feat(cli): changed all secret endpoint to raw endpoint

Infisical · Jul 14, 2024 · b2c62c4 · b2c62c4
1 parent ebbccdb
commit b2c62c4
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 431 deletions.
diff --git a/cli/packages/api/api.go b/cli/packages/api/api.go
@@ -225,25 +225,6 @@ func CallIsAuthenticated(httpClient *resty.Client) bool {
 	return true
 }
 
-func CallGetAccessibleEnvironments(httpClient *resty.Client, request GetAccessibleEnvironmentsRequest) (GetAccessibleEnvironmentsResponse, error) {
-	var accessibleEnvironmentsResponse GetAccessibleEnvironmentsResponse
-	response, err := httpClient.
-		R().
-		SetResult(&accessibleEnvironmentsResponse).
-		SetHeader("User-Agent", USER_AGENT).
-		Get(fmt.Sprintf("%v/v2/workspace/%s/environments", config.INFISICAL_URL, request.WorkspaceId))
-
-	if err != nil {
-		return GetAccessibleEnvironmentsResponse{}, err
-	}
-
-	if response.IsError() {
-		return GetAccessibleEnvironmentsResponse{}, fmt.Errorf("CallGetAccessibleEnvironments: Unsuccessful response:  [response=%v] [response-code=%v] [url=%s]", response, response.StatusCode(), response.Request.URL)
-	}
-
-	return accessibleEnvironmentsResponse, nil
-}
-
 func CallGetNewAccessTokenWithRefreshToken(httpClient *resty.Client, refreshToken string) (GetNewAccessTokenWithRefreshTokenResponse, error) {
 	var newAccessToken GetNewAccessTokenWithRefreshTokenResponse
 	response, err := httpClient.
@@ -267,45 +248,6 @@ func CallGetNewAccessTokenWithRefreshToken(httpClient *resty.Client, refreshToke
 	return newAccessToken, nil
 }
 
-func CallGetSecretsV3(httpClient *resty.Client, request GetEncryptedSecretsV3Request) (GetEncryptedSecretsV3Response, error) {
-	var secretsResponse GetEncryptedSecretsV3Response
-
-	httpRequest := httpClient.
-		R().
-		SetResult(&secretsResponse).
-		SetHeader("User-Agent", USER_AGENT).
-		SetQueryParam("environment", request.Environment).
-		SetQueryParam("workspaceId", request.WorkspaceId)
-
-	if request.Recursive {
-		httpRequest.SetQueryParam("recursive", "true")
-	}
-
-	if request.IncludeImport {
-		httpRequest.SetQueryParam("include_imports", "true")
-	}
-
-	if request.SecretPath != "" {
-		httpRequest.SetQueryParam("secretPath", request.SecretPath)
-	}
-
-	response, err := httpRequest.Get(fmt.Sprintf("%v/v3/secrets", config.INFISICAL_URL))
-
-	if err != nil {
-		return GetEncryptedSecretsV3Response{}, fmt.Errorf("CallGetSecretsV3: Unable to complete api request [err=%s]", err)
-	}
-
-	if response.IsError() {
-		if response.StatusCode() == 401 {
-			return GetEncryptedSecretsV3Response{}, fmt.Errorf("CallGetSecretsV3: Request to access secrets with [environment=%v] [path=%v] [workspaceId=%v] is denied. Please check if your authentication method has access to requested scope", request.Environment, request.SecretPath, request.WorkspaceId)
-		} else {
-			return GetEncryptedSecretsV3Response{}, fmt.Errorf("CallGetSecretsV3: Unsuccessful response. Please make sure your secret path, workspace and environment name are all correct [response=%v]", response.RawResponse)
-		}
-	}
-
-	return secretsResponse, nil
-}
-
 func CallGetFoldersV1(httpClient *resty.Client, request GetFoldersV1Request) (GetFoldersV1Response, error) {
 	var foldersResponse GetFoldersV1Response
 	httpRequest := httpClient.
@@ -370,35 +312,15 @@ func CallDeleteFolderV1(httpClient *resty.Client, request DeleteFolderV1Request)
 	return folderResponse, nil
 }
 
-func CallCreateSecretsV3(httpClient *resty.Client, request CreateSecretV3Request) error {
-	var secretsResponse GetEncryptedSecretsV3Response
-	response, err := httpClient.
-		R().
-		SetResult(&secretsResponse).
-		SetHeader("User-Agent", USER_AGENT).
-		SetBody(request).
-		Post(fmt.Sprintf("%v/v3/secrets/%s", config.INFISICAL_URL, request.SecretName))
-
-	if err != nil {
-		return fmt.Errorf("CallCreateSecretsV3: Unable to complete api request [err=%s]", err)
-	}
-
-	if response.IsError() {
-		return fmt.Errorf("CallCreateSecretsV3: Unsuccessful response. Please make sure your secret path, workspace and environment name are all correct [response=%s]", response)
-	}
-
-	return nil
-}
-
-func CallDeleteSecretsV3(httpClient *resty.Client, request DeleteSecretV3Request) error {
+func CallDeleteSecretsRawV3(httpClient *resty.Client, request DeleteSecretV3Request) error {
 
 	var secretsResponse GetEncryptedSecretsV3Response
 	response, err := httpClient.
 		R().
 		SetResult(&secretsResponse).
 		SetHeader("User-Agent", USER_AGENT).
 		SetBody(request).
-		Delete(fmt.Sprintf("%v/v3/secrets/%s", config.INFISICAL_URL, request.SecretName))
+		Delete(fmt.Sprintf("%v/v3/secrets/raw/%s", config.INFISICAL_URL, request.SecretName))
 
 	if err != nil {
 		return fmt.Errorf("CallDeleteSecretsV3: Unable to complete api request [err=%s]", err)
@@ -411,46 +333,6 @@ func CallDeleteSecretsV3(httpClient *resty.Client, request DeleteSecretV3Request
 	return nil
 }
 
-func CallUpdateSecretsV3(httpClient *resty.Client, request UpdateSecretByNameV3Request, secretName string) error {
-	var secretsResponse GetEncryptedSecretsV3Response
-	response, err := httpClient.
-		R().
-		SetResult(&secretsResponse).
-		SetHeader("User-Agent", USER_AGENT).
-		SetBody(request).
-		Patch(fmt.Sprintf("%v/v3/secrets/%s", config.INFISICAL_URL, secretName))
-
-	if err != nil {
-		return fmt.Errorf("CallUpdateSecretsV3: Unable to complete api request [err=%s]", err)
-	}
-
-	if response.IsError() {
-		return fmt.Errorf("CallUpdateSecretsV3: Unsuccessful response. Please make sure your secret path, workspace and environment name are all correct [response=%s]", response)
-	}
-
-	return nil
-}
-
-func CallGetSingleSecretByNameV3(httpClient *resty.Client, request CreateSecretV3Request) error {
-	var secretsResponse GetEncryptedSecretsV3Response
-	response, err := httpClient.
-		R().
-		SetResult(&secretsResponse).
-		SetHeader("User-Agent", USER_AGENT).
-		SetBody(request).
-		Post(fmt.Sprintf("%v/v3/secrets/%s", config.INFISICAL_URL, request.SecretName))
-
-	if err != nil {
-		return fmt.Errorf("CallGetSingleSecretByNameV3: Unable to complete api request [err=%s]", err)
-	}
-
-	if response.IsError() {
-		return fmt.Errorf("CallGetSingleSecretByNameV3: Unsuccessful response. Please make sure your secret path, workspace and environment name are all correct [response=%s]", response)
-	}
-
-	return nil
-}
-
 func CallCreateServiceToken(httpClient *resty.Client, request CreateServiceTokenRequest) (CreateServiceTokenResponse, error) {
 	var createServiceTokenResponse CreateServiceTokenResponse
 	response, err := httpClient.

diff --git a/cli/packages/cmd/agent.go b/cli/packages/cmd/agent.go
@@ -312,7 +312,7 @@ func ParseAgentConfig(configFile []byte) (*Config, error) {
 
 func secretTemplateFunction(accessToken string, existingEtag string, currentEtag *string) func(string, string, string) ([]models.SingleEnvironmentVariable, error) {
 	return func(projectID, envSlug, secretPath string) ([]models.SingleEnvironmentVariable, error) {
-		res, err := util.GetPlainTextSecretsViaMachineIdentity(accessToken, projectID, envSlug, secretPath, false, false)
+		res, err := util.GetPlainTextSecretsV3(accessToken, projectID, envSlug, secretPath, false, false)
 		if err != nil {
 			return nil, err
 		}

diff --git a/cli/packages/cmd/secrets.go b/cli/packages/cmd/secrets.go
@@ -187,12 +187,28 @@ var secretsSetCmd = &cobra.Command{
 
 		var secretOperations []models.SecretSetOperation
 		if token != nil && (token.Type == util.SERVICE_TOKEN_IDENTIFIER || token.Type == util.UNIVERSAL_AUTH_TOKEN_IDENTIFIER) {
+			fmt.Println(">>>", projectId)
 			secretOperations, err = util.SetRawSecrets(args, secretType, environmentName, secretsPath, projectId, token)
 		} else {
-			util.RequireLogin()
-			util.RequireLocalWorkspaceFile()
+			// fmt.Println(">>>", projectId)
+			workspaceFile, err := util.GetWorkSpaceFromFile()
+			if err != nil {
+				util.HandleError(err, "unable to get your local config details [err=%v]")
+			}
+
+			loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails()
+			if err != nil {
+				util.HandleError(err, "unable to authenticate [err=%v]")
+			}
 
-			secretOperations, err = util.SetEncryptedSecrets(args, secretType, environmentName, secretsPath)
+			if loggedInUserDetails.LoginExpired {
+				util.PrintErrorMessageAndExit("Your login session has expired, please run [infisical login] and try again")
+			}
+
+			secretOperations, err = util.SetRawSecrets(args, secretType, environmentName, secretsPath, workspaceFile.WorkspaceId, &models.TokenDetails{
+				Type:  "",
+				Token: loggedInUserDetails.UserCredentials.JTWToken,
+			})
 		}
 
 		if err != nil {
@@ -285,7 +301,7 @@ var secretsDeleteCmd = &cobra.Command{
 				SecretPath:  secretsPath,
 			}
 
-			err = api.CallDeleteSecretsV3(httpClient, request)
+			err = api.CallDeleteSecretsRawV3(httpClient, request)
 			if err != nil {
 				util.HandleError(err, "Unable to complete your delete request")
 			}

diff --git a/cli/packages/util/config.go b/cli/packages/util/config.go
@@ -244,10 +244,5 @@ func WriteConfigFile(configFile *models.ConfigFile) error {
 		return fmt.Errorf("writeConfigFile: Unable to write to file [err=%s]", err)
 	}
 
-	if err != nil {
-		return fmt.Errorf("writeConfigFile: unable to write config file because an error occurred when write the config to file [err=%s]", err)
-
-	}
-
 	return nil
 }
diff --git a/cli/packages/util/credentials.go b/cli/packages/util/credentials.go
@@ -52,10 +52,6 @@ func GetUserCredsFromKeyRing(userEmail string) (credentials models.UserCredentia
 		return models.UserCredentials{}, fmt.Errorf("getUserCredsFromKeyRing: Something went wrong when unmarshalling user creds [err=%s]", err)
 	}
 
-	if err != nil {
-		return models.UserCredentials{}, fmt.Errorf("GetUserCredsFromKeyRing: Unable to store user credentials [err=%s]", err)
-	}
-
 	return userCredentials, err
 }