@super-protocol/pki-sync-client 2.0.11 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +13 -6
- package/dist/cli.js +21 -8
- package/dist/sync-client.d.ts +19 -3
- package/dist/sync-client.js +140 -68
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -88,16 +88,23 @@ pki-sync-client sync [options]
|
|
|
88
88
|
| `--config` | `-c` | string | *required* | Path to secrets configuration file (YAML) |
|
|
89
89
|
| `--swarm-env` | | string | `/sp/swarm/swarm-env.yaml` | Path to swarm environment config (YAML) |
|
|
90
90
|
| `--own-challenge` | | string | `auto` | Authentication challenge type: `auto`, `tdx`, `sev`, or `untrusted` |
|
|
91
|
-
| `--
|
|
91
|
+
| `--log-level` | `-l` | string | | Log level: `fatal`, `error`, `warn`, `info`, `debug`, `trace` |
|
|
92
92
|
| `--disable-server-identity-check` | | boolean | `false` | Disable server identity verification (not recommended) |
|
|
93
93
|
| `--save-certs-to-dir` | | string | | Directory to save client certificates (`key.pem`, `ca.pem`, `cert.pem`) |
|
|
94
94
|
| `--save-certs-prefix` | | string | | Prefix for certificate filenames (e.g., `client` → `client_key.pem`) |
|
|
95
95
|
|
|
96
|
+
By default, if `--log-level` is not provided, `SyncClient` runs with logging disabled.
|
|
97
|
+
|
|
96
98
|
### Examples
|
|
97
99
|
|
|
98
|
-
**Simple sync
|
|
100
|
+
**Simple sync (no logs):**
|
|
101
|
+
```bash
|
|
102
|
+
pki-sync-client sync -c secrets.yaml
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
**Simple sync with explicit log level:**
|
|
99
106
|
```bash
|
|
100
|
-
pki-sync-client sync -c secrets.yaml -
|
|
107
|
+
pki-sync-client sync -c secrets.yaml --log-level info
|
|
101
108
|
```
|
|
102
109
|
|
|
103
110
|
**Sync with custom swarm environment:**
|
|
@@ -146,7 +153,7 @@ async function syncSecrets() {
|
|
|
146
153
|
networkID: swarmEnv['pki-authority'].networkID,
|
|
147
154
|
caBundle: swarmEnv['pki-authority'].caBundle,
|
|
148
155
|
ownChallenge: 'auto',
|
|
149
|
-
|
|
156
|
+
logLevel: 'info',
|
|
150
157
|
});
|
|
151
158
|
|
|
152
159
|
// Perform sync
|
|
@@ -167,7 +174,7 @@ const client = new SyncClient({
|
|
|
167
174
|
networkID: 'my-network',
|
|
168
175
|
caBundle: fs.readFileSync('./ca-bundle.pem', 'utf-8'),
|
|
169
176
|
ownChallenge: 'tdx',
|
|
170
|
-
|
|
177
|
+
logLevel: 'debug',
|
|
171
178
|
disableServerIdentityCheck: false,
|
|
172
179
|
saveCertsToDir: '/etc/app/certs',
|
|
173
180
|
saveCertsPrefix: 'myapp',
|
|
@@ -195,7 +202,7 @@ interface SyncClientOptions {
|
|
|
195
202
|
networkID: string; // Network identifier
|
|
196
203
|
caBundle: string; // PEM-encoded CA certificate bundle
|
|
197
204
|
ownChallenge: string; // Challenge type: 'auto', 'tdx', 'sev', 'untrusted'
|
|
198
|
-
|
|
205
|
+
logLevel?: LogLevel; // Log level: fatal | error | warn | info | debug | trace; if omitted logs are disabled
|
|
199
206
|
disableServerIdentityCheck?: boolean; // Disable server verification (default: false)
|
|
200
207
|
saveCertsToDir?: string; // Directory to save certificates
|
|
201
208
|
saveCertsPrefix?: string; // Prefix for certificate filenames
|
package/dist/cli.js
CHANGED
|
@@ -8,6 +8,7 @@ const yargs_1 = __importDefault(require("yargs"));
|
|
|
8
8
|
const helpers_1 = require("yargs/helpers");
|
|
9
9
|
const config_1 = require("./config");
|
|
10
10
|
const sync_client_1 = require("./sync-client");
|
|
11
|
+
const pki_common_1 = require("@super-protocol/pki-common");
|
|
11
12
|
const DEFAULT_SWARM_ENV_PATH = '/sp/swarm/swarm-env.yaml';
|
|
12
13
|
async function sync(argv) {
|
|
13
14
|
try {
|
|
@@ -18,7 +19,9 @@ async function sync(argv) {
|
|
|
18
19
|
networkID: swarmEnv['pki-authority'].networkID,
|
|
19
20
|
caBundle: swarmEnv['pki-authority'].caBundle,
|
|
20
21
|
ownChallenge: argv.ownChallenge,
|
|
21
|
-
|
|
22
|
+
retryAttempts: argv.retryAttempts,
|
|
23
|
+
retryDelaySec: argv.retryTimeout,
|
|
24
|
+
logLevel: argv.logLevel,
|
|
22
25
|
disableServerIdentityCheck: argv.disableServerIdentityCheck,
|
|
23
26
|
saveCertsToDir: argv.saveCertsToDir,
|
|
24
27
|
saveCertsPrefix: argv.saveCertsPrefix,
|
|
@@ -48,15 +51,25 @@ async function main() {
|
|
|
48
51
|
demandOption: true,
|
|
49
52
|
})
|
|
50
53
|
.option('own-challenge', {
|
|
51
|
-
describe: 'Own challenge string for authentication (auto, tdx, sev, untrusted)',
|
|
54
|
+
describe: 'Own challenge string for authentication (auto, tdx, sev-snp, untrusted)',
|
|
52
55
|
type: 'string',
|
|
53
56
|
default: 'auto',
|
|
54
57
|
})
|
|
55
|
-
.option('
|
|
56
|
-
alias: '
|
|
57
|
-
describe: '
|
|
58
|
-
|
|
59
|
-
|
|
58
|
+
.option('log-level', {
|
|
59
|
+
alias: 'l',
|
|
60
|
+
describe: 'Log level',
|
|
61
|
+
choices: Object.values(pki_common_1.LogLevel),
|
|
62
|
+
type: 'string',
|
|
63
|
+
})
|
|
64
|
+
.option('retry-attempts', {
|
|
65
|
+
describe: 'Number of retry attempts per server for retryable network/DNS errors',
|
|
66
|
+
type: 'number',
|
|
67
|
+
default: 3,
|
|
68
|
+
})
|
|
69
|
+
.option('retry-timeout', {
|
|
70
|
+
describe: 'Timeout between retries in seconds for retryable network/DNS errors',
|
|
71
|
+
type: 'number',
|
|
72
|
+
default: 10,
|
|
60
73
|
})
|
|
61
74
|
.option('disable-server-identity-check', {
|
|
62
75
|
describe: 'Disable server identity verification',
|
|
@@ -83,4 +96,4 @@ main().catch((error) => {
|
|
|
83
96
|
console.error('Error:', error.message);
|
|
84
97
|
process.exit(1);
|
|
85
98
|
});
|
|
86
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
99
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NsaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSxrREFBMEI7QUFDMUIsMkNBQXdDO0FBQ3hDLHFDQUFzRDtBQUN0RCwrQ0FBMkM7QUFDM0MsMkRBQXNEO0FBRXRELE1BQU0sc0JBQXNCLEdBQUcsMEJBQTBCLENBQUM7QUFFMUQsS0FBSyxVQUFVLElBQUksQ0FBQyxJQUFTO0lBQ3pCLElBQUksQ0FBQztRQUNELE1BQU0sTUFBTSxHQUFHLElBQUEsb0JBQVcsRUFBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDeEMsTUFBTSxRQUFRLEdBQUcsSUFBQSxzQkFBYSxFQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUU5QyxNQUFNLE1BQU0sR0FBRyxJQUFJLHdCQUFVLENBQUM7WUFDMUIsT0FBTyxFQUFFLFFBQVEsQ0FBQyxlQUFlLENBQUMsQ0FBQyxPQUFPO1lBQzFDLFNBQVMsRUFBRSxRQUFRLENBQUMsZUFBZSxDQUFDLENBQUMsU0FBUztZQUM5QyxRQUFRLEVBQUUsUUFBUSxDQUFDLGVBQWUsQ0FBQyxDQUFDLFFBQVE7WUFDNUMsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQy9CLGFBQWEsRUFBRSxJQUFJLENBQUMsYUFBYTtZQUNqQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDaEMsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3ZCLDBCQUEwQixFQUFFLElBQUksQ0FBQywwQkFBMEI7WUFDM0QsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO1lBQ25DLGVBQWUsRUFBRSxJQUFJLENBQUMsZUFBZTtTQUN4QyxDQUFDLENBQUM7UUFFSCxNQUFNLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFMUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyw2QkFBNkIsQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFBQyxPQUFPLEtBQVUsRUFBRSxDQUFDO1FBQ2xCLE9BQU8sQ0FBQyxLQUFLLENBQUMsY0FBYyxFQUFFLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM3QyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3BCLENBQUM7QUFDTCxDQUFDO0FBRUQsS0FBSyxVQUFVLElBQUk7SUFDZixNQUFNLElBQUEsZUFBSyxFQUFDLElBQUEsaUJBQU8sRUFBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7U0FDN0IsS0FBSyxDQUFDLDBCQUEwQixDQUFDO1NBQ2pDLE9BQU8sQ0FDSixNQUFNLEVBQ04sOEJBQThCLEVBQzlCLENBQUMsS0FBSyxFQUFFLEVBQUU7UUFDTixPQUFPLEtBQUs7YUFDUCxNQUFNLENBQUMsV0FBVyxFQUFFO1lBQ2pCLFFBQVEsRUFBRSx5Q0FBeUM7WUFDbkQsSUFBSSxFQUFFLFFBQVE7WUFDZCxPQUFPLEVBQUUsc0JBQXNCO1NBQ2xDLENBQUM7YUFDRCxNQUFNLENBQUMsUUFBUSxFQUFFO1lBQ2QsS0FBSyxFQUFFLEdBQUc7WUFDVixRQUFRLEVBQUUsb0NBQW9DO1lBQzlDLElBQUksRUFBRSxRQUFRO1lBQ2QsWUFBWSxFQUFFLElBQUk7U0FDckIsQ0FBQzthQUNELE1BQU0sQ0FBQyxlQUFlLEVBQUU7WUFDckIsUUFBUSxFQUNKLHlFQUF5RTtZQUM3RSxJQUFJLEVBQUUsUUFBUTtZQUNkLE9BQU8sRUFBRSxNQUFNO1NBQ2xCLENBQUM7YUFDRCxNQUFNLENBQUMsV0FBVyxFQUFFO1lBQ2pCLEtBQUssRUFBRSxHQUFHO1lBQ1YsUUFBUSxFQUFFLFdBQVc7WUFDckIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxNQUFNLENBQUMscUJBQVEsQ0FBQztZQUNoQyxJQUFJLEVBQUUsUUFBUTtTQUNqQixDQUFDO2FBQ0QsTUFBTSxDQUFDLGdCQUFnQixFQUFFO1lBQ3RCLFFBQVEsRUFDSixzRUFBc0U7WUFDMUUsSUFBSSxFQUFFLFFBQVE7WUFDZCxPQUFPLEVBQUUsQ0FBQztTQUNiLENBQUM7YUFDRCxNQUFNLENBQUMsZUFBZSxFQUFFO1lBQ3JCLFFBQVEsRUFDSixxRUFBcUU7WUFDekUsSUFBSSxFQUFFLFFBQVE7WUFDZCxPQUFPLEVBQUUsRUFBRTtTQUNkLENBQUM7YUFDRCxNQUFNLENBQUMsK0JBQStCLEVBQUU7WUFDckMsUUFBUSxFQUFFLHNDQUFzQztZQUNoRCxJQUFJLEVBQUUsU0FBUztZQUNmLE9BQU8sRUFBRSxLQUFLO1NBQ2pCLENBQUM7YUFDRCxNQUFNLENBQUMsbUJBQW1CLEVBQUU7WUFDekIsUUFBUSxFQUNKLG1FQUFtRTtZQUN2RSxJQUFJLEVBQUUsUUFBUTtTQUNqQixDQUFDO2FBQ0QsTUFBTSxDQUFDLG1CQUFtQixFQUFFO1lBQ3pCLFFBQVEsRUFDSixxRUFBcUU7WUFDekUsSUFBSSxFQUFFLFFBQVE7U0FDakIsQ0FBQyxDQUFDO0lBQ1gsQ0FBQyxFQUNELElBQUksQ0FDUDtTQUNBLGFBQWEsQ0FBQyxDQUFDLEVBQUUsNEJBQTRCLENBQUM7U0FDOUMsSUFBSSxFQUFFO1NBQ04sS0FBSyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUM7U0FDbEIsT0FBTyxFQUFFO1NBQ1QsS0FBSyxDQUFDLFNBQVMsRUFBRSxHQUFHLENBQUM7U0FDckIsS0FBSyxFQUFFLENBQUM7QUFDakIsQ0FBQztBQUVELElBQUksRUFBRSxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO0lBQ25CLE9BQU8sQ0FBQyxLQUFLLENBQUMsUUFBUSxFQUFFLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUN2QyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQ3BCLENBQUMsQ0FBQyxDQUFDIn0=
|
package/dist/sync-client.d.ts
CHANGED
|
@@ -1,20 +1,36 @@
|
|
|
1
1
|
import { SyncConfig } from './config';
|
|
2
|
+
import { LogLevel, type DetectedCpuType } from '@super-protocol/pki-common';
|
|
2
3
|
export interface SyncClientOptions {
|
|
3
4
|
servers: string[];
|
|
4
5
|
networkID: string;
|
|
5
6
|
caBundle: string;
|
|
6
|
-
ownChallenge:
|
|
7
|
-
|
|
7
|
+
ownChallenge: DetectedCpuType | 'auto';
|
|
8
|
+
retryAttempts?: number;
|
|
9
|
+
retryDelaySec?: number;
|
|
10
|
+
logLevel?: LogLevel;
|
|
8
11
|
disableServerIdentityCheck?: boolean;
|
|
9
12
|
saveCertsToDir?: string;
|
|
10
13
|
saveCertsPrefix?: string;
|
|
11
14
|
}
|
|
12
15
|
export declare class SyncClient {
|
|
16
|
+
private static readonly DEFAULT_RETRY_ATTEMPTS;
|
|
17
|
+
private static readonly DEFAULT_RETRY_DELAY_SEC;
|
|
18
|
+
private static readonly RETRYABLE_NETWORK_ERROR_CODES;
|
|
19
|
+
private static readonly RETRYABLE_HTTP_STATUS_CODES;
|
|
13
20
|
private options;
|
|
14
21
|
private challenge;
|
|
15
22
|
private logger;
|
|
16
|
-
private
|
|
23
|
+
private retryAttempts;
|
|
24
|
+
private retryDelaySec;
|
|
25
|
+
private static readonly UNKNOWN_AXIOS_ERROR_REASON;
|
|
26
|
+
private static readonly NON_AXIOS_ERROR_REASON;
|
|
27
|
+
private static resolveLogger;
|
|
17
28
|
constructor(options: SyncClientOptions);
|
|
29
|
+
private static normalizeRetryAttempts;
|
|
30
|
+
private static normalizeRetryDelaySec;
|
|
31
|
+
private static evaluateRetry;
|
|
32
|
+
private static waitRetryDelay;
|
|
33
|
+
private syncFromServer;
|
|
18
34
|
private saveCertificates;
|
|
19
35
|
sync(config: SyncConfig): Promise<void>;
|
|
20
36
|
}
|
package/dist/sync-client.js
CHANGED
|
@@ -33,51 +33,144 @@ const axios_1 = __importDefault(require("axios"));
|
|
|
33
33
|
const fs = __importStar(require("fs"));
|
|
34
34
|
const path = __importStar(require("path"));
|
|
35
35
|
class SyncClient {
|
|
36
|
+
static DEFAULT_RETRY_ATTEMPTS = 3;
|
|
37
|
+
static DEFAULT_RETRY_DELAY_SEC = 10;
|
|
38
|
+
static RETRYABLE_NETWORK_ERROR_CODES = new Set([
|
|
39
|
+
'ETIMEDOUT',
|
|
40
|
+
'ECONNRESET',
|
|
41
|
+
'ECONNREFUSED',
|
|
42
|
+
'EAI_AGAIN',
|
|
43
|
+
'ENOTFOUND',
|
|
44
|
+
'ECONNABORTED',
|
|
45
|
+
]);
|
|
46
|
+
static RETRYABLE_HTTP_STATUS_CODES = new Set([429, 502]);
|
|
36
47
|
options;
|
|
37
48
|
challenge;
|
|
38
49
|
logger;
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
return 'tdx';
|
|
47
|
-
}
|
|
48
|
-
}
|
|
49
|
-
if (fs.existsSync(sevPath)) {
|
|
50
|
-
const stats = fs.statSync(sevPath);
|
|
51
|
-
if (stats.isCharacterDevice()) {
|
|
52
|
-
return 'sev';
|
|
53
|
-
}
|
|
54
|
-
}
|
|
50
|
+
retryAttempts;
|
|
51
|
+
retryDelaySec;
|
|
52
|
+
static UNKNOWN_AXIOS_ERROR_REASON = 'unknown-axios-error';
|
|
53
|
+
static NON_AXIOS_ERROR_REASON = 'non-axios-error';
|
|
54
|
+
static resolveLogger(options) {
|
|
55
|
+
if (options.logLevel == null) {
|
|
56
|
+
return new pki_common_1.CommonMockLog();
|
|
55
57
|
}
|
|
56
|
-
|
|
57
|
-
|
|
58
|
+
const allowedLevels = Object.values(pki_common_1.LogLevel);
|
|
59
|
+
if (!allowedLevels.includes(options.logLevel)) {
|
|
60
|
+
throw new Error(`Unsupported log level: ${options.logLevel}. Supported: ${allowedLevels.join(', ')}`);
|
|
58
61
|
}
|
|
59
|
-
return
|
|
62
|
+
return new pki_common_1.CommonPinoLog(options.logLevel);
|
|
60
63
|
}
|
|
61
64
|
constructor(options) {
|
|
62
65
|
this.options = options;
|
|
63
|
-
this.logger =
|
|
66
|
+
this.logger = SyncClient.resolveLogger(options);
|
|
67
|
+
this.retryAttempts = SyncClient.normalizeRetryAttempts(options.retryAttempts);
|
|
68
|
+
this.retryDelaySec = SyncClient.normalizeRetryDelaySec(options.retryDelaySec);
|
|
64
69
|
const challengeType = options.ownChallenge === 'auto'
|
|
65
|
-
?
|
|
70
|
+
? (0, pki_common_1.detectCpuType)()
|
|
66
71
|
: options.ownChallenge;
|
|
67
|
-
if (challengeType ===
|
|
72
|
+
if (challengeType === pki_common_1.ChallengeType.TDX) {
|
|
68
73
|
this.challenge = { type: pki_common_1.ChallengeType.TDX };
|
|
69
74
|
}
|
|
70
|
-
else if (challengeType ===
|
|
75
|
+
else if (challengeType === pki_common_1.ChallengeType.SEVSNP) {
|
|
71
76
|
this.challenge = { type: pki_common_1.ChallengeType.SEVSNP };
|
|
72
77
|
}
|
|
73
|
-
else if (challengeType ===
|
|
78
|
+
else if (challengeType === pki_common_1.ChallengeType.Untrusted) {
|
|
74
79
|
this.challenge = {
|
|
75
80
|
type: pki_common_1.ChallengeType.Untrusted,
|
|
76
81
|
idHex: Buffer.from('pki-sync-client-untrusted-id').toString('hex'),
|
|
77
82
|
};
|
|
78
83
|
}
|
|
79
84
|
else {
|
|
80
|
-
throw new Error(`Unsupported challenge type: ${challengeType}. Supported: tdx, sev, untrusted, auto`);
|
|
85
|
+
throw new Error(`Unsupported challenge type: ${challengeType}. Supported: tdx, sev-snp, untrusted, auto`);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
static normalizeRetryAttempts(value) {
|
|
89
|
+
if (value == null) {
|
|
90
|
+
return SyncClient.DEFAULT_RETRY_ATTEMPTS;
|
|
91
|
+
}
|
|
92
|
+
if (!Number.isInteger(value) || value < 1) {
|
|
93
|
+
throw new Error('Invalid retryAttempts: must be an integer greater than or equal to 1');
|
|
94
|
+
}
|
|
95
|
+
return value;
|
|
96
|
+
}
|
|
97
|
+
static normalizeRetryDelaySec(value) {
|
|
98
|
+
if (value == null) {
|
|
99
|
+
return SyncClient.DEFAULT_RETRY_DELAY_SEC;
|
|
100
|
+
}
|
|
101
|
+
if (!Number.isInteger(value) || value < 0) {
|
|
102
|
+
throw new Error('Invalid retryDelaySec: must be an integer greater than or equal to 0');
|
|
103
|
+
}
|
|
104
|
+
return value;
|
|
105
|
+
}
|
|
106
|
+
static evaluateRetry(error) {
|
|
107
|
+
if (!axios_1.default.isAxiosError(error)) {
|
|
108
|
+
return {
|
|
109
|
+
isRetryable: false,
|
|
110
|
+
reason: SyncClient.NON_AXIOS_ERROR_REASON,
|
|
111
|
+
};
|
|
112
|
+
}
|
|
113
|
+
const httpStatus = error.response?.status;
|
|
114
|
+
if (httpStatus != null) {
|
|
115
|
+
const reason = `http-status:${httpStatus}`;
|
|
116
|
+
return {
|
|
117
|
+
isRetryable: SyncClient.RETRYABLE_HTTP_STATUS_CODES.has(httpStatus),
|
|
118
|
+
reason,
|
|
119
|
+
};
|
|
120
|
+
}
|
|
121
|
+
const errorCode = error.code;
|
|
122
|
+
if (errorCode != null) {
|
|
123
|
+
const reason = `network-code:${errorCode}`;
|
|
124
|
+
return {
|
|
125
|
+
isRetryable: SyncClient.RETRYABLE_NETWORK_ERROR_CODES.has(errorCode),
|
|
126
|
+
reason,
|
|
127
|
+
};
|
|
128
|
+
}
|
|
129
|
+
return {
|
|
130
|
+
isRetryable: false,
|
|
131
|
+
reason: SyncClient.UNKNOWN_AXIOS_ERROR_REASON,
|
|
132
|
+
};
|
|
133
|
+
}
|
|
134
|
+
static async waitRetryDelay(delaySec) {
|
|
135
|
+
if (delaySec <= 0) {
|
|
136
|
+
return;
|
|
137
|
+
}
|
|
138
|
+
await new Promise((resolve) => {
|
|
139
|
+
setTimeout(resolve, delaySec * 1000);
|
|
140
|
+
});
|
|
141
|
+
}
|
|
142
|
+
async syncFromServer(server, config) {
|
|
143
|
+
this.logger.info(`Trying server: ${server}`);
|
|
144
|
+
const pkiConfig = {
|
|
145
|
+
clientCertProvider: {
|
|
146
|
+
type: 'pki-ca',
|
|
147
|
+
challenge: this.challenge,
|
|
148
|
+
baseUrl: `https://${server}/api/v1/pki`,
|
|
149
|
+
caBundle: this.options.caBundle,
|
|
150
|
+
disableServerIdentityCheck: this.options.disableServerIdentityCheck ?? false,
|
|
151
|
+
},
|
|
152
|
+
networkID: this.options.networkID,
|
|
153
|
+
};
|
|
154
|
+
const pkiClientFactory = new pki_client_1.PkiClientFactory(pkiConfig, this.logger);
|
|
155
|
+
const httpsAgent = await pkiClientFactory.getHTTPSAgent();
|
|
156
|
+
const secretNames = config.secrets.map((s) => s.secretName);
|
|
157
|
+
const response = await axios_1.default.post(`https://${server}/api/v1/secrets/get`, { objects: secretNames }, { httpsAgent });
|
|
158
|
+
const result = response.data;
|
|
159
|
+
for (const secret of config.secrets) {
|
|
160
|
+
const base64Content = result.secrets[secret.secretName];
|
|
161
|
+
if (base64Content == null) {
|
|
162
|
+
throw new Error(`Secret "${secret.secretName}" not found in response`);
|
|
163
|
+
}
|
|
164
|
+
const dir = path.dirname(secret.saveTo);
|
|
165
|
+
await fs.promises.mkdir(dir, { recursive: true });
|
|
166
|
+
await fs.promises.writeFile(secret.saveTo, base64Content, {
|
|
167
|
+
encoding: 'base64',
|
|
168
|
+
mode: 0o600,
|
|
169
|
+
});
|
|
170
|
+
this.logger.info(`Saved secret "${secret.secretName}" to ${secret.saveTo}`);
|
|
171
|
+
}
|
|
172
|
+
if (this.options.saveCertsToDir) {
|
|
173
|
+
await this.saveCertificates(pkiClientFactory, this.options.saveCertsToDir, this.options.saveCertsPrefix);
|
|
81
174
|
}
|
|
82
175
|
}
|
|
83
176
|
async saveCertificates(pkiClientFactory, certsDir, prefix) {
|
|
@@ -106,54 +199,33 @@ class SyncClient {
|
|
|
106
199
|
}
|
|
107
200
|
async sync(config) {
|
|
108
201
|
for (const server of this.options.servers) {
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
baseUrl: `https://${server}/api/v1/pki`,
|
|
116
|
-
caBundle: this.options.caBundle,
|
|
117
|
-
disableServerIdentityCheck: this.options.disableServerIdentityCheck ?? false,
|
|
118
|
-
},
|
|
119
|
-
networkID: this.options.networkID,
|
|
120
|
-
};
|
|
121
|
-
const pkiClientFactory = new pki_client_1.PkiClientFactory(pkiConfig, this.logger);
|
|
122
|
-
const httpsAgent = await pkiClientFactory.getHTTPSAgent();
|
|
123
|
-
// Collect all secret names
|
|
124
|
-
const secretNames = config.secrets.map((s) => s.secretName);
|
|
125
|
-
// Make POST request to fetch secrets
|
|
126
|
-
const response = await axios_1.default.post(`https://${server}/api/v1/secrets/get`, { objects: secretNames }, { httpsAgent });
|
|
127
|
-
const result = response.data;
|
|
128
|
-
// Write secrets to files
|
|
129
|
-
for (const secret of config.secrets) {
|
|
130
|
-
const base64Content = result.secrets[secret.secretName];
|
|
131
|
-
if (base64Content == null) {
|
|
132
|
-
throw new Error(`Secret "${secret.secretName}" not found in response`);
|
|
133
|
-
}
|
|
134
|
-
const content = Buffer.from(base64Content, 'base64');
|
|
135
|
-
// Ensure directory exists
|
|
136
|
-
const dir = path.dirname(secret.saveTo);
|
|
137
|
-
await fs.promises.mkdir(dir, { recursive: true });
|
|
138
|
-
await fs.promises.writeFile(secret.saveTo, content, {
|
|
139
|
-
mode: 0o600,
|
|
140
|
-
});
|
|
141
|
-
this.logger.info(`Saved secret "${secret.secretName}" to ${secret.saveTo}`);
|
|
202
|
+
for (let attempt = 1; attempt <= this.retryAttempts; attempt++) {
|
|
203
|
+
try {
|
|
204
|
+
this.logger.info(`Sync attempt ${attempt}/${this.retryAttempts} for server: ${server}`);
|
|
205
|
+
await this.syncFromServer(server, config);
|
|
206
|
+
this.logger.info(`Successfully synced from server: ${server}`);
|
|
207
|
+
return;
|
|
142
208
|
}
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
209
|
+
catch (error) {
|
|
210
|
+
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
211
|
+
const retryDecision = SyncClient.evaluateRetry(error);
|
|
212
|
+
const hasMoreAttempts = attempt < this.retryAttempts;
|
|
213
|
+
this.logger.error(`Failed attempt ${attempt}/${this.retryAttempts} for server ${server}: ${errorMessage}. Reason: ${retryDecision.reason}`);
|
|
214
|
+
if (!retryDecision.isRetryable) {
|
|
215
|
+
this.logger.error(`Error is not retryable for server ${server}; moving to next server. Reason: ${retryDecision.reason}`);
|
|
216
|
+
break;
|
|
217
|
+
}
|
|
218
|
+
if (!hasMoreAttempts) {
|
|
219
|
+
this.logger.error(`Retry attempts exhausted for server ${server}; moving to next server. Reason: ${retryDecision.reason}`);
|
|
220
|
+
break;
|
|
221
|
+
}
|
|
222
|
+
this.logger.info(`Retrying server ${server} in ${this.retryDelaySec} second(s). Reason: ${retryDecision.reason}`);
|
|
223
|
+
await SyncClient.waitRetryDelay(this.retryDelaySec);
|
|
146
224
|
}
|
|
147
|
-
this.logger.info(`Successfully synced from server: ${server}`);
|
|
148
|
-
return; // Success - exit from method
|
|
149
|
-
}
|
|
150
|
-
catch (error) {
|
|
151
|
-
this.logger.error(`Failed to sync from server ${server}: ${error.message}`);
|
|
152
|
-
// Continue to next server
|
|
153
225
|
}
|
|
154
226
|
}
|
|
155
227
|
throw new Error('Failed to sync from all servers');
|
|
156
228
|
}
|
|
157
229
|
}
|
|
158
230
|
exports.SyncClient = SyncClient;
|
|
159
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3luYy1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc3luYy1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFJb0M7QUFDcEMsMkRBS29DO0FBQ3BDLGtEQUEwQjtBQUMxQix1Q0FBeUI7QUFDekIsMkNBQTZCO0FBYTdCLE1BQWEsVUFBVTtJQUNYLE9BQU8sQ0FBb0I7SUFDM0IsU0FBUyxDQUFrQjtJQUMzQixNQUFNLENBQWE7SUFFbkIsTUFBTSxDQUFDLGFBQWE7UUFDeEIsSUFBSSxDQUFDO1lBQ0QsTUFBTSxPQUFPLEdBQUcsZ0JBQWdCLENBQUM7WUFDakMsTUFBTSxPQUFPLEdBQUcsZ0JBQWdCLENBQUM7WUFFakMsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3pCLE1BQU0sS0FBSyxHQUFHLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ25DLElBQUksS0FBSyxDQUFDLGlCQUFpQixFQUFFLEVBQUUsQ0FBQztvQkFDNUIsT0FBTyxLQUFLLENBQUM7Z0JBQ2pCLENBQUM7WUFDTCxDQUFDO1lBRUQsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3pCLE1BQU0sS0FBSyxHQUFHLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ25DLElBQUksS0FBSyxDQUFDLGlCQUFpQixFQUFFLEVBQUUsQ0FBQztvQkFDNUIsT0FBTyxLQUFLLENBQUM7Z0JBQ2pCLENBQUM7WUFDTCxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDYixvREFBb0Q7UUFDeEQsQ0FBQztRQUVELE9BQU8sV0FBVyxDQUFDO0lBQ3ZCLENBQUM7SUFFRCxZQUFZLE9BQTBCO1FBQ2xDLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSx1QkFBVSxDQUN4QixPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxxQkFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMscUJBQVEsQ0FBQyxJQUFJLENBQ25ELENBQUM7UUFFRixNQUFNLGFBQWEsR0FDZixPQUFPLENBQUMsWUFBWSxLQUFLLE1BQU07WUFDM0IsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUU7WUFDNUIsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUM7UUFFL0IsSUFBSSxhQUFhLEtBQUssS0FBSyxFQUFFLENBQUM7WUFDMUIsSUFBSSxDQUFDLFNBQVMsR0FBRyxFQUFFLElBQUksRUFBRSwwQkFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ2pELENBQUM7YUFBTSxJQUFJLGFBQWEsS0FBSyxLQUFLLEVBQUUsQ0FBQztZQUNqQyxJQUFJLENBQUMsU0FBUyxHQUFHLEVBQUUsSUFBSSxFQUFFLDBCQUFhLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDcEQsQ0FBQzthQUFNLElBQUksYUFBYSxLQUFLLFdBQVcsRUFBRSxDQUFDO1lBQ3ZDLElBQUksQ0FBQyxTQUFTLEdBQUc7Z0JBQ2IsSUFBSSxFQUFFLDBCQUFhLENBQUMsU0FBUztnQkFDN0IsS0FBSyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsOEJBQThCLENBQUMsQ0FBQyxRQUFRLENBQ3ZELEtBQUssQ0FDUjthQUNKLENBQUM7UUFDTixDQUFDO2FBQU0sQ0FBQztZQUNKLE1BQU0sSUFBSSxLQUFLLENBQ1gsK0JBQStCLGFBQWEsd0NBQXdDLENBQ3ZGLENBQUM7UUFDTixDQUFDO0lBQ0wsQ0FBQztJQUVPLEtBQUssQ0FBQyxnQkFBZ0IsQ0FDMUIsZ0JBQWtDLEVBQ2xDLFFBQWdCLEVBQ2hCLE1BQWU7UUFFZiwwQkFBMEI7UUFDMUIsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUV2RCxNQUFNLElBQUksR0FBRyxNQUFNLGdCQUFnQixDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQzlDLE1BQU0sRUFDRixJQUFJLEVBQUUsVUFBVSxFQUNoQix3QkFBd0IsRUFDeEIsRUFBRSxHQUNMLEdBQUcsSUFBQSw0Q0FBK0IsRUFBQyxJQUFJLENBQUMsQ0FBQztRQUUxQyxNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUU3QyxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxTQUFTLFNBQVMsQ0FBQyxDQUFDO1FBQzNELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUFFO1lBQzdELElBQUksRUFBRSxLQUFLO1NBQ2QsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsd0JBQXdCLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFFcEQsc0JBQXNCO1FBQ3RCLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLEdBQUcsU0FBUyxRQUFRLENBQUMsQ0FBQztRQUN6RCxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLE1BQU0sRUFBRSxFQUFFLEVBQUUsRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUN6RCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywyQkFBMkIsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUV0RCxrREFBa0Q7UUFDbEQsTUFBTSxvQkFBb0IsR0FBRyxVQUFVLEdBQUcsd0JBQXdCLENBQUM7UUFDbkUsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxTQUFTLFVBQVUsQ0FBQyxDQUFDO1FBQzdELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFLG9CQUFvQixFQUFFO1lBQ3hELElBQUksRUFBRSxLQUFLO1NBQ2QsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsOEJBQThCLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDL0QsQ0FBQztJQUVELEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBa0I7UUFDekIsS0FBSyxNQUFNLE1BQU0sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQztnQkFDRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsTUFBTSxFQUFFLENBQUMsQ0FBQztnQkFFN0MsTUFBTSxTQUFTLEdBQW9CO29CQUMvQixrQkFBa0IsRUFBRTt3QkFDaEIsSUFBSSxFQUFFLFFBQVE7d0JBQ2QsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO3dCQUN6QixPQUFPLEVBQUUsV0FBVyxNQUFNLGFBQWE7d0JBQ3ZDLFFBQVEsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVE7d0JBQy9CLDBCQUEwQixFQUN0QixJQUFJLENBQUMsT0FBTyxDQUFDLDBCQUEwQixJQUFJLEtBQUs7cUJBQ3ZEO29CQUNELFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVM7aUJBQ3BDLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLDZCQUFnQixDQUN6QyxTQUFTLEVBQ1QsSUFBSSxDQUFDLE1BQU0sQ0FDZCxDQUFDO2dCQUNGLE1BQU0sVUFBVSxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBRTFELDJCQUEyQjtnQkFDM0IsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQztnQkFFNUQscUNBQXFDO2dCQUNyQyxNQUFNLFFBQVEsR0FBRyxNQUFNLGVBQUssQ0FBQyxJQUFJLENBQzdCLFdBQVcsTUFBTSxxQkFBcUIsRUFDdEMsRUFBRSxPQUFPLEVBQUUsV0FBVyxFQUFFLEVBQ3hCLEVBQUUsVUFBVSxFQUFFLENBQ2pCLENBQUM7Z0JBRUYsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQztnQkFFN0IseUJBQXlCO2dCQUN6QixLQUFLLE1BQU0sTUFBTSxJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztvQkFDbEMsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUM7b0JBQ3hELElBQUksYUFBYSxJQUFJLElBQUksRUFBRSxDQUFDO3dCQUN4QixNQUFNLElBQUksS0FBSyxDQUNYLFdBQVcsTUFBTSxDQUFDLFVBQVUseUJBQXlCLENBQ3hELENBQUM7b0JBQ04sQ0FBQztvQkFDRCxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxRQUFRLENBQUMsQ0FBQztvQkFFckQsMEJBQTBCO29CQUMxQixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDeEMsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztvQkFFbEQsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRTt3QkFDaEQsSUFBSSxFQUFFLEtBQUs7cUJBQ2QsQ0FBQyxDQUFDO29CQUVILElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNaLGlCQUFpQixNQUFNLENBQUMsVUFBVSxRQUFRLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FDNUQsQ0FBQztnQkFDTixDQUFDO2dCQUVELDhDQUE4QztnQkFDOUMsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUM5QixNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FDdkIsZ0JBQWdCLEVBQ2hCLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxFQUMzQixJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FDL0IsQ0FBQztnQkFDTixDQUFDO2dCQUVELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLG9DQUFvQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUMvRCxPQUFPLENBQUMsNkJBQTZCO1lBQ3pDLENBQUM7WUFBQyxPQUFPLEtBQVUsRUFBRSxDQUFDO2dCQUNsQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDYiw4QkFBOEIsTUFBTSxLQUFLLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FDM0QsQ0FBQztnQkFDRiwwQkFBMEI7WUFDOUIsQ0FBQztRQUNMLENBQUM7UUFFRCxNQUFNLElBQUksS0FBSyxDQUFDLGlDQUFpQyxDQUFDLENBQUM7SUFDdkQsQ0FBQztDQUNKO0FBaExELGdDQWdMQyJ9
|
|
231
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3luYy1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc3luYy1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFJb0M7QUFDcEMsMkRBU29DO0FBQ3BDLGtEQUEwQjtBQUMxQix1Q0FBeUI7QUFDekIsMkNBQTZCO0FBZTdCLE1BQWEsVUFBVTtJQUNYLE1BQU0sQ0FBVSxzQkFBc0IsR0FBRyxDQUFDLENBQUM7SUFDM0MsTUFBTSxDQUFVLHVCQUF1QixHQUFHLEVBQUUsQ0FBQztJQUM3QyxNQUFNLENBQVUsNkJBQTZCLEdBQUcsSUFBSSxHQUFHLENBQUM7UUFDNUQsV0FBVztRQUNYLFlBQVk7UUFDWixjQUFjO1FBQ2QsV0FBVztRQUNYLFdBQVc7UUFDWCxjQUFjO0tBQ2pCLENBQUMsQ0FBQztJQUNLLE1BQU0sQ0FBVSwyQkFBMkIsR0FBRyxJQUFJLEdBQUcsQ0FBQyxDQUFDLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBRWxFLE9BQU8sQ0FBb0I7SUFDM0IsU0FBUyxDQUFrQjtJQUMzQixNQUFNLENBQU07SUFDWixhQUFhLENBQVM7SUFDdEIsYUFBYSxDQUFTO0lBRXRCLE1BQU0sQ0FBVSwwQkFBMEIsR0FBRyxxQkFBcUIsQ0FBQztJQUVuRSxNQUFNLENBQVUsc0JBQXNCLEdBQUcsaUJBQWlCLENBQUM7SUFFM0QsTUFBTSxDQUFDLGFBQWEsQ0FBQyxPQUEwQjtRQUNuRCxJQUFJLE9BQU8sQ0FBQyxRQUFRLElBQUksSUFBSSxFQUFFLENBQUM7WUFDM0IsT0FBTyxJQUFJLDBCQUFPLEVBQUUsQ0FBQztRQUN6QixDQUFDO1FBRUQsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQyxxQkFBUSxDQUFhLENBQUM7UUFDMUQsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDNUMsTUFBTSxJQUFJLEtBQUssQ0FDWCwwQkFBMEIsT0FBTyxDQUFDLFFBQVEsZ0JBQWdCLGFBQWEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FDdkYsQ0FBQztRQUNOLENBQUM7UUFFRCxPQUFPLElBQUksMEJBQU8sQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVELFlBQVksT0FBMEI7UUFDbEMsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUM7UUFDdkIsSUFBSSxDQUFDLE1BQU0sR0FBRyxVQUFVLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ2hELElBQUksQ0FBQyxhQUFhLEdBQUcsVUFBVSxDQUFDLHNCQUFzQixDQUNsRCxPQUFPLENBQUMsYUFBYSxDQUN4QixDQUFDO1FBQ0YsSUFBSSxDQUFDLGFBQWEsR0FBRyxVQUFVLENBQUMsc0JBQXNCLENBQ2xELE9BQU8sQ0FBQyxhQUFhLENBQ3hCLENBQUM7UUFFRixNQUFNLGFBQWEsR0FDZixPQUFPLENBQUMsWUFBWSxLQUFLLE1BQU07WUFDM0IsQ0FBQyxDQUFDLElBQUEsMEJBQWEsR0FBRTtZQUNqQixDQUFDLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQztRQUUvQixJQUFJLGFBQWEsS0FBSywwQkFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ3RDLElBQUksQ0FBQyxTQUFTLEdBQUcsRUFBRSxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNqRCxDQUFDO2FBQU0sSUFBSSxhQUFhLEtBQUssMEJBQWEsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNoRCxJQUFJLENBQUMsU0FBUyxHQUFHLEVBQUUsSUFBSSxFQUFFLDBCQUFhLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDcEQsQ0FBQzthQUFNLElBQUksYUFBYSxLQUFLLDBCQUFhLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDbkQsSUFBSSxDQUFDLFNBQVMsR0FBRztnQkFDYixJQUFJLEVBQUUsMEJBQWEsQ0FBQyxTQUFTO2dCQUM3QixLQUFLLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDLFFBQVEsQ0FDdkQsS0FBSyxDQUNSO2FBQ0osQ0FBQztRQUNOLENBQUM7YUFBTSxDQUFDO1lBQ0osTUFBTSxJQUFJLEtBQUssQ0FDWCwrQkFBK0IsYUFBYSw0Q0FBNEMsQ0FDM0YsQ0FBQztRQUNOLENBQUM7SUFDTCxDQUFDO0lBRU8sTUFBTSxDQUFDLHNCQUFzQixDQUFDLEtBQXlCO1FBQzNELElBQUksS0FBSyxJQUFJLElBQUksRUFBRSxDQUFDO1lBQ2hCLE9BQU8sVUFBVSxDQUFDLHNCQUFzQixDQUFDO1FBQzdDLENBQUM7UUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDeEMsTUFBTSxJQUFJLEtBQUssQ0FDWCxzRUFBc0UsQ0FDekUsQ0FBQztRQUNOLENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNqQixDQUFDO0lBRU8sTUFBTSxDQUFDLHNCQUFzQixDQUFDLEtBQXlCO1FBQzNELElBQUksS0FBSyxJQUFJLElBQUksRUFBRSxDQUFDO1lBQ2hCLE9BQU8sVUFBVSxDQUFDLHVCQUF1QixDQUFDO1FBQzlDLENBQUM7UUFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsSUFBSSxLQUFLLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDeEMsTUFBTSxJQUFJLEtBQUssQ0FDWCxzRUFBc0UsQ0FDekUsQ0FBQztRQUNOLENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNqQixDQUFDO0lBRU8sTUFBTSxDQUFDLGFBQWEsQ0FBQyxLQUFjO1FBSXZDLElBQUksQ0FBQyxlQUFLLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDN0IsT0FBTztnQkFDSCxXQUFXLEVBQUUsS0FBSztnQkFDbEIsTUFBTSxFQUFFLFVBQVUsQ0FBQyxzQkFBc0I7YUFDNUMsQ0FBQztRQUNOLENBQUM7UUFFRCxNQUFNLFVBQVUsR0FBRyxLQUFLLENBQUMsUUFBUSxFQUFFLE1BQU0sQ0FBQztRQUMxQyxJQUFJLFVBQVUsSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUNyQixNQUFNLE1BQU0sR0FBRyxlQUFlLFVBQVUsRUFBRSxDQUFDO1lBQzNDLE9BQU87Z0JBQ0gsV0FBVyxFQUNQLFVBQVUsQ0FBQywyQkFBMkIsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDO2dCQUMxRCxNQUFNO2FBQ1QsQ0FBQztRQUNOLENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDO1FBQzdCLElBQUksU0FBUyxJQUFJLElBQUksRUFBRSxDQUFDO1lBQ3BCLE1BQU0sTUFBTSxHQUFHLGdCQUFnQixTQUFTLEVBQUUsQ0FBQztZQUMzQyxPQUFPO2dCQUNILFdBQVcsRUFDUCxVQUFVLENBQUMsNkJBQTZCLENBQUMsR0FBRyxDQUFDLFNBQVMsQ0FBQztnQkFDM0QsTUFBTTthQUNULENBQUM7UUFDTixDQUFDO1FBRUQsT0FBTztZQUNILFdBQVcsRUFBRSxLQUFLO1lBQ2xCLE1BQU0sRUFBRSxVQUFVLENBQUMsMEJBQTBCO1NBQ2hELENBQUM7SUFDTixDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUMsUUFBZ0I7UUFDaEQsSUFBSSxRQUFRLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDaEIsT0FBTztRQUNYLENBQUM7UUFFRCxNQUFNLElBQUksT0FBTyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUU7WUFDMUIsVUFBVSxDQUFDLE9BQU8sRUFBRSxRQUFRLEdBQUcsSUFBSSxDQUFDLENBQUM7UUFDekMsQ0FBQyxDQUFDLENBQUM7SUFDUCxDQUFDO0lBRU8sS0FBSyxDQUFDLGNBQWMsQ0FDeEIsTUFBYyxFQUNkLE1BQWtCO1FBRWxCLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGtCQUFrQixNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBRTdDLE1BQU0sU0FBUyxHQUFvQjtZQUMvQixrQkFBa0IsRUFBRTtnQkFDaEIsSUFBSSxFQUFFLFFBQVE7Z0JBQ2QsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO2dCQUN6QixPQUFPLEVBQUUsV0FBVyxNQUFNLGFBQWE7Z0JBQ3ZDLFFBQVEsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVE7Z0JBQy9CLDBCQUEwQixFQUN0QixJQUFJLENBQUMsT0FBTyxDQUFDLDBCQUEwQixJQUFJLEtBQUs7YUFDdkQ7WUFDRCxTQUFTLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTO1NBQ3BDLENBQUM7UUFFRixNQUFNLGdCQUFnQixHQUFHLElBQUksNkJBQWdCLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN0RSxNQUFNLFVBQVUsR0FBRyxNQUFNLGdCQUFnQixDQUFDLGFBQWEsRUFBRSxDQUFDO1FBRTFELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUM7UUFFNUQsTUFBTSxRQUFRLEdBQUcsTUFBTSxlQUFLLENBQUMsSUFBSSxDQUM3QixXQUFXLE1BQU0scUJBQXFCLEVBQ3RDLEVBQUUsT0FBTyxFQUFFLFdBQVcsRUFBRSxFQUN4QixFQUFFLFVBQVUsRUFBRSxDQUNqQixDQUFDO1FBRUYsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQztRQUU3QixLQUFLLE1BQU0sTUFBTSxJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNsQyxNQUFNLGFBQWEsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUN4RCxJQUFJLGFBQWEsSUFBSSxJQUFJLEVBQUUsQ0FBQztnQkFDeEIsTUFBTSxJQUFJLEtBQUssQ0FDWCxXQUFXLE1BQU0sQ0FBQyxVQUFVLHlCQUF5QixDQUN4RCxDQUFDO1lBQ04sQ0FBQztZQUVELE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3hDLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsR0FBRyxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7WUFFbEQsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLGFBQWEsRUFBRTtnQkFDdEQsUUFBUSxFQUFFLFFBQVE7Z0JBQ2xCLElBQUksRUFBRSxLQUFLO2FBQ2QsQ0FBQyxDQUFDO1lBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ1osaUJBQWlCLE1BQU0sQ0FBQyxVQUFVLFFBQVEsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUM1RCxDQUFDO1FBQ04sQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUM5QixNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FDdkIsZ0JBQWdCLEVBQ2hCLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxFQUMzQixJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FDL0IsQ0FBQztRQUNOLENBQUM7SUFDTCxDQUFDO0lBRU8sS0FBSyxDQUFDLGdCQUFnQixDQUMxQixnQkFBa0MsRUFDbEMsUUFBZ0IsRUFDaEIsTUFBZTtRQUVmLDBCQUEwQjtRQUMxQixNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLFFBQVEsRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRXZELE1BQU0sSUFBSSxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsT0FBTyxFQUFFLENBQUM7UUFDOUMsTUFBTSxFQUNGLElBQUksRUFBRSxVQUFVLEVBQ2hCLHdCQUF3QixFQUN4QixFQUFFLEdBQ0wsR0FBRyxJQUFBLDRDQUErQixFQUFDLElBQUksQ0FBQyxDQUFDO1FBRTFDLE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsR0FBRyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO1FBRTdDLG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxHQUFHLFNBQVMsU0FBUyxDQUFDLENBQUM7UUFDM0QsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUU7WUFDN0QsSUFBSSxFQUFFLEtBQUs7U0FDZCxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUVwRCxzQkFBc0I7UUFDdEIsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxTQUFTLFFBQVEsQ0FBQyxDQUFDO1FBQ3pELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO1FBQ3pELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLDJCQUEyQixNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBRXRELGtEQUFrRDtRQUNsRCxNQUFNLG9CQUFvQixHQUFHLFVBQVUsR0FBRyx3QkFBd0IsQ0FBQztRQUNuRSxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxHQUFHLFNBQVMsVUFBVSxDQUFDLENBQUM7UUFDN0QsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxRQUFRLEVBQUUsb0JBQW9CLEVBQUU7WUFDeEQsSUFBSSxFQUFFLEtBQUs7U0FDZCxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyw4QkFBOEIsUUFBUSxFQUFFLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRUQsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFrQjtRQUN6QixLQUFLLE1BQU0sTUFBTSxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDeEMsS0FBSyxJQUFJLE9BQU8sR0FBRyxDQUFDLEVBQUUsT0FBTyxJQUFJLElBQUksQ0FBQyxhQUFhLEVBQUUsT0FBTyxFQUFFLEVBQUUsQ0FBQztnQkFDN0QsSUFBSSxDQUFDO29CQUNELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNaLGdCQUFnQixPQUFPLElBQUksSUFBSSxDQUFDLGFBQWEsZ0JBQWdCLE1BQU0sRUFBRSxDQUN4RSxDQUFDO29CQUVGLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxNQUFNLEVBQUUsTUFBTSxDQUFDLENBQUM7b0JBQzFDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNaLG9DQUFvQyxNQUFNLEVBQUUsQ0FDL0MsQ0FBQztvQkFDRixPQUFPO2dCQUNYLENBQUM7Z0JBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztvQkFDYixNQUFNLFlBQVksR0FDZCxLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7b0JBQzNELE1BQU0sYUFBYSxHQUFHLFVBQVUsQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7b0JBQ3RELE1BQU0sZUFBZSxHQUFHLE9BQU8sR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDO29CQUVyRCxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDYixrQkFBa0IsT0FBTyxJQUFJLElBQUksQ0FBQyxhQUFhLGVBQWUsTUFBTSxLQUFLLFlBQVksYUFBYSxhQUFhLENBQUMsTUFBTSxFQUFFLENBQzNILENBQUM7b0JBRUYsSUFBSSxDQUFDLGFBQWEsQ0FBQyxXQUFXLEVBQUUsQ0FBQzt3QkFDN0IsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ2IscUNBQXFDLE1BQU0sb0NBQW9DLGFBQWEsQ0FBQyxNQUFNLEVBQUUsQ0FDeEcsQ0FBQzt3QkFDRixNQUFNO29CQUNWLENBQUM7b0JBRUQsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO3dCQUNuQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDYix1Q0FBdUMsTUFBTSxvQ0FBb0MsYUFBYSxDQUFDLE1BQU0sRUFBRSxDQUMxRyxDQUFDO3dCQUNGLE1BQU07b0JBQ1YsQ0FBQztvQkFFRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FDWixtQkFBbUIsTUFBTSxPQUFPLElBQUksQ0FBQyxhQUFhLHVCQUF1QixhQUFhLENBQUMsTUFBTSxFQUFFLENBQ2xHLENBQUM7b0JBQ0YsTUFBTSxVQUFVLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztnQkFDeEQsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBRUQsTUFBTSxJQUFJLEtBQUssQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7O0FBblNMLGdDQW9TQyJ9
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-sync-client",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.0",
|
|
4
4
|
"description": "PKI sync client utility",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -23,8 +23,8 @@
|
|
|
23
23
|
"license": "ISC",
|
|
24
24
|
"dependencies": {
|
|
25
25
|
"@sinclair/typebox": "0.33.22",
|
|
26
|
-
"@super-protocol/pki-client": "^
|
|
27
|
-
"@super-protocol/pki-common": "^
|
|
26
|
+
"@super-protocol/pki-client": "^3.0.0",
|
|
27
|
+
"@super-protocol/pki-common": "^3.0.2",
|
|
28
28
|
"axios": "^1.7.0",
|
|
29
29
|
"js-yaml": "^4.1.0",
|
|
30
30
|
"yargs": "^17.7.2"
|