Skip to content

Misc fixes improvements #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
nimish-ks merged 10 commits into from
Feb 14, 2024
Merged

Misc fixes improvements #3

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
0936f27
feat: lookup secrets based key digest in phase get
nimish-ks Feb 14, 2024
faf8af1
feat: use keydigest based secret looks up in phase update
nimish-ks Feb 14, 2024
cd4518e
feat: uuse keydigest based secret looks up in phase delete
nimish-ks Feb 14, 2024
49963ab
feat: added FetchPhaseSecret to fetch a single secret based on keyd…
nimish-ks Feb 14, 2024
c321f29
feat: added support for path in client.go
nimish-ks Feb 14, 2024
d6f503a
feat: added support for path in phase get and get all
nimish-ks Feb 14, 2024
ab887cf
feat: added path support in create, update and delete secret
nimish-ks Feb 14, 2024
3ab2ce6
feat: dropped golang.org/x/crypto/blake2b dependency
nimish-ks Feb 14, 2024
9f45e1f
chore: added go dependencies
nimish-ks Feb 14, 2024
c7374c6
chore: changed project structure moved phase.go to the root
nimish-ks Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat: uuse keydigest based secret looks up in phase delete
  • Loading branch information
@nimish-ks
nimish-ks committed Feb 14, 2024
commit cd4518e58499502c054bf6cce259c352787754d1
52 changes: 15 additions & 37 deletions pkg/phase/phaseIO.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -413,62 +413,40 @@ func (p *Phase) DeleteSecret(envName, keyToDelete, appName string) error {
return err
}

_, envID, publicKey, err := phaseGetContext(&userData, appName, envName)
if err != nil {
log.Fatalf("Failed to get context: %v", err)
return err
}

secrets, err := api.FetchPhaseSecrets(p.AppToken, envID, p.Host)
if err != nil {
log.Fatalf("Failed to fetch secrets: %v", err)
return err
}

envKey, err := findEnvironmentKey(&userData, envName, appName)
if err != nil {
log.Printf("Failed to find environment key: %v", err)
return err
}

decryptedSeed, err := p.Decrypt(envKey.WrappedSeed)
decryptedSalt, err := p.Decrypt(envKey.WrappedSalt)
if err != nil {
log.Fatalf("Failed to decrypt wrapped seed: %v", err)
log.Fatalf("Failed to decrypt wrapped salt: %v", err)
return err
}

_, privateKeyHex, err := generateEnvKeyPair(decryptedSeed)
// Generate key digest
keyDigest, err := crypto.Blake2bDigest(keyToDelete, decryptedSalt)
if err != nil {
log.Fatalf("Failed to generate environment key pair: %v", err)
log.Fatalf("Failed to generate key digest: %v", err)
return err
}

var secretIDToDelete string
for _, secret := range secrets {
decryptedKey, _, _, err := decryptSecret(secret, privateKeyHex, publicKey)
if err != nil {
log.Printf("Failed to decrypt secret key: %v\n", err)
continue
}

if decryptedKey == keyToDelete {
secretID, ok := secret["id"].(string)
if !ok {
log.Printf("Secret ID is not a string for key: %v", keyToDelete)
continue
}
secretIDToDelete = secretID
break
}
// Fetch the specific secret by its key digest
secret, err := api.FetchPhaseSecret(p.AppToken, envKey.Environment.ID, p.Host, keyDigest)
if err != nil {
log.Printf("Failed to fetch secret: %v", err)
return err
}

if secretIDToDelete == "" {
log.Printf("Key '%s' doesn't exist.", keyToDelete)
return fmt.Errorf("key '%s' doesn't exist", keyToDelete)
secretID, ok := secret["id"].(string)
if !ok {
log.Printf("Secret ID is not a string for key: %v", keyToDelete)
return fmt.Errorf("secret ID is not a string for key: %v", keyToDelete)
}

// Perform the delete operation for the found secret ID
err = api.DeletePhaseSecrets(p.AppToken, envID, []string{secretIDToDelete}, p.Host)
err = api.DeletePhaseSecrets(p.AppToken, envKey.Environment.ID, []string{secretID}, p.Host)
if err != nil {
log.Fatalf("Failed to delete secret: %v", err)
return err
Expand Down