PM-34033 - Add user & org API key seeding and improve CLI output by theMickster · Pull Request #7324 · bitwarden/server

theMickster · 2026-03-27T10:50:35Z

🎟️ Tracking

PM-34033

📔 Objective

Improve the Seeder Utility by implementing user api and organizational API key generation.
Improve the output in the console window because, well, it stunk. Created a format that should be both human readable AND computer readable for future scripting to consume the output from the utility and pipe the data as needed.
Since we were already needing to work on the result records; it was time to refactor them into proper .cs files.

theMickster · 2026-03-27T10:51:25Z

Refactored from util/Seeder/Pipeline/RecipeOrchestrator.cs

github-actions · 2026-03-27T10:51:26Z

Overall Assessment: APPROVE

This PR adds organization API key seeding via a new CreateOrganizationApiKeyStep, improves user API key generation by switching from GUID truncation to CoreHelpers.SecureRandomString(30), refactors result models into dedicated files with richer fields (API keys, passwords), and standardizes CLI output formatting through a shared ConsoleOutput helper. All changes are scoped to the dev seeder utility (util/Seeder and util/SeederUtility) with no production code impact.

Code Review Details

No findings identified. The new step follows the established pipeline pattern (step registration, context state, bulk commit ordering), the BulkCommitter correctly inserts the org API key in FK-safe order before users, and the result model refactoring cleanly separates internal pipeline state from public-facing result types.

theMickster · 2026-03-27T10:52:05Z

Refactored from util/Seeder/Recipes/OrganizationRecipe.cs

theMickster · 2026-03-27T10:53:35Z

Refactored from `util/Seeder/Recipes/IndividualUserRecipe.cs

theMickster · 2026-03-27T10:54:35Z

    public int KdfIterations { get; set; } = 5_000;

    [Option("mangle", Description = "Enable ID mangling for test isolation")]
-    public bool Mangle { get; set; } = false;


This is tech debt cleanup that shouldn't have been added

theMickster · 2026-03-27T10:55:17Z


    private static GlobalSettings LoadGlobalSettings()
    {
-        Console.WriteLine("Loading global settings...");


Pointless to have this in the output...

theMickster · 2026-03-27T10:57:08Z

I really dig the flare we have here with the art work, but time to trim it down 😉
I will likely add a switch to skip this all-together when automated processes (like CI/CD or Bash scripts) call the CLI, but for now I am keeping it because it's still neat.

theMickster · 2026-03-27T11:01:09Z

+    {
+        var org = context.RequireOrganization();
+
+        var apiKey = new OrganizationApiKey


This was taken directly from src/Core/AdminConsole/OrganizationFeatures/OrganizationApiKeys/CreateOrganizationApiKeyCommand.cs.

github-actions · 2026-03-27T11:02:37Z

Checkmarx One – Scan Summary & Details – 50933f16-5a2c-42d1-9d06-05ca9468e374

Great job! No new security vulnerabilities introduced in this pull request

theMickster · 2026-03-27T11:02:40Z

            Premium = premium,
            MaxStorageGb = maxStorageGb,
-            ApiKey = Guid.NewGuid().ToString("N")[..30],
+            ApiKey = CoreHelpers.SecureRandomString(30),


This was taken directly form src/Core/Auth/UserFeatures/Registration/Implementations/RegisterUserCommand.cs

codecov · 2026-03-27T11:12:58Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 57.91%. Comparing base (5833e34) to head (ee443c2).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7324   +/-   ##
=======================================
  Coverage   57.91%   57.91%           
=======================================
  Files        2045     2045           
  Lines       90235    90235           
  Branches     8024     8024           
=======================================
+ Hits        52263    52264    +1     
+ Misses      36105    36104    -1     
  Partials     1867     1867

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Hinton · 2026-03-27T13:07:20Z

Individual is not a particularly descriptive name. Is it an individual user, organization, folder, cipher?

Hinton · 2026-03-27T13:08:07Z

This seems both very specific and generic at the same time. Isn't the result dependent on what you are seeding?

Hinton · 2026-03-27T13:09:03Z

Same here, the name is very generic but it's tied to an organization .

sonarqubecloud · 2026-03-27T13:28:39Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
16.0% Duplication on New Code

See analysis details on SonarQube Cloud

Add user & org API key seeding and improve CLI output

1b0d41c

theMickster added the ai-review-vnext Request a Claude code review using the vNext workflow label Mar 27, 2026

theMickster commented Mar 27, 2026

View reviewed changes

theMickster marked this pull request as ready for review March 27, 2026 10:57

theMickster requested review from Hinton and nthompson-bitwarden March 27, 2026 10:57

theMickster commented Mar 27, 2026

View reviewed changes

Hinton reviewed Mar 27, 2026

View reviewed changes

Rename types to aid in cleaner, more descriptive code

ee443c2

Hinton approved these changes Mar 27, 2026

View reviewed changes

theMickster enabled auto-merge (squash) March 27, 2026 13:28

theMickster merged commit 612cdb9 into main Mar 27, 2026
60 checks passed

theMickster deleted the seeder/PM-34033-user-and-org-api-keys branch March 27, 2026 13:38

Conversation

theMickster commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🎟️ Tracking

📔 Objective

Uh oh!

Choose a reason for hiding this comment

Uh oh!

github-actions bot commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

theMickster Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

github-actions bot commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Great job! No new security vulnerabilities introduced in this pull request

Uh oh!

Choose a reason for hiding this comment

Uh oh!

codecov bot commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

sonarqubecloud bot commented Mar 27, 2026

Quality Gate passed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

theMickster commented Mar 27, 2026 •

edited

Loading

github-actions bot commented Mar 27, 2026 •

edited

Loading

theMickster Mar 27, 2026 •

edited

Loading

github-actions bot commented Mar 27, 2026 •

edited

Loading

codecov bot commented Mar 27, 2026 •

edited

Loading