@super-protocol/pki-sync-client 2.0.0

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/cli.js

@@ -0,0 +1,76 @@
+#!/usr/bin/env node
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const yargs_1 = __importDefault(require("yargs"));
+const helpers_1 = require("yargs/helpers");
+const config_1 = require("./config");
+const sync_client_1 = require("./sync-client");
+const DEFAULT_SWARM_ENV_PATH = '/sp/swarm/swarm-env.yaml';
+async function sync(argv) {
+    try {
+        const config = (0, config_1.parseConfig)(argv.config);
+        const swarmEnv = (0, config_1.parseSwarmEnv)(argv.swarmEnv);
+        const client = new sync_client_1.SyncClient({
+            servers: swarmEnv['pki-authority'].servers,
+            networkKey: swarmEnv['pki-authority'].networkKey,
+            caBundle: swarmEnv['pki-authority'].caBundle,
+            ownChallenge: argv.ownChallenge,
+            verbose: argv.verbose,
+            disableServerIdentityCheck: argv.disableServerIdentityCheck,
+        });
+        await client.sync(config);
+        console.log('Sync completed successfully');
+    }
+    catch (error) {
+        console.error('Sync failed:', error.message);
+        process.exit(1);
+    }
+}
+async function main() {
+    await (0, yargs_1.default)((0, helpers_1.hideBin)(process.argv))
+        .usage('Usage: $0 sync [options]')
+        .command('sync', 'Sync secrets from PKI server', (yargs) => {
+        return yargs
+            .option('swarm-env', {
+            describe: 'Path to swarm environment config (YAML)',
+            type: 'string',
+            default: DEFAULT_SWARM_ENV_PATH,
+        })
+            .option('config', {
+            alias: 'c',
+            describe: 'Path to secrets config file (YAML)',
+            type: 'string',
+            demandOption: true,
+        })
+            .option('own-challenge', {
+            describe: 'Own challenge string for authentication',
+            type: 'string',
+            demandOption: true,
+        })
+            .option('verbose', {
+            alias: 'v',
+            describe: 'Verbose output',
+            type: 'boolean',
+            default: false,
+        })
+            .option('disable-server-identity-check', {
+            describe: 'Disable server identity verification',
+            type: 'boolean',
+            default: false,
+        });
+    }, sync)
+        .demandCommand(1, 'You must provide a command')
+        .help()
+        .alias('help', 'h')
+        .version()
+        .alias('version', 'V')
+        .parse();
+}
+main().catch((error) => {
+    console.error('Error:', error.message);
+    process.exit(1);
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NsaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSxrREFBMEI7QUFDMUIsMkNBQXdDO0FBQ3hDLHFDQUFzRDtBQUN0RCwrQ0FBMkM7QUFFM0MsTUFBTSxzQkFBc0IsR0FBRywwQkFBMEIsQ0FBQztBQUUxRCxLQUFLLFVBQVUsSUFBSSxDQUFDLElBQVM7SUFDekIsSUFBSSxDQUFDO1FBQ0QsTUFBTSxNQUFNLEdBQUcsSUFBQSxvQkFBVyxFQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN4QyxNQUFNLFFBQVEsR0FBRyxJQUFBLHNCQUFhLEVBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRTlDLE1BQU0sTUFBTSxHQUFHLElBQUksd0JBQVUsQ0FBQztZQUMxQixPQUFPLEVBQUUsUUFBUSxDQUFDLGVBQWUsQ0FBQyxDQUFDLE9BQU87WUFDMUMsVUFBVSxFQUFFLFFBQVEsQ0FBQyxlQUFlLENBQUMsQ0FBQyxVQUFVO1lBQ2hELFFBQVEsRUFBRSxRQUFRLENBQUMsZUFBZSxDQUFDLENBQUMsUUFBUTtZQUM1QyxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0IsT0FBTyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ3JCLDBCQUEwQixFQUFFLElBQUksQ0FBQywwQkFBMEI7U0FDOUQsQ0FBQyxDQUFDO1FBRUgsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTFCLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBQUMsT0FBTyxLQUFVLEVBQUUsQ0FBQztRQUNsQixPQUFPLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDN0MsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNwQixDQUFDO0FBQ0wsQ0FBQztBQUVELEtBQUssVUFBVSxJQUFJO0lBQ2YsTUFBTSxJQUFBLGVBQUssRUFBQyxJQUFBLGlCQUFPLEVBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1NBQzdCLEtBQUssQ0FBQywwQkFBMEIsQ0FBQztTQUNqQyxPQUFPLENBQ0osTUFBTSxFQUNOLDhCQUE4QixFQUM5QixDQUFDLEtBQUssRUFBRSxFQUFFO1FBQ04sT0FBTyxLQUFLO2FBQ1AsTUFBTSxDQUFDLFdBQVcsRUFBRTtZQUNqQixRQUFRLEVBQUUseUNBQXlDO1lBQ25ELElBQUksRUFBRSxRQUFRO1lBQ2QsT0FBTyxFQUFFLHNCQUFzQjtTQUNsQyxDQUFDO2FBQ0QsTUFBTSxDQUFDLFFBQVEsRUFBRTtZQUNkLEtBQUssRUFBRSxHQUFHO1lBQ1YsUUFBUSxFQUFFLG9DQUFvQztZQUM5QyxJQUFJLEVBQUUsUUFBUTtZQUNkLFlBQVksRUFBRSxJQUFJO1NBQ3JCLENBQUM7YUFDRCxNQUFNLENBQUMsZUFBZSxFQUFFO1lBQ3JCLFFBQVEsRUFBRSx5Q0FBeUM7WUFDbkQsSUFBSSxFQUFFLFFBQVE7WUFDZCxZQUFZLEVBQUUsSUFBSTtTQUNyQixDQUFDO2FBQ0QsTUFBTSxDQUFDLFNBQVMsRUFBRTtZQUNmLEtBQUssRUFBRSxHQUFHO1lBQ1YsUUFBUSxFQUFFLGdCQUFnQjtZQUMxQixJQUFJLEVBQUUsU0FBUztZQUNmLE9BQU8sRUFBRSxLQUFLO1NBQ2pCLENBQUM7YUFDRCxNQUFNLENBQUMsK0JBQStCLEVBQUU7WUFDckMsUUFBUSxFQUFFLHNDQUFzQztZQUNoRCxJQUFJLEVBQUUsU0FBUztZQUNmLE9BQU8sRUFBRSxLQUFLO1NBQ2pCLENBQUMsQ0FBQztJQUNYLENBQUMsRUFDRCxJQUFJLENBQ1A7U0FDQSxhQUFhLENBQUMsQ0FBQyxFQUFFLDRCQUE0QixDQUFDO1NBQzlDLElBQUksRUFBRTtTQUNOLEtBQUssQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDO1NBQ2xCLE9BQU8sRUFBRTtTQUNULEtBQUssQ0FBQyxTQUFTLEVBQUUsR0FBRyxDQUFDO1NBQ3JCLEtBQUssRUFBRSxDQUFDO0FBQ2pCLENBQUM7QUFFRCxJQUFJLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRTtJQUNuQixPQUFPLENBQUMsS0FBSyxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDdkMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNwQixDQUFDLENBQUMsQ0FBQyJ9

package/dist/config.d.ts

@@ -0,0 +1,24 @@
+import { Static } from '@sinclair/typebox';
+declare const SecretEntrySchema: import("@sinclair/typebox").TObject<{
+    secretName: import("@sinclair/typebox").TString;
+    saveTo: import("@sinclair/typebox").TString;
+}>;
+declare const SyncConfigSchema: import("@sinclair/typebox").TObject<{
+    secrets: import("@sinclair/typebox").TArray<import("@sinclair/typebox").TObject<{
+        secretName: import("@sinclair/typebox").TString;
+        saveTo: import("@sinclair/typebox").TString;
+    }>>;
+}>;
+declare const SwarmEnvSchema: import("@sinclair/typebox").TObject<{
+    'pki-authority': import("@sinclair/typebox").TObject<{
+        networkKey: import("@sinclair/typebox").TString;
+        caBundle: import("@sinclair/typebox").TString;
+        servers: import("@sinclair/typebox").TArray<import("@sinclair/typebox").TString>;
+    }>;
+}>;
+export type SecretEntry = Static<typeof SecretEntrySchema>;
+export type SyncConfig = Static<typeof SyncConfigSchema>;
+export type SwarmEnv = Static<typeof SwarmEnvSchema>;
+export declare function parseConfig(configPath: string): SyncConfig;
+export declare function parseSwarmEnv(swarmEnvPath: string): SwarmEnv;
+export {};

package/dist/config.js

@@ -0,0 +1,71 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseSwarmEnv = exports.parseConfig = void 0;
+const typebox_1 = require("@sinclair/typebox");
+const value_1 = require("@sinclair/typebox/value");
+const fs = __importStar(require("fs"));
+const yaml = __importStar(require("js-yaml"));
+const SecretEntrySchema = typebox_1.Type.Object({
+    secretName: typebox_1.Type.String(),
+    saveTo: typebox_1.Type.String(),
+});
+const SyncConfigSchema = typebox_1.Type.Object({
+    secrets: typebox_1.Type.Array(SecretEntrySchema),
+});
+const SwarmEnvSchema = typebox_1.Type.Object({
+    'pki-authority': typebox_1.Type.Object({
+        networkKey: typebox_1.Type.String(),
+        caBundle: typebox_1.Type.String(),
+        servers: typebox_1.Type.Array(typebox_1.Type.String()),
+    }),
+});
+function parseConfig(configPath) {
+    if (!fs.existsSync(configPath)) {
+        throw new Error(`Config file not found: ${configPath}`);
+    }
+    const fileContent = fs.readFileSync(configPath, 'utf-8');
+    const parsed = yaml.load(fileContent);
+    if (!value_1.Value.Check(SyncConfigSchema, parsed)) {
+        const errors = [...value_1.Value.Errors(SyncConfigSchema, parsed)];
+        throw new Error(`Invalid config file: ${errors.map((e) => `${e.path}: ${e.message}`).join(', ')}`);
+    }
+    return parsed;
+}
+exports.parseConfig = parseConfig;
+function parseSwarmEnv(swarmEnvPath) {
+    if (!fs.existsSync(swarmEnvPath)) {
+        throw new Error(`Swarm env file not found: ${swarmEnvPath}`);
+    }
+    const fileContent = fs.readFileSync(swarmEnvPath, 'utf-8');
+    const parsed = yaml.load(fileContent);
+    if (!value_1.Value.Check(SwarmEnvSchema, parsed)) {
+        const errors = [...value_1.Value.Errors(SwarmEnvSchema, parsed)];
+        throw new Error(`Invalid swarm env file: ${errors.map((e) => `${e.path}: ${e.message}`).join(', ')}`);
+    }
+    return parsed;
+}
+exports.parseSwarmEnv = parseSwarmEnv;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NvbmZpZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLCtDQUFpRDtBQUNqRCxtREFBZ0Q7QUFDaEQsdUNBQXlCO0FBQ3pCLDhDQUFnQztBQUVoQyxNQUFNLGlCQUFpQixHQUFHLGNBQUksQ0FBQyxNQUFNLENBQUM7SUFDbEMsVUFBVSxFQUFFLGNBQUksQ0FBQyxNQUFNLEVBQUU7SUFDekIsTUFBTSxFQUFFLGNBQUksQ0FBQyxNQUFNLEVBQUU7Q0FDeEIsQ0FBQyxDQUFDO0FBRUgsTUFBTSxnQkFBZ0IsR0FBRyxjQUFJLENBQUMsTUFBTSxDQUFDO0lBQ2pDLE9BQU8sRUFBRSxjQUFJLENBQUMsS0FBSyxDQUFDLGlCQUFpQixDQUFDO0NBQ3pDLENBQUMsQ0FBQztBQUVILE1BQU0sY0FBYyxHQUFHLGNBQUksQ0FBQyxNQUFNLENBQUM7SUFDL0IsZUFBZSxFQUFFLGNBQUksQ0FBQyxNQUFNLENBQUM7UUFDekIsVUFBVSxFQUFFLGNBQUksQ0FBQyxNQUFNLEVBQUU7UUFDekIsUUFBUSxFQUFFLGNBQUksQ0FBQyxNQUFNLEVBQUU7UUFDdkIsT0FBTyxFQUFFLGNBQUksQ0FBQyxLQUFLLENBQUMsY0FBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO0tBQ3JDLENBQUM7Q0FDTCxDQUFDLENBQUM7QUFNSCxTQUFnQixXQUFXLENBQUMsVUFBa0I7SUFDMUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUM3QixNQUFNLElBQUksS0FBSyxDQUFDLDBCQUEwQixVQUFVLEVBQUUsQ0FBQyxDQUFDO0lBQzVELENBQUM7SUFFRCxNQUFNLFdBQVcsR0FBRyxFQUFFLENBQUMsWUFBWSxDQUFDLFVBQVUsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUN6RCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRXRDLElBQUksQ0FBQyxhQUFLLENBQUMsS0FBSyxDQUFDLGdCQUFnQixFQUFFLE1BQU0sQ0FBQyxFQUFFLENBQUM7UUFDekMsTUFBTSxNQUFNLEdBQUcsQ0FBQyxHQUFHLGFBQUssQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUMzRCxNQUFNLElBQUksS0FBSyxDQUNYLHdCQUF3QixNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEtBQUssQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQ3BGLENBQUM7SUFDTixDQUFDO0lBRUQsT0FBTyxNQUFNLENBQUM7QUFDbEIsQ0FBQztBQWhCRCxrQ0FnQkM7QUFFRCxTQUFnQixhQUFhLENBQUMsWUFBb0I7SUFDOUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQztRQUMvQixNQUFNLElBQUksS0FBSyxDQUFDLDZCQUE2QixZQUFZLEVBQUUsQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRCxNQUFNLFdBQVcsR0FBRyxFQUFFLENBQUMsWUFBWSxDQUFDLFlBQVksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUMzRCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBRXRDLElBQUksQ0FBQyxhQUFLLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxNQUFNLENBQUMsRUFBRSxDQUFDO1FBQ3ZDLE1BQU0sTUFBTSxHQUFHLENBQUMsR0FBRyxhQUFLLENBQUMsTUFBTSxDQUFDLGNBQWMsRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBQ3pELE1BQU0sSUFBSSxLQUFLLENBQ1gsMkJBQTJCLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksS0FBSyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FDdkYsQ0FBQztJQUNOLENBQUM7SUFFRCxPQUFPLE1BQU0sQ0FBQztBQUNsQixDQUFDO0FBaEJELHNDQWdCQyJ9

package/dist/index.d.ts

@@ -0,0 +1 @@
+export * from './sync-client';

package/dist/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./sync-client"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLGdEQUE4QiJ9

package/dist/sync-client.d.ts

@@ -0,0 +1,16 @@
+import { SyncConfig } from './config';
+export interface SyncClientOptions {
+    servers: string[];
+    networkKey: string;
+    caBundle: string;
+    ownChallenge: string;
+    verbose?: boolean;
+    disableServerIdentityCheck?: boolean;
+}
+export declare class SyncClient {
+    private options;
+    private challenge;
+    constructor(options: SyncClientOptions);
+    private log;
+    sync(config: SyncConfig): Promise<void>;
+}

package/dist/sync-client.js

@@ -0,0 +1,104 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SyncClient = void 0;
+const pki_client_1 = require("@super-protocol/pki-client");
+const pki_common_1 = require("@super-protocol/pki-common");
+const axios_1 = __importDefault(require("axios"));
+const fs = __importStar(require("fs"));
+class SyncClient {
+    options;
+    challenge;
+    constructor(options) {
+        this.options = options;
+        if (options.ownChallenge === 'tdx') {
+            this.challenge = { type: pki_common_1.ChallengeType.TDX };
+        }
+        else if (options.ownChallenge === 'sev') {
+            this.challenge = { type: pki_common_1.ChallengeType.SEVSNP };
+        }
+        else if (options.ownChallenge === 'untrusted') {
+            this.challenge = {
+                type: pki_common_1.ChallengeType.Untrusted,
+                idHex: 'aaaaaa',
+                commonIdHex: 'aaaaaa',
+            };
+        }
+        else {
+            throw new Error(`Unsupported challenge type: ${options.ownChallenge}. Supported: tdx, sev, untrusted`);
+        }
+    }
+    log(message) {
+        if (this.options.verbose ?? false) {
+            console.log(message);
+        }
+    }
+    async sync(config) {
+        for (const server of this.options.servers) {
+            try {
+                this.log(`Trying server: ${server}`);
+                const pkiConfig = {
+                    clientCertProvider: {
+                        type: 'pki-ca',
+                        challenge: this.challenge,
+                        baseUrl: `https://${server}/api/v1/pki`,
+                        caBundle: this.options.caBundle,
+                        disableServerIdentityCheck: this.options.disableServerIdentityCheck ?? false,
+                    },
+                    networkKey: this.options.networkKey,
+                };
+                const pkiClientFactory = new pki_client_1.PkiClientFactory(pkiConfig);
+                const httpsAgent = await pkiClientFactory.getHTTPSAgent();
+                // Collect all secret names
+                const secretNames = config.secrets.map((s) => s.secretName);
+                // Make POST request to fetch secrets
+                const response = await axios_1.default.post(`https://${server}/api/v1/secrets/get`, { objects: secretNames }, { httpsAgent });
+                const result = response.data;
+                // Write secrets to files
+                for (const secret of config.secrets) {
+                    const base64Content = result.secrets[secret.secretName];
+                    if (!base64Content) {
+                        throw new Error(`Secret "${secret.secretName}" not found in response`);
+                    }
+                    const content = Buffer.from(base64Content, 'base64');
+                    await fs.promises.writeFile(secret.saveTo, content);
+                    this.log(`Saved secret "${secret.secretName}" to ${secret.saveTo}`);
+                }
+                this.log(`Successfully synced from server: ${server}`);
+                return; // Success - exit from method
+            }
+            catch (error) {
+                this.log(`Failed to sync from server ${server}: ${error.message}`);
+                // Continue to next server
+            }
+        }
+        throw new Error('Failed to sync from all servers');
+    }
+}
+exports.SyncClient = SyncClient;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3luYy1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc3luYy1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFJb0M7QUFDcEMsMkRBQTJEO0FBQzNELGtEQUEwQjtBQUMxQix1Q0FBeUI7QUFXekIsTUFBYSxVQUFVO0lBQ1gsT0FBTyxDQUFvQjtJQUMzQixTQUFTLENBQWtCO0lBRW5DLFlBQVksT0FBMEI7UUFDbEMsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUM7UUFFdkIsSUFBSSxPQUFPLENBQUMsWUFBWSxLQUFLLEtBQUssRUFBRSxDQUFDO1lBQ2pDLElBQUksQ0FBQyxTQUFTLEdBQUcsRUFBRSxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNqRCxDQUFDO2FBQU0sSUFBSSxPQUFPLENBQUMsWUFBWSxLQUFLLEtBQUssRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQyxTQUFTLEdBQUcsRUFBRSxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNwRCxDQUFDO2FBQU0sSUFBSSxPQUFPLENBQUMsWUFBWSxLQUFLLFdBQVcsRUFBRSxDQUFDO1lBQzlDLElBQUksQ0FBQyxTQUFTLEdBQUc7Z0JBQ2IsSUFBSSxFQUFFLDBCQUFhLENBQUMsU0FBUztnQkFDN0IsS0FBSyxFQUFFLFFBQVE7Z0JBQ2YsV0FBVyxFQUFFLFFBQVE7YUFDeEIsQ0FBQztRQUNOLENBQUM7YUFBTSxDQUFDO1lBQ0osTUFBTSxJQUFJLEtBQUssQ0FDWCwrQkFBK0IsT0FBTyxDQUFDLFlBQVksa0NBQWtDLENBQ3hGLENBQUM7UUFDTixDQUFDO0lBQ0wsQ0FBQztJQUVPLEdBQUcsQ0FBQyxPQUFlO1FBQ3ZCLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxPQUFPLElBQUksS0FBSyxFQUFFLENBQUM7WUFDaEMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN6QixDQUFDO0lBQ0wsQ0FBQztJQUVELEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBa0I7UUFDekIsS0FBSyxNQUFNLE1BQU0sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQztnQkFDRCxJQUFJLENBQUMsR0FBRyxDQUFDLGtCQUFrQixNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUVyQyxNQUFNLFNBQVMsR0FBb0I7b0JBQy9CLGtCQUFrQixFQUFFO3dCQUNoQixJQUFJLEVBQUUsUUFBUTt3QkFDZCxTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVM7d0JBQ3pCLE9BQU8sRUFBRSxXQUFXLE1BQU0sYUFBYTt3QkFDdkMsUUFBUSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTt3QkFDL0IsMEJBQTBCLEVBQ3RCLElBQUksQ0FBQyxPQUFPLENBQUMsMEJBQTBCLElBQUksS0FBSztxQkFDdkQ7b0JBQ0QsVUFBVSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVTtpQkFDdEMsQ0FBQztnQkFFRixNQUFNLGdCQUFnQixHQUFHLElBQUksNkJBQWdCLENBQUMsU0FBUyxDQUFDLENBQUM7Z0JBQ3pELE1BQU0sVUFBVSxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBRTFELDJCQUEyQjtnQkFDM0IsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQztnQkFFNUQscUNBQXFDO2dCQUNyQyxNQUFNLFFBQVEsR0FBRyxNQUFNLGVBQUssQ0FBQyxJQUFJLENBQzdCLFdBQVcsTUFBTSxxQkFBcUIsRUFDdEMsRUFBRSxPQUFPLEVBQUUsV0FBVyxFQUFFLEVBQ3hCLEVBQUUsVUFBVSxFQUFFLENBQ2pCLENBQUM7Z0JBRUYsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQztnQkFFN0IseUJBQXlCO2dCQUN6QixLQUFLLE1BQU0sTUFBTSxJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztvQkFDbEMsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUM7b0JBQ3hELElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQzt3QkFDakIsTUFBTSxJQUFJLEtBQUssQ0FDWCxXQUFXLE1BQU0sQ0FBQyxVQUFVLHlCQUF5QixDQUN4RCxDQUFDO29CQUNOLENBQUM7b0JBQ0QsTUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLEVBQUUsUUFBUSxDQUFDLENBQUM7b0JBQ3JELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQztvQkFFcEQsSUFBSSxDQUFDLEdBQUcsQ0FDSixpQkFBaUIsTUFBTSxDQUFDLFVBQVUsUUFBUSxNQUFNLENBQUMsTUFBTSxFQUFFLENBQzVELENBQUM7Z0JBQ04sQ0FBQztnQkFFRCxJQUFJLENBQUMsR0FBRyxDQUFDLG9DQUFvQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUN2RCxPQUFPLENBQUMsNkJBQTZCO1lBQ3pDLENBQUM7WUFBQyxPQUFPLEtBQVUsRUFBRSxDQUFDO2dCQUNsQixJQUFJLENBQUMsR0FBRyxDQUNKLDhCQUE4QixNQUFNLEtBQUssS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUMzRCxDQUFDO2dCQUNGLDBCQUEwQjtZQUM5QixDQUFDO1FBQ0wsQ0FBQztRQUVELE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztJQUN2RCxDQUFDO0NBQ0o7QUExRkQsZ0NBMEZDIn0=

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@super-protocol/pki-sync-client",
+  "version": "2.0.0",
+  "description": "PKI sync client utility",
+  "main": "dist/index.js",
+  "bin": {
+    "pki-sync-client": "dist/cli.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "directories": {
+    "lib": "dist"
+  },
+  "scripts": {
+    "build": "tsc -b",
+    "start": "ts-node src/cli.ts",
+    "lint": "eslint --max-warnings=0 src",
+    "lint:fix": "eslint --fix src"
+  },
+  "author": "Super Protocol",
+  "license": "ISC",
+  "dependencies": {
+    "@sinclair/typebox": "0.33.22",
+    "@super-protocol/pki-client": "^2.1.0",
+    "@super-protocol/pki-common": "^2.0.1",
+    "axios": "^1.7.0",
+    "js-yaml": "^4.1.0",
+    "yargs": "^17.7.2"
+  },
+  "devDependencies": {
+    "@types/js-yaml": "^4.0.9",
+    "@types/node": "^20.11.0",
+    "@types/yargs": "^17.0.33"
+  }
+}