|
589
585
|
workflowId: workflowTriggerId.split('/')[0],
|
|
590
586
|
triggerId: workflowTriggerId.split('/')[1],
|