M8: CHANGELOG + DesignSpec for 2026.06.03.2136 (CRUD + auth provider expansion); refresh published manifest/binary

2026-06-03 17:38:45 -04:00
parent d9822aab7a
commit 09c3d5c68b
4 changed files with 96 additions and 14 deletions
@@ -6,6 +6,19 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) loos
 ## Unreleased
 ## 2026.06.03.2136
 - Build produced from commit d9822aab7a4a.
 - **Resource CRUD expansion**: Added full Get/New/Update/Remove cmdlet families for Projects, Environments, Folders, and Tags (20 new cmdlets):
  - Projects: `Get-InfisicalProjects`, `Get-InfisicalProject`, `New-InfisicalProject`, `Update-InfisicalProject`, `Remove-InfisicalProject`.
  - Environments: `Get-InfisicalEnvironments`, `Get-InfisicalEnvironment`, `New-InfisicalEnvironment`, `Update-InfisicalEnvironment`, `Remove-InfisicalEnvironment`.
  - Folders: `Get-InfisicalFolders`, `Get-InfisicalFolder`, `New-InfisicalFolder`, `Update-InfisicalFolder`, `Remove-InfisicalFolder`.
  - Tags: `Get-InfisicalTags`, `Get-InfisicalTag`, `New-InfisicalTag`, `Update-InfisicalTag`, `Remove-InfisicalTag`.
 - **Secret mutation cmdlets**: Added `New-InfisicalSecret`, `Update-InfisicalSecret`, and `Remove-InfisicalSecret`; extended `InfisicalSecretsClient` with corresponding create/update/delete operations.
 - **Additional auth providers**: `Connect-Infisical` now supports JWT (`-Jwt -IdentityId`), OIDC (`-Jwt -IdentityId`), LDAP (`-Username -Password`), Azure (`-Jwt -IdentityId`), and GCP IAM (`-Jwt -IdentityId`) via dedicated parameter sets. Common identity-login flow is centralized in `IdentityLoginExecutor`.
 - Endpoint registry expanded with login routes (`/api/v1/auth/{jwt|oidc|ldap|azure|gcp}-auth/login`) and CRUD routes for projects (v2), environments, folders, tags, and secret mutations.
 - Test suite expanded to 139 passing tests, including mapper round-trips for projects/environments/folders/tags, secret mutation DTO shapes, and request-body validation for each new auth provider.
 ## 2026.06.03.0131
 - Build produced from commit 7be0b7b42008.
@@ -1,6 +1,6 @@
@{
    RootModule           = 'PSInfisicalAPI.psm1'
-    ModuleVersion        = '2026.06.03.0131'
+    ModuleVersion        = '2026.06.03.2136'
    GUID                 = 'b8a2f3d4-7c51-4d2f-9e6a-1f0c8b3d4e51'
    Author               = 'Grace Solutions'
    CompanyName          = 'Grace Solutions'
@@ -14,8 +14,31 @@
        'Disconnect-Infisical',
        'Get-InfisicalSecrets',
        'Get-InfisicalSecret',
        'New-InfisicalSecret',
        'Update-InfisicalSecret',
        'Remove-InfisicalSecret',
        'ConvertTo-InfisicalSecretDictionary',
-        'Export-InfisicalSecrets'
+        'Export-InfisicalSecrets',
        'Get-InfisicalProjects',
        'Get-InfisicalProject',
        'New-InfisicalProject',
        'Update-InfisicalProject',
        'Remove-InfisicalProject',
        'Get-InfisicalEnvironments',
        'Get-InfisicalEnvironment',
        'New-InfisicalEnvironment',
        'Update-InfisicalEnvironment',
        'Remove-InfisicalEnvironment',
        'Get-InfisicalFolders',
        'Get-InfisicalFolder',
        'New-InfisicalFolder',
        'Update-InfisicalFolder',
        'Remove-InfisicalFolder',
        'Get-InfisicalTags',
        'Get-InfisicalTag',
        'New-InfisicalTag',
        'Update-InfisicalTag',
        'Remove-InfisicalTag'
    )
    AliasesToExport      = @()
    VariablesToExport    = @()
@@ -27,7 +50,7 @@
            LicenseUri   = 'https://www.gnu.org/licenses/agpl-3.0.html'
            ProjectUri   = 'https://prod.git.gracesolution.info/gsadmin/PSInfisicalAPI'
            ReleaseNotes = 'See CHANGELOG.md in the project repository for release history.'
-            CommitHash   = '7be0b7b42008'
+            CommitHash   = 'd9822aab7a4a'
        }
    }
 }
@@ -6,15 +6,38 @@
 The goal is to establish a strong, reusable, secure framework first, then initially implement secret retrieval and export workflows.
-Initial public cmdlets:
+Public cmdlets:
 ```powershell
 Connect-Infisical
 Disconnect-Infisical
 Get-InfisicalSecrets
 Get-InfisicalSecret
 New-InfisicalSecret
 Update-InfisicalSecret
 Remove-InfisicalSecret
 ConvertTo-InfisicalSecretDictionary
 Export-InfisicalSecrets
 Get-InfisicalProjects
 Get-InfisicalProject
 New-InfisicalProject
 Update-InfisicalProject
 Remove-InfisicalProject
 Get-InfisicalEnvironments
 Get-InfisicalEnvironment
 New-InfisicalEnvironment
 Update-InfisicalEnvironment
 Remove-InfisicalEnvironment
 Get-InfisicalFolders
 Get-InfisicalFolder
 New-InfisicalFolder
 Update-InfisicalFolder
 Remove-InfisicalFolder
 Get-InfisicalTags
 Get-InfisicalTag
 New-InfisicalTag
 Update-InfisicalTag
 Remove-InfisicalTag
 ```
 Infisical’s public API is REST-based and provides programmatic access for managing secrets and related resources. Current Infisical documentation shows the list-secrets endpoint under `/api/v4/secrets`, the single-secret retrieval endpoint under `/api/v4/secrets/{secretName}`, and Universal Auth login under `/api/v1/auth/universal-auth/login`. The implementation must centralize API endpoint definitions because Infisical uses different API versions across resource families. ([Infisical Blog][1])
@@ -198,8 +221,31 @@ Example shape:
        'Disconnect-Infisical',
        'Get-InfisicalSecrets',
        'Get-InfisicalSecret',
        'New-InfisicalSecret',
        'Update-InfisicalSecret',
        'Remove-InfisicalSecret',
        'ConvertTo-InfisicalSecretDictionary',
-        'Export-InfisicalSecrets'
+        'Export-InfisicalSecrets',
        'Get-InfisicalProjects',
        'Get-InfisicalProject',
        'New-InfisicalProject',
        'Update-InfisicalProject',
        'Remove-InfisicalProject',
        'Get-InfisicalEnvironments',
        'Get-InfisicalEnvironment',
        'New-InfisicalEnvironment',
        'Update-InfisicalEnvironment',
        'Remove-InfisicalEnvironment',
        'Get-InfisicalFolders',
        'Get-InfisicalFolder',
        'New-InfisicalFolder',
        'Update-InfisicalFolder',
        'Remove-InfisicalFolder',
        'Get-InfisicalTags',
        'Get-InfisicalTag',
        'New-InfisicalTag',
        'Update-InfisicalTag',
        'Remove-InfisicalTag'
    )
    AliasesToExport = @()
    PrivateData = @{
@@ -698,29 +744,29 @@ Internal implementation must still use proper typed path handling.
 # 12. Authentication Design
-## 12.1 Supported Initial Auth Types
+## 12.1 Supported Auth Types
-Initial implementation:
+Currently implemented:
 ```text
 Universal Auth
 Token Auth
 JWT Auth
 OIDC Auth
 LDAP Auth
 Azure Auth
 GCP IAM Auth
 ```
-Infisical documents identity authentication modes such as Universal Auth and Token Auth for API access, and API interaction requires an access token. ([Infisical Blog][3])
+Each implemented provider is exposed as a dedicated `Connect-Infisical` parameter set. Identity-based providers (JWT, OIDC, Azure, GCP IAM) share a common login flow via `IdentityLoginExecutor` and POST to `/api/v1/auth/{provider}-auth/login`. Infisical documents identity authentication modes such as Universal Auth and Token Auth for API access, and API interaction requires an access token. ([Infisical Blog][3])
 ## 12.2 Future Auth Types
 Design must allow future support for:
 ```text
-AWS Auth
+AWS IAM Auth
 Azure Auth
 GCP Auth
 Kubernetes Auth
 OIDC Auth
 JWT Auth
 LDAP Auth
 TLS Certificate Auth
 Alibaba Cloud Auth
 OCI Auth