@zincapp/znvault-cli 2.19.0 → 2.19.2

package/dist/commands/dynamic-secrets/connection.d.ts

@@ -0,0 +1,17 @@
+import type { ConnectionCreateOptions, ConnectionUpdateOptions } from './types.js';
+export declare function listConnections(options: {
+    json?: boolean;
+}): Promise<void>;
+export declare function getConnection(nameOrId: string, options: {
+    json?: boolean;
+}): Promise<void>;
+export declare function createConnection(options: ConnectionCreateOptions): Promise<void>;
+export declare function updateConnection(nameOrId: string, options: ConnectionUpdateOptions): Promise<void>;
+export declare function deleteConnection(nameOrId: string, options: {
+    force?: boolean;
+    json?: boolean;
+}): Promise<void>;
+export declare function testConnection(nameOrId: string, options: {
+    json?: boolean;
+}): Promise<void>;
+//# sourceMappingURL=connection.d.ts.map

package/dist/commands/dynamic-secrets/connection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection.d.ts","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/connection.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAsC,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAGvH,wBAAsB,eAAe,CAAC,OAAO,EAAE;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAyChF;AAED,wBAAsB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAkChG;AAED,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAoDtF;AAED,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAyBxG;AAED,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAC;IAAC,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CA4BpH;AAED,wBAAsB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAwBjG"}

package/dist/commands/dynamic-secrets/connection.js

@@ -0,0 +1,217 @@
+// Path: src/commands/dynamic-secrets/connection.ts
+/**
+ * Connection commands for dynamic secrets
+ */
+import ora from 'ora';
+import Table from 'cli-table3';
+import inquirer from 'inquirer';
+import { client } from '../../lib/client.js';
+import * as output from '../../lib/output.js';
+import { formatStatus, formatDate, formatTtl } from './helpers.js';
+export async function listConnections(options) {
+    const spinner = ora('Fetching connections...').start();
+    try {
+        const response = await client.get('/v1/dynamic-secrets/connections');
+        spinner.stop();
+        if (options.json) {
+            output.json(response);
+            return;
+        }
+        if (response.length === 0) {
+            output.info('No database connections found.');
+            return;
+        }
+        const table = new Table({
+            head: ['Name', 'Type', 'Status', 'Default TTL', 'Max TTL', 'Roles', 'Active Leases'],
+            style: { head: ['cyan'] },
+        });
+        for (const conn of response) {
+            table.push([
+                conn.name,
+                conn.connectionType,
+                formatStatus(conn.status),
+                formatTtl(conn.defaultTtlSeconds),
+                formatTtl(conn.maxTtlSeconds),
+                String(conn.roleCount ?? 0),
+                String(conn.activeLeases ?? 0),
+            ]);
+        }
+        console.log(table.toString());
+        output.info(`${response.length} connection(s) found`);
+    }
+    catch (err) {
+        spinner.fail('Failed to list connections');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+export async function getConnection(nameOrId, options) {
+    const spinner = ora('Fetching connection...').start();
+    try {
+        const response = await client.get(`/v1/dynamic-secrets/connections/${nameOrId}`);
+        spinner.stop();
+        if (options.json) {
+            output.json(response);
+            return;
+        }
+        output.keyValue({
+            'ID': response.id,
+            'Name': response.name,
+            'Description': response.description ?? '-',
+            'Type': response.connectionType,
+            'Status': formatStatus(response.status),
+            'Max Connections': response.maxOpenConnections,
+            'Timeout': `${response.connectionTimeoutSeconds}s`,
+            'Default TTL': formatTtl(response.defaultTtlSeconds),
+            'Max TTL': formatTtl(response.maxTtlSeconds),
+            'Last Health Check': formatDate(response.lastHealthCheck),
+            'Health Status': response.lastHealthCheckStatus === null ? '-' : (response.lastHealthCheckStatus ? 'Healthy' : 'Unhealthy'),
+            'Roles': String(response.roleCount ?? 0),
+            'Active Leases': String(response.activeLeases ?? 0),
+            'Created': formatDate(response.createdAt),
+            'Updated': formatDate(response.updatedAt),
+        });
+    }
+    catch (err) {
+        spinner.fail('Failed to get connection');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+export async function createConnection(options) {
+    // Interactive prompts if options not provided
+    const name = options.name ?? (await inquirer.prompt([{
+            type: 'input',
+            name: 'name',
+            message: 'Connection name:',
+            validate: (input) => input.trim() ? true : 'Name is required',
+        }])).name;
+    const connectionType = options.type?.toUpperCase() ?? (await inquirer.prompt([{
+            type: 'list',
+            name: 'type',
+            message: 'Database type:',
+            choices: ['POSTGRESQL', 'MYSQL'],
+        }])).type;
+    const connectionString = options.connectionString ?? (await inquirer.prompt([{
+            type: 'password',
+            name: 'connectionString',
+            message: 'Connection string:',
+            mask: '*',
+            validate: (input) => input.trim() ? true : 'Connection string is required',
+        }])).connectionString;
+    const spinner = ora('Creating connection...').start();
+    try {
+        const body = {
+            name,
+            connectionType,
+            connectionString,
+        };
+        if (options.description)
+            body.description = options.description;
+        if (options.maxConnections)
+            body.maxOpenConnections = parseInt(options.maxConnections, 10);
+        if (options.timeout)
+            body.connectionTimeoutSeconds = parseInt(options.timeout, 10);
+        if (options.defaultTtl)
+            body.defaultTtlSeconds = parseInt(options.defaultTtl, 10);
+        if (options.maxTtl)
+            body.maxTtlSeconds = parseInt(options.maxTtl, 10);
+        const response = await client.post('/v1/dynamic-secrets/connections', body);
+        spinner.succeed('Connection created');
+        if (options.json) {
+            output.json(response);
+        }
+        else {
+            output.success(`Connection "${response.name}" created with ID: ${response.id}`);
+        }
+    }
+    catch (err) {
+        spinner.fail('Failed to create connection');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+export async function updateConnection(nameOrId, options) {
+    const spinner = ora('Updating connection...').start();
+    try {
+        const body = {};
+        if (options.description !== undefined)
+            body.description = options.description;
+        if (options.maxConnections)
+            body.maxOpenConnections = parseInt(options.maxConnections, 10);
+        if (options.timeout)
+            body.connectionTimeoutSeconds = parseInt(options.timeout, 10);
+        if (options.defaultTtl)
+            body.defaultTtlSeconds = parseInt(options.defaultTtl, 10);
+        if (options.maxTtl)
+            body.maxTtlSeconds = parseInt(options.maxTtl, 10);
+        if (options.status)
+            body.status = options.status.toUpperCase();
+        const response = await client.patch(`/v1/dynamic-secrets/connections/${nameOrId}`, body);
+        spinner.succeed('Connection updated');
+        if (options.json) {
+            output.json(response);
+        }
+        else {
+            output.success(`Connection "${response.name}" updated`);
+        }
+    }
+    catch (err) {
+        spinner.fail('Failed to update connection');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+export async function deleteConnection(nameOrId, options) {
+    if (!options.force) {
+        const { confirm } = await inquirer.prompt([{
+                type: 'confirm',
+                name: 'confirm',
+                message: `Are you sure you want to delete connection "${nameOrId}"? This will also delete all associated roles.`,
+                default: false,
+            }]);
+        if (!confirm) {
+            output.info('Cancelled');
+            return;
+        }
+    }
+    const spinner = ora('Deleting connection...').start();
+    try {
+        await client.delete(`/v1/dynamic-secrets/connections/${nameOrId}`);
+        spinner.succeed(`Connection "${nameOrId}" deleted`);
+        if (options.json) {
+            output.json({ success: true, id: nameOrId });
+        }
+    }
+    catch (err) {
+        spinner.fail('Failed to delete connection');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+export async function testConnection(nameOrId, options) {
+    const spinner = ora('Testing connection...').start();
+    try {
+        const response = await client.post(`/v1/dynamic-secrets/connections/${nameOrId}/test`, {});
+        if (response.success) {
+            spinner.succeed('Connection test successful');
+            if (options.json) {
+                output.json(response);
+            }
+        }
+        else {
+            spinner.fail('Connection test failed');
+            output.error(response.error ?? 'Unknown error');
+            if (options.json) {
+                output.json(response);
+            }
+            process.exit(1);
+        }
+    }
+    catch (err) {
+        spinner.fail('Failed to test connection');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=connection.js.map

package/dist/commands/dynamic-secrets/connection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection.js","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/connection.ts"],"names":[],"mappings":"AAAA,mDAAmD;AAEnD;;GAEG;AAEH,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,QAAQ,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,KAAK,MAAM,MAAM,qBAAqB,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEnE,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAA2B;IAC/D,MAAM,OAAO,GAAG,GAAG,CAAC,yBAAyB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEvD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAiB,iCAAiC,CAAC,CAAC;QACrF,OAAO,CAAC,IAAI,EAAE,CAAC;QAEf,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC;YACtB,IAAI,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,CAAC;YACpF,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,EAAE;SAC1B,CAAC,CAAC;QAEH,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,CAAC,IAAI;gBACT,IAAI,CAAC,cAAc;gBACnB,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC;gBACzB,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC;gBACjC,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC7B,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC;gBAC3B,MAAM,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,MAAM,sBAAsB,CAAC,CAAC;IACxD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC3C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,QAAgB,EAAE,OAA2B;IAC/E,MAAM,OAAO,GAAG,GAAG,CAAC,wBAAwB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEtD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAe,mCAAmC,QAAQ,EAAE,CAAC,CAAC;QAC/F,OAAO,CAAC,IAAI,EAAE,CAAC;QAEf,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,CAAC,QAAQ,CAAC;YACd,IAAI,EAAE,QAAQ,CAAC,EAAE;YACjB,MAAM,EAAE,QAAQ,CAAC,IAAI;YACrB,aAAa,EAAE,QAAQ,CAAC,WAAW,IAAI,GAAG;YAC1C,MAAM,EAAE,QAAQ,CAAC,cAAc;YAC/B,QAAQ,EAAE,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC;YACvC,iBAAiB,EAAE,QAAQ,CAAC,kBAAkB;YAC9C,SAAS,EAAE,GAAG,QAAQ,CAAC,wBAAwB,GAAG;YAClD,aAAa,EAAE,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACpD,SAAS,EAAE,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC;YAC5C,mBAAmB,EAAE,UAAU,CAAC,QAAQ,CAAC,eAAe,CAAC;YACzD,eAAe,EAAE,QAAQ,CAAC,qBAAqB,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC;YAC3H,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS,IAAI,CAAC,CAAC;YACxC,eAAe,EAAE,MAAM,CAAC,QAAQ,CAAC,YAAY,IAAI,CAAC,CAAC;YACnD,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;YACzC,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;SAC1C,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAgC;IACrE,8CAA8C;IAC9C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,CAAC,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;YACnD,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,kBAAkB;YAC3B,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,kBAAkB;SACtE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAEV,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC5E,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,gBAAgB;YACzB,OAAO,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC;SACjC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAEV,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,CAAC,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3E,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,oBAAoB;YAC7B,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,+BAA+B;SACnF,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC;IAEtB,MAAM,OAAO,GAAG,GAAG,CAAC,wBAAwB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEtD,IAAI,CAAC;QACH,MAAM,IAAI,GAA4B;YACpC,IAAI;YACJ,cAAc;YACd,gBAAgB;SACjB,CAAC;QAEF,IAAI,OAAO,CAAC,WAAW;YAAE,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QAChE,IAAI,OAAO,CAAC,cAAc;YAAE,IAAI,CAAC,kBAAkB,GAAG,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAC3F,IAAI,OAAO,CAAC,OAAO;YAAE,IAAI,CAAC,wBAAwB,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACnF,IAAI,OAAO,CAAC,UAAU;YAAE,IAAI,CAAC,iBAAiB,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,OAAO,CAAC,MAAM;YAAE,IAAI,CAAC,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAEtE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAe,iCAAiC,EAAE,IAAI,CAAC,CAAC;QAC1F,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAEtC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,OAAO,CAAC,eAAe,QAAQ,CAAC,IAAI,sBAAsB,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAgB,EAAE,OAAgC;IACvF,MAAM,OAAO,GAAG,GAAG,CAAC,wBAAwB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEtD,IAAI,CAAC;QACH,MAAM,IAAI,GAA4B,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS;YAAE,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QAC9E,IAAI,OAAO,CAAC,cAAc;YAAE,IAAI,CAAC,kBAAkB,GAAG,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAC3F,IAAI,OAAO,CAAC,OAAO;YAAE,IAAI,CAAC,wBAAwB,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACnF,IAAI,OAAO,CAAC,UAAU;YAAE,IAAI,CAAC,iBAAiB,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,OAAO,CAAC,MAAM;YAAE,IAAI,CAAC,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACtE,IAAI,OAAO,CAAC,MAAM;YAAE,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QAE/D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAe,mCAAmC,QAAQ,EAAE,EAAE,IAAI,CAAC,CAAC;QACvG,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAEtC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,OAAO,CAAC,eAAe,QAAQ,CAAC,IAAI,WAAW,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAgB,EAAE,OAA4C;IACnG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;gBACzC,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,+CAA+C,QAAQ,gDAAgD;gBAChH,OAAO,EAAE,KAAK;aACf,CAAC,CAAC,CAAC;QACJ,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACzB,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,wBAAwB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEtD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,MAAM,CAAC,mCAAmC,QAAQ,EAAE,CAAC,CAAC;QACnE,OAAO,CAAC,OAAO,CAAC,eAAe,QAAQ,WAAW,CAAC,CAAC;QAEpD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,QAAgB,EAAE,OAA2B;IAChF,MAAM,OAAO,GAAG,GAAG,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,CAAC;IAErD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAuB,mCAAmC,QAAQ,OAAO,EAAE,EAAE,CAAC,CAAC;QAEjH,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;YAC9C,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,IAAI,eAAe,CAAC,CAAC;YAChD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACxB,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC1C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/dynamic-secrets/creds.d.ts

@@ -0,0 +1,5 @@
+export declare function generateCredentials(roleId: string, options: {
+    ttl?: string;
+    json?: boolean;
+}): Promise<void>;
+//# sourceMappingURL=creds.d.ts.map

package/dist/commands/dynamic-secrets/creds.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"creds.d.ts","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/creds.ts"],"names":[],"mappings":"AAYA,wBAAsB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE;IACjE,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,GAAG,OAAO,CAAC,IAAI,CAAC,CAgChB"}

package/dist/commands/dynamic-secrets/creds.js

@@ -0,0 +1,39 @@
+// Path: src/commands/dynamic-secrets/creds.ts
+/**
+ * Credential generation commands for dynamic secrets
+ */
+import ora from 'ora';
+import { client } from '../../lib/client.js';
+import * as output from '../../lib/output.js';
+import { formatDuration, formatDate } from './helpers.js';
+export async function generateCredentials(roleId, options) {
+    const spinner = ora('Generating credentials...').start();
+    try {
+        const body = {};
+        if (options.ttl)
+            body.ttlSeconds = parseInt(options.ttl, 10);
+        const response = await client.post(`/v1/dynamic-secrets/roles/${roleId}/credentials`, body);
+        spinner.succeed('Credentials generated');
+        if (options.json) {
+            output.json(response);
+            return;
+        }
+        console.log('');
+        output.keyValue({
+            'Lease ID': response.leaseId,
+            'Username': response.username,
+            'Password': response.password,
+            'TTL': formatDuration(response.ttlSeconds),
+            'Expires At': formatDate(response.expiresAt),
+            'Max Expires At': formatDate(response.maxExpiresAt),
+        });
+        console.log('');
+        output.warn('The password is shown only once. Store it securely or use it immediately.');
+    }
+    catch (err) {
+        spinner.fail('Failed to generate credentials');
+        output.error(err instanceof Error ? err.message : String(err));
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=creds.js.map

package/dist/commands/dynamic-secrets/creds.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"creds.js","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/creds.ts"],"names":[],"mappings":"AAAA,8CAA8C;AAE9C;;GAEG;AAEH,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,KAAK,MAAM,MAAM,qBAAqB,CAAC;AAE9C,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc,EAAE,OAGzD;IACC,MAAM,OAAO,GAAG,GAAG,CAAC,2BAA2B,CAAC,CAAC,KAAK,EAAE,CAAC;IAEzD,IAAI,CAAC;QACH,MAAM,IAAI,GAA4B,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,GAAG;YAAE,IAAI,CAAC,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAE7D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAsB,6BAA6B,MAAM,cAAc,EAAE,IAAI,CAAC,CAAC;QACjH,OAAO,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAEzC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,CAAC,QAAQ,CAAC;YACd,UAAU,EAAE,QAAQ,CAAC,OAAO;YAC5B,UAAU,EAAE,QAAQ,CAAC,QAAQ;YAC7B,UAAU,EAAE,QAAQ,CAAC,QAAQ;YAC7B,KAAK,EAAE,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC1C,YAAY,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC5C,gBAAgB,EAAE,UAAU,CAAC,QAAQ,CAAC,YAAY,CAAC;SACpD,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;IAC3F,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QAC/C,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/dynamic-secrets/helpers.d.ts

@@ -0,0 +1,5 @@
+export declare function formatDuration(seconds: number): string;
+export declare function formatStatus(status: string): string;
+export declare function formatDate(dateStr: string | null): string;
+export declare function formatTtl(seconds: number | null): string;
+//# sourceMappingURL=helpers.d.ts.map

package/dist/commands/dynamic-secrets/helpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/helpers.ts"],"names":[],"mappings":"AAQA,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAKtD;AAED,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAUnD;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAGzD;AAED,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAGxD"}

package/dist/commands/dynamic-secrets/helpers.js

@@ -0,0 +1,36 @@
+// Path: src/commands/dynamic-secrets/helpers.ts
+/**
+ * Helper functions for dynamic secrets commands
+ */
+import * as output from '../../lib/output.js';
+export function formatDuration(seconds) {
+    if (seconds < 60)
+        return `${seconds}s`;
+    if (seconds < 3600)
+        return `${Math.floor(seconds / 60)}m`;
+    if (seconds < 86400)
+        return `${Math.floor(seconds / 3600)}h`;
+    return `${Math.floor(seconds / 86400)}d`;
+}
+export function formatStatus(status) {
+    switch (status) {
+        case 'ACTIVE': return output.isPlainMode() ? 'ACTIVE' : '\x1b[32mACTIVE\x1b[0m';
+        case 'DISABLED': return output.isPlainMode() ? 'DISABLED' : '\x1b[33mDISABLED\x1b[0m';
+        case 'FAILED': return output.isPlainMode() ? 'FAILED' : '\x1b[31mFAILED\x1b[0m';
+        case 'TESTING': return output.isPlainMode() ? 'TESTING' : '\x1b[36mTESTING\x1b[0m';
+        case 'EXPIRED': return output.isPlainMode() ? 'EXPIRED' : '\x1b[33mEXPIRED\x1b[0m';
+        case 'REVOKED': return output.isPlainMode() ? 'REVOKED' : '\x1b[31mREVOKED\x1b[0m';
+        default: return status;
+    }
+}
+export function formatDate(dateStr) {
+    if (!dateStr)
+        return '-';
+    return new Date(dateStr).toLocaleString();
+}
+export function formatTtl(seconds) {
+    if (seconds === null)
+        return 'inherit';
+    return formatDuration(seconds);
+}
+//# sourceMappingURL=helpers.js.map

package/dist/commands/dynamic-secrets/helpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/helpers.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAEhD;;GAEG;AAEH,OAAO,KAAK,MAAM,MAAM,qBAAqB,CAAC;AAE9C,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,IAAI,OAAO,GAAG,EAAE;QAAE,OAAO,GAAG,OAAO,GAAG,CAAC;IACvC,IAAI,OAAO,GAAG,IAAI;QAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC;IAC1D,IAAI,OAAO,GAAG,KAAK;QAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC;IAC7D,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAc;IACzC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,QAAQ,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAChF,KAAK,UAAU,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,yBAAyB,CAAC;QACtF,KAAK,QAAQ,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAChF,KAAK,SAAS,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC;QACnF,KAAK,SAAS,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC;QACnF,KAAK,SAAS,CAAC,CAAC,OAAO,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC;QACnF,OAAO,CAAC,CAAC,OAAO,MAAM,CAAC;IACzB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,OAAsB;IAC/C,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC;IACzB,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,CAAC;AAC5C,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,OAAsB;IAC9C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,SAAS,CAAC;IACvC,OAAO,cAAc,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC"}

package/dist/commands/dynamic-secrets/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Dynamic secrets command registration
+ */
+import { type Command } from 'commander';
+export * from './types.js';
+export declare function registerDynamicSecretsCommands(program: Command): void;
+//# sourceMappingURL=index.d.ts.map

package/dist/commands/dynamic-secrets/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/index.ts"],"names":[],"mappings":"AAEA;;GAEG;AAEH,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,WAAW,CAAC;AAyBzC,cAAc,YAAY,CAAC;AAE3B,wBAAgB,8BAA8B,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAwLrE"}

package/dist/commands/dynamic-secrets/index.js

@@ -0,0 +1,173 @@
+// Path: src/commands/dynamic-secrets/index.ts
+import { listConnections, getConnection, createConnection, updateConnection, deleteConnection, testConnection, } from './connection.js';
+import { listRoles, getRole, createRole, updateRole, deleteRole, } from './role.js';
+import { generateCredentials } from './creds.js';
+import { listLeases, getLease, renewLease, revokeLease, } from './lease.js';
+// Re-export types
+export * from './types.js';
+export function registerDynamicSecretsCommands(program) {
+    const dynasec = program
+        .command('dynasec')
+        .description('Dynamic secrets management (on-demand database credentials)')
+        .addHelpText('after', `
+Examples:
+  # List all database connections
+  znvault dynasec connection list
+
+  # Create a PostgreSQL connection
+  znvault dynasec connection create --name my-pg --type postgresql \\
+    --connection-string "postgresql://admin:pass@localhost:5432/mydb"
+
+  # Create a role for the connection
+  znvault dynasec role create <connection-id> --name readonly \\
+    --creation-statements "CREATE ROLE \\"{{username}}\\" WITH LOGIN PASSWORD '{{password}}'" \\
+    --revocation-statements "DROP ROLE IF EXISTS \\"{{username}}\\""
+
+  # Generate credentials
+  znvault dynasec creds generate <role-id> --ttl 3600
+
+  # List active leases
+  znvault dynasec lease list --status active
+
+  # Revoke a lease
+  znvault dynasec lease revoke <lease-id> --reason "No longer needed"
+`);
+    // -------------------------------------------------------------------------
+    // Connection Commands
+    // -------------------------------------------------------------------------
+    const connection = dynasec.command('connection').alias('conn').description('Manage database connections');
+    connection
+        .command('list')
+        .alias('ls')
+        .description('List all database connections')
+        .option('--json', 'Output as JSON')
+        .action(listConnections);
+    connection
+        .command('get <name-or-id>')
+        .description('Get connection details')
+        .option('--json', 'Output as JSON')
+        .action(getConnection);
+    connection
+        .command('create')
+        .description('Create a new database connection')
+        .option('--name <name>', 'Connection name')
+        .option('--type <type>', 'Database type (POSTGRESQL or MYSQL)')
+        .option('--connection-string <string>', 'Database connection string')
+        .option('--description <desc>', 'Connection description')
+        .option('--max-connections <n>', 'Maximum open connections')
+        .option('--timeout <seconds>', 'Connection timeout in seconds')
+        .option('--default-ttl <seconds>', 'Default credential TTL')
+        .option('--max-ttl <seconds>', 'Maximum credential TTL')
+        .option('--json', 'Output as JSON')
+        .action(createConnection);
+    connection
+        .command('update <name-or-id>')
+        .description('Update a database connection')
+        .option('--description <desc>', 'Connection description')
+        .option('--max-connections <n>', 'Maximum open connections')
+        .option('--timeout <seconds>', 'Connection timeout in seconds')
+        .option('--default-ttl <seconds>', 'Default credential TTL')
+        .option('--max-ttl <seconds>', 'Maximum credential TTL')
+        .option('--status <status>', 'Connection status (ACTIVE or DISABLED)')
+        .option('--json', 'Output as JSON')
+        .action(updateConnection);
+    connection
+        .command('delete <name-or-id>')
+        .alias('rm')
+        .description('Delete a database connection')
+        .option('--force', 'Skip confirmation')
+        .option('--json', 'Output as JSON')
+        .action(deleteConnection);
+    connection
+        .command('test <name-or-id>')
+        .description('Test a database connection')
+        .option('--json', 'Output as JSON')
+        .action(testConnection);
+    // -------------------------------------------------------------------------
+    // Role Commands
+    // -------------------------------------------------------------------------
+    const role = dynasec.command('role').description('Manage credential roles');
+    role
+        .command('list')
+        .alias('ls')
+        .description('List all roles')
+        .option('--connection <id>', 'Filter by connection ID')
+        .option('--json', 'Output as JSON')
+        .action(listRoles);
+    role
+        .command('get <role-id>')
+        .description('Get role details')
+        .option('--json', 'Output as JSON')
+        .action(getRole);
+    role
+        .command('create <connection-id>')
+        .description('Create a new role for a connection')
+        .option('--name <name>', 'Role name')
+        .option('--description <desc>', 'Role description')
+        .option('--creation-statements <sql>', 'SQL statements to create credentials (semicolon-separated)')
+        .option('--revocation-statements <sql>', 'SQL statements to revoke credentials (semicolon-separated)')
+        .option('--renew-statements <sql>', 'SQL statements to renew credentials (semicolon-separated)')
+        .option('--default-ttl <seconds>', 'Default credential TTL')
+        .option('--max-ttl <seconds>', 'Maximum credential TTL')
+        .option('--username-template <template>', 'Username template (e.g., v_{{role}}_{{random:8}})')
+        .option('--json', 'Output as JSON')
+        .action(createRole);
+    role
+        .command('update <role-id>')
+        .description('Update a role')
+        .option('--description <desc>', 'Role description')
+        .option('--default-ttl <seconds>', 'Default credential TTL')
+        .option('--max-ttl <seconds>', 'Maximum credential TTL')
+        .option('--enabled <bool>', 'Enable or disable role (true/false)')
+        .option('--json', 'Output as JSON')
+        .action(updateRole);
+    role
+        .command('delete <role-id>')
+        .alias('rm')
+        .description('Delete a role')
+        .option('--force', 'Skip confirmation')
+        .option('--json', 'Output as JSON')
+        .action(deleteRole);
+    // -------------------------------------------------------------------------
+    // Credentials Commands
+    // -------------------------------------------------------------------------
+    const creds = dynasec.command('creds').alias('credentials').description('Generate database credentials');
+    creds
+        .command('generate <role-id>')
+        .alias('gen')
+        .description('Generate new database credentials')
+        .option('--ttl <seconds>', 'Credential TTL in seconds')
+        .option('--json', 'Output as JSON')
+        .action(generateCredentials);
+    // -------------------------------------------------------------------------
+    // Lease Commands
+    // -------------------------------------------------------------------------
+    const lease = dynasec.command('lease').description('Manage credential leases');
+    lease
+        .command('list')
+        .alias('ls')
+        .description('List credential leases')
+        .option('--role <id>', 'Filter by role ID')
+        .option('--status <status>', 'Filter by status (ACTIVE, EXPIRED, REVOKED)')
+        .option('--json', 'Output as JSON')
+        .action(listLeases);
+    lease
+        .command('get <lease-id>')
+        .description('Get lease details')
+        .option('--json', 'Output as JSON')
+        .action(getLease);
+    lease
+        .command('renew <lease-id>')
+        .description('Renew a lease')
+        .option('--ttl <seconds>', 'New TTL in seconds')
+        .option('--json', 'Output as JSON')
+        .action(renewLease);
+    lease
+        .command('revoke <lease-id>')
+        .description('Revoke a lease (immediately revokes database credentials)')
+        .option('--reason <reason>', 'Revocation reason')
+        .option('--force', 'Skip confirmation')
+        .option('--json', 'Output as JSON')
+        .action(revokeLease);
+}
+//# sourceMappingURL=index.js.map

package/dist/commands/dynamic-secrets/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/index.ts"],"names":[],"mappings":"AAAA,8CAA8C;AAO9C,OAAO,EACL,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,GACf,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,SAAS,EACT,OAAO,EACP,UAAU,EACV,UAAU,EACV,UAAU,GACX,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACjD,OAAO,EACL,UAAU,EACV,QAAQ,EACR,UAAU,EACV,WAAW,GACZ,MAAM,YAAY,CAAC;AAEpB,kBAAkB;AAClB,cAAc,YAAY,CAAC;AAE3B,MAAM,UAAU,8BAA8B,CAAC,OAAgB;IAC7D,MAAM,OAAO,GAAG,OAAO;SACpB,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,6DAA6D,CAAC;SAC1E,WAAW,CAAC,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;CAsBzB,CAAC,CAAC;IAED,4EAA4E;IAC5E,sBAAsB;IACtB,4EAA4E;IAC5E,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,6BAA6B,CAAC,CAAC;IAE1G,UAAU;SACP,OAAO,CAAC,MAAM,CAAC;SACf,KAAK,CAAC,IAAI,CAAC;SACX,WAAW,CAAC,+BAA+B,CAAC;SAC5C,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,eAAe,CAAC,CAAC;IAE3B,UAAU;SACP,OAAO,CAAC,kBAAkB,CAAC;SAC3B,WAAW,CAAC,wBAAwB,CAAC;SACrC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,aAAa,CAAC,CAAC;IAEzB,UAAU;SACP,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,kCAAkC,CAAC;SAC/C,MAAM,CAAC,eAAe,EAAE,iBAAiB,CAAC;SAC1C,MAAM,CAAC,eAAe,EAAE,qCAAqC,CAAC;SAC9D,MAAM,CAAC,8BAA8B,EAAE,4BAA4B,CAAC;SACpE,MAAM,CAAC,sBAAsB,EAAE,wBAAwB,CAAC;SACxD,MAAM,CAAC,uBAAuB,EAAE,0BAA0B,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,+BAA+B,CAAC;SAC9D,MAAM,CAAC,yBAAyB,EAAE,wBAAwB,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC;SACvD,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAE5B,UAAU;SACP,OAAO,CAAC,qBAAqB,CAAC;SAC9B,WAAW,CAAC,8BAA8B,CAAC;SAC3C,MAAM,CAAC,sBAAsB,EAAE,wBAAwB,CAAC;SACxD,MAAM,CAAC,uBAAuB,EAAE,0BAA0B,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,+BAA+B,CAAC;SAC9D,MAAM,CAAC,yBAAyB,EAAE,wBAAwB,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC;SACvD,MAAM,CAAC,mBAAmB,EAAE,wCAAwC,CAAC;SACrE,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAE5B,UAAU;SACP,OAAO,CAAC,qBAAqB,CAAC;SAC9B,KAAK,CAAC,IAAI,CAAC;SACX,WAAW,CAAC,8BAA8B,CAAC;SAC3C,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAAC;SACtC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAE5B,UAAU;SACP,OAAO,CAAC,mBAAmB,CAAC;SAC5B,WAAW,CAAC,4BAA4B,CAAC;SACzC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,cAAc,CAAC,CAAC;IAE1B,4EAA4E;IAC5E,gBAAgB;IAChB,4EAA4E;IAC5E,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,yBAAyB,CAAC,CAAC;IAE5E,IAAI;SACD,OAAO,CAAC,MAAM,CAAC;SACf,KAAK,CAAC,IAAI,CAAC;SACX,WAAW,CAAC,gBAAgB,CAAC;SAC7B,MAAM,CAAC,mBAAmB,EAAE,yBAAyB,CAAC;SACtD,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,SAAS,CAAC,CAAC;IAErB,IAAI;SACD,OAAO,CAAC,eAAe,CAAC;SACxB,WAAW,CAAC,kBAAkB,CAAC;SAC/B,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,IAAI;SACD,OAAO,CAAC,wBAAwB,CAAC;SACjC,WAAW,CAAC,oCAAoC,CAAC;SACjD,MAAM,CAAC,eAAe,EAAE,WAAW,CAAC;SACpC,MAAM,CAAC,sBAAsB,EAAE,kBAAkB,CAAC;SAClD,MAAM,CAAC,6BAA6B,EAAE,4DAA4D,CAAC;SACnG,MAAM,CAAC,+BAA+B,EAAE,4DAA4D,CAAC;SACrG,MAAM,CAAC,0BAA0B,EAAE,2DAA2D,CAAC;SAC/F,MAAM,CAAC,yBAAyB,EAAE,wBAAwB,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC;SACvD,MAAM,CAAC,gCAAgC,EAAE,mDAAmD,CAAC;SAC7F,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtB,IAAI;SACD,OAAO,CAAC,kBAAkB,CAAC;SAC3B,WAAW,CAAC,eAAe,CAAC;SAC5B,MAAM,CAAC,sBAAsB,EAAE,kBAAkB,CAAC;SAClD,MAAM,CAAC,yBAAyB,EAAE,wBAAwB,CAAC;SAC3D,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC;SACvD,MAAM,CAAC,kBAAkB,EAAE,qCAAqC,CAAC;SACjE,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtB,IAAI;SACD,OAAO,CAAC,kBAAkB,CAAC;SAC3B,KAAK,CAAC,IAAI,CAAC;SACX,WAAW,CAAC,eAAe,CAAC;SAC5B,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAAC;SACtC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtB,4EAA4E;IAC5E,uBAAuB;IACvB,4EAA4E;IAC5E,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,WAAW,CAAC,+BAA+B,CAAC,CAAC;IAEzG,KAAK;SACF,OAAO,CAAC,oBAAoB,CAAC;SAC7B,KAAK,CAAC,KAAK,CAAC;SACZ,WAAW,CAAC,mCAAmC,CAAC;SAChD,MAAM,CAAC,iBAAiB,EAAE,2BAA2B,CAAC;SACtD,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAE/B,4EAA4E;IAC5E,iBAAiB;IACjB,4EAA4E;IAC5E,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,0BAA0B,CAAC,CAAC;IAE/E,KAAK;SACF,OAAO,CAAC,MAAM,CAAC;SACf,KAAK,CAAC,IAAI,CAAC;SACX,WAAW,CAAC,wBAAwB,CAAC;SACrC,MAAM,CAAC,aAAa,EAAE,mBAAmB,CAAC;SAC1C,MAAM,CAAC,mBAAmB,EAAE,6CAA6C,CAAC;SAC1E,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtB,KAAK;SACF,OAAO,CAAC,gBAAgB,CAAC;SACzB,WAAW,CAAC,mBAAmB,CAAC;SAChC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEpB,KAAK;SACF,OAAO,CAAC,kBAAkB,CAAC;SAC3B,WAAW,CAAC,eAAe,CAAC;SAC5B,MAAM,CAAC,iBAAiB,EAAE,oBAAoB,CAAC;SAC/C,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtB,KAAK;SACF,OAAO,CAAC,mBAAmB,CAAC;SAC5B,WAAW,CAAC,2DAA2D,CAAC;SACxE,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;SAChD,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAAC;SACtC,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,MAAM,CAAC,WAAW,CAAC,CAAC;AACzB,CAAC"}

package/dist/commands/dynamic-secrets/lease.d.ts

@@ -0,0 +1,11 @@
+import type { LeaseListOptions, LeaseRevokeOptions } from './types.js';
+export declare function listLeases(options: LeaseListOptions): Promise<void>;
+export declare function getLease(leaseId: string, options: {
+    json?: boolean;
+}): Promise<void>;
+export declare function renewLease(leaseId: string, options: {
+    ttl?: string;
+    json?: boolean;
+}): Promise<void>;
+export declare function revokeLease(leaseId: string, options: LeaseRevokeOptions): Promise<void>;
+//# sourceMappingURL=lease.d.ts.map

package/dist/commands/dynamic-secrets/lease.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lease.d.ts","sourceRoot":"","sources":["../../../src/commands/dynamic-secrets/lease.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAA0B,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAG/F,wBAAsB,UAAU,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CA8CzE;AAED,wBAAsB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAiC1F;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE;IACzD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,GAAG,OAAO,CAAC,IAAI,CAAC,CAuBhB;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,CA+B7F"}