Skip to content

Commit

Permalink
Add "delete secret" command (so I can clean up mispelled keys)
Browse files Browse the repository at this point in the history
  • Loading branch information
@danielnaab
danielnaab committed Jul 12, 2024
1 parent 89e918f commit 1c9a410
Show file tree
Hide file tree
Showing 7 changed files with 69 additions and 4 deletions.
9 changes: 9 additions & 0 deletions apps/cli/src/cli-controller/secrets.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,15 @@ export const addSecretCommands = (ctx: Context, cli: Command) => {
})
.description('secrets management commands');

cmd
.command('delete')
.description('delete a secret')
.argument('<string>', 'secret key name')
.action(async (key: string) => {
const vault = await getSecretsVault(ctx.file);
await commands.deleteSecret(vault, key);
});

cmd
.command('get')
.description('get a secret value')
Expand Down
30 changes: 30 additions & 0 deletions packages/secrets/src/commands/delete-secret.test.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
import { describe, expect, it } from 'vitest';

import { createInMemorySecretsVault } from '../lib';
import { getSecretKeyList } from './get-secret-key-list';
import { deleteSecret } from './delete-secret';

const getTestVault = (vaultData: any) => {
const result = createInMemorySecretsVault(JSON.stringify(vaultData));
if (result.success) {
return result.data;
} else {
throw new Error('Error creating in-memory test vault');
}
};

describe('delete-secret command', () => {
it('removes key', async () => {
const vault = getTestVault({
'secret-key-1': 'value-1',
});
await deleteSecret(vault, 'secret-key-1');
expect(await vault.getSecretKeys()).toEqual([]);
});

it('silently handles non-existent keys', async () => {
const vault = getTestVault({});
await deleteSecret(vault, 'secret-key-1');
expect(await vault.getSecretKeys()).toEqual([]);
});
});
5 changes: 5 additions & 0 deletions packages/secrets/src/commands/delete-secret.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
import type { SecretKey, SecretsVault } from '../lib/types';

export const deleteSecret = async (vault: SecretsVault, key: SecretKey) => {
return await vault.deleteSecret(key);
};
1 change: 1 addition & 0 deletions packages/secrets/src/commands/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
export { deleteSecret } from './delete-secret';
export { getSecret } from './get-secret';
export { getSecrets } from './get-secrets';
export { getSecretKeyList } from './get-secret-key-list';
Expand Down
23 changes: 19 additions & 4 deletions packages/secrets/src/lib/adapters/aws-param-store.ts
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,31 @@
import {
SSMClient,
GetParameterCommand,
GetParametersCommand,
PutParameterCommand,
DeleteParameterCommand,
DescribeParametersCommand,
DescribeParametersCommandOutput,
GetParameterCommand,
GetParametersCommand,
ParameterNotFound,
PutParameterCommand,
SSMClient,
} from '@aws-sdk/client-ssm';

import type { SecretKey, SecretMap, SecretValue, SecretsVault } from '../types';

export class AWSParameterStoreSecretsVault implements SecretsVault {
async deleteSecret(key: SecretKey) {
const client = new SSMClient();
try {
await client.send(
new DeleteParameterCommand({
Name: key,
})
);
console.log(`Secret "${key}" deleted successfully.`);
} catch (error) {
console.warn('Skipped deleting parameter due to error:', error);
}
}

async getSecret(key: SecretKey) {
const client = new SSMClient();

Expand Down
4 changes: 4 additions & 0 deletions packages/secrets/src/lib/adapters/in-memory.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ import type { SecretMap, SecretsVault } from '../types';
export class InMemorySecretsVault implements SecretsVault {
constructor(private secretMap: SecretMap) {}

async deleteSecret(key: string) {
delete this.secretMap[key];
}

async getSecret(key: string) {
return this.secretMap[key];
}
Expand Down
1 change: 1 addition & 0 deletions packages/secrets/src/lib/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ export const getSecretMapFromJsonString = (
};

export interface SecretsVault {
deleteSecret(key: SecretKey): Promise<void>;
getSecret(key: SecretKey): Promise<SecretValue>;
getSecrets(keys: SecretKey[]): Promise<SecretMap>;
setSecret(key: SecretKey, value: SecretValue): Promise<void>;
Expand Down

0 comments on commit 1c9a410

Please sign in to comment.