Merge pull request #1367 from Infisical/fix-ph-events

remove certain python sdk events

.github/pull_request_template.md

@@ -1,6 +1,6 @@
 # Description 📣
 
-<!-- Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. -->
+<!-- Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. Here's how we expect a pull request to be : https://infisical.com/docs/contributing/getting-started/pull-requests -->
 
 ## Type ✨
 
@@ -19,4 +19,6 @@
 
 ---
 
-- [ ] I have read the [contributing guide](https://infisical.com/docs/contributing/overview), agreed and acknowledged the [code of conduct](https://infisical.com/docs/contributing/code-of-conduct). 📝
+- [ ] I have read the [contributing guide](https://infisical.com/docs/contributing/getting-started/overview), agreed and acknowledged the [code of conduct](https://infisical.com/docs/contributing/getting-started/code-of-conduct). 📝
+
+<!-- If you have any questions regarding contribution, here's the FAQ : https://infisical.com/docs/contributing/getting-started/faq -->

.github/values.yaml

@@ -19,14 +19,14 @@ infisical:
   ## @param backend.name Backend name
   ##
   name: infisical
-  replicaCount: 2
+  replicaCount: 3
   image:
-    repository: infisical/infisical
-    tag: "latest-postgres"
-    pullPolicy: IfNotPresent
+    repository: infisical/staging_infisical
+    tag: "latest"
+    pullPolicy: Always
 
   deploymentAnnotations:
-    secrets.infisical.com/auto-reload: "true"
+    secrets.infisical.com/auto-reload: "false"
 
   kubeSecretRef: "infisical-gamma-secrets"
 

backend/package-lock.json

@@ -13,6 +13,7 @@
         "@casl/ability": "^6.5.0",
         "@fastify/cookie": "^9.2.0",
         "@fastify/cors": "^8.4.1",
+        "@fastify/etag": "^5.1.0",
         "@fastify/formbody": "^7.4.0",
         "@fastify/helmet": "^11.1.1",
         "@fastify/passport": "^2.4.0",
@@ -1671,6 +1672,14 @@
       "resolved": "https://registry.npmjs.org/@fastify/error/-/error-3.4.1.tgz",
       "integrity": "sha512-wWSvph+29GR783IhmvdwWnN4bUxTD01Vm5Xad4i7i1VuAOItLvbPAb69sb0IQ2N57yprvhNIwAP5B6xfKTmjmQ=="
     },
+    "node_modules/@fastify/etag": {
+      "version": "5.1.0",
+      "resolved": "https://registry.npmjs.org/@fastify/etag/-/etag-5.1.0.tgz",
+      "integrity": "sha512-j/huE8baxgF22idzY35a579b6uP+9ykE9Jt02xY4ZApELNr2KGZmQOKTQsZS94TfKMLfPHwkoM8FfZRq8OZDXg==",
+      "dependencies": {
+        "fastify-plugin": "^4.0.0"
+      }
+    },
     "node_modules/@fastify/fast-json-stringify-compiler": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/@fastify/fast-json-stringify-compiler/-/fast-json-stringify-compiler-4.3.0.tgz",

backend/package.json

@@ -67,6 +67,7 @@
     "@casl/ability": "^6.5.0",
     "@fastify/cookie": "^9.2.0",
     "@fastify/cors": "^8.4.1",
+    "@fastify/etag": "^5.1.0",
     "@fastify/formbody": "^7.4.0",
     "@fastify/helmet": "^11.1.1",
     "@fastify/passport": "^2.4.0",

backend/src/ee/services/audit-log/audit-log-dal.ts

@@ -38,7 +38,8 @@ export const auditLogDALFactory = (db: TDbClient) => {
           })
         )
         .limit(limit)
-        .offset(offset);
+        .offset(offset)
+        .orderBy("createdAt", "desc");
       if (startDate) {
         void sqlQuery.where("createdAt", ">=", startDate);
       }

backend/src/lib/logger/logger.ts

@@ -37,7 +37,7 @@ export const initLogger = async () => {
       level: "info",
       target: "pino/file",
       options: {
-        destination: cfg.NODE_ENV === "development" ? 1 : "/var/logs/infisical.log",
+        destination: 1,
         mkdir: true
       }
     }

backend/src/server/app.ts

@@ -5,6 +5,7 @@ import type { FastifyCookieOptions } from "@fastify/cookie";
 import cookie from "@fastify/cookie";
 import type { FastifyCorsOptions } from "@fastify/cors";
 import cors from "@fastify/cors";
+import fastifyEtag from "@fastify/etag";
 import fastifyFormBody from "@fastify/formbody";
 import helmet from "@fastify/helmet";
 import type { FastifyRateLimitOptions } from "@fastify/rate-limit";
@@ -50,6 +51,8 @@ export const main = async ({ db, smtp, logger, queue }: TMain) => {
       secret: appCfg.COOKIE_SECRET_SIGN_KEY
     });
 
+    await server.register(fastifyEtag);
+
     await server.register<FastifyCorsOptions>(cors, {
       credentials: true,
       origin: appCfg.SITE_URL || true

backend/src/server/routes/v2/organization-router.ts

@@ -49,6 +49,7 @@ export const registerOrgRouter = async (server: FastifyZodProvider) => {
         200: z.object({
           workspaces: z
             .object({
+              id: z.string(),
               name: z.string(),
               organization: z.string(),
               environments: z

backend/src/server/routes/v3/secret-router.ts

@@ -13,6 +13,7 @@ import { EventType } from "@app/ee/services/audit-log/audit-log-types";
 import { CommitType } from "@app/ee/services/secret-approval-request/secret-approval-request-types";
 import { BadRequestError } from "@app/lib/errors";
 import { removeTrailingSlash } from "@app/lib/fn";
+import { getUserAgentType } from "@app/server/plugins/audit-log";
 import { verifyAuth } from "@app/server/plugins/auth/verify-auth";
 import { ActorType, AuthMode } from "@app/services/auth/auth-type";
 import { PostHogEventTypes } from "@app/services/telemetry/telemetry-types";
@@ -107,6 +108,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId,
           environment,
           secretPath: req.query.secretPath,
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -188,6 +190,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId,
           environment,
           secretPath: req.query.secretPath,
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -255,7 +258,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -322,7 +325,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -384,7 +387,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -467,18 +470,33 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
         }
       });
 
+      // TODO: Move to telemetry plugin
+      let shouldRecordK8Event = false;
+      if (req.headers["user-agent"] === "k8-operator") {
+        const randomNumber = Math.random();
+        if (randomNumber > 0.95) {
+          shouldRecordK8Event = true;
+        }
+      }
+
+      const shouldCapture =
+        req.query.workspaceId !== "650e71fbae3e6c8572f436d4" &&
+        (req.headers["user-agent"] !== "k8-operator" || shouldRecordK8Event);
+      const approximateNumberTotalSecrets = secrets.length * 20;
+      if (shouldCapture) {
         server.services.telemetry.sendPostHogEvents({
           event: PostHogEventTypes.SecretPulled,
           distinctId: getDistinctId(req),
           properties: {
-          numberOfSecrets: secrets.length,
+            numberOfSecrets: shouldRecordK8Event ? approximateNumberTotalSecrets : secrets.length,
             workspaceId: req.query.workspaceId,
             environment: req.query.environment,
             secretPath: req.query.secretPath,
-
+            channel: getUserAgentType(req.headers["user-agent"]),
             ...req.auditLogInfo
           }
         });
+      }
 
       return { secrets, imports };
     }
@@ -550,7 +568,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.query.workspaceId,
           environment: req.query.environment,
           secretPath: req.query.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -711,7 +729,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -890,7 +908,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -1005,7 +1023,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -1123,7 +1141,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -1240,7 +1258,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });
@@ -1345,7 +1363,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
           workspaceId: req.body.workspaceId,
           environment: req.body.environment,
           secretPath: req.body.secretPath,
-
+          channel: getUserAgentType(req.headers["user-agent"]),
           ...req.auditLogInfo
         }
       });

backend/src/server/routes/v3/signup-router.ts

@@ -108,7 +108,7 @@ export const registerSignupRouter = async (server: FastifyZodProvider) => {
         }
       });
 
-      await res.setCookie("jid", refreshToken, {
+      void res.setCookie("jid", refreshToken, {
         httpOnly: true,
         path: "/",
         sameSite: "strict",
@@ -159,7 +159,7 @@ export const registerSignupRouter = async (server: FastifyZodProvider) => {
         userAgent
       });
 
-      await res.setCookie("jid", refreshToken, {
+      void res.setCookie("jid", refreshToken, {
         httpOnly: true,
         path: "/",
         sameSite: "strict",

backend/src/services/project/project-dal.ts

@@ -41,7 +41,7 @@ export const projectDALFactory = (db: TDbClient) => {
 
       return nestedWorkspaces.map((workspace) => ({
         ...workspace,
-        organization: workspace.id
+        organization: workspace.orgId
       }));
     } catch (error) {
       throw new DatabaseError({ error, name: "Find all projects" });
@@ -83,7 +83,7 @@ export const projectDALFactory = (db: TDbClient) => {
       // We need to add the organization field, as it's required for one of our API endpoint responses.
       return nestedWorkspaces.map((workspace) => ({
         ...workspace,
-        organization: workspace.id
+        organization: workspace.orgId
       }));
     } catch (error) {
       throw new DatabaseError({ error, name: "Find all projects by identity" });

backend/src/services/secret-import/secret-import-fns.ts

@@ -25,10 +25,15 @@ export const fnSecretsFromImports = async ({
   if (!folderIds.length) {
     return [];
   }
-  const importedSecrets = await secretDAL.find({
+  const importedSecrets = await secretDAL.find(
+    {
       $in: { folderId: folderIds },
       type: SecretType.Shared
-  });
+    },
+    {
+      sort: [["id", "asc"]]
+    }
+  );
 
   const importedSecsGroupByFolderId = groupBy(importedSecrets, (i) => i.folderId);
   return allowedImports.map(({ importPath, importEnv }, i) => ({

backend/src/services/secret-tag/secret-tag-service.ts

@@ -47,7 +47,7 @@ export const secretTagServiceFactory = ({ secretTagDAL, permissionService }: TSe
     const { permission } = await permissionService.getProjectPermission(actor, actorId, projectId);
     ForbiddenError.from(permission).throwUnlessCan(ProjectPermissionActions.Read, ProjectPermissionSub.Tags);
 
-    const tags = await secretTagDAL.find({ projectId });
+    const tags = await secretTagDAL.find({ projectId }, { sort: [["createdAt", "asc"]] });
     return tags;
   };
 

backend/src/services/secret/secret-dal.ts

@@ -86,7 +86,8 @@ export const secretDALFactory = (db: TDbClient) => {
         .select(db.ref("id").withSchema(TableName.SecretTag).as("tagId"))
         .select(db.ref("color").withSchema(TableName.SecretTag).as("tagColor"))
         .select(db.ref("slug").withSchema(TableName.SecretTag).as("tagSlug"))
-        .select(db.ref("name").withSchema(TableName.SecretTag).as("tagName"));
+        .select(db.ref("name").withSchema(TableName.SecretTag).as("tagName"))
+        .orderBy("id", "asc");
       const data = sqlNestRelationships({
         data: secs,
         key: "id",

backend/src/services/service-token/service-token-service.ts

@@ -117,7 +117,7 @@ export const serviceTokenServiceFactory = ({
     const { permission } = await permissionService.getProjectPermission(actor, actorId, projectId);
     ForbiddenError.from(permission).throwUnlessCan(ProjectPermissionActions.Read, ProjectPermissionSub.ServiceTokens);
 
-    const tokens = await serviceTokenDAL.find({ projectId });
+    const tokens = await serviceTokenDAL.find({ projectId }, { sort: [["createdAt", "desc"]] });
     return tokens;
   };
 

backend/src/services/webhook/webhook-dal.ts

@@ -80,7 +80,8 @@ export const webhookDALFactory = (db: TDbClient) => {
         .select(db.ref("slug").withSchema(TableName.Environment).as("envSlug"))
         .select(db.ref("id").withSchema(TableName.Environment).as("envId"))
         .select(db.ref("projectId").withSchema(TableName.Environment))
-        .select(selectAllTableCols(TableName.Webhook));
+        .select(selectAllTableCols(TableName.Webhook))
+        .orderBy(`${TableName.Webhook}.createdAt`, "asc");
 
       return webhooks.map(({ envId, envSlug, envName, ...el }) => ({
         ...el,

docker-compose.pg.yml

@@ -34,6 +34,17 @@ services:
     volumes:
       - redis_data:/data
 
+  redis-commander:
+    container_name: infisical-dev-redis-commander
+    image: rediscommander/redis-commander
+    restart: always
+    depends_on:
+      - redis
+    environment:
+      - REDIS_HOSTS=local:redis:6379
+    ports:
+      - "8085:8081"
+
   db-test:
     profiles: ["test"]
     image: postgres:14-alpine

docs/cli/faq.mdx

@@ -23,3 +23,12 @@ Yes. If you have previously retrieved secrets for a specific project and environ
 <Accordion title="Can I upload the .infisical.json file that was generated?">
 Yes. This is simply a configuration file and contains no sensitive data.
 </Accordion>
+
+<Accordion title="Where can I find my Project ID?">
+
+  Visit the Infisical website and navigate to a project of your choice. Once on the project page, access the **Project Settings** from the sidebar. Within the Project name section, click the "Copy Project ID" button for copying the current Project ID to clipboard, or simply obtain it from the URL of the current page.
+  
+  ```
+    https://app.infisical.com/project/<your_project_id>/settings
+  ```
+</Accordion>

docs/mint.json

@@ -1,9 +1,8 @@
 {
   "name": "Infisical",
-  "basePath": "/docs",
   "logo": {
-    "dark": "/docs/logo/dark.svg",
-    "light": "/docs/logo/light.svg",
+    "dark": "/logo/dark.svg",
+    "light": "/logo/light.svg",
     "href": "https://infisical.com"
   },
   "favicon": "/favicon.png",

frontend/src/views/Settings/ProjectSettingsPage/components/ProjectNameChangeSection/ProjectNameChangeSection.tsx

@@ -1,5 +1,7 @@
 import { useEffect } from "react";
 import { Controller, useForm } from "react-hook-form";
+import { faCheck, faCopy } from "@fortawesome/free-solid-svg-icons";
+import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
 import { yupResolver } from "@hookform/resolvers/yup";
 import * as yup from "yup";
 
@@ -7,6 +9,7 @@ import { useNotificationContext } from "@app/components/context/Notifications/No
 import { ProjectPermissionCan } from "@app/components/permissions";
 import { Button, FormControl, Input } from "@app/components/v2";
 import { ProjectPermissionActions, ProjectPermissionSub, useWorkspace } from "@app/context";
+import { useToggle } from "@app/hooks";
 import { useRenameWorkspace } from "@app/hooks/api";
 
 const formSchema = yup.object({
@@ -19,6 +22,7 @@ export const ProjectNameChangeSection = () => {
   const { createNotification } = useNotificationContext();
   const { currentWorkspace } = useWorkspace();
   const { mutateAsync, isLoading } = useRenameWorkspace();
+  const [isProjectIdCopied, setIsProjectIdCopied] = useToggle(false);
 
   const { handleSubmit, control, reset } = useForm<FormData>({ resolver: yupResolver(formSchema) });
 
@@ -30,6 +34,16 @@ export const ProjectNameChangeSection = () => {
     }
   }, [currentWorkspace]);
 
+  useEffect(() => {
+    let timer: NodeJS.Timeout;
+
+    if (isProjectIdCopied) {
+      timer = setTimeout(() => setIsProjectIdCopied.off(), 2000);
+    }
+
+    return () => clearTimeout(timer);
+}, [setIsProjectIdCopied]);
+
   const onFormSubmit = async ({ name }: FormData) => {
     try {
       if (!currentWorkspace?.id) return;
@@ -52,12 +66,38 @@ export const ProjectNameChangeSection = () => {
     }
   };
 
+  const copyProjectIdToClipboard = () => {
+    navigator.clipboard.writeText(currentWorkspace?.id || "");
+    setIsProjectIdCopied.on();
+
+    createNotification({
+      text: "Copied Project ID to clipboard",
+      type: "success"
+    });
+  }
+
   return (
     <form
       onSubmit={handleSubmit(onFormSubmit)}
       className="mb-6 rounded-lg border border-mineshaft-600 bg-mineshaft-900 p-4"
     >
-      <h2 className="mb-8 flex-1 text-xl font-semibold text-mineshaft-100">Project Name</h2>
+      <div className="flex justify-betweens">
+        <h2 className="text-xl font-semibold flex-1 text-mineshaft-100 mb-8">Project Name</h2>
+        <div>
+          <Button
+            colorSchema="secondary"
+            className="group relative"
+            leftIcon={<FontAwesomeIcon icon={isProjectIdCopied ? faCheck : faCopy} />}
+            onClick={copyProjectIdToClipboard}
+          >
+            Copy Project ID
+            <span className="absolute -left-8 -top-20 hidden w-28 translate-y-full rounded-md bg-bunker-800 py-2 pl-3 text-center text-sm text-gray-400 group-hover:flex group-hover:animate-fadeIn">
+              Click to copy
+            </span>
+          </Button>
+        </div>
+      </div>
+
       <div className="max-w-md">
         <Controller
           defaultValue=""