Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 gsadmin
|
4c7ce00504 | ||
 GraceSolutions
|
14c8c4f384 | ||
|
gsadmin
|
5e5145fdc7 | ||
|
GraceSolutions
|
6318d06362 | ||
|
gsadmin
|
98f5d7704e | ||
|
GraceSolutions
|
94bd15a8f8 | ||
|
GraceSolutions
|
daf1cdce65 |
@@ -0,0 +1,328 @@
|
||||
name: Publish to PowerShell Gallery
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
types: [closed]
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
if: github.event.pull_request.merged == true
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Verify host prerequisites (pwsh, dotnet)
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$missing = @()
|
||||
if (-not (Get-Command pwsh -ErrorAction SilentlyContinue)) { $missing += 'pwsh' }
|
||||
if (-not (Get-Command dotnet -ErrorAction SilentlyContinue)) { $missing += 'dotnet' }
|
||||
if ($missing.Count -gt 0) {
|
||||
throw "Host runner is missing required tool(s): $($missing -join ', '). Provision them on the runner host."
|
||||
}
|
||||
Write-Host ("pwsh: " + (pwsh -NoProfile -Command '$PSVersionTable.PSVersion.ToString()'))
|
||||
Write-Host ("dotnet: " + (dotnet --version))
|
||||
Write-Host '--- dotnet --info ---'
|
||||
dotnet --info
|
||||
Write-Host '--- disk free ---'
|
||||
df -h .
|
||||
Write-Host '--- memory ---'
|
||||
free -m
|
||||
|
||||
- name: Restore NuGet packages
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
Write-Host '==> dotnet restore src/PSInfisicalAPI/PSInfisicalAPI.csproj'
|
||||
dotnet restore src/PSInfisicalAPI/PSInfisicalAPI.csproj --verbosity normal
|
||||
if ($LASTEXITCODE -ne 0) { throw "Restore of PSInfisicalAPI.csproj failed with exit code $LASTEXITCODE" }
|
||||
Write-Host '==> dotnet restore src/PSInfisicalAPI.Tests/PSInfisicalAPI.Tests.csproj'
|
||||
dotnet restore src/PSInfisicalAPI.Tests/PSInfisicalAPI.Tests.csproj --verbosity normal
|
||||
if ($LASTEXITCODE -ne 0) { throw "Restore of PSInfisicalAPI.Tests.csproj failed with exit code $LASTEXITCODE" }
|
||||
|
||||
- name: Build module
|
||||
shell: pwsh
|
||||
run: ./build.ps1
|
||||
|
||||
- name: Validate module manifest
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$manifestPath = Join-Path $PWD 'Module/PSInfisicalAPI/PSInfisicalAPI.psd1'
|
||||
$manifest = Test-ModuleManifest -Path $manifestPath
|
||||
Write-Host "Manifest OK: $($manifest.Name) $($manifest.Version)"
|
||||
|
||||
- name: Upload module artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: PSInfisicalAPI-module
|
||||
path: Module/PSInfisicalAPI
|
||||
if-no-files-found: error
|
||||
retention-days: 7
|
||||
|
||||
release:
|
||||
needs: build
|
||||
if: ${{ success() && github.event.pull_request.merged == true }}
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
outputs:
|
||||
version: ${{ steps.meta.outputs.version }}
|
||||
tag: ${{ steps.meta.outputs.tag }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Verify host prerequisites (pwsh)
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
if (-not (Get-Command pwsh -ErrorAction SilentlyContinue)) {
|
||||
throw "Host runner is missing required tool: pwsh. Provision it on the runner host."
|
||||
}
|
||||
Write-Host ("pwsh: " + (pwsh -NoProfile -Command '$PSVersionTable.PSVersion.ToString()'))
|
||||
|
||||
- name: Download module artifact
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: PSInfisicalAPI-module
|
||||
path: Module/PSInfisicalAPI
|
||||
|
||||
- name: Resolve module version and tag
|
||||
id: meta
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$manifestPath = Join-Path $PWD 'Module/PSInfisicalAPI/PSInfisicalAPI.psd1'
|
||||
$manifest = Test-ModuleManifest -Path $manifestPath
|
||||
$version = $manifest.Version.ToString()
|
||||
$tag = $version
|
||||
Write-Host "Module version: $version"
|
||||
Write-Host "Release tag: $tag"
|
||||
"version=$version" | Out-File -FilePath $env:GITHUB_OUTPUT -Append -Encoding utf8
|
||||
"tag=$tag" | Out-File -FilePath $env:GITHUB_OUTPUT -Append -Encoding utf8
|
||||
|
||||
- name: Package module as release asset
|
||||
shell: pwsh
|
||||
env:
|
||||
VERSION: ${{ steps.meta.outputs.version }}
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$zipPath = Join-Path $PWD "PSInfisicalAPI-$($env:VERSION).zip"
|
||||
if (Test-Path $zipPath) { Remove-Item $zipPath -Force }
|
||||
Compress-Archive -Path 'Module/PSInfisicalAPI/*' -DestinationPath $zipPath -Force
|
||||
Write-Host "Created: $zipPath ($([math]::Round((Get-Item $zipPath).Length / 1KB, 1)) KB)"
|
||||
|
||||
- name: Create GitHub release
|
||||
shell: pwsh
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ github.token }}
|
||||
API_URL: ${{ github.api_url }}
|
||||
REPO: ${{ github.repository }}
|
||||
TAG: ${{ steps.meta.outputs.tag }}
|
||||
VERSION: ${{ steps.meta.outputs.version }}
|
||||
COMMIT_SHA: ${{ github.sha }}
|
||||
PR_NUMBER: ${{ github.event.pull_request.number }}
|
||||
PR_TITLE: ${{ github.event.pull_request.title }}
|
||||
PR_AUTHOR: ${{ github.event.pull_request.user.login }}
|
||||
SERVER_URL: ${{ github.server_url }}
|
||||
RUN_ID: ${{ github.run_id }}
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
Set-StrictMode -Version Latest
|
||||
trap { Write-Host "==> RELEASE STEP FAILED: $($_ | Out-String)"; Write-Host ($_.ScriptStackTrace); exit 1 }
|
||||
|
||||
Write-Host "==> [1/8] Validating inputs"
|
||||
Write-Host " TAG=$($env:TAG)"
|
||||
Write-Host " VERSION=$($env:VERSION)"
|
||||
Write-Host " REPO=$($env:REPO)"
|
||||
Write-Host " API_URL=$($env:API_URL)"
|
||||
Write-Host " SERVER_URL=$($env:SERVER_URL)"
|
||||
Write-Host " PR_NUMBER=$($env:PR_NUMBER)"
|
||||
Write-Host " RUN_ID=$($env:RUN_ID)"
|
||||
if ([string]::IsNullOrWhiteSpace($env:GITHUB_TOKEN)) { throw "github.token is empty." }
|
||||
if ([string]::IsNullOrWhiteSpace($env:TAG)) { throw "TAG is empty." }
|
||||
if ([string]::IsNullOrWhiteSpace($env:VERSION)) { throw "VERSION is empty." }
|
||||
if ([string]::IsNullOrWhiteSpace($env:API_URL)) { throw "API_URL is empty." }
|
||||
if ([string]::IsNullOrWhiteSpace($env:REPO)) { throw "REPO is empty." }
|
||||
if ([string]::IsNullOrWhiteSpace($env:COMMIT_SHA)) { throw "COMMIT_SHA is empty." }
|
||||
|
||||
Write-Host "==> [2/8] Deriving metadata"
|
||||
$shortSha = $env:COMMIT_SHA.Substring(0, [Math]::Min(12, $env:COMMIT_SHA.Length))
|
||||
$buildUtc = (Get-Date).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
|
||||
$runUrl = "$($env:SERVER_URL)/$($env:REPO)/actions/runs/$($env:RUN_ID)"
|
||||
$prUrl = "$($env:SERVER_URL)/$($env:REPO)/pull/$($env:PR_NUMBER)"
|
||||
Write-Host " shortSha=$shortSha"
|
||||
|
||||
Write-Host "==> [3/8] Extracting CHANGELOG section"
|
||||
$changelogSection = ''
|
||||
if (Test-Path 'CHANGELOG.md') {
|
||||
$lines = [System.IO.File]::ReadAllLines('CHANGELOG.md')
|
||||
$start = -1; $end = $lines.Length
|
||||
for ($i = 0; $i -lt $lines.Length; $i++) {
|
||||
if ($lines[$i] -match "^##\s+$([regex]::Escape($env:VERSION))\s*$") { $start = $i + 1; continue }
|
||||
if ($start -ge 0 -and $lines[$i] -match '^##\s+') { $end = $i; break }
|
||||
}
|
||||
if ($start -ge 0) {
|
||||
$changelogSection = ($lines[$start..($end - 1)] -join "`n").Trim()
|
||||
}
|
||||
}
|
||||
Write-Host " CHANGELOG section length: $($changelogSection.Length) chars"
|
||||
|
||||
Write-Host "==> [4/8] Building release body"
|
||||
$changelogText = if ($changelogSection) { $changelogSection } else { '_No CHANGELOG section found for this version._' }
|
||||
$sb = New-Object System.Text.StringBuilder
|
||||
[void]$sb.AppendLine("**PSInfisicalAPI $($env:VERSION)**")
|
||||
[void]$sb.AppendLine('')
|
||||
[void]$sb.AppendLine('| Field | Value |')
|
||||
[void]$sb.AppendLine('| --- | --- |')
|
||||
[void]$sb.AppendLine("| Version | ``$($env:VERSION)`` |")
|
||||
[void]$sb.AppendLine("| Tag | ``$($env:TAG)`` |")
|
||||
[void]$sb.AppendLine("| Commit | [``$shortSha``]($($env:SERVER_URL)/$($env:REPO)/commit/$($env:COMMIT_SHA)) |")
|
||||
[void]$sb.AppendLine("| Built (UTC) | $buildUtc |")
|
||||
[void]$sb.AppendLine("| Merged PR | [#$($env:PR_NUMBER) $($env:PR_TITLE)]($prUrl) by @$($env:PR_AUTHOR) |")
|
||||
[void]$sb.AppendLine("| Workflow run | [$($env:RUN_ID)]($runUrl) |")
|
||||
[void]$sb.AppendLine('')
|
||||
[void]$sb.AppendLine('## Changes')
|
||||
[void]$sb.AppendLine($changelogText)
|
||||
[void]$sb.AppendLine('')
|
||||
[void]$sb.AppendLine('## Install')
|
||||
[void]$sb.AppendLine('```powershell')
|
||||
[void]$sb.AppendLine("Install-Module -Name PSInfisicalAPI -RequiredVersion $($env:VERSION) -Scope CurrentUser")
|
||||
[void]$sb.AppendLine('```')
|
||||
$body = $sb.ToString()
|
||||
Write-Host " body length: $($body.Length) chars"
|
||||
|
||||
$headers = @{
|
||||
Authorization = "Bearer $($env:GITHUB_TOKEN)"
|
||||
Accept = 'application/vnd.github+json'
|
||||
'X-GitHub-Api-Version' = '2022-11-28'
|
||||
}
|
||||
$createUri = "$($env:API_URL)/repos/$($env:REPO)/releases"
|
||||
|
||||
Write-Host "==> [5/8] Checking for existing release tag: $createUri/tags/$($env:TAG)"
|
||||
$existing = $null
|
||||
try {
|
||||
$existing = Invoke-RestMethod -Method Get -Headers $headers `
|
||||
-Uri "$createUri/tags/$($env:TAG)" -ErrorAction Stop
|
||||
} catch {
|
||||
$status = $null
|
||||
try { $status = $_.Exception.Response.StatusCode.value__ } catch { }
|
||||
if ($status -ne 404) {
|
||||
Write-Host " Lookup failed (status=$status): $($_.Exception.Message)"
|
||||
throw
|
||||
}
|
||||
Write-Host " No existing release (404)."
|
||||
}
|
||||
if ($existing) {
|
||||
Write-Host " Release tag '$($env:TAG)' already exists (id=$($existing.id)); skipping creation."
|
||||
return
|
||||
}
|
||||
|
||||
Write-Host "==> [6/8] Creating release"
|
||||
$payload = @{
|
||||
tag_name = $env:TAG
|
||||
target_commitish = $env:COMMIT_SHA
|
||||
name = "PSInfisicalAPI $($env:VERSION)"
|
||||
body = $body
|
||||
draft = $false
|
||||
prerelease = $false
|
||||
} | ConvertTo-Json -Depth 4
|
||||
Write-Host " payload bytes: $([System.Text.Encoding]::UTF8.GetByteCount($payload))"
|
||||
|
||||
$release = Invoke-RestMethod -Method Post -Uri $createUri -Headers $headers `
|
||||
-ContentType 'application/json' -Body $payload
|
||||
Write-Host " Created release id=$($release.id) at $($release.html_url)"
|
||||
|
||||
Write-Host "==> [7/8] Locating release asset"
|
||||
$assetPath = Join-Path $PWD "PSInfisicalAPI-$($env:VERSION).zip"
|
||||
if (-not (Test-Path $assetPath)) { throw "Release asset not found at: $assetPath" }
|
||||
$fileBytes = [System.IO.File]::ReadAllBytes($assetPath)
|
||||
Write-Host " Asset: $assetPath ($([math]::Round($fileBytes.Length / 1KB, 1)) KB)"
|
||||
|
||||
Write-Host "==> [8/8] Uploading asset"
|
||||
# GitHub returns a URI Template in upload_url (e.g. "https://uploads.github.com/.../assets{?name,label}").
|
||||
# Strip the template suffix and append the asset name query.
|
||||
$uploadBase = ($release.upload_url -replace '\{.*\}$', '')
|
||||
$uploadUri = "$uploadBase`?name=PSInfisicalAPI-$($env:VERSION).zip"
|
||||
Invoke-RestMethod -Method Post -Uri $uploadUri -Headers $headers `
|
||||
-ContentType 'application/zip' -Body $fileBytes | Out-Null
|
||||
Write-Host "==> Done: uploaded PSInfisicalAPI-$($env:VERSION).zip"
|
||||
|
||||
publish:
|
||||
needs: release
|
||||
if: ${{ success() && github.event.pull_request.merged == true }}
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Verify host prerequisites (pwsh)
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
if (-not (Get-Command pwsh -ErrorAction SilentlyContinue)) {
|
||||
throw "Host runner is missing required tool: pwsh. Provision it on the runner host."
|
||||
}
|
||||
Write-Host ("pwsh: " + (pwsh -NoProfile -Command '$PSVersionTable.PSVersion.ToString()'))
|
||||
|
||||
- name: Download module artifact
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: PSInfisicalAPI-module
|
||||
path: Module/PSInfisicalAPI
|
||||
|
||||
- name: Bootstrap Microsoft.PowerShell.PSResourceGet
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
if (-not (Get-Module -ListAvailable -Name Microsoft.PowerShell.PSResourceGet)) {
|
||||
Write-Host "==> Installing Microsoft.PowerShell.PSResourceGet for CurrentUser"
|
||||
Install-Module -Name Microsoft.PowerShell.PSResourceGet -Scope CurrentUser -Force -AllowClobber -ErrorAction Stop
|
||||
}
|
||||
Import-Module Microsoft.PowerShell.PSResourceGet -ErrorAction Stop
|
||||
|
||||
$existing = Get-PSResourceRepository -Name PSGallery -ErrorAction SilentlyContinue
|
||||
if (-not $existing) {
|
||||
Write-Host "==> Registering PSGallery repository"
|
||||
Register-PSResourceRepository -PSGallery -Trusted -ErrorAction Stop
|
||||
} else {
|
||||
Write-Host "==> PSGallery already registered; ensuring Trusted + ApiVersion v2"
|
||||
Set-PSResourceRepository -Name PSGallery -Trusted -ApiVersion v2 -ErrorAction Stop
|
||||
}
|
||||
Get-PSResourceRepository -Name PSGallery | Format-Table Name,Uri,Trusted,ApiVersion
|
||||
|
||||
- name: Verify PowerShell Gallery API key is configured
|
||||
shell: pwsh
|
||||
env:
|
||||
PSGALLERY_API_KEY: ${{ secrets.PSGALLERY_API_KEY }}
|
||||
run: |
|
||||
if ([string]::IsNullOrWhiteSpace($env:PSGALLERY_API_KEY)) {
|
||||
throw "Repository secret 'PSGALLERY_API_KEY' is not configured."
|
||||
}
|
||||
|
||||
- name: Re-validate downloaded module manifest
|
||||
shell: pwsh
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$manifestPath = Join-Path $PWD 'Module/PSInfisicalAPI/PSInfisicalAPI.psd1'
|
||||
$manifest = Test-ModuleManifest -Path $manifestPath
|
||||
Write-Host "Manifest OK: $($manifest.Name) $($manifest.Version)"
|
||||
|
||||
- name: Publish to PowerShell Gallery
|
||||
shell: pwsh
|
||||
env:
|
||||
PSGALLERY_API_KEY: ${{ secrets.PSGALLERY_API_KEY }}
|
||||
run: |
|
||||
$ErrorActionPreference = 'Stop'
|
||||
$moduleDir = Join-Path $PWD 'Module/PSInfisicalAPI'
|
||||
Write-Host "Publishing module from: $moduleDir"
|
||||
Publish-PSResource `
|
||||
-Path $moduleDir `
|
||||
-Repository PSGallery `
|
||||
-ApiKey $env:PSGALLERY_API_KEY `
|
||||
-Verbose
|
||||
+49
-11
File diff suppressed because one or more lines are too long
@@ -1,6 +1,6 @@
|
||||
@{
|
||||
RootModule = 'PSInfisicalAPI.psm1'
|
||||
ModuleVersion = '2026.06.07.1435'
|
||||
ModuleVersion = '2026.06.16.0217'
|
||||
GUID = 'b8a2f3d4-7c51-4d2f-9e6a-1f0c8b3d4e51'
|
||||
Author = 'Grace Solutions'
|
||||
CompanyName = 'Grace Solutions'
|
||||
@@ -74,7 +74,7 @@
|
||||
LicenseUri = 'https://www.gnu.org/licenses/agpl-3.0.html'
|
||||
ProjectUri = 'https://prod.git.gracesolution.info/gsadmin/PSInfisicalAPI'
|
||||
ReleaseNotes = 'See CHANGELOG.md in the project repository for release history.'
|
||||
CommitHash = '97193d46f2ff'
|
||||
CommitHash = '6318d06362ad'
|
||||
}
|
||||
}
|
||||
}
|
||||
Binary file not shown.
@@ -1222,7 +1222,8 @@ Export-InfisicalSecrets `
|
||||
[-Scope <Process|User|Machine>] `
|
||||
[-Force] `
|
||||
[-Encoding <UTF8|UTF8Bom|Unicode>] `
|
||||
[-Prefix <string>]
|
||||
[-SecretsPrefix <string>] `
|
||||
[-ForceSecretsPrefix]
|
||||
```
|
||||
|
||||
## Parameter Rules
|
||||
@@ -1521,8 +1522,9 @@ Start-InfisicalProcess
|
||||
[-SecureArgumentList]
|
||||
[-LogOutput]
|
||||
[-ContinueOnError]
|
||||
[-Secret <InfisicalSecret[]>]
|
||||
[-Prefix <string>]
|
||||
[-Secrets <InfisicalSecret[]>]
|
||||
[-SecretsPrefix <string>]
|
||||
[-ForceSecretsPrefix]
|
||||
```
|
||||
|
||||
Behavior:
|
||||
@@ -1530,7 +1532,7 @@ Behavior:
|
||||
```text
|
||||
Buffer pipeline InfisicalSecret objects in ProcessRecord.
|
||||
Decrypt secrets only into ProcessStartInfo.Environment.
|
||||
Apply -Prefix to each secret name before injection.
|
||||
Apply -SecretsPrefix to each secret name before injection.
|
||||
Never write secret plaintext to user or machine environment scope.
|
||||
Honor -WhatIf / -Confirm.
|
||||
Default -AcceptableExitCodeList = @('0','3010').
|
||||
@@ -23,10 +23,12 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
public SwitchParameter AsPlainText { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public string Prefix { get; set; }
|
||||
[Alias("Prefix")]
|
||||
public string SecretsPrefix { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public SwitchParameter ForcePrefix { get; set; }
|
||||
[Alias("ForcePrefix")]
|
||||
public SwitchParameter ForceSecretsPrefix { get; set; }
|
||||
|
||||
private readonly List<InfisicalSecret> _buffer = new List<InfisicalSecret>();
|
||||
|
||||
@@ -47,14 +49,18 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
{
|
||||
try
|
||||
{
|
||||
Logger.Information("ConvertTo-InfisicalSecretDictionary", string.Concat("Processing ", _buffer.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " input secret(s)."));
|
||||
|
||||
if (AsPlainText.IsPresent)
|
||||
{
|
||||
Dictionary<string, string> plain = BuildDictionary<string>(secret => secret.GetPlainTextValue());
|
||||
Logger.Information("ConvertTo-InfisicalSecretDictionary", string.Concat("Built plain-text dictionary with ", plain.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " entry/entries."));
|
||||
WriteObject(plain);
|
||||
}
|
||||
else
|
||||
{
|
||||
Dictionary<string, SecureString> secure = BuildDictionary<SecureString>(secret => secret.SecretValue);
|
||||
Logger.Information("ConvertTo-InfisicalSecretDictionary", string.Concat("Built SecureString dictionary with ", secure.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " entry/entries."));
|
||||
WriteObject(secure);
|
||||
}
|
||||
}
|
||||
@@ -70,7 +76,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
foreach (InfisicalSecret secret in _buffer)
|
||||
{
|
||||
string key = InfisicalPrefix.Apply(secret.SecretName ?? string.Empty, Prefix, ForcePrefix.IsPresent);
|
||||
string key = InfisicalPrefix.Apply(secret.SecretName ?? string.Empty, SecretsPrefix, ForceSecretsPrefix.IsPresent);
|
||||
|
||||
if (dictionary.ContainsKey(key))
|
||||
{
|
||||
|
||||
@@ -39,10 +39,12 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
public InfisicalExportEncoding Encoding { get; set; } = InfisicalExportEncoding.UTF8;
|
||||
|
||||
[Parameter]
|
||||
public string Prefix { get; set; }
|
||||
[Alias("Prefix")]
|
||||
public string SecretsPrefix { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public SwitchParameter ForcePrefix { get; set; }
|
||||
[Alias("ForcePrefix")]
|
||||
public SwitchParameter ForceSecretsPrefix { get; set; }
|
||||
|
||||
private readonly List<InfisicalSecret> _buffer = new List<InfisicalSecret>();
|
||||
|
||||
@@ -73,9 +75,11 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
{
|
||||
}
|
||||
|
||||
Logger.Information("Export-InfisicalSecrets", string.Concat("Exporting ", _buffer.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret(s) as ", Format.ToString(), (Path != null ? string.Concat(" to '", Path.FullName, "'") : string.Empty), "."));
|
||||
|
||||
InfisicalExportRequest request = new InfisicalExportRequest
|
||||
{
|
||||
Secrets = ApplyPrefix(_buffer, Prefix, ForcePrefix.IsPresent),
|
||||
Secrets = ApplySecretsPrefix(_buffer, SecretsPrefix, ForceSecretsPrefix.IsPresent),
|
||||
Format = Format,
|
||||
Path = Path,
|
||||
Scope = Scope,
|
||||
@@ -92,7 +96,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
}
|
||||
|
||||
private static InfisicalSecret[] ApplyPrefix(List<InfisicalSecret> source, string prefix, bool force)
|
||||
private static InfisicalSecret[] ApplySecretsPrefix(List<InfisicalSecret> source, string prefix, bool force)
|
||||
{
|
||||
if (string.IsNullOrEmpty(prefix)) { return source.ToArray(); }
|
||||
|
||||
|
||||
@@ -46,6 +46,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalCertificateApplication[] all = client.ListCertificateApplications(connection, ProjectId, Limit, Offset);
|
||||
Logger.Information("Get-InfisicalCertificateApplication", string.Concat("Returned ", all.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " certificate application(s)."));
|
||||
foreach (InfisicalCertificateApplication app in all)
|
||||
{
|
||||
WriteObject(app);
|
||||
|
||||
@@ -52,6 +52,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
}
|
||||
|
||||
Logger.Information("Get-InfisicalCertificateAuthority", string.Concat("Returned ", all.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " certificate authority/authorities (kind=", Kind, ")."));
|
||||
foreach (InfisicalCertificateAuthority ca in all)
|
||||
{
|
||||
WriteObject(ca);
|
||||
|
||||
@@ -129,6 +129,8 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
query.Offset = (query.Offset ?? 0) + page.Certificates.Length;
|
||||
}
|
||||
|
||||
Logger.Information("Get-InfisicalCertificate", string.Concat("Returned ", emitted.ToString(System.Globalization.CultureInfo.InvariantCulture), " certificate(s)."));
|
||||
}
|
||||
catch (Exception exception)
|
||||
{
|
||||
|
||||
@@ -39,6 +39,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalCertificatePolicy[] all = client.ListCertificatePolicies(connection, ProjectId, Limit, Offset);
|
||||
Logger.Information("Get-InfisicalCertificatePolicy", string.Concat("Returned ", all.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " certificate policy/policies."));
|
||||
foreach (InfisicalCertificatePolicy policy in all)
|
||||
{
|
||||
WriteObject(policy);
|
||||
|
||||
@@ -42,6 +42,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
bool? includeConfigs = MyInvocation.BoundParameters.ContainsKey("IncludeConfigs") ? (bool?)IncludeConfigs.IsPresent : null;
|
||||
InfisicalCertificateProfile[] all = client.ListCertificateProfiles(connection, ProjectId, Limit, Offset, includeConfigs);
|
||||
Logger.Information("Get-InfisicalCertificateProfile", string.Concat("Returned ", all.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " certificate profile(s)."));
|
||||
foreach (InfisicalCertificateProfile profile in all)
|
||||
{
|
||||
WriteObject(profile);
|
||||
|
||||
@@ -35,6 +35,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalEnvironment[] envs = client.List(connection, ProjectId);
|
||||
Logger.Information("Get-InfisicalEnvironment", string.Concat("Returned ", envs.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " environment(s)."));
|
||||
foreach (InfisicalEnvironment env in envs)
|
||||
{
|
||||
WriteObject(env);
|
||||
|
||||
@@ -5,8 +5,10 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
{
|
||||
[Cmdlet(VerbsCommon.Get, "InfisicalEnvironmentVariable")]
|
||||
[OutputType(typeof(string))]
|
||||
public sealed class GetInfisicalEnvironmentVariableCmdlet : PSCmdlet
|
||||
public sealed class GetInfisicalEnvironmentVariableCmdlet : InfisicalCmdletBase
|
||||
{
|
||||
private const string Component = "Get-InfisicalEnvironmentVariable";
|
||||
|
||||
private static readonly EnvironmentVariableTarget[] TargetOrder = new[]
|
||||
{
|
||||
EnvironmentVariableTarget.Process,
|
||||
@@ -18,26 +20,38 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
[ValidateNotNullOrEmpty]
|
||||
public string Name { get; set; }
|
||||
|
||||
[Parameter(Position = 1)]
|
||||
public EnvironmentVariableTarget? Scope { get; set; }
|
||||
|
||||
protected override void ProcessRecord()
|
||||
{
|
||||
foreach (EnvironmentVariableTarget target in TargetOrder)
|
||||
EnvironmentVariableTarget[] targets = Scope.HasValue ? new[] { Scope.Value } : TargetOrder;
|
||||
|
||||
foreach (EnvironmentVariableTarget target in targets)
|
||||
{
|
||||
Logger.Verbose(Component, string.Concat("Searching ", target.ToString(), " scope for environment variable '", Name, "'."));
|
||||
|
||||
string value;
|
||||
try
|
||||
{
|
||||
value = Environment.GetEnvironmentVariable(Name, target);
|
||||
}
|
||||
catch
|
||||
catch (Exception exception)
|
||||
{
|
||||
Logger.Verbose(Component, string.Concat("Failed to read ", target.ToString(), " scope for environment variable '", Name, "': ", exception.Message));
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(value))
|
||||
{
|
||||
Logger.Information(Component, string.Concat("Found environment variable '", Name, "' in ", target.ToString(), " scope."));
|
||||
WriteObject(value);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
string scopeDescription = Scope.HasValue ? string.Concat(Scope.Value.ToString(), " scope") : "Process, User, or Machine scope";
|
||||
Logger.Information(Component, string.Concat("Environment variable '", Name, "' was not found in ", scopeDescription, "."));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -37,6 +37,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalFolder[] folders = client.List(connection, ProjectId, Environment, Path);
|
||||
Logger.Information("Get-InfisicalFolder", string.Concat("Returned ", folders.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " folder(s) from '", Path ?? "/", "'."));
|
||||
foreach (InfisicalFolder folder in folders)
|
||||
{
|
||||
WriteObject(folder);
|
||||
|
||||
@@ -33,6 +33,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalOrganization[] organizations = client.List(connection);
|
||||
Logger.Information("Get-InfisicalOrganization", string.Concat("Returned ", organizations.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " organization(s)."));
|
||||
foreach (InfisicalOrganization organization in organizations)
|
||||
{
|
||||
WriteObject(organization);
|
||||
|
||||
@@ -35,6 +35,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalPkiSubscriber[] all = client.ListPkiSubscribers(connection, ProjectId);
|
||||
Logger.Information("Get-InfisicalPkiSubscriber", string.Concat("Returned ", all.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " PKI subscriber(s)."));
|
||||
foreach (InfisicalPkiSubscriber subscriber in all)
|
||||
{
|
||||
WriteObject(subscriber);
|
||||
|
||||
@@ -39,6 +39,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalProject[] projects = client.List(connection, Type, IncludeRoles.IsPresent);
|
||||
Logger.Information("Get-InfisicalProject", string.Concat("Returned ", projects.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " project(s)."));
|
||||
foreach (InfisicalProject project in projects)
|
||||
{
|
||||
WriteObject(project);
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using System;
|
||||
using System.Collections;
|
||||
using System.Collections.Generic;
|
||||
using System.Globalization;
|
||||
using System.Management.Automation;
|
||||
using PSInfisicalAPI.Connections;
|
||||
using PSInfisicalAPI.Models;
|
||||
@@ -57,8 +58,13 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
InfisicalSecret secret = client.Retrieve(connection, query);
|
||||
if (secret != null)
|
||||
{
|
||||
Logger.Information("Get-InfisicalSecret", string.Concat("Returned 1 secret for '", SecretName, "'."));
|
||||
WriteObject(secret);
|
||||
}
|
||||
else
|
||||
{
|
||||
Logger.Information("Get-InfisicalSecret", string.Concat("No secret returned for '", SecretName, "'."));
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
@@ -79,6 +85,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
};
|
||||
|
||||
InfisicalSecret[] secrets = client.List(connection, listQuery);
|
||||
Logger.Information("Get-InfisicalSecret", string.Concat("Returned ", secrets.Length.ToString(CultureInfo.InvariantCulture), " secret(s) from '", SecretPath ?? "/", "' (recursive=", Recursive.IsPresent ? "true" : "false", ", includeImports=", IncludeImports.IsPresent ? "true" : "false", ")."));
|
||||
foreach (InfisicalSecret secret in secrets)
|
||||
{
|
||||
WriteObject(secret);
|
||||
|
||||
@@ -45,6 +45,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
bool? isAccessible = MyInvocation.BoundParameters.ContainsKey("IsAccessible") ? (bool?)IsAccessible.IsPresent : null;
|
||||
InfisicalSubOrganization[] subOrganizations = client.List(connection, Limit, Offset, Search, OrderBy, OrderDirection, isAccessible);
|
||||
Logger.Information("Get-InfisicalSubOrganization", string.Concat("Returned ", subOrganizations.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " sub-organization(s)."));
|
||||
foreach (InfisicalSubOrganization subOrganization in subOrganizations)
|
||||
{
|
||||
WriteObject(subOrganization);
|
||||
|
||||
@@ -35,6 +35,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
}
|
||||
|
||||
InfisicalTag[] tags = client.List(connection, ProjectId);
|
||||
Logger.Information("Get-InfisicalTag", string.Concat("Returned ", tags.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " tag(s)."));
|
||||
foreach (InfisicalTag tag in tags)
|
||||
{
|
||||
WriteObject(tag);
|
||||
|
||||
@@ -30,10 +30,12 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
public SwitchParameter AsPlainText { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public string Prefix { get; set; }
|
||||
[Alias("Prefix")]
|
||||
public string SecretsPrefix { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public SwitchParameter ForcePrefix { get; set; }
|
||||
[Alias("ForcePrefix")]
|
||||
public SwitchParameter ForceSecretsPrefix { get; set; }
|
||||
|
||||
protected override void EndProcessing()
|
||||
{
|
||||
@@ -47,15 +49,18 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
IInfisicalImporter importer = InfisicalImporterFactory.Create(Format);
|
||||
IList<KeyValuePair<string, string>> pairs = importer.Import(Path);
|
||||
Logger.Information("Import-InfisicalSecret", string.Concat("Parsed ", pairs.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret pair(s) from '", Path.FullName, "' (format=", Format.ToString(), ")."));
|
||||
|
||||
if (AsPlainText.IsPresent)
|
||||
{
|
||||
Dictionary<string, string> plain = BuildDictionary<string>(pairs, value => value ?? string.Empty);
|
||||
Logger.Information("Import-InfisicalSecret", string.Concat("Built plain-text dictionary with ", plain.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " entry/entries."));
|
||||
WriteObject(plain);
|
||||
}
|
||||
else
|
||||
{
|
||||
Dictionary<string, SecureString> secure = BuildDictionary<SecureString>(pairs, value => SecureStringUtility.ToReadOnlySecureString(value ?? string.Empty));
|
||||
Logger.Information("Import-InfisicalSecret", string.Concat("Built SecureString dictionary with ", secure.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " entry/entries."));
|
||||
WriteObject(secure);
|
||||
}
|
||||
}
|
||||
@@ -74,7 +79,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
foreach (KeyValuePair<string, string> pair in pairs)
|
||||
{
|
||||
if (pair.Key == null) { continue; }
|
||||
string key = InfisicalPrefix.Apply(pair.Key, Prefix, ForcePrefix.IsPresent);
|
||||
string key = InfisicalPrefix.Apply(pair.Key, SecretsPrefix, ForceSecretsPrefix.IsPresent);
|
||||
|
||||
if (dictionary.ContainsKey(key))
|
||||
{
|
||||
|
||||
@@ -58,10 +58,12 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
Secrets = InfisicalBulkSecretConverter.ToCreateItems(Secrets)
|
||||
};
|
||||
|
||||
Logger.Information("New-InfisicalSecret", string.Concat("Bulk-creating ", Secrets.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret(s)."));
|
||||
InfisicalSecretsClient bulkClient = new InfisicalSecretsClient(HttpClient, Logger);
|
||||
InfisicalSecret[] created = bulkClient.CreateBatch(connection, bulk);
|
||||
if (created != null)
|
||||
{
|
||||
Logger.Information("New-InfisicalSecret", string.Concat("Server returned ", created.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " created secret(s)."));
|
||||
foreach (InfisicalSecret secret in created) { WriteObject(secret); }
|
||||
}
|
||||
|
||||
|
||||
@@ -47,6 +47,7 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
SecretNames = SecretNames
|
||||
};
|
||||
|
||||
Logger.Information("Remove-InfisicalSecret", string.Concat("Bulk-removing ", SecretNames.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret(s)."));
|
||||
client.DeleteBatch(connection, bulk);
|
||||
|
||||
if (PassThru.IsPresent)
|
||||
|
||||
@@ -89,21 +89,23 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
public SwitchParameter ContinueOnError { get; set; }
|
||||
|
||||
[Parameter(ValueFromPipeline = true)]
|
||||
[Alias("Secrets", "InputObject")]
|
||||
public InfisicalSecret[] Secret { get; set; }
|
||||
[Alias("Secret", "InputObject")]
|
||||
public InfisicalSecret[] Secrets { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public string Prefix { get; set; }
|
||||
[Alias("Prefix")]
|
||||
public string SecretsPrefix { get; set; }
|
||||
|
||||
[Parameter]
|
||||
public SwitchParameter ForcePrefix { get; set; }
|
||||
[Alias("ForcePrefix")]
|
||||
public SwitchParameter ForceSecretsPrefix { get; set; }
|
||||
|
||||
private readonly List<InfisicalSecret> _secretBuffer = new List<InfisicalSecret>();
|
||||
|
||||
protected override void ProcessRecord()
|
||||
{
|
||||
if (Secret == null) { return; }
|
||||
foreach (InfisicalSecret secret in Secret)
|
||||
if (Secrets == null) { return; }
|
||||
foreach (InfisicalSecret secret in Secrets)
|
||||
{
|
||||
if (secret != null) { _secretBuffer.Add(secret); }
|
||||
}
|
||||
@@ -119,6 +121,9 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
|
||||
if (!ShouldProcess(target, "Start process with Infisical secrets")) { return; }
|
||||
|
||||
int envVarCount = EnvironmentVariables != null ? EnvironmentVariables.Count : 0;
|
||||
Logger.Information("Start-InfisicalProcess", string.Concat("Injecting ", _secretBuffer.Count.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret(s) and ", envVarCount.ToString(System.Globalization.CultureInfo.InvariantCulture), " explicit environment variable(s) into process environment."));
|
||||
|
||||
InfisicalProcessOptions options = new InfisicalProcessOptions
|
||||
{
|
||||
FilePath = FilePath,
|
||||
@@ -138,8 +143,8 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
LogOutput = LogOutput.IsPresent,
|
||||
ContinueOnError = ContinueOnError.IsPresent,
|
||||
Secrets = _secretBuffer.ToArray(),
|
||||
Prefix = Prefix,
|
||||
ForcePrefix = ForcePrefix.IsPresent
|
||||
SecretsPrefix = SecretsPrefix,
|
||||
ForceSecretsPrefix = ForceSecretsPrefix.IsPresent
|
||||
};
|
||||
|
||||
InfisicalProcessResult result = InfisicalProcessRunner.Run(options, Logger);
|
||||
|
||||
@@ -56,10 +56,12 @@ namespace PSInfisicalAPI.Cmdlets
|
||||
Secrets = InfisicalBulkSecretConverter.ToUpdateItems(Secrets)
|
||||
};
|
||||
|
||||
Logger.Information("Update-InfisicalSecret", string.Concat("Bulk-updating ", Secrets.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " secret(s)."));
|
||||
InfisicalSecretsClient bulkClient = new InfisicalSecretsClient(HttpClient, Logger);
|
||||
InfisicalSecret[] updated = bulkClient.UpdateBatch(connection, bulk);
|
||||
if (updated != null)
|
||||
{
|
||||
Logger.Information("Update-InfisicalSecret", string.Concat("Server returned ", updated.Length.ToString(System.Globalization.CultureInfo.InvariantCulture), " updated secret(s)."));
|
||||
foreach (InfisicalSecret secret in updated) { WriteObject(secret); }
|
||||
}
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@ namespace PSInfisicalAPI.Process
|
||||
public bool LogOutput { get; set; }
|
||||
public bool ContinueOnError { get; set; }
|
||||
public InfisicalSecret[] Secrets { get; set; }
|
||||
public string Prefix { get; set; }
|
||||
public bool ForcePrefix { get; set; }
|
||||
public string SecretsPrefix { get; set; }
|
||||
public bool ForceSecretsPrefix { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,7 +24,7 @@ namespace PSInfisicalAPI.Process
|
||||
|
||||
if (options.EnvironmentVariables != null && options.EnvironmentVariables.Count > 0)
|
||||
{
|
||||
Log(logger, string.Concat("Injecting ", options.EnvironmentVariables.Count, " explicit environment variable(s) into the process."));
|
||||
LogInformation(logger, string.Concat("Injecting ", options.EnvironmentVariables.Count, " explicit environment variable(s) into the process."));
|
||||
foreach (DictionaryEntry entry in options.EnvironmentVariables)
|
||||
{
|
||||
if (entry.Key == null) { continue; }
|
||||
@@ -36,11 +36,11 @@ namespace PSInfisicalAPI.Process
|
||||
|
||||
if (options.Secrets == null || options.Secrets.Length == 0) { return; }
|
||||
|
||||
Log(logger, string.Concat("Injecting ", options.Secrets.Length, " Infisical secret(s) into the process environment."));
|
||||
LogInformation(logger, string.Concat("Injecting ", options.Secrets.Length, " Infisical secret(s) into the process environment."));
|
||||
foreach (InfisicalSecret secret in options.Secrets)
|
||||
{
|
||||
if (secret == null || string.IsNullOrEmpty(secret.SecretName) || secret.SecretValue == null) { continue; }
|
||||
string name = InfisicalPrefix.Apply(secret.SecretName, options.Prefix, options.ForcePrefix);
|
||||
string name = InfisicalPrefix.Apply(secret.SecretName, options.SecretsPrefix, options.ForceSecretsPrefix);
|
||||
SecureStringUtility.UsePlainText(secret.SecretValue, plain =>
|
||||
{
|
||||
processEnv[name] = plain;
|
||||
@@ -193,5 +193,10 @@ namespace PSInfisicalAPI.Process
|
||||
{
|
||||
if (logger != null) { logger.Verbose(Component, message); }
|
||||
}
|
||||
|
||||
private static void LogInformation(IInfisicalLogger logger, string message)
|
||||
{
|
||||
if (logger != null) { logger.Information(Component, message); }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -75,8 +75,8 @@ namespace PSInfisicalAPI.Secrets
|
||||
InfisicalSecretListResponseDto dto = _serializer.Deserialize<InfisicalSecretListResponseDto>(response.Body);
|
||||
response.Clear();
|
||||
|
||||
InfisicalSecret[] mapped = InfisicalSecretMapper.MapMany(dto != null ? dto.Secrets : null);
|
||||
_logger.Information(Component, "Infisical secrets retrieval was successful.");
|
||||
InfisicalSecret[] mapped = MergeListAndImports(dto);
|
||||
_logger.Information(Component, string.Concat("Infisical secrets retrieval was successful. Returned ", mapped.Length.ToString(CultureInfo.InvariantCulture), " secret(s)."));
|
||||
return mapped;
|
||||
}
|
||||
catch (Exception)
|
||||
@@ -465,6 +465,66 @@ namespace PSInfisicalAPI.Secrets
|
||||
}
|
||||
}
|
||||
|
||||
private InfisicalSecret[] MergeListAndImports(InfisicalSecretListResponseDto dto)
|
||||
{
|
||||
if (dto == null) { return Array.Empty<InfisicalSecret>(); }
|
||||
|
||||
InfisicalSecret[] local = InfisicalSecretMapper.MapMany(dto.Secrets);
|
||||
|
||||
if (dto.Imports == null || dto.Imports.Count == 0)
|
||||
{
|
||||
return local;
|
||||
}
|
||||
|
||||
Dictionary<string, InfisicalSecret> merged = new Dictionary<string, InfisicalSecret>(StringComparer.Ordinal);
|
||||
int importsTotal = 0;
|
||||
|
||||
foreach (InfisicalSecretImportDto import in dto.Imports)
|
||||
{
|
||||
if (import == null) { continue; }
|
||||
InfisicalSecret[] importedSecrets = InfisicalSecretMapper.MapMany(import.Secrets);
|
||||
importsTotal += importedSecrets.Length;
|
||||
|
||||
_logger.Information(Component, string.Concat(
|
||||
"Including ",
|
||||
importedSecrets.Length.ToString(CultureInfo.InvariantCulture),
|
||||
" secret(s) from import '",
|
||||
import.SecretPath ?? string.Empty,
|
||||
"' (environment='",
|
||||
import.Environment ?? string.Empty,
|
||||
"')."));
|
||||
|
||||
foreach (InfisicalSecret secret in importedSecrets)
|
||||
{
|
||||
if (secret == null || string.IsNullOrEmpty(secret.SecretName)) { continue; }
|
||||
merged[secret.SecretName] = secret;
|
||||
}
|
||||
}
|
||||
|
||||
int overrides = 0;
|
||||
foreach (InfisicalSecret secret in local)
|
||||
{
|
||||
if (secret == null || string.IsNullOrEmpty(secret.SecretName)) { continue; }
|
||||
if (merged.ContainsKey(secret.SecretName)) { overrides++; }
|
||||
merged[secret.SecretName] = secret;
|
||||
}
|
||||
|
||||
_logger.Information(Component, string.Concat(
|
||||
"Merged secrets: local=",
|
||||
local.Length.ToString(CultureInfo.InvariantCulture),
|
||||
", imports=",
|
||||
importsTotal.ToString(CultureInfo.InvariantCulture),
|
||||
", local-overrode-import=",
|
||||
overrides.ToString(CultureInfo.InvariantCulture),
|
||||
", final=",
|
||||
merged.Count.ToString(CultureInfo.InvariantCulture),
|
||||
"."));
|
||||
|
||||
InfisicalSecret[] result = new InfisicalSecret[merged.Count];
|
||||
merged.Values.CopyTo(result, 0);
|
||||
return result;
|
||||
}
|
||||
|
||||
private InfisicalHttpResponse SendWithVersionFallback(
|
||||
InfisicalConnection connection,
|
||||
string endpointName,
|
||||
|
||||
Reference in New Issue
Block a user