UNPKG

@constellation-labs/key-manager

Version:
97 lines 3.57 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.deleteSecret = exports.getSecret = exports.storeSecret = exports.isValidSecret = exports.generateSecretId = exports.INVALID_SECRET = exports.INVALID_CHAR_SECRET_ID = exports.INVALID_TYPE_SECRET_ID = exports.defaultReplicaRegions = void 0; const client_secrets_manager_1 = require("@aws-sdk/client-secrets-manager"); const ethers_1 = require("ethers"); exports.defaultReplicaRegions = [ { Region: 'ap-southeast-1' }, { Region: 'eu-central-1' }, ]; exports.INVALID_TYPE_SECRET_ID = new Error('Invalid parameters for secretId type'); exports.INVALID_CHAR_SECRET_ID = new Error('Invalid characters in parameters for secretId'); exports.INVALID_SECRET = new Error('Invalid secret'); const generateSecretId = (isProd, l1Name, l1ChainId, isPerL1, l2Name, l2ChainId) => { if ((isPerL1 && (l2Name || l2ChainId)) || (!isPerL1 && (!l2Name || !l2ChainId))) { throw exports.INVALID_TYPE_SECRET_ID; } const nameRegex = new RegExp('^[a-zA-Z0-9_+=.@]*$'); const idRegex = new RegExp('^[0-9]*$'); if (isPerL1) { if (nameRegex.test(l1Name) && idRegex.test(l1ChainId)) { return ((isProd ? 'prod' : 'test') + '/' + l1Name + '-' + l1ChainId + '/' + 'perL1'); } } else { if (nameRegex.test(l1Name) && idRegex.test(l1ChainId) && nameRegex.test(l2Name) && idRegex.test(l2ChainId)) { return ((isProd ? 'prod' : 'test') + '/' + l1Name + '-' + l1ChainId + '/' + l2Name + '-' + l2ChainId + '/' + 'perDeploy'); } } throw exports.INVALID_CHAR_SECRET_ID; }; exports.generateSecretId = generateSecretId; const isValidSecret = (secret) => { for (const privKey of Object.values(secret)) { try { new ethers_1.ethers.Wallet(privKey); } catch (err) { return false; } } return true; }; exports.isValidSecret = isValidSecret; const storeSecret = async (client, secretId, secret, replicaRegions) => { if (!(0, exports.isValidSecret)(secret)) { throw exports.INVALID_SECRET; } const input = { Name: secretId, SecretString: JSON.stringify(secret), AddReplicaRegions: replicaRegions, }; const command = new client_secrets_manager_1.CreateSecretCommand(input); return client.send(command); }; exports.storeSecret = storeSecret; const getSecret = async (client, secretId) => { const input = { SecretId: secretId }; const command = new client_secrets_manager_1.GetSecretValueCommand(input); return client.send(command); }; exports.getSecret = getSecret; const deleteSecret = async (client, secretId, replicaRegions) => { if (replicaRegions) { const replicaInput = { SecretId: secretId, RemoveReplicaRegions: replicaRegions.map((region) => region.Region), }; const replicaCommand = new client_secrets_manager_1.RemoveRegionsFromReplicationCommand(replicaInput); await client.send(replicaCommand); } const input = { SecretId: secretId }; const command = new client_secrets_manager_1.DeleteSecretCommand(input); return client.send(command); }; exports.deleteSecret = deleteSecret; //# sourceMappingURL=secret.js.map