UNPKG

@ycmd/creds

Version:

LSK.js CLI Creds is the easiest way to manage GitHub / Gitlab secrets and credentials

github.com/lskjs/cli

lskjs/libs

1 lines 12.4 kB
1
{"version":3,"sources":["../../src/services/GithubService.ts","../../src/services/Service.ts"],"sourcesContent":["import { Err } from '@lskjs/err';\nimport _sodium from 'libsodium-wrappers';\n\nimport { Service } from './Service';\n\nexport class GithubService extends Service {\n checkConfig() {\n if (!this.token) throw new Err('!token');\n }f\n getBaseUrl() {\n const server = this.server || 'api.github.com';\n return `https://${server}/repos/${this.getProjectPath()}`;\n }\n getHeaders() {\n return {\n Accept: 'application/vnd.github+json',\n Authorization: `Bearer ${this.token}`,\n 'X-GitHub-Api-Version': '2022-11-28',\n };\n }\n getServiceLink() {\n return 'github.com';\n }\n getProjectUrl() {\n return `https://${this.getServiceLink()}/${this.projectName}`;\n }\n getProjectCICDSettingURL() {\n return `${this.getProjectUrl()}/settings/secrets/actions`;\n }\n async uploadSecret(key, content) {\n const { data: publicKeyData } = await this.client({\n method: 'get',\n url: `/actions/secrets/public-key`,\n }).catch((err) => {\n // TODO: сделать такой интерцептор\n throw new Err(err.message, { data: err?.response?.data });\n // console.log(err.response.data);\n });\n // console.log({ publicKeyData });\n\n if (!publicKeyData?.key) throw new Err('!publicKey');\n if (!publicKeyData?.key_id) throw new Err('!publicKeyId');\n\n await _sodium.ready;\n const sodium = _sodium;\n const binkey = sodium.from_base64(publicKeyData.key, sodium.base64_variants.ORIGINAL);\n const binsec = sodium.from_string(content);\n const encBytes = sodium.crypto_box_seal(binsec, binkey);\n const output = sodium.to_base64(encBytes, sodium.base64_variants.ORIGINAL);\n\n await this.client({\n method: 'put',\n url: `/actions/secrets/${key}`,\n data: {\n encrypted_value: output,\n key_id: publicKeyData.key_id,\n },\n });\n }\n async uploadVariable(key, content) {\n const { data: varData, status } = await this.client({\n method: 'get',\n url: `/actions/variables/${key}`,\n // eslint-disable-next-line @typescript-eslint/no-empty-function\n }).catch((err) => err?.response);\n if (status === 404) {\n await this.client({\n method: 'post',\n url: `/actions/variables`,\n data: {\n name: key,\n value: content,\n },\n });\n }\n if (status === 200 && varData.name.toLowerCase() === key.toLowerCase()) {\n await this.client({\n method: 'patch',\n url: `/actions/variables/${key}`,\n data: {\n name: key,\n value: content,\n },\n });\n }\n }\n uploadHook(): Promise<void> {\n throw new Err('Github hooks not supported yet');\n }\n}\n","import { Err } from '@lskjs/err';\nimport { log } from '@lskjs/log/log';\nimport axios from 'axios';\nimport { map } from 'fishbird';\n\ntype SecretFile = {\n name: string;\n filename: string;\n credType?: string;\n content?: string;\n handler: (any) => Record<string, any>;\n};\ntype Secrets = {\n secrets?: Record<string, string>;\n variables?: Record<string, string>;\n files?: Array<SecretFile>;\n hooks?: Array<any>;\n};\n\nexport class Service {\n projectId?: string;\n projectName?: string;\n projectPath?: string;\n projectCredsUrl?: string;\n\n token: string;\n server: string;\n force: boolean;\n\n client: axios.AxiosInstance;\n\n constructor(options) {\n Object.assign(this, options);\n this.checkConfig();\n const clientOptions = {\n baseURL: this.getBaseUrl(),\n headers: this.getHeaders(),\n };\n this.client = axios.create(clientOptions);\n // TODO: сделать такой интерцептор\n // .catch((err) => {\n // throw new Err(err.message, { data: err?.response?.data });\n // // console.log(err.response.data);\n // });\n }\n\n checkConfig() {\n throw new Err('NOT_IMPLEMENTED');\n }\n getBaseUrl() {\n return null;\n }\n getHeaders() {\n return {};\n }\n getServiceLink() {\n return null;\n }\n getProjectName() {\n return this.projectName;\n }\n getProjectId() {\n return this.projectId;\n }\n getProjectPath() {\n return this.projectPath;\n }\n getProjectUrl() {\n return null;\n }\n getProjectCredsUrl() {\n return this.projectCredsUrl;\n }\n getProjectCICDSettingURL() {\n return null;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async uploadSecret(key: string, content: string) {\n throw new Err('NOT_IMPLEMENTED');\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async uploadVariable(key: string, content: string) {\n throw new Err('NOT_IMPLEMENTED');\n }\n\n async removeOldHooks() {}\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async uploadHook(dataHook: any) {}\n\n async uploadHooks(env: Secrets): Promise<void> {\n if (!env) throw new Err('!env');\n const { hooks = [] } = env;\n try {\n await this.removeOldHooks();\n } catch (e) {\n log.error(`[ERR] Old hooks removing failed:`, e.message);\n }\n\n await map(hooks, async (dataHook, index) => {\n try {\n await this.uploadHook(dataHook);\n log.info(`[OK] Hook ${index} uploaded`);\n } catch (e) {\n log.error(`[ERR] Hook ${index} not uploaded:`, e.message);\n }\n });\n }\n\n async uploadAll(env: Secrets) {\n if (!env) throw new Err('!env');\n const { secrets = {}, variables = {}, files = [] } = env;\n await this.uploadHooks(env);\n await map(Object.entries(secrets), async ([key, value]) => {\n try {\n await this.uploadSecret(key, value);\n log.info(`[OK] Secret ${key} uploaded`);\n } catch (e) {\n log.error(`[ERR] Secret ${key} not uploaded, because`, e.message);\n log.error(e);\n }\n });\n await map(Object.entries(variables), async ([key, value]) => {\n try {\n await this.uploadVariable(key, value);\n log.info(`[OK] Variable ${key} uploaded`);\n } catch (e) {\n log.error(`[ERR] Variable ${key} not uploaded, because`, e.message);\n // log.error(e);\n }\n });\n await map(files, async ({ name, credType, content }: any) => {\n const key = name;\n const value = content;\n try {\n if (credType === 'variable') {\n await this.uploadVariable(key, value);\n } else if (credType === 'secret') {\n await this.uploadSecret(key, value);\n } else if (credType === 'skip') {\n log.debug(`[SKIP] File ${key} uploaded as ${credType}`);\n return;\n } else {\n throw new Err('unknown credType', { credType });\n }\n log.info(`[OK] File ${key} uploaded as ${credType}`);\n } catch (e) {\n log.error(`[ERR] File ${key} not uploaded as ${credType}, because`, e.message);\n // log.error(e);\n }\n });\n }\n}\n"],"mappings":"+EAAA,OAASA,OAAAA,MAAW,aACpB,OAAOC,MAAa,qBCDpB,OAASC,OAAAA,MAAW,aACpB,OAASC,OAAAA,MAAW,iBACpB,OAAOC,MAAW,QAClB,OAASC,OAAAA,MAAW,WAgBb,IAAMC,EAAN,KAAMA,CAnBb,MAmBaA,CAAAA,EAAAA,gBACXC,UACAC,YACAC,YACAC,gBAEAC,MACAC,OACAC,MAEAC,OAEAC,YAAYC,EAAS,CACnBC,OAAOC,OAAO,KAAMF,CAAAA,EACpB,KAAKG,YAAW,EAChB,IAAMC,EAAgB,CACpBC,QAAS,KAAKC,WAAU,EACxBC,QAAS,KAAKC,WAAU,CAC1B,EACA,KAAKV,OAASW,EAAMC,OAAON,CAAAA,CAM7B,CAEAD,aAAc,CACZ,MAAM,IAAIQ,EAAI,iBAAA,CAChB,CACAL,YAAa,CACX,OAAO,IACT,CACAE,YAAa,CACX,MAAO,CAAC,CACV,CACAI,gBAAiB,CACf,OAAO,IACT,CACAC,gBAAiB,CACf,OAAO,KAAKrB,WACd,CACAsB,cAAe,CACb,OAAO,KAAKvB,SACd,CACAwB,gBAAiB,CACf,OAAO,KAAKtB,WACd,CACAuB,eAAgB,CACd,OAAO,IACT,CACAC,oBAAqB,CACnB,OAAO,KAAKvB,eACd,CACAwB,0BAA2B,CACzB,OAAO,IACT,CAGA,MAAMC,aAAaC,EAAaC,EAAiB,CAC/C,MAAM,IAAIV,EAAI,iBAAA,CAChB,CAGA,MAAMW,eAAeF,EAAaC,EAAiB,CACjD,MAAM,IAAIV,EAAI,iBAAA,CAChB,CAEA,MAAMY,gBAAiB,CAAC,CAGxB,MAAMC,WAAWC,EAAe,CAAC,CAEjC,MAAMC,YAAYC,EAA6B,CAC7C,GAAI,CAACA,EAAK,MAAM,IAAIhB,EAAI,MAAA,EACxB,GAAM,CAAEiB,MAAAA,EAAQ,CAAA,CAAE,EAAKD,EACvB,GAAI,CACF,MAAM,KAAKJ,eAAc,CAC3B,OAASM,EAAG,CACVC,EAAIC,MAAM,mCAAoCF,EAAEG,OAAO,CACzD,CAEA,MAAMC,EAAIL,EAAO,MAAOH,EAAUS,IAAAA,CAChC,GAAI,CACF,MAAM,KAAKV,WAAWC,CAAAA,EACtBK,EAAIK,KAAK,aAAaD,CAAAA,WAAgB,CACxC,OAASL,EAAG,CACVC,EAAIC,MAAM,cAAcG,CAAAA,iBAAuBL,EAAEG,OAAO,CAC1D,CACF,CAAA,CACF,CAEA,MAAMI,UAAUT,EAAc,CAC5B,GAAI,CAACA,EAAK,MAAM,IAAIhB,EAAI,MAAA,EACxB,GAAM,CAAE0B,QAAAA,EAAU,CAAC,EAAGC,UAAAA,EAAY,CAAC,EAAGC,MAAAA,EAAQ,CAAA,CAAE,EAAKZ,EACrD,MAAM,KAAKD,YAAYC,CAAAA,EACvB,MAAMM,EAAIhC,OAAOuC,QAAQH,CAAAA,EAAU,MAAO,CAACjB,EAAKqB,CAAAA,IAAM,CACpD,GAAI,CACF,MAAM,KAAKtB,aAAaC,EAAKqB,CAAAA,EAC7BX,EAAIK,KAAK,eAAef,CAAAA,WAAc,CACxC,OAASS,EAAG,CACVC,EAAIC,MAAM,gBAAgBX,CAAAA,yBAA6BS,EAAEG,OAAO,EAChEF,EAAIC,MAAMF,CAAAA,CACZ,CACF,CAAA,EACA,MAAMI,EAAIhC,OAAOuC,QAAQF,CAAAA,EAAY,MAAO,CAAClB,EAAKqB,CAAAA,IAAM,CACtD,GAAI,CACF,MAAM,KAAKnB,eAAeF,EAAKqB,CAAAA,EAC/BX,EAAIK,KAAK,iBAAiBf,CAAAA,WAAc,CAC1C,OAASS,EAAG,CACVC,EAAIC,MAAM,kBAAkBX,CAAAA,yBAA6BS,EAAEG,OAAO,CAEpE,CACF,CAAA,EACA,MAAMC,EAAIM,EAAO,MAAO,CAAEG,KAAAA,EAAMC,SAAAA,EAAUtB,QAAAA,CAAO,IAAO,CACtD,IAAMD,EAAMsB,EACND,EAAQpB,EACd,GAAI,CACF,GAAIsB,IAAa,WACf,MAAM,KAAKrB,eAAeF,EAAKqB,CAAAA,UACtBE,IAAa,SACtB,MAAM,KAAKxB,aAAaC,EAAKqB,CAAAA,UACpBE,IAAa,OAAQ,CAC9Bb,EAAIc,MAAM,eAAexB,CAAAA,gBAAmBuB,CAAAA,EAAU,EACtD,MACF,KACE,OAAM,IAAIhC,EAAI,mBAAoB,CAAEgC,SAAAA,CAAS,CAAA,EAE/Cb,EAAIK,KAAK,aAAaf,CAAAA,gBAAmBuB,CAAAA,EAAU,CACrD,OAASd,EAAG,CACVC,EAAIC,MAAM,cAAcX,CAAAA,oBAAuBuB,CAAAA,YAAqBd,EAAEG,OAAO,CAE/E,CACF,CAAA,CACF,CACF,EDrJO,IAAMa,EAAN,cAA4BC,CAAAA,CALnC,MAKmCA,CAAAA,EAAAA,sBACjCC,aAAc,CACZ,GAAI,CAAC,KAAKC,MAAO,MAAM,IAAIC,EAAI,QAAA,CACjC,CAACC,EACDC,YAAa,CAEX,MAAO,WADQ,KAAKC,QAAU,gBACZA,UAAgB,KAAKC,eAAc,CAAA,EACvD,CACAC,YAAa,CACX,MAAO,CACLC,OAAQ,8BACRC,cAAe,UAAU,KAAKR,KAAK,GACnC,uBAAwB,YAC1B,CACF,CACAS,gBAAiB,CACf,MAAO,YACT,CACAC,eAAgB,CACd,MAAO,WAAW,KAAKD,eAAc,CAAA,IAAM,KAAKE,WAAW,EAC7D,CACAC,0BAA2B,CACzB,MAAO,GAAG,KAAKF,cAAa,CAAA,2BAC9B,CACA,MAAMG,aAAaC,EAAKC,EAAS,CAC/B,GAAM,CAAEC,KAAMC,CAAa,EAAK,MAAM,KAAKC,OAAO,CAChDC,OAAQ,MACRC,IAAK,6BACP,CAAA,EAAGC,MAAOC,GAAAA,CAER,MAAM,IAAIrB,EAAIqB,EAAIC,QAAS,CAAEP,KAAMM,GAAKE,UAAUR,IAAK,CAAA,CAEzD,CAAA,EAGA,GAAI,CAACC,GAAeH,IAAK,MAAM,IAAIb,EAAI,YAAA,EACvC,GAAI,CAACgB,GAAeQ,OAAQ,MAAM,IAAIxB,EAAI,cAAA,EAE1C,MAAMyB,EAAQC,MACd,IAAMC,EAASF,EACTG,EAASD,EAAOE,YAAYb,EAAcH,IAAKc,EAAOG,gBAAgBC,QAAQ,EAC9EC,EAASL,EAAOM,YAAYnB,CAAAA,EAC5BoB,EAAWP,EAAOQ,gBAAgBH,EAAQJ,CAAAA,EAC1CQ,EAAST,EAAOU,UAAUH,EAAUP,EAAOG,gBAAgBC,QAAQ,EAEzE,MAAM,KAAKd,OAAO,CAChBC,OAAQ,MACRC,IAAK,oBAAoBN,CAAAA,GACzBE,KAAM,CACJuB,gBAAiBF,EACjBZ,OAAQR,EAAcQ,MACxB,CACF,CAAA,CACF,CACA,MAAMe,eAAe1B,EAAKC,EAAS,CACjC,GAAM,CAAEC,KAAMyB,EAASC,OAAAA,CAAM,EAAK,MAAM,KAAKxB,OAAO,CAClDC,OAAQ,MACRC,IAAK,sBAAsBN,CAAAA,EAE7B,CAAA,EAAGO,MAAOC,GAAQA,GAAKE,QAAAA,EACnBkB,IAAW,KACb,MAAM,KAAKxB,OAAO,CAChBC,OAAQ,OACRC,IAAK,qBACLJ,KAAM,CACJ2B,KAAM7B,EACN8B,MAAO7B,CACT,CACF,CAAA,EAEE2B,IAAW,KAAOD,EAAQE,KAAKE,YAAW,IAAO/B,EAAI+B,YAAW,GAClE,MAAM,KAAK3B,OAAO,CAChBC,OAAQ,QACRC,IAAK,sBAAsBN,CAAAA,GAC3BE,KAAM,CACJ2B,KAAM7B,EACN8B,MAAO7B,CACT,CACF,CAAA,CAEJ,CACA+B,YAA4B,CAC1B,MAAM,IAAI7C,EAAI,gCAAA,CAChB,CACF","names":["Err","_sodium","Err","log","axios","map","Service","projectId","projectName","projectPath","projectCredsUrl","token","server","force","client","constructor","options","Object","assign","checkConfig","clientOptions","baseURL","getBaseUrl","headers","getHeaders","axios","create","Err","getServiceLink","getProjectName","getProjectId","getProjectPath","getProjectUrl","getProjectCredsUrl","getProjectCICDSettingURL","uploadSecret","key","content","uploadVariable","removeOldHooks","uploadHook","dataHook","uploadHooks","env","hooks","e","log","error","message","map","index","info","uploadAll","secrets","variables","files","entries","value","name","credType","debug","GithubService","Service","checkConfig","token","Err","f","getBaseUrl","server","getProjectPath","getHeaders","Accept","Authorization","getServiceLink","getProjectUrl","projectName","getProjectCICDSettingURL","uploadSecret","key","content","data","publicKeyData","client","method","url","catch","err","message","response","key_id","_sodium","ready","sodium","binkey","from_base64","base64_variants","ORIGINAL","binsec","from_string","encBytes","crypto_box_seal","output","to_base64","encrypted_value","uploadVariable","varData","status","name","value","toLowerCase","uploadHook"]}