diff --git a/src/custom/dynamic-secrets.ts b/src/custom/dynamic-secrets.ts index 466f04e..2bfe2d3 100644 --- a/src/custom/dynamic-secrets.ts +++ b/src/custom/dynamic-secrets.ts @@ -1,6 +1,9 @@ import { RawAxiosRequestConfig } from "axios"; import { Configuration, DefaultApi as InfisicalApi } from "../infisicalapi_client"; import type { + ApiV1DynamicSecretsGet200ResponseDynamicSecretsInner, + ApiV1DynamicSecretsLeasesLeaseIdDelete200Response, + ApiV1DynamicSecretsLeasesPost200Response, DefaultApiApiV1DynamicSecretsLeasesLeaseIdDeleteRequest, DefaultApiApiV1DynamicSecretsLeasesLeaseIdRenewPostRequest, DefaultApiApiV1DynamicSecretsLeasesPostRequest, @@ -11,9 +14,21 @@ import type { import type { TDynamicSecretProvider } from "./schemas/dynamic-secrets"; import { newInfisicalError } from "./errors"; -type CreateDynamicSecretOptions = Omit & { +export type CreateDynamicSecretOptions = Omit & { provider: TDynamicSecretProvider; }; +export type DeleteDynamicSecretOptions = DefaultApiApiV1DynamicSecretsNameDeleteRequest["apiV1DynamicSecretsNameDeleteRequest"]; +export type CreateDynamicSecretLeaseOptions = DefaultApiApiV1DynamicSecretsLeasesPostRequest["apiV1DynamicSecretsLeasesPostRequest"]; +export type DeleteDynamicSecretLeaseOptions = + DefaultApiApiV1DynamicSecretsLeasesLeaseIdDeleteRequest["apiV1DynamicSecretsLeasesLeaseIdDeleteRequest"]; +export type RenewDynamicSecretLeaseOptions = + DefaultApiApiV1DynamicSecretsLeasesLeaseIdRenewPostRequest["apiV1DynamicSecretsLeasesLeaseIdRenewPostRequest"]; + +export type CreateDynamicSecretResult = ApiV1DynamicSecretsGet200ResponseDynamicSecretsInner; +export type DeleteDynamicSecretResult = ApiV1DynamicSecretsGet200ResponseDynamicSecretsInner; +export type CreateDynamicSecretLeaseResult = ApiV1DynamicSecretsLeasesPost200Response; +export type DeleteDynamicSecretLeaseResult = ApiV1DynamicSecretsLeasesLeaseIdDelete200Response; +export type RenewDynamicSecretLeaseResult = ApiV1DynamicSecretsLeasesLeaseIdDelete200Response; export default class DynamicSecretsClient { #apiInstance: InfisicalApi; @@ -23,7 +38,7 @@ export default class DynamicSecretsClient { this.#requestOptions = requestOptions; } - async create(options: CreateDynamicSecretOptions) { + async create(options: CreateDynamicSecretOptions): Promise { try { const res = await this.#apiInstance.apiV1DynamicSecretsPost( { @@ -38,7 +53,7 @@ export default class DynamicSecretsClient { } } - async delete(dynamicSecretName: string, options: DefaultApiApiV1DynamicSecretsNameDeleteRequest["apiV1DynamicSecretsNameDeleteRequest"]) { + async delete(dynamicSecretName: string, options: DeleteDynamicSecretOptions): Promise { try { const res = await this.#apiInstance.apiV1DynamicSecretsNameDelete( { @@ -55,7 +70,7 @@ export default class DynamicSecretsClient { } leases = { - create: async (options: DefaultApiApiV1DynamicSecretsLeasesPostRequest["apiV1DynamicSecretsLeasesPostRequest"]) => { + create: async (options: CreateDynamicSecretLeaseOptions): Promise => { try { const res = await this.#apiInstance.apiV1DynamicSecretsLeasesPost( { @@ -69,10 +84,7 @@ export default class DynamicSecretsClient { throw newInfisicalError(err); } }, - delete: async ( - leaseId: string, - options: DefaultApiApiV1DynamicSecretsLeasesLeaseIdDeleteRequest["apiV1DynamicSecretsLeasesLeaseIdDeleteRequest"] - ) => { + delete: async (leaseId: string, options: DeleteDynamicSecretLeaseOptions): Promise => { try { const res = await this.#apiInstance.apiV1DynamicSecretsLeasesLeaseIdDelete( { @@ -88,10 +100,7 @@ export default class DynamicSecretsClient { } }, - renew: async ( - leaseId: string, - options: DefaultApiApiV1DynamicSecretsLeasesLeaseIdRenewPostRequest["apiV1DynamicSecretsLeasesLeaseIdRenewPostRequest"] - ) => { + renew: async (leaseId: string, options: RenewDynamicSecretLeaseOptions): Promise => { try { const res = await this.#apiInstance.apiV1DynamicSecretsLeasesLeaseIdRenewPost( { diff --git a/src/custom/schemas/dynamic-secrets.ts b/src/custom/schemas/dynamic-secrets.ts index 31ac3f6..30ac9b1 100644 --- a/src/custom/schemas/dynamic-secrets.ts +++ b/src/custom/schemas/dynamic-secrets.ts @@ -12,7 +12,7 @@ export enum ElasticSearchAuthTypes { ApiKey = "api-key" } -export const DynamicSecretRedisDBSchema = z.object({ +const DynamicSecretRedisDBSchema = z.object({ host: z.string().trim().toLowerCase(), port: z.number(), username: z.string().trim(), // this is often "default". @@ -23,7 +23,7 @@ export const DynamicSecretRedisDBSchema = z.object({ ca: z.string().optional() }); -export const DynamicSecretAwsElastiCacheSchema = z.object({ +const DynamicSecretAwsElastiCacheSchema = z.object({ clusterName: z.string().trim().min(1), accessKeyId: z.string().trim().min(1), secretAccessKey: z.string().trim().min(1), @@ -34,7 +34,7 @@ export const DynamicSecretAwsElastiCacheSchema = z.object({ ca: z.string().optional() }); -export const DynamicSecretElasticSearchSchema = z.object({ +const DynamicSecretElasticSearchSchema = z.object({ host: z.string().trim().min(1), port: z.number(), roles: z.array(z.string().trim().min(1)).min(1), @@ -56,7 +56,7 @@ export const DynamicSecretElasticSearchSchema = z.object({ ca: z.string().optional() }); -export const DynamicSecretRabbitMqSchema = z.object({ +const DynamicSecretRabbitMqSchema = z.object({ host: z.string().trim().min(1), port: z.number(), tags: z.array(z.string().trim()).default([]), @@ -76,7 +76,7 @@ export const DynamicSecretRabbitMqSchema = z.object({ }) }); -export const DynamicSecretSqlDBSchema = z.object({ +const DynamicSecretSqlDBSchema = z.object({ client: z.nativeEnum(SqlProviders), host: z.string().trim().toLowerCase(), port: z.number(), @@ -89,7 +89,7 @@ export const DynamicSecretSqlDBSchema = z.object({ ca: z.string().optional() }); -export const DynamicSecretCassandraSchema = z.object({ +const DynamicSecretCassandraSchema = z.object({ host: z.string().trim().toLowerCase(), port: z.number(), localDataCenter: z.string().trim().min(1), @@ -102,7 +102,7 @@ export const DynamicSecretCassandraSchema = z.object({ ca: z.string().optional() }); -export const DynamicSecretAwsIamSchema = z.object({ +const DynamicSecretAwsIamSchema = z.object({ accessKey: z.string().trim().min(1), secretAccessKey: z.string().trim().min(1), region: z.string().trim().min(1), @@ -113,7 +113,7 @@ export const DynamicSecretAwsIamSchema = z.object({ policyArns: z.string().trim().optional() }); -export const DynamicSecretMongoAtlasSchema = z.object({ +const DynamicSecretMongoAtlasSchema = z.object({ adminPublicKey: z.string().trim().min(1).describe("Admin user public api key"), adminPrivateKey: z.string().trim().min(1).describe("Admin user private api key"), groupId: z.string().trim().min(1).describe("Unique 24-hexadecimal digit string that identifies your project. This is same as project id"), @@ -141,7 +141,7 @@ export const DynamicSecretMongoAtlasSchema = z.object({ .array() }); -export const DynamicSecretMongoDBSchema = z.object({ +const DynamicSecretMongoDBSchema = z.object({ host: z.string().min(1).trim().toLowerCase(), port: z.number().optional(), username: z.string().min(1).trim(), @@ -157,7 +157,28 @@ export const DynamicSecretMongoDBSchema = z.object({ ) }); -export const AzureEntraIDSchema = z.object({ +const DynamicSecretSapHanaSchema = z.object({ + host: z.string().trim().toLowerCase(), + port: z.number(), + username: z.string().trim(), + password: z.string().trim(), + creationStatement: z.string().trim(), + revocationStatement: z.string().trim(), + renewStatement: z.string().trim().optional(), + ca: z.string().optional() +}); + +const DynamicSecretSnowflakeSchema = z.object({ + accountId: z.string().trim().min(1), + orgId: z.string().trim().min(1), + username: z.string().trim().min(1), + password: z.string().trim().min(1), + creationStatement: z.string().trim().min(1), + revocationStatement: z.string().trim().min(1), + renewStatement: z.string().trim().optional() +}); + +const AzureEntraIDSchema = z.object({ tenantId: z.string().trim().min(1), userId: z.string().trim().min(1), email: z.string().trim().min(1), @@ -165,7 +186,7 @@ export const AzureEntraIDSchema = z.object({ clientSecret: z.string().trim().min(1) }); -export const LdapSchema = z.object({ +const LdapSchema = z.object({ url: z.string().trim().min(1), binddn: z.string().trim().min(1), bindpass: z.string().trim().min(1), @@ -187,21 +208,25 @@ export enum DynamicSecretProviders { MongoDB = "mongo-db", RabbitMq = "rabbit-mq", AzureEntraID = "azure-entra-id", - Ldap = "ldap" + Ldap = "ldap", + SapHana = "sap-hana", + Snowflake = "snowflake" } -export const DynamicSecretProviderSchema = z.discriminatedUnion("type", [ +const DynamicSecretProviderSchema = z.discriminatedUnion("type", [ z.object({ type: z.literal(DynamicSecretProviders.SqlDatabase), inputs: DynamicSecretSqlDBSchema }), z.object({ type: z.literal(DynamicSecretProviders.Cassandra), inputs: DynamicSecretCassandraSchema }), z.object({ type: z.literal(DynamicSecretProviders.AwsIam), inputs: DynamicSecretAwsIamSchema }), z.object({ type: z.literal(DynamicSecretProviders.Redis), inputs: DynamicSecretRedisDBSchema }), + z.object({ type: z.literal(DynamicSecretProviders.SapHana), inputs: DynamicSecretSapHanaSchema }), z.object({ type: z.literal(DynamicSecretProviders.AwsElastiCache), inputs: DynamicSecretAwsElastiCacheSchema }), z.object({ type: z.literal(DynamicSecretProviders.MongoAtlas), inputs: DynamicSecretMongoAtlasSchema }), z.object({ type: z.literal(DynamicSecretProviders.ElasticSearch), inputs: DynamicSecretElasticSearchSchema }), z.object({ type: z.literal(DynamicSecretProviders.MongoDB), inputs: DynamicSecretMongoDBSchema }), z.object({ type: z.literal(DynamicSecretProviders.RabbitMq), inputs: DynamicSecretRabbitMqSchema }), z.object({ type: z.literal(DynamicSecretProviders.AzureEntraID), inputs: AzureEntraIDSchema }), - z.object({ type: z.literal(DynamicSecretProviders.Ldap), inputs: LdapSchema }) + z.object({ type: z.literal(DynamicSecretProviders.Ldap), inputs: LdapSchema }), + z.object({ type: z.literal(DynamicSecretProviders.Snowflake), inputs: DynamicSecretSnowflakeSchema }) ]); export type TDynamicSecretProvider = z.infer; diff --git a/src/custom/secrets.ts b/src/custom/secrets.ts index 185754d..eeb75a2 100644 --- a/src/custom/secrets.ts +++ b/src/custom/secrets.ts @@ -1,6 +1,9 @@ import { RawAxiosRequestConfig } from "axios"; import { DefaultApi as InfisicalApi } from "../infisicalapi_client"; import type { + ApiV3SecretsRawGet200Response, + ApiV3SecretsRawSecretNameGet200Response, + ApiV3SecretsRawSecretNamePost200Response, DefaultApiApiV3SecretsRawSecretNameDeleteRequest, DefaultApiApiV3SecretsRawSecretNamePatchRequest, DefaultApiApiV3SecretsRawSecretNamePostRequest @@ -30,18 +33,24 @@ type GetSecretOptions = { projectId: string; }; -type UpdateSecretOptions = Omit & { +export type UpdateSecretOptions = Omit & { projectId: string; }; -type CreateSecretOptions = Omit & { +export type CreateSecretOptions = Omit & { projectId: string; }; -type DeleteSecretOptions = Omit & { +export type DeleteSecretOptions = Omit & { projectId: string; }; +export type ListSecretsResult = ApiV3SecretsRawGet200Response; +export type GetSecretResult = ApiV3SecretsRawSecretNameGet200Response["secret"]; +export type UpdateSecretResult = ApiV3SecretsRawSecretNamePost200Response; +export type CreateSecretResult = ApiV3SecretsRawSecretNamePost200Response; +export type DeleteSecretResult = ApiV3SecretsRawSecretNamePost200Response; + const convertBool = (value: boolean | undefined) => (value ? "true" : "false"); export default class SecretsClient { @@ -52,7 +61,7 @@ export default class SecretsClient { this.#requestOptions = requestOptions; } - listSecrets = async (options: ListSecretsOptions) => { + listSecrets = async (options: ListSecretsOptions): Promise => { try { const res = await this.#apiInstance.apiV3SecretsRawGet( { @@ -72,7 +81,7 @@ export default class SecretsClient { } }; - getSecret = async (options: GetSecretOptions) => { + getSecret = async (options: GetSecretOptions): Promise => { try { const res = await this.#apiInstance.apiV3SecretsRawSecretNameGet( { @@ -93,7 +102,10 @@ export default class SecretsClient { } }; - updateSecret = async (secretName: DefaultApiApiV3SecretsRawSecretNamePatchRequest["secretName"], options: UpdateSecretOptions) => { + updateSecret = async ( + secretName: DefaultApiApiV3SecretsRawSecretNamePatchRequest["secretName"], + options: UpdateSecretOptions + ): Promise => { try { const res = await this.#apiInstance.apiV3SecretsRawSecretNamePatch( { @@ -111,7 +123,10 @@ export default class SecretsClient { } }; - createSecret = async (secretName: DefaultApiApiV3SecretsRawSecretNamePostRequest["secretName"], options: CreateSecretOptions) => { + createSecret = async ( + secretName: DefaultApiApiV3SecretsRawSecretNamePostRequest["secretName"], + options: CreateSecretOptions + ): Promise => { try { const res = await this.#apiInstance.apiV3SecretsRawSecretNamePost( { @@ -129,7 +144,10 @@ export default class SecretsClient { } }; - deleteSecret = async (secretName: DefaultApiApiV3SecretsRawSecretNameDeleteRequest["secretName"], options: DeleteSecretOptions) => { + deleteSecret = async ( + secretName: DefaultApiApiV3SecretsRawSecretNameDeleteRequest["secretName"], + options: DeleteSecretOptions + ): Promise => { try { const res = await this.#apiInstance.apiV3SecretsRawSecretNameDelete( { diff --git a/src/index.ts b/src/index.ts index 5359b8a..94ee7a1 100644 --- a/src/index.ts +++ b/src/index.ts @@ -73,4 +73,6 @@ class InfisicalSDK { } export { InfisicalSDK, ApiClient }; -export * from "./custom/schemas"; +export { TDynamicSecretProvider, DynamicSecretProviders } from "./custom/schemas"; +export type * from "./custom/secrets"; +export type * from "./custom/dynamic-secrets";