gsadmin/PSInfisicalAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity

feat: add Import-InfisicalSecret + Get-InfisicalEnvironmentVariable + -Prefix on ConvertTo-InfisicalSecretDictionary

Browse Source
This commit is contained in:
GraceSolutions
2026-06-07 10:16:20 -04:00
parent 1aa51b8cbf
commit b5575222eb
17 changed files with 556 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+6
View File
@@ -6,6 +6,12 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) loos
## Unreleased
## 2026.06.07.1350
- Build produced from commit 1aa51b8cbf9c.
## Unreleased (carried forward)
## 2026.06.07.0017
- Build produced from commit 77cb03ec9845.
Module/PSInfisicalAPI/PSInfisicalAPI.psd1
+4 -2
View File
@@ -1,6 +1,6 @@
@{
RootModule = 'PSInfisicalAPI.psm1'
ModuleVersion = '2026.06.07.0017'
ModuleVersion = '2026.06.07.1350'
GUID = 'b8a2f3d4-7c51-4d2f-9e6a-1f0c8b3d4e51'
Author = 'Grace Solutions'
CompanyName = 'Grace Solutions'
@@ -19,6 +19,7 @@
'Copy-InfisicalSecret',
'ConvertTo-InfisicalSecretDictionary',
'Export-InfisicalSecrets',
'Import-InfisicalSecret',
'Get-InfisicalProject',
'New-InfisicalProject',
'Update-InfisicalProject',
@@ -60,6 +61,7 @@
'Export-InfisicalScepMdmProfile',
'Write-InfisicalScepMdmProfileToWmi',
'Start-InfisicalProcess',
'Get-InfisicalEnvironmentVariable',
'Get-InfisicalSANList'
)
AliasesToExport = @()
@@ -72,7 +74,7 @@
LicenseUri = 'https://www.gnu.org/licenses/agpl-3.0.html'
ProjectUri = 'https://prod.git.gracesolution.info/gsadmin/PSInfisicalAPI'
ReleaseNotes = 'See CHANGELOG.md in the project repository for release history.'
CommitHash = '77cb03ec9845'
CommitHash = '1aa51b8cbf9c'
}
}
}
Module/PSInfisicalAPI/bin/PSInfisicalAPI.dll
BIN
View File
Binary file not shown.
Module/PSInfisicalAPI/bin/en-US/PSInfisicalAPI.dll-Help.xml
+75 -1
View File
@@ -295,7 +295,7 @@ $CopyInfisicalSecretResult = Copy-InfisicalSecret @CopyInfisicalSecretParameters
<command:noun>InfisicalSecretDictionary</command:noun>
</command:details>
<maml:description>
<maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins).</maml:para>
<maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins). -Prefix prepends a string to every dictionary key (e.g. SecretName 'API_KEY' with -Prefix 'MYAPP_' becomes key 'MYAPP_API_KEY'); the underlying InfisicalSecret objects are not mutated.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
@@ -322,6 +322,11 @@ $ConvertToInfisicalSecretDictionaryParameters.Verbose = $True
$ConvertToInfisicalSecretDictionaryResult = ConvertTo-InfisicalSecretDictionary @ConvertToInfisicalSecretDictionaryParameters</dev:code>
<dev:remarks><maml:para>Aggregates recursive secret results into a plain-text dictionary, with the last value winning on key collisions.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 3</maml:title>
<dev:code>Get-InfisicalSecret -ProjectId $ProjectId -Environment 'dev' | ConvertTo-InfisicalSecretDictionary -Prefix 'MYAPP_' -AsPlainText</dev:code>
<dev:remarks><maml:para>Builds a plain-text dictionary whose keys are namespaced with 'MYAPP_' (e.g. API_KEY becomes MYAPP_API_KEY); the source InfisicalSecret objects are unchanged.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
@@ -369,6 +374,44 @@ $ExportInfisicalSecretsResult = Export-InfisicalSecrets @ExportInfisicalSecretsP
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Import-InfisicalSecret</command:name>
<maml:description><maml:para>Reads a previously exported secrets file (Json, Yaml, Env, or Xml) back into a name-keyed Dictionary.</maml:para></maml:description>
<command:verb>Import</command:verb>
<command:noun>InfisicalSecret</command:noun>
</command:details>
<maml:description>
<maml:para>Loads the file at -Path (which must exist) using the parser matching -Format and returns a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText for a plain string dictionary. -Prefix prepends to every emitted key. -DuplicateKeyBehavior controls collision handling (Error, FirstWins, LastWins). The EnvironmentVariables format is intentionally not supported here; use [Environment]::GetEnvironmentVariable or Get-InfisicalEnvironmentVariable for environment-backed values.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Importers expect the same schema that Export-InfisicalSecrets produces (Json/Yaml = array or 'Secrets' root list of {SecretName, SecretValue}; Xml = &lt;Secrets&gt;&lt;Secret&gt;&lt;SecretName/&gt;&lt;SecretValue/&gt;; Env = KEY=VALUE per line, '#' comments allowed). JSON and YAML additionally accept a flat key/value object as a convenience.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>$Secrets = Import-InfisicalSecret -Path '.\secrets.json' -Format Json</dev:code>
<dev:remarks><maml:para>Reads a JSON export back into a Dictionary&lt;string, SecureString&gt; keyed by the original SecretName values.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>$ImportInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
$ImportInfisicalSecretParameters.Path = [System.IO.FileInfo]'.\secrets.env'
$ImportInfisicalSecretParameters.Format = 'Env'
$ImportInfisicalSecretParameters.Prefix = 'MYAPP_'
$ImportInfisicalSecretParameters.DuplicateKeyBehavior = 'LastWins'
$ImportInfisicalSecretParameters.AsPlainText = $True
$ImportInfisicalSecretResult = Import-InfisicalSecret @ImportInfisicalSecretParameters</dev:code>
<dev:remarks><maml:para>Loads a .env file into a plain-text dictionary, namespacing every key with 'MYAPP_' and letting the last occurrence win on duplicates.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalProject</command:name>
@@ -1701,6 +1744,37 @@ $StartInfisicalProcessResult = Start-InfisicalProcess @StartInfisicalProcessPara
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalEnvironmentVariable</command:name>
<maml:description><maml:para>Reads an environment variable from the first scope that has a non-empty value (Process > User > Machine).</maml:para></maml:description>
<command:verb>Get</command:verb>
<command:noun>InfisicalEnvironmentVariable</command:noun>
</command:details>
<maml:description>
<maml:para>Returns the value of -Name from the first scope that contains a non-empty value, checking Process, then User, then Machine in that order. Emits nothing when the variable is missing or blank in every scope, so an assignment yields $null without writing errors or warnings. Platform-unsupported scopes (User and Machine on non-Windows) are silently skipped.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Designed for the same discovery semantics the rest of PSInfisicalAPI uses when resolving connection inputs from the environment. Pipe-friendly: accepts -Name from the pipeline by value and by property name.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>$Value = Get-InfisicalEnvironmentVariable -Name 'INFISICAL_CLIENT_ID'</dev:code>
<dev:remarks><maml:para>Returns the first non-empty value of INFISICAL_CLIENT_ID across Process, User, and Machine scopes; assigns $null when the variable is unset everywhere.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>@('INFISICAL_BASE_URI','INFISICAL_PROJECT_ID') | Get-InfisicalEnvironmentVariable</dev:code>
<dev:remarks><maml:para>Pipes a list of variable names through the cmdlet and emits one value per name that is set in any scope.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalOrganization</command:name>
Module/PSInfisicalAPI/en-US/PSInfisicalAPI.dll-Help.xml
+75 -1
View File
@@ -295,7 +295,7 @@ $CopyInfisicalSecretResult = Copy-InfisicalSecret @CopyInfisicalSecretParameters
<command:noun>InfisicalSecretDictionary</command:noun>
</command:details>
<maml:description>
<maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins).</maml:para>
<maml:para>Aggregates an incoming pipeline of InfisicalSecret objects into a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText to materialize string values. Duplicate keys are handled via the -DuplicateKeyBehavior parameter (Error, FirstWins, LastWins). -Prefix prepends a string to every dictionary key (e.g. SecretName 'API_KEY' with -Prefix 'MYAPP_' becomes key 'MYAPP_API_KEY'); the underlying InfisicalSecret objects are not mutated.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
@@ -322,6 +322,11 @@ $ConvertToInfisicalSecretDictionaryParameters.Verbose = $True
$ConvertToInfisicalSecretDictionaryResult = ConvertTo-InfisicalSecretDictionary @ConvertToInfisicalSecretDictionaryParameters</dev:code>
<dev:remarks><maml:para>Aggregates recursive secret results into a plain-text dictionary, with the last value winning on key collisions.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 3</maml:title>
<dev:code>Get-InfisicalSecret -ProjectId $ProjectId -Environment 'dev' | ConvertTo-InfisicalSecretDictionary -Prefix 'MYAPP_' -AsPlainText</dev:code>
<dev:remarks><maml:para>Builds a plain-text dictionary whose keys are namespaced with 'MYAPP_' (e.g. API_KEY becomes MYAPP_API_KEY); the source InfisicalSecret objects are unchanged.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
@@ -369,6 +374,44 @@ $ExportInfisicalSecretsResult = Export-InfisicalSecrets @ExportInfisicalSecretsP
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Import-InfisicalSecret</command:name>
<maml:description><maml:para>Reads a previously exported secrets file (Json, Yaml, Env, or Xml) back into a name-keyed Dictionary.</maml:para></maml:description>
<command:verb>Import</command:verb>
<command:noun>InfisicalSecret</command:noun>
</command:details>
<maml:description>
<maml:para>Loads the file at -Path (which must exist) using the parser matching -Format and returns a case-insensitive Dictionary keyed by SecretName. By default values are SecureString; pass -AsPlainText for a plain string dictionary. -Prefix prepends to every emitted key. -DuplicateKeyBehavior controls collision handling (Error, FirstWins, LastWins). The EnvironmentVariables format is intentionally not supported here; use [Environment]::GetEnvironmentVariable or Get-InfisicalEnvironmentVariable for environment-backed values.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Importers expect the same schema that Export-InfisicalSecrets produces (Json/Yaml = array or 'Secrets' root list of {SecretName, SecretValue}; Xml = &lt;Secrets&gt;&lt;Secret&gt;&lt;SecretName/&gt;&lt;SecretValue/&gt;; Env = KEY=VALUE per line, '#' comments allowed). JSON and YAML additionally accept a flat key/value object as a convenience.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>$Secrets = Import-InfisicalSecret -Path '.\secrets.json' -Format Json</dev:code>
<dev:remarks><maml:para>Reads a JSON export back into a Dictionary&lt;string, SecureString&gt; keyed by the original SecretName values.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>$ImportInfisicalSecretParameters = New-Object -TypeName 'System.Collections.Specialized.OrderedDictionary' -ArgumentList ([System.StringComparer]::OrdinalIgnoreCase)
$ImportInfisicalSecretParameters.Path = [System.IO.FileInfo]'.\secrets.env'
$ImportInfisicalSecretParameters.Format = 'Env'
$ImportInfisicalSecretParameters.Prefix = 'MYAPP_'
$ImportInfisicalSecretParameters.DuplicateKeyBehavior = 'LastWins'
$ImportInfisicalSecretParameters.AsPlainText = $True
$ImportInfisicalSecretResult = Import-InfisicalSecret @ImportInfisicalSecretParameters</dev:code>
<dev:remarks><maml:para>Loads a .env file into a plain-text dictionary, namespacing every key with 'MYAPP_' and letting the last occurrence win on duplicates.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalProject</command:name>
@@ -1701,6 +1744,37 @@ $StartInfisicalProcessResult = Start-InfisicalProcess @StartInfisicalProcessPara
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalEnvironmentVariable</command:name>
<maml:description><maml:para>Reads an environment variable from the first scope that has a non-empty value (Process > User > Machine).</maml:para></maml:description>
<command:verb>Get</command:verb>
<command:noun>InfisicalEnvironmentVariable</command:noun>
</command:details>
<maml:description>
<maml:para>Returns the value of -Name from the first scope that contains a non-empty value, checking Process, then User, then Machine in that order. Emits nothing when the variable is missing or blank in every scope, so an assignment yields $null without writing errors or warnings. Platform-unsupported scopes (User and Machine on non-Windows) are silently skipped.</maml:para>
</maml:description>
<maml:alertSet>
<maml:title>Notes</maml:title>
<maml:alert>
<maml:para>Designed for the same discovery semantics the rest of PSInfisicalAPI uses when resolving connection inputs from the environment. Pipe-friendly: accepts -Name from the pipeline by value and by property name.</maml:para>
</maml:alert>
</maml:alertSet>
<command:examples>
<command:example>
<maml:title>EXAMPLE 1</maml:title>
<dev:code>$Value = Get-InfisicalEnvironmentVariable -Name 'INFISICAL_CLIENT_ID'</dev:code>
<dev:remarks><maml:para>Returns the first non-empty value of INFISICAL_CLIENT_ID across Process, User, and Machine scopes; assigns $null when the variable is unset everywhere.</maml:para></dev:remarks>
</command:example>
<command:example>
<maml:title>EXAMPLE 2</maml:title>
<dev:code>@('INFISICAL_BASE_URI','INFISICAL_PROJECT_ID') | Get-InfisicalEnvironmentVariable</dev:code>
<dev:remarks><maml:para>Pipes a list of variable names through the cmdlet and emits one value per name that is set in any scope.</maml:para></dev:remarks>
</command:example>
</command:examples>
</command:command>
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>Get-InfisicalOrganization</command:name>
build.ps1
+3 -1
View File
@@ -113,6 +113,7 @@ function Write-Manifest {
'Copy-InfisicalSecret',
'ConvertTo-InfisicalSecretDictionary',
'Export-InfisicalSecrets',
'Import-InfisicalSecret',
'Get-InfisicalProject',
'New-InfisicalProject',
'Update-InfisicalProject',
@@ -154,6 +155,7 @@ function Write-Manifest {
'Export-InfisicalScepMdmProfile',
'Write-InfisicalScepMdmProfileToWmi',
'Start-InfisicalProcess',
'Get-InfisicalEnvironmentVariable',
'Get-InfisicalSANList'
)
AliasesToExport = @()
@@ -219,7 +221,7 @@ if (`$cmds.Count -eq 0) {
throw "No cmdlets were exported by the PSInfisicalAPI module."
}
`$expectedCmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','Copy-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalOrganization','New-InfisicalOrganization','Update-InfisicalOrganization','Remove-InfisicalOrganization','Get-InfisicalSubOrganization','New-InfisicalSubOrganization','Update-InfisicalSubOrganization','Remove-InfisicalSubOrganization','Get-InfisicalCertificateAuthority','Get-InfisicalPkiSubscriber','Get-InfisicalCertificateProfile','Get-InfisicalCertificatePolicy','Get-InfisicalCertificate','Request-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate','Get-InfisicalCertificateApplication','Get-InfisicalCertificateApplicationEnrollment','New-InfisicalScepDynamicChallenge','Get-InfisicalScepMdmProfile','Export-InfisicalScepMdmProfile','Write-InfisicalScepMdmProfileToWmi','Start-InfisicalProcess','Get-InfisicalSANList')
`$expectedCmds = @('Connect-Infisical','Disconnect-Infisical','Get-InfisicalSecret','New-InfisicalSecret','Update-InfisicalSecret','Remove-InfisicalSecret','Copy-InfisicalSecret','ConvertTo-InfisicalSecretDictionary','Export-InfisicalSecrets','Import-InfisicalSecret','Get-InfisicalProject','New-InfisicalProject','Update-InfisicalProject','Remove-InfisicalProject','Get-InfisicalEnvironment','New-InfisicalEnvironment','Update-InfisicalEnvironment','Remove-InfisicalEnvironment','Get-InfisicalFolder','New-InfisicalFolder','Update-InfisicalFolder','Remove-InfisicalFolder','Get-InfisicalTag','New-InfisicalTag','Update-InfisicalTag','Remove-InfisicalTag','Get-InfisicalOrganization','New-InfisicalOrganization','Update-InfisicalOrganization','Remove-InfisicalOrganization','Get-InfisicalSubOrganization','New-InfisicalSubOrganization','Update-InfisicalSubOrganization','Remove-InfisicalSubOrganization','Get-InfisicalCertificateAuthority','Get-InfisicalPkiSubscriber','Get-InfisicalCertificateProfile','Get-InfisicalCertificatePolicy','Get-InfisicalCertificate','Request-InfisicalCertificate','ConvertTo-InfisicalCertificate','Install-InfisicalCertificate','Uninstall-InfisicalCertificate','Export-InfisicalCertificate','Get-InfisicalCertificateApplication','Get-InfisicalCertificateApplicationEnrollment','New-InfisicalScepDynamicChallenge','Get-InfisicalScepMdmProfile','Export-InfisicalScepMdmProfile','Write-InfisicalScepMdmProfileToWmi','Start-InfisicalProcess','Get-InfisicalEnvironmentVariable','Get-InfisicalSANList')
foreach (`$expected in `$expectedCmds) {
if (-not (Get-Command -Name `$expected -Module PSInfisicalAPI -ErrorAction SilentlyContinue)) {
throw "Cmdlet not found: `$expected"
src/PSInfisicalAPI/Cmdlets/ConvertToInfisicalSecretDictionaryCmdlet.cs
+5 -1
View File
@@ -21,6 +21,9 @@ namespace PSInfisicalAPI.Cmdlets
[Parameter]
public SwitchParameter AsPlainText { get; set; }
[Parameter]
public string Prefix { get; set; }
private readonly List<InfisicalSecret> _buffer = new List<InfisicalSecret>();
protected override void ProcessRecord()
@@ -60,10 +63,11 @@ namespace PSInfisicalAPI.Cmdlets
private Dictionary<string, TValue> BuildDictionary<TValue>(Func<InfisicalSecret, TValue> valueSelector)
{
Dictionary<string, TValue> dictionary = new Dictionary<string, TValue>(StringComparer.OrdinalIgnoreCase);
string prefix = Prefix ?? string.Empty;
foreach (InfisicalSecret secret in _buffer)
{
string key = secret.SecretName ?? string.Empty;
string key = string.Concat(prefix, secret.SecretName ?? string.Empty);
if (dictionary.ContainsKey(key))
{
src/PSInfisicalAPI/Cmdlets/GetInfisicalEnvironmentVariableCmdlet.cs
+43
View File
@@ -0,0 +1,43 @@
using System;
using System.Management.Automation;
namespace PSInfisicalAPI.Cmdlets
{
[Cmdlet(VerbsCommon.Get, "InfisicalEnvironmentVariable")]
[OutputType(typeof(string))]
public sealed class GetInfisicalEnvironmentVariableCmdlet : PSCmdlet
{
private static readonly EnvironmentVariableTarget[] TargetOrder = new[]
{
EnvironmentVariableTarget.Process,
EnvironmentVariableTarget.User,
EnvironmentVariableTarget.Machine
};
[Parameter(Mandatory = true, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true)]
[ValidateNotNullOrEmpty]
public string Name { get; set; }
protected override void ProcessRecord()
{
foreach (EnvironmentVariableTarget target in TargetOrder)
{
string value;
try
{
value = Environment.GetEnvironmentVariable(Name, target);
}
catch
{
continue;
}
if (!string.IsNullOrEmpty(value))
{
WriteObject(value);
return;
}
}
}
}
}
src/PSInfisicalAPI/Cmdlets/ImportInfisicalSecretCmdlet.cs
+97
View File
@@ -0,0 +1,97 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Management.Automation;
using System.Security;
using PSInfisicalAPI.Errors;
using PSInfisicalAPI.Imports;
using PSInfisicalAPI.Models;
using PSInfisicalAPI.Security;
namespace PSInfisicalAPI.Cmdlets
{
[Cmdlet(VerbsData.Import, "InfisicalSecret")]
[OutputType(typeof(Dictionary<string, SecureString>))]
[OutputType(typeof(Dictionary<string, string>))]
public sealed class ImportInfisicalSecretCmdlet : InfisicalCmdletBase
{
[Parameter(Mandatory = true, Position = 0)]
[ValidateNotNull]
public FileInfo Path { get; set; }
[Parameter(Mandatory = true)]
public InfisicalImportFormat Format { get; set; }
[Parameter]
public InfisicalDuplicateKeyBehavior DuplicateKeyBehavior { get; set; } = InfisicalDuplicateKeyBehavior.Error;
[Parameter]
public SwitchParameter AsPlainText { get; set; }
[Parameter]
public string Prefix { get; set; }
protected override void EndProcessing()
{
try
{
Path.Refresh();
if (!Path.Exists)
{
throw new InfisicalImportException(string.Concat("Import path does not exist: ", Path.FullName));
}
IInfisicalImporter importer = InfisicalImporterFactory.Create(Format);
IList<KeyValuePair<string, string>> pairs = importer.Import(Path);
if (AsPlainText.IsPresent)
{
Dictionary<string, string> plain = BuildDictionary<string>(pairs, value => value ?? string.Empty);
WriteObject(plain);
}
else
{
Dictionary<string, SecureString> secure = BuildDictionary<SecureString>(pairs, value => SecureStringUtility.ToReadOnlySecureString(value ?? string.Empty));
WriteObject(secure);
}
}
catch (Exception exception)
{
ThrowTerminatingForException("ImportInfisicalSecretCmdlet", "ImportSecret", exception);
}
}
private Dictionary<string, TValue> BuildDictionary<TValue>(
IList<KeyValuePair<string, string>> pairs,
Func<string, TValue> valueSelector)
{
Dictionary<string, TValue> dictionary = new Dictionary<string, TValue>(StringComparer.OrdinalIgnoreCase);
string prefix = Prefix ?? string.Empty;
foreach (KeyValuePair<string, string> pair in pairs)
{
if (pair.Key == null) { continue; }
string key = string.Concat(prefix, pair.Key);
if (dictionary.ContainsKey(key))
{
if (DuplicateKeyBehavior == InfisicalDuplicateKeyBehavior.Error)
{
throw new InfisicalConfigurationException(string.Concat("Duplicate secret name encountered: ", key));
}
if (DuplicateKeyBehavior == InfisicalDuplicateKeyBehavior.LastWins)
{
dictionary[key] = valueSelector(pair.Value);
}
continue;
}
dictionary[key] = valueSelector(pair.Value);
}
return dictionary;
}
}
}
src/PSInfisicalAPI/Errors/InfisicalException.cs
+7
View File
@@ -75,6 +75,13 @@ namespace PSInfisicalAPI.Errors
public InfisicalExportException(string message, Exception innerException) : base(message, innerException) { }
}
public class InfisicalImportException : InfisicalException
{
public InfisicalImportException() { }
public InfisicalImportException(string message) : base(message) { }
public InfisicalImportException(string message, Exception innerException) : base(message, innerException) { }
}
public class InfisicalConfigurationException : InfisicalException
{
public InfisicalConfigurationException() { }
src/PSInfisicalAPI/Imports/EnvInfisicalImporter.cs
+36
View File
@@ -0,0 +1,36 @@
using System.Collections.Generic;
using System.IO;
using PSInfisicalAPI.Errors;
namespace PSInfisicalAPI.Imports
{
public sealed class EnvInfisicalImporter : IInfisicalImporter
{
public IList<KeyValuePair<string, string>> Import(FileInfo path)
{
if (path == null) { throw new InfisicalImportException("Path is required for ENV import."); }
List<KeyValuePair<string, string>> result = new List<KeyValuePair<string, string>>();
string[] lines = File.ReadAllLines(path.FullName);
foreach (string raw in lines)
{
if (raw == null) { continue; }
string line = raw.Trim();
if (line.Length == 0) { continue; }
if (line[0] == '#') { continue; }
int idx = line.IndexOf('=');
if (idx <= 0) { continue; }
string key = line.Substring(0, idx).Trim();
string value = line.Substring(idx + 1);
if (key.Length == 0) { continue; }
result.Add(new KeyValuePair<string, string>(key, value));
}
return result;
}
}
}
src/PSInfisicalAPI/Imports/IInfisicalImporter.cs
+10
View File
@@ -0,0 +1,10 @@
using System.Collections.Generic;
using System.IO;
namespace PSInfisicalAPI.Imports
{
public interface IInfisicalImporter
{
IList<KeyValuePair<string, string>> Import(FileInfo path);
}
}
src/PSInfisicalAPI/Imports/InfisicalImporterFactory.cs
+20
View File
@@ -0,0 +1,20 @@
using PSInfisicalAPI.Errors;
using PSInfisicalAPI.Models;
namespace PSInfisicalAPI.Imports
{
public static class InfisicalImporterFactory
{
public static IInfisicalImporter Create(InfisicalImportFormat format)
{
switch (format)
{
case InfisicalImportFormat.Json: return new JsonInfisicalImporter();
case InfisicalImportFormat.Yaml: return new YamlInfisicalImporter();
case InfisicalImportFormat.Env: return new EnvInfisicalImporter();
case InfisicalImportFormat.Xml: return new XmlInfisicalImporter();
default: throw new InfisicalImportException(string.Concat("Unsupported import format: ", format.ToString()));
}
}
}
}
src/PSInfisicalAPI/Imports/JsonInfisicalImporter.cs
+53
View File
@@ -0,0 +1,53 @@
using System.Collections.Generic;
using System.IO;
using Newtonsoft.Json.Linq;
using PSInfisicalAPI.Errors;
namespace PSInfisicalAPI.Imports
{
public sealed class JsonInfisicalImporter : IInfisicalImporter
{
public IList<KeyValuePair<string, string>> Import(FileInfo path)
{
if (path == null) { throw new InfisicalImportException("Path is required for JSON import."); }
List<KeyValuePair<string, string>> result = new List<KeyValuePair<string, string>>();
string text = File.ReadAllText(path.FullName);
JToken root = JToken.Parse(text);
if (root.Type == JTokenType.Array)
{
foreach (JToken item in (JArray)root)
{
if (item == null || item.Type != JTokenType.Object) { continue; }
string key = ReadString((JObject)item, "SecretName") ?? ReadString((JObject)item, "secretName");
string value = ReadString((JObject)item, "SecretValue") ?? ReadString((JObject)item, "secretValue");
if (string.IsNullOrEmpty(key)) { continue; }
result.Add(new KeyValuePair<string, string>(key, value ?? string.Empty));
}
}
else if (root.Type == JTokenType.Object)
{
foreach (JProperty prop in ((JObject)root).Properties())
{
if (prop == null || string.IsNullOrEmpty(prop.Name)) { continue; }
string value = prop.Value != null && prop.Value.Type != JTokenType.Null ? prop.Value.ToString() : string.Empty;
result.Add(new KeyValuePair<string, string>(prop.Name, value));
}
}
else
{
throw new InfisicalImportException("JSON import expects an array of secret objects or a flat key/value object.");
}
return result;
}
private static string ReadString(JObject obj, string name)
{
JToken token;
if (!obj.TryGetValue(name, out token) || token == null || token.Type == JTokenType.Null) { return null; }
return token.ToString();
}
}
}
src/PSInfisicalAPI/Imports/XmlInfisicalImporter.cs
+51
View File
@@ -0,0 +1,51 @@
using System.Collections.Generic;
using System.IO;
using System.Xml;
using PSInfisicalAPI.Errors;
namespace PSInfisicalAPI.Imports
{
public sealed class XmlInfisicalImporter : IInfisicalImporter
{
public IList<KeyValuePair<string, string>> Import(FileInfo path)
{
if (path == null) { throw new InfisicalImportException("Path is required for XML import."); }
List<KeyValuePair<string, string>> result = new List<KeyValuePair<string, string>>();
XmlDocument document = new XmlDocument();
document.Load(path.FullName);
XmlNode root = document.DocumentElement;
if (root == null || !string.Equals(root.LocalName, "Secrets", System.StringComparison.Ordinal))
{
throw new InfisicalImportException("XML import expects a root <Secrets> element.");
}
foreach (XmlNode node in root.ChildNodes)
{
if (node == null || node.NodeType != XmlNodeType.Element) { continue; }
if (!string.Equals(node.LocalName, "Secret", System.StringComparison.Ordinal)) { continue; }
string key = ReadChild(node, "SecretName");
string value = ReadChild(node, "SecretValue");
if (string.IsNullOrEmpty(key)) { continue; }
result.Add(new KeyValuePair<string, string>(key, value ?? string.Empty));
}
return result;
}
private static string ReadChild(XmlNode parent, string name)
{
foreach (XmlNode child in parent.ChildNodes)
{
if (child == null || child.NodeType != XmlNodeType.Element) { continue; }
if (string.Equals(child.LocalName, name, System.StringComparison.Ordinal))
{
return child.InnerText;
}
}
return null;
}
}
}
src/PSInfisicalAPI/Imports/YamlInfisicalImporter.cs
+61
View File
@@ -0,0 +1,61 @@
using System.Collections;
using System.Collections.Generic;
using System.IO;
using PSInfisicalAPI.Errors;
using YamlDotNet.Serialization;
namespace PSInfisicalAPI.Imports
{
public sealed class YamlInfisicalImporter : IInfisicalImporter
{
public IList<KeyValuePair<string, string>> Import(FileInfo path)
{
if (path == null) { throw new InfisicalImportException("Path is required for YAML import."); }
List<KeyValuePair<string, string>> result = new List<KeyValuePair<string, string>>();
string text = File.ReadAllText(path.FullName);
IDeserializer deserializer = new DeserializerBuilder().Build();
object root = deserializer.Deserialize<object>(text);
if (root == null) { return result; }
IDictionary rootMap = root as IDictionary;
if (rootMap != null && rootMap.Contains("Secrets"))
{
IList entries = rootMap["Secrets"] as IList;
if (entries != null)
{
foreach (object entry in entries)
{
IDictionary map = entry as IDictionary;
if (map == null) { continue; }
string key = AsString(map["SecretName"]);
string value = AsString(map["SecretValue"]);
if (string.IsNullOrEmpty(key)) { continue; }
result.Add(new KeyValuePair<string, string>(key, value ?? string.Empty));
}
return result;
}
}
if (rootMap != null)
{
foreach (DictionaryEntry kvp in rootMap)
{
string key = AsString(kvp.Key);
if (string.IsNullOrEmpty(key)) { continue; }
result.Add(new KeyValuePair<string, string>(key, AsString(kvp.Value) ?? string.Empty));
}
return result;
}
throw new InfisicalImportException("YAML import expects a 'Secrets' root list or a flat key/value mapping.");
}
private static string AsString(object value)
{
if (value == null) { return null; }
return value.ToString();
}
}
}
src/PSInfisicalAPI/Models/InfisicalImportFormat.cs
+10
View File
@@ -0,0 +1,10 @@
namespace PSInfisicalAPI.Models
{
public enum InfisicalImportFormat
{
Json,
Yaml,
Env,
Xml
}
}