@super-protocol/pki-sync-client 2.0.9 → 2.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/sync-client.d.ts +1 -1
- package/dist/sync-client.js +11 -14
- package/package.json +3 -3
package/dist/sync-client.d.ts
CHANGED
|
@@ -12,9 +12,9 @@ export interface SyncClientOptions {
|
|
|
12
12
|
export declare class SyncClient {
|
|
13
13
|
private options;
|
|
14
14
|
private challenge;
|
|
15
|
+
private logger;
|
|
15
16
|
private static detectCpuType;
|
|
16
17
|
constructor(options: SyncClientOptions);
|
|
17
|
-
private log;
|
|
18
18
|
private saveCertificates;
|
|
19
19
|
sync(config: SyncConfig): Promise<void>;
|
|
20
20
|
}
|
package/dist/sync-client.js
CHANGED
|
@@ -35,6 +35,7 @@ const path = __importStar(require("path"));
|
|
|
35
35
|
class SyncClient {
|
|
36
36
|
options;
|
|
37
37
|
challenge;
|
|
38
|
+
logger;
|
|
38
39
|
static detectCpuType() {
|
|
39
40
|
try {
|
|
40
41
|
const tdxPath = '/dev/tdx_guest';
|
|
@@ -59,6 +60,7 @@ class SyncClient {
|
|
|
59
60
|
}
|
|
60
61
|
constructor(options) {
|
|
61
62
|
this.options = options;
|
|
63
|
+
this.logger = new pki_common_1.ConsoleLog(options.verbose ? pki_common_1.LogLevel.Debug : pki_common_1.LogLevel.Warn);
|
|
62
64
|
const challengeType = options.ownChallenge === 'auto'
|
|
63
65
|
? SyncClient.detectCpuType()
|
|
64
66
|
: options.ownChallenge;
|
|
@@ -78,11 +80,6 @@ class SyncClient {
|
|
|
78
80
|
throw new Error(`Unsupported challenge type: ${challengeType}. Supported: tdx, sev, untrusted, auto`);
|
|
79
81
|
}
|
|
80
82
|
}
|
|
81
|
-
log(message) {
|
|
82
|
-
if (this.options.verbose ?? false) {
|
|
83
|
-
console.log(message);
|
|
84
|
-
}
|
|
85
|
-
}
|
|
86
83
|
async saveCertificates(pkiClientFactory, certsDir, prefix) {
|
|
87
84
|
// Ensure directory exists
|
|
88
85
|
await fs.promises.mkdir(certsDir, { recursive: true });
|
|
@@ -94,23 +91,23 @@ class SyncClient {
|
|
|
94
91
|
await fs.promises.writeFile(keyPath, cert.keyPair.privateKeyPem, {
|
|
95
92
|
mode: 0o600,
|
|
96
93
|
});
|
|
97
|
-
this.
|
|
94
|
+
this.logger.info(`Saved private key to ${keyPath}`);
|
|
98
95
|
// Save CA certificate
|
|
99
96
|
const caPath = path.join(certsDir, `${prefixStr}ca.pem`);
|
|
100
97
|
await fs.promises.writeFile(caPath, ca, { mode: 0o644 });
|
|
101
|
-
this.
|
|
98
|
+
this.logger.info(`Saved CA certificate to ${caPath}`);
|
|
102
99
|
// Save client certificate with intermediate chain
|
|
103
100
|
const certWithIntermediate = clientCert + intermediateCertificates;
|
|
104
101
|
const certPath = path.join(certsDir, `${prefixStr}cert.pem`);
|
|
105
102
|
await fs.promises.writeFile(certPath, certWithIntermediate, {
|
|
106
103
|
mode: 0o644,
|
|
107
104
|
});
|
|
108
|
-
this.
|
|
105
|
+
this.logger.info(`Saved certificate chain to ${certPath}`);
|
|
109
106
|
}
|
|
110
107
|
async sync(config) {
|
|
111
108
|
for (const server of this.options.servers) {
|
|
112
109
|
try {
|
|
113
|
-
this.
|
|
110
|
+
this.logger.info(`Trying server: ${server}`);
|
|
114
111
|
const pkiConfig = {
|
|
115
112
|
clientCertProvider: {
|
|
116
113
|
type: 'pki-ca',
|
|
@@ -121,7 +118,7 @@ class SyncClient {
|
|
|
121
118
|
},
|
|
122
119
|
networkID: this.options.networkID,
|
|
123
120
|
};
|
|
124
|
-
const pkiClientFactory = new pki_client_1.PkiClientFactory(pkiConfig);
|
|
121
|
+
const pkiClientFactory = new pki_client_1.PkiClientFactory(pkiConfig, this.logger);
|
|
125
122
|
const httpsAgent = await pkiClientFactory.getHTTPSAgent();
|
|
126
123
|
// Collect all secret names
|
|
127
124
|
const secretNames = config.secrets.map((s) => s.secretName);
|
|
@@ -141,17 +138,17 @@ class SyncClient {
|
|
|
141
138
|
await fs.promises.writeFile(secret.saveTo, content, {
|
|
142
139
|
mode: 0o600,
|
|
143
140
|
});
|
|
144
|
-
this.
|
|
141
|
+
this.logger.info(`Saved secret "${secret.secretName}" to ${secret.saveTo}`);
|
|
145
142
|
}
|
|
146
143
|
// Save certificates if directory is specified
|
|
147
144
|
if (this.options.saveCertsToDir) {
|
|
148
145
|
await this.saveCertificates(pkiClientFactory, this.options.saveCertsToDir, this.options.saveCertsPrefix);
|
|
149
146
|
}
|
|
150
|
-
this.
|
|
147
|
+
this.logger.info(`Successfully synced from server: ${server}`);
|
|
151
148
|
return; // Success - exit from method
|
|
152
149
|
}
|
|
153
150
|
catch (error) {
|
|
154
|
-
this.
|
|
151
|
+
this.logger.error(`Failed to sync from server ${server}: ${error.message}`);
|
|
155
152
|
// Continue to next server
|
|
156
153
|
}
|
|
157
154
|
}
|
|
@@ -159,4 +156,4 @@ class SyncClient {
|
|
|
159
156
|
}
|
|
160
157
|
}
|
|
161
158
|
exports.SyncClient = SyncClient;
|
|
162
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
159
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3luYy1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc3luYy1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFJb0M7QUFDcEMsMkRBS29DO0FBQ3BDLGtEQUEwQjtBQUMxQix1Q0FBeUI7QUFDekIsMkNBQTZCO0FBYTdCLE1BQWEsVUFBVTtJQUNYLE9BQU8sQ0FBb0I7SUFDM0IsU0FBUyxDQUFrQjtJQUMzQixNQUFNLENBQWE7SUFFbkIsTUFBTSxDQUFDLGFBQWE7UUFDeEIsSUFBSSxDQUFDO1lBQ0QsTUFBTSxPQUFPLEdBQUcsZ0JBQWdCLENBQUM7WUFDakMsTUFBTSxPQUFPLEdBQUcsZ0JBQWdCLENBQUM7WUFFakMsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3pCLE1BQU0sS0FBSyxHQUFHLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ25DLElBQUksS0FBSyxDQUFDLGlCQUFpQixFQUFFLEVBQUUsQ0FBQztvQkFDNUIsT0FBTyxLQUFLLENBQUM7Z0JBQ2pCLENBQUM7WUFDTCxDQUFDO1lBRUQsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ3pCLE1BQU0sS0FBSyxHQUFHLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ25DLElBQUksS0FBSyxDQUFDLGlCQUFpQixFQUFFLEVBQUUsQ0FBQztvQkFDNUIsT0FBTyxLQUFLLENBQUM7Z0JBQ2pCLENBQUM7WUFDTCxDQUFDO1FBQ0wsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDYixvREFBb0Q7UUFDeEQsQ0FBQztRQUVELE9BQU8sV0FBVyxDQUFDO0lBQ3ZCLENBQUM7SUFFRCxZQUFZLE9BQTBCO1FBQ2xDLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSx1QkFBVSxDQUN4QixPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxxQkFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMscUJBQVEsQ0FBQyxJQUFJLENBQ25ELENBQUM7UUFFRixNQUFNLGFBQWEsR0FDZixPQUFPLENBQUMsWUFBWSxLQUFLLE1BQU07WUFDM0IsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUU7WUFDNUIsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUM7UUFFL0IsSUFBSSxhQUFhLEtBQUssS0FBSyxFQUFFLENBQUM7WUFDMUIsSUFBSSxDQUFDLFNBQVMsR0FBRyxFQUFFLElBQUksRUFBRSwwQkFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ2pELENBQUM7YUFBTSxJQUFJLGFBQWEsS0FBSyxLQUFLLEVBQUUsQ0FBQztZQUNqQyxJQUFJLENBQUMsU0FBUyxHQUFHLEVBQUUsSUFBSSxFQUFFLDBCQUFhLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDcEQsQ0FBQzthQUFNLElBQUksYUFBYSxLQUFLLFdBQVcsRUFBRSxDQUFDO1lBQ3ZDLElBQUksQ0FBQyxTQUFTLEdBQUc7Z0JBQ2IsSUFBSSxFQUFFLDBCQUFhLENBQUMsU0FBUztnQkFDN0IsS0FBSyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsOEJBQThCLENBQUMsQ0FBQyxRQUFRLENBQ3ZELEtBQUssQ0FDUjthQUNKLENBQUM7UUFDTixDQUFDO2FBQU0sQ0FBQztZQUNKLE1BQU0sSUFBSSxLQUFLLENBQ1gsK0JBQStCLGFBQWEsd0NBQXdDLENBQ3ZGLENBQUM7UUFDTixDQUFDO0lBQ0wsQ0FBQztJQUVPLEtBQUssQ0FBQyxnQkFBZ0IsQ0FDMUIsZ0JBQWtDLEVBQ2xDLFFBQWdCLEVBQ2hCLE1BQWU7UUFFZiwwQkFBMEI7UUFDMUIsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUV2RCxNQUFNLElBQUksR0FBRyxNQUFNLGdCQUFnQixDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQzlDLE1BQU0sRUFDRixJQUFJLEVBQUUsVUFBVSxFQUNoQix3QkFBd0IsRUFDeEIsRUFBRSxHQUNMLEdBQUcsSUFBQSw0Q0FBK0IsRUFBQyxJQUFJLENBQUMsQ0FBQztRQUUxQyxNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUU3QyxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxTQUFTLFNBQVMsQ0FBQyxDQUFDO1FBQzNELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUFFO1lBQzdELElBQUksRUFBRSxLQUFLO1NBQ2QsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsd0JBQXdCLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFFcEQsc0JBQXNCO1FBQ3RCLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLEdBQUcsU0FBUyxRQUFRLENBQUMsQ0FBQztRQUN6RCxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLE1BQU0sRUFBRSxFQUFFLEVBQUUsRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUN6RCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywyQkFBMkIsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUV0RCxrREFBa0Q7UUFDbEQsTUFBTSxvQkFBb0IsR0FBRyxVQUFVLEdBQUcsd0JBQXdCLENBQUM7UUFDbkUsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxTQUFTLFVBQVUsQ0FBQyxDQUFDO1FBQzdELE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsUUFBUSxFQUFFLG9CQUFvQixFQUFFO1lBQ3hELElBQUksRUFBRSxLQUFLO1NBQ2QsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsOEJBQThCLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDL0QsQ0FBQztJQUVELEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBa0I7UUFDekIsS0FBSyxNQUFNLE1BQU0sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQztnQkFDRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsTUFBTSxFQUFFLENBQUMsQ0FBQztnQkFFN0MsTUFBTSxTQUFTLEdBQW9CO29CQUMvQixrQkFBa0IsRUFBRTt3QkFDaEIsSUFBSSxFQUFFLFFBQVE7d0JBQ2QsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTO3dCQUN6QixPQUFPLEVBQUUsV0FBVyxNQUFNLGFBQWE7d0JBQ3ZDLFFBQVEsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVE7d0JBQy9CLDBCQUEwQixFQUN0QixJQUFJLENBQUMsT0FBTyxDQUFDLDBCQUEwQixJQUFJLEtBQUs7cUJBQ3ZEO29CQUNELFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVM7aUJBQ3BDLENBQUM7Z0JBRUYsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLDZCQUFnQixDQUN6QyxTQUFTLEVBQ1QsSUFBSSxDQUFDLE1BQU0sQ0FDZCxDQUFDO2dCQUNGLE1BQU0sVUFBVSxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBRTFELDJCQUEyQjtnQkFDM0IsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQztnQkFFNUQscUNBQXFDO2dCQUNyQyxNQUFNLFFBQVEsR0FBRyxNQUFNLGVBQUssQ0FBQyxJQUFJLENBQzdCLFdBQVcsTUFBTSxxQkFBcUIsRUFDdEMsRUFBRSxPQUFPLEVBQUUsV0FBVyxFQUFFLEVBQ3hCLEVBQUUsVUFBVSxFQUFFLENBQ2pCLENBQUM7Z0JBRUYsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQztnQkFFN0IseUJBQXlCO2dCQUN6QixLQUFLLE1BQU0sTUFBTSxJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztvQkFDbEMsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUM7b0JBQ3hELElBQUksYUFBYSxJQUFJLElBQUksRUFBRSxDQUFDO3dCQUN4QixNQUFNLElBQUksS0FBSyxDQUNYLFdBQVcsTUFBTSxDQUFDLFVBQVUseUJBQXlCLENBQ3hELENBQUM7b0JBQ04sQ0FBQztvQkFDRCxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxRQUFRLENBQUMsQ0FBQztvQkFFckQsMEJBQTBCO29CQUMxQixNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDeEMsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztvQkFFbEQsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRTt3QkFDaEQsSUFBSSxFQUFFLEtBQUs7cUJBQ2QsQ0FBQyxDQUFDO29CQUVILElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNaLGlCQUFpQixNQUFNLENBQUMsVUFBVSxRQUFRLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FDNUQsQ0FBQztnQkFDTixDQUFDO2dCQUVELDhDQUE4QztnQkFDOUMsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUM5QixNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FDdkIsZ0JBQWdCLEVBQ2hCLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxFQUMzQixJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FDL0IsQ0FBQztnQkFDTixDQUFDO2dCQUVELElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLG9DQUFvQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUMvRCxPQUFPLENBQUMsNkJBQTZCO1lBQ3pDLENBQUM7WUFBQyxPQUFPLEtBQVUsRUFBRSxDQUFDO2dCQUNsQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDYiw4QkFBOEIsTUFBTSxLQUFLLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FDM0QsQ0FBQztnQkFDRiwwQkFBMEI7WUFDOUIsQ0FBQztRQUNMLENBQUM7UUFFRCxNQUFNLElBQUksS0FBSyxDQUFDLGlDQUFpQyxDQUFDLENBQUM7SUFDdkQsQ0FBQztDQUNKO0FBaExELGdDQWdMQyJ9
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-sync-client",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.11",
|
|
4
4
|
"description": "PKI sync client utility",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -23,8 +23,8 @@
|
|
|
23
23
|
"license": "ISC",
|
|
24
24
|
"dependencies": {
|
|
25
25
|
"@sinclair/typebox": "0.33.22",
|
|
26
|
-
"@super-protocol/pki-client": "^2.1.
|
|
27
|
-
"@super-protocol/pki-common": "^2.0.
|
|
26
|
+
"@super-protocol/pki-client": "^2.1.7",
|
|
27
|
+
"@super-protocol/pki-common": "^2.0.3",
|
|
28
28
|
"axios": "^1.7.0",
|
|
29
29
|
"js-yaml": "^4.1.0",
|
|
30
30
|
"yargs": "^17.7.2"
|