GitHub-Bitwarden
/
gh-actions
mirror of https://github.com/bitwarden/gh-actions.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 Commits
43 Branches
3 Tags
38 MiB
 
 
 
 
 
Branch: BEEEP-daggerio
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'BEEEP-daggerio'
${ noResults }
gh-actions/get-keyvault-secrets/lib/KeyVaultHelper.js

140 lines
6.0 KiB
Raw Permalink Blame History

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.KeyVaultHelper = exports.AzureKeyVaultSecret = void 0;
const core = __importStar(require("@actions/core"));
const KeyVaultClient_1 = require("./KeyVaultClient");
const util = require("util");
class AzureKeyVaultSecret {
}
exports.AzureKeyVaultSecret = AzureKeyVaultSecret;
class KeyVaultHelper {
constructor(handler, timeOut, keyVaultActionParameters) {
this.keyVaultActionParameters = keyVaultActionParameters;
this.keyVaultClient = new KeyVaultClient_1.KeyVaultClient(handler, timeOut, keyVaultActionParameters.keyVaultUrl);
}
initKeyVaultClient() {
return __awaiter(this, void 0, void 0, function* () {
yield this.keyVaultClient.init();
});
}
downloadSecrets() {
var downloadAllSecrets = false;
if (this.keyVaultActionParameters.secretsFilter && this.keyVaultActionParameters.secretsFilter.length === 1 && this.keyVaultActionParameters.secretsFilter[0] === "*") {
downloadAllSecrets = true;
}
if (downloadAllSecrets) {
return this.downloadAllSecrets();
}
else {
return this.downloadSelectedSecrets(this.keyVaultActionParameters.secretsFilter);
}
}
downloadAllSecrets() {
return new Promise((resolve, reject) => {
this.keyVaultClient.getSecrets("", (error, listOfSecrets) => {
if (error) {
return reject(core.debug(util.format("Get Secrets Failed \n%s", this.getError(error))));
}
if (listOfSecrets.length == 0) {
core.debug(util.format("No secrets found in the vault %s", this.keyVaultActionParameters.keyVaultName));
return resolve();
}
console.log(util.format("Number of secrets found in keyvault %s: %s", this.keyVaultActionParameters.keyVaultName, listOfSecrets.length));
listOfSecrets = this.filterDisabledAndExpiredSecrets(listOfSecrets);
console.log(util.format("Number of enabled secrets found in keyvault %s: %s", this.keyVaultActionParameters.keyVaultName, listOfSecrets.length));
var getSecretValuePromises = [];
listOfSecrets.forEach((secret, index) => {
getSecretValuePromises.push(this.downloadSecretValue(secret.name));
});
Promise.all(getSecretValuePromises).then(() => {
return resolve();
});
});
});
}
downloadSelectedSecrets(secretsFilter) {
let selectedSecrets = [];
if (secretsFilter) {
selectedSecrets = secretsFilter.split(',');
}
return new Promise((resolve, reject) => {
var getSecretValuePromises = [];
selectedSecrets.forEach((secretName) => {
getSecretValuePromises.push(this.downloadSecretValue(secretName));
});
Promise.all(getSecretValuePromises).then(() => {
return resolve();
}, error => {
return reject(new Error("Downloading selected secrets failed"));
});
});
}
downloadSecretValue(secretName) {
secretName = secretName.trim();
return new Promise((resolve, reject) => {
this.keyVaultClient.getSecretValue(secretName, (error, secretValue) => {
if (error) {
core.setFailed(util.format("Could not download the secret %s", secretName));
}
else {
this.setVaultVariable(secretName, secretValue);
}
return resolve();
});
});
}
setVaultVariable(secretName, secretValue) {
if (!secretValue) {
return;
}
core.setSecret(secretValue);
core.exportVariable(secretName, secretValue);
core.setOutput(secretName, secretValue);
}
filterDisabledAndExpiredSecrets(listOfSecrets) {
var result = [];
var now = new Date();
listOfSecrets.forEach((value, index) => {
if (value.enabled && (!value.expires || value.expires > now)) {
result.push(value);
}
});
return result;
}
getError(error) {
core.debug(JSON.stringify(error));
if (error && error.message) {
return error.message;
}
return error;
}
}
exports.KeyVaultHelper = KeyVaultHelper;