@constellation-labs/key-manager
Version:
[Constellation] Keys and secrets management
97 lines • 3.57 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.deleteSecret = exports.getSecret = exports.storeSecret = exports.isValidSecret = exports.generateSecretId = exports.INVALID_SECRET = exports.INVALID_CHAR_SECRET_ID = exports.INVALID_TYPE_SECRET_ID = exports.defaultReplicaRegions = void 0;
const client_secrets_manager_1 = require("@aws-sdk/client-secrets-manager");
const ethers_1 = require("ethers");
exports.defaultReplicaRegions = [
{ Region: 'ap-southeast-1' },
{ Region: 'eu-central-1' },
];
exports.INVALID_TYPE_SECRET_ID = new Error('Invalid parameters for secretId type');
exports.INVALID_CHAR_SECRET_ID = new Error('Invalid characters in parameters for secretId');
exports.INVALID_SECRET = new Error('Invalid secret');
const generateSecretId = (isProd, l1Name, l1ChainId, isPerL1, l2Name, l2ChainId) => {
if ((isPerL1 && (l2Name || l2ChainId)) ||
(!isPerL1 && (!l2Name || !l2ChainId))) {
throw exports.INVALID_TYPE_SECRET_ID;
}
const nameRegex = new RegExp('^[a-zA-Z0-9_+=.@]*$');
const idRegex = new RegExp('^[0-9]*$');
if (isPerL1) {
if (nameRegex.test(l1Name) && idRegex.test(l1ChainId)) {
return ((isProd ? 'prod' : 'test') +
'/' +
l1Name +
'-' +
l1ChainId +
'/' +
'perL1');
}
}
else {
if (nameRegex.test(l1Name) &&
idRegex.test(l1ChainId) &&
nameRegex.test(l2Name) &&
idRegex.test(l2ChainId)) {
return ((isProd ? 'prod' : 'test') +
'/' +
l1Name +
'-' +
l1ChainId +
'/' +
l2Name +
'-' +
l2ChainId +
'/' +
'perDeploy');
}
}
throw exports.INVALID_CHAR_SECRET_ID;
};
exports.generateSecretId = generateSecretId;
const isValidSecret = (secret) => {
for (const privKey of Object.values(secret)) {
try {
new ethers_1.ethers.Wallet(privKey);
}
catch (err) {
return false;
}
}
return true;
};
exports.isValidSecret = isValidSecret;
const storeSecret = async (client, secretId, secret, replicaRegions) => {
if (!(0, exports.isValidSecret)(secret)) {
throw exports.INVALID_SECRET;
}
const input = {
Name: secretId,
SecretString: JSON.stringify(secret),
AddReplicaRegions: replicaRegions,
};
const command = new client_secrets_manager_1.CreateSecretCommand(input);
return client.send(command);
};
exports.storeSecret = storeSecret;
const getSecret = async (client, secretId) => {
const input = { SecretId: secretId };
const command = new client_secrets_manager_1.GetSecretValueCommand(input);
return client.send(command);
};
exports.getSecret = getSecret;
const deleteSecret = async (client, secretId, replicaRegions) => {
if (replicaRegions) {
const replicaInput = {
SecretId: secretId,
RemoveReplicaRegions: replicaRegions.map((region) => region.Region),
};
const replicaCommand = new client_secrets_manager_1.RemoveRegionsFromReplicationCommand(replicaInput);
await client.send(replicaCommand);
}
const input = { SecretId: secretId };
const command = new client_secrets_manager_1.DeleteSecretCommand(input);
return client.send(command);
};
exports.deleteSecret = deleteSecret;
//# sourceMappingURL=secret.js.map