diff --git a/deno.json b/deno.json index 56b5d33..099958e 100644 --- a/deno.json +++ b/deno.json @@ -22,11 +22,11 @@ }, "imports": { "@cliffy/command": "jsr:@cliffy/command@1.0.0-rc.8", - "@cloudydeno/kubernetes-apis": "jsr:@cloudydeno/kubernetes-apis@0.5.2", - "@cloudydeno/kubernetes-client": "jsr:@cloudydeno/kubernetes-client@0.7.5", + "@cloudydeno/kubernetes-apis": "jsr:@cloudydeno/kubernetes-apis@0.6.0", + "@cloudydeno/kubernetes-client": "jsr:@cloudydeno/kubernetes-client@0.7.7", "@deno-lib/logger": "jsr:@deno-lib/logger@^1.1.9", "@deno-library/logger": "jsr:@deno-library/logger@^1.2.0", - "@henrygd/semaphore": "jsr:@henrygd/semaphore@^0.0.2", - "@std/yaml": "jsr:@std/yaml@1.0.9" + "@henrygd/semaphore": "jsr:@henrygd/semaphore@^0.1.0", + "@std/yaml": "jsr:@std/yaml@1.0.10" } } diff --git a/deno.lock b/deno.lock index 5593e80..84f75db 100644 --- a/deno.lock +++ b/deno.lock @@ -5,29 +5,25 @@ "jsr:@cliffy/flags@1.0.0-rc.8": "1.0.0-rc.8", "jsr:@cliffy/internal@1.0.0-rc.8": "1.0.0-rc.8", "jsr:@cliffy/table@1.0.0-rc.8": "1.0.0-rc.8", - "jsr:@cloudydeno/kubernetes-apis@0.5.2": "0.5.2", - "jsr:@cloudydeno/kubernetes-client@0.7.3": "0.7.3", - "jsr:@cloudydeno/kubernetes-client@0.7.5": "0.7.5", + "jsr:@cloudydeno/kubernetes-apis@0.6.0": "0.6.0", + "jsr:@cloudydeno/kubernetes-client@0.7": "0.7.7", + "jsr:@cloudydeno/kubernetes-client@0.7.7": "0.7.7", "jsr:@cloudydeno/stream-observables@1": "1.4.1", "jsr:@deno-lib/logger@^1.1.9": "1.1.9", "jsr:@deno-library/logger@*": "1.2.0", "jsr:@deno-library/logger@^1.2.0": "1.2.0", - "jsr:@henrygd/semaphore@^0.0.2": "0.0.2", - "jsr:@std/bytes@^1.0.2": "1.0.6", + "jsr:@henrygd/semaphore@0.1": "0.1.0", "jsr:@std/fmt@1.0.3": "1.0.3", "jsr:@std/fmt@~1.0.2": "1.0.8", "jsr:@std/fs@^1.0.6": "1.0.19", "jsr:@std/internal@^1.0.10": "1.0.10", "jsr:@std/internal@^1.0.9": "1.0.10", "jsr:@std/path@1": "1.1.2", - "jsr:@std/path@1.0.6": "1.0.6", "jsr:@std/path@^1.1.1": "1.1.2", - "jsr:@std/streams@1": "1.0.11", - "jsr:@std/streams@1.0.5": "1.0.5", + "jsr:@std/streams@1": "1.0.12", "jsr:@std/text@~1.0.7": "1.0.16", - "jsr:@std/yaml@1": "1.0.9", - "jsr:@std/yaml@1.0.5": "1.0.5", - "jsr:@std/yaml@1.0.9": "1.0.9", + "jsr:@std/yaml@1": "1.0.10", + "jsr:@std/yaml@1.0.10": "1.0.10", "npm:@types/node@*": "22.15.15" }, "jsr": { @@ -56,26 +52,18 @@ "jsr:@std/fmt@~1.0.2" ] }, - "@cloudydeno/kubernetes-apis@0.5.2": { - "integrity": "f5fd9c94987f54fde72c6103fa0663ccb71cb6e328e7be44af1d59145adb31ee", + "@cloudydeno/kubernetes-apis@0.6.0": { + "integrity": "d8b8402632f4295713606841b7041fd6891ef3f6b1e789b544b3332e72c9c5a1", "dependencies": [ - "jsr:@cloudydeno/kubernetes-client@0.7.3" + "jsr:@cloudydeno/kubernetes-client@0.7" ] }, - "@cloudydeno/kubernetes-client@0.7.3": { - "integrity": "eb9fd12ac6c58e7995cc2d41a72ea9d153970900e184a5bd6fa2f2b19da5ec1a", - "dependencies": [ - "jsr:@std/path@1.0.6", - "jsr:@std/streams@1.0.5", - "jsr:@std/yaml@1.0.5" - ] - }, - "@cloudydeno/kubernetes-client@0.7.5": { - "integrity": "1b8b3cc2a2409db42a0fbab0d55fd42e8897335d67f24f21f207902a4582bb82", + "@cloudydeno/kubernetes-client@0.7.7": { + "integrity": "631ad5d265b03936cf169860bbe3595e336c1e4730ab9bb9d2fe6f7e7fd095ee", "dependencies": [ "jsr:@cloudydeno/stream-observables", "jsr:@std/path@1", - "jsr:@std/streams@1", + "jsr:@std/streams", "jsr:@std/yaml@1" ] }, @@ -96,11 +84,8 @@ "jsr:@std/fs" ] }, - "@henrygd/semaphore@0.0.2": { - "integrity": "cdf678250474b9445648d4fb8d8c636fe313f54893a50de616bf8d3e14f3b51e" - }, - "@std/bytes@1.0.6": { - "integrity": "f6ac6adbd8ccd99314045f5703e23af0a68d7f7e58364b47d2c7f408aeb5820a" + "@henrygd/semaphore@0.1.0": { + "integrity": "b97fe1283c115cb36adc29ddec750d05e2396f74da6c303f78cb09f44850d161" }, "@std/fmt@1.0.3": { "integrity": "97765c16aa32245ff4e2204ecf7d8562496a3cb8592340a80e7e554e0bb9149f" @@ -118,32 +103,17 @@ "@std/internal@1.0.10": { "integrity": "e3be62ce42cab0e177c27698e5d9800122f67b766a0bea6ca4867886cbde8cf7" }, - "@std/path@1.0.6": { - "integrity": "ab2c55f902b380cf28e0eec501b4906e4c1960d13f00e11cfbcd21de15f18fed" - }, - "@std/path@1.1.1": { - "integrity": "fe00026bd3a7e6a27f73709b83c607798be40e20c81dde655ce34052fd82ec76", - "dependencies": [ - "jsr:@std/internal@^1.0.9" - ] - }, "@std/path@1.1.2": { "integrity": "c0b13b97dfe06546d5e16bf3966b1cadf92e1cc83e56ba5476ad8b498d9e3038", "dependencies": [ "jsr:@std/internal@^1.0.10" ] }, - "@std/streams@1.0.5": { - "integrity": "74e5c73d7d68eeab0d7fba3b05cbee3ba4ac5ae37c5f4e675f67e62f8f53edc4", - "dependencies": [ - "jsr:@std/bytes" - ] - }, "@std/streams@1.0.10": { "integrity": "75c0b1431873cd0d8b3d679015220204d36d3c7420d93b60acfc379eb0dc30af" }, - "@std/streams@1.0.11": { - "integrity": "db583d27e28d133f389f1eec318cffdf4998305e5134c1d4b1c56b361cee6018" + "@std/streams@1.0.12": { + "integrity": "ae925fa1dc459b1abf5cbaa28cc5c7b0485853af3b2a384b0dc22d86e59dfbf4" }, "@std/text@1.0.15": { "integrity": "91f5cc1e12779a3d95f1be34e763f9c28a75a078b7360e6fcaef0d8d9b1e3e7f" @@ -151,11 +121,8 @@ "@std/text@1.0.16": { "integrity": "ddb9853b75119a2473857d691cf1ec02ad90793a2e8b4a4ac49d7354281a0cf8" }, - "@std/yaml@1.0.5": { - "integrity": "71ba3d334305ee2149391931508b2c293a8490f94a337eef3a09cade1a2a2742" - }, - "@std/yaml@1.0.9": { - "integrity": "6bad3dc766dd85b4b37eabcba81b6aa4eac7a392792ae29abcfb0f90602d55bb" + "@std/yaml@1.0.10": { + "integrity": "245706ea3511cc50c8c6d00339c23ea2ffa27bd2c7ea5445338f8feff31fa58e" } }, "npm": { @@ -172,12 +139,12 @@ "workspace": { "dependencies": [ "jsr:@cliffy/command@1.0.0-rc.8", - "jsr:@cloudydeno/kubernetes-apis@0.5.2", - "jsr:@cloudydeno/kubernetes-client@0.7.5", + "jsr:@cloudydeno/kubernetes-apis@0.6.0", + "jsr:@cloudydeno/kubernetes-client@0.7.7", "jsr:@deno-lib/logger@^1.1.9", "jsr:@deno-library/logger@^1.2.0", - "jsr:@henrygd/semaphore@^0.0.2", - "jsr:@std/yaml@1.0.9" + "jsr:@henrygd/semaphore@0.1", + "jsr:@std/yaml@1.0.10" ] } } diff --git a/src/logic/codefresh.ts b/src/logic/codefresh.ts index 4d0ff6e..ab0cff3 100644 --- a/src/logic/codefresh.ts +++ b/src/logic/codefresh.ts @@ -1,22 +1,6 @@ import { parse } from '@std/yaml'; import { logger } from '../utils/mod.ts'; - -interface CodefreshContext { - name: string; - token: string; - type: string; - url: string; -} - -interface CodefreshConfig { - contexts: Record; - 'current-context': string; -} - -interface CodefreshCredentials { - headers: { Authorization: string }; - baseUrl: string; -} +import { CodefreshConfig, CodefreshCredentials } from '../models/mod.ts'; export class Codefresh { constructor() { diff --git a/src/logic/k8s.ts b/src/logic/k8s.ts index 06bb29a..81abad1 100644 --- a/src/logic/k8s.ts +++ b/src/logic/k8s.ts @@ -168,6 +168,7 @@ export class K8s { 'jobs.batch': () => batchApi.namespace(namespace).getJobList(), 'nodes': () => coreApi.getNodeList(), 'pods': () => coreApi.namespace(namespace).getPodList(), + 'secrets': () => coreApi.namespace(namespace).getSecretList(), 'serviceaccounts': () => coreApi.namespace(namespace).getServiceAccountList(), 'services': () => coreApi.namespace(namespace).getServiceList(), 'statefulsets.apps': () => appsApi.namespace(namespace).getStatefulSetList(), @@ -178,8 +179,8 @@ export class K8s { 'persistentvolumes': () => coreApi.getPersistentVolumeList({ labelSelector: 'io.codefresh.accountName' }), 'storageclasses.storage.k8s.io': () => storageApi.getStorageClassList(), 'products.codefresh.io': () => this.getCrd('products.codefresh.io', namespace), - 'promotionflows.codefresh.io': () => this.getCrd('products.codefresh.io', namespace), - 'promotionpolicies.codefresh.io': () => this.getCrd('promotionflows.codefresh.io', namespace), + 'promotionflows.codefresh.io': () => this.getCrd('promotionflows.codefresh.io', namespace), + 'promotionpolicies.codefresh.io': () => this.getCrd('promotionpolicies.codefresh.io', namespace), 'promotiontemplates.codefresh.io': () => this.getCrd('promotiontemplates.codefresh.io', namespace), 'restrictedgitsources.codefresh.io': () => this.getCrd('restrictedgitsources.codefresh.io', namespace), 'analysisruns.argoproj.io': () => this.getCrd('analysisruns.argoproj.io', namespace), diff --git a/src/models/codefreshConfig.ts b/src/models/codefreshConfig.ts new file mode 100644 index 0000000..95f295c --- /dev/null +++ b/src/models/codefreshConfig.ts @@ -0,0 +1,16 @@ +interface CodefreshContext { + name: string; + token: string; + type: string; + url: string; +} + +export interface CodefreshConfig { + contexts: Record; + 'current-context': string; +} + +export interface CodefreshCredentials { + headers: { Authorization: string }; + baseUrl: string; +} diff --git a/src/models/mod.ts b/src/models/mod.ts new file mode 100644 index 0000000..d68b625 --- /dev/null +++ b/src/models/mod.ts @@ -0,0 +1,3 @@ +import { CodefreshConfig, CodefreshCredentials } from './codefreshConfig.ts'; + +export type { CodefreshConfig, CodefreshCredentials }; diff --git a/src/utils/utils.ts b/src/utils/utils.ts index c82dc88..f605ae4 100644 --- a/src/utils/utils.ts +++ b/src/utils/utils.ts @@ -63,6 +63,30 @@ export class Utils { const semaphore = getSemaphore(k8sType, 10); + if (k8sType == 'secrets') { + console.log('Redacting secrets data'); + for (const secret of resources.items) { + await semaphore.acquire(); + try { + delete secret.metadata.managedFields; + // prevent leaking sensitive data + logger.info(`Redacting data for secret ${secret.metadata.name}`); + if ( + secret.metadata.annotations && + secret.metadata.annotations['kubectl.kubernetes.io/last-applied-configuration'] + ) { + delete secret.metadata.annotations['kubectl.kubernetes.io/last-applied-configuration']; + } + secret.data = { 'REDACTED': 'Data is redacted by the support package' }; + + await this.writeYaml(secret, `${secret.metadata.name}_get`, `${dirPath}/${k8sType}`); + } finally { + semaphore.release(); + } + } + continue; + } + if (k8sType == 'pods') { for (const pod of resources.items) { await semaphore.acquire();