update old local dev docs

2025-04-11 16:58:11 +00:00 · 2024-02-27 01:01:17 -05:00
19 changed files with 42 additions and 433 deletions
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
@ -33,7 +33,7 @@
        "axios": "^1.6.7",
        "axios-retry": "^4.0.0",
        "bcrypt": "^5.1.1",
-        "bullmq": "^5.3.3",
+        "bullmq": "^5.1.6",
        "dotenv": "^16.4.1",
        "fastify": "^4.26.0",
        "fastify-plugin": "^4.5.1",
@ -53,7 +53,6 @@
        "passport-github": "^1.1.0",
        "passport-gitlab2": "^5.0.0",
        "passport-google-oauth20": "^2.0.0",
-        "passport-openidconnect": "^0.1.2",
        "pg": "^8.11.3",
        "picomatch": "^3.0.1",
        "pino": "^8.16.2",
@ -77,7 +76,6 @@
        "@types/nodemailer": "^6.4.14",
        "@types/passport-github": "^1.1.12",
        "@types/passport-google-oauth20": "^2.0.14",
-        "@types/passport-openidconnect": "^0.1.3",
        "@types/pg": "^8.10.9",
        "@types/picomatch": "^2.3.3",
        "@types/prompt-sync": "^4.2.3",
@ -2195,6 +2193,7 @@
      "version": "2.1.5",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz",
      "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==",
+      "dev": true,
      "dependencies": {
        "@nodelib/fs.stat": "2.0.5",
        "run-parallel": "^1.1.9"
@ -2207,6 +2206,7 @@
      "version": "2.0.5",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz",
      "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==",
+      "dev": true,
      "engines": {
        "node": ">= 8"
      }
@ -2215,6 +2215,7 @@
      "version": "1.2.8",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz",
      "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==",
+      "dev": true,
      "dependencies": {
        "@nodelib/fs.scandir": "2.1.5",
        "fastq": "^1.6.0"
@ -4074,18 +4075,6 @@
        "@types/passport": "*"
      }
    },
-    "node_modules/@types/passport-openidconnect": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/@types/passport-openidconnect/-/passport-openidconnect-0.1.3.tgz",
-      "integrity": "sha512-k1Ni7bG/9OZNo2Qpjg2W6GajL+pww6ZPaNWMXfpteCX4dXf4QgaZLt2hjR5IiPrqwBT9+W8KjCTJ/uhGIoBx/g==",
-      "dev": true,
-      "dependencies": {
-        "@types/express": "*",
-        "@types/oauth": "*",
-        "@types/passport": "*",
-        "@types/passport-strategy": "*"
-      }
-    },
    "node_modules/@types/passport-strategy": {
      "version": "0.2.38",
      "resolved": "https://registry.npmjs.org/@types/passport-strategy/-/passport-strategy-0.2.38.tgz",
@ -5453,6 +5442,7 @@
      "version": "3.0.2",
      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+      "dev": true,
      "dependencies": {
        "fill-range": "^7.0.1"
      },
@ -5502,15 +5492,14 @@
      }
    },
    "node_modules/bullmq": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/bullmq/-/bullmq-5.3.3.tgz",
-      "integrity": "sha512-Gc/68HxiCHLMPBiGIqtINxcf8HER/5wvBYMY/6x3tFejlvldUBFaAErMTLDv4TnPsTyzNPrfBKmFCEM58uVnJg==",
+      "version": "5.1.6",
+      "resolved": "https://registry.npmjs.org/bullmq/-/bullmq-5.1.6.tgz",
+      "integrity": "sha512-VkLfig+xm4U3hc4QChzuuAy0NGQ9dfPB8o54hmcZHCX9ofp0Zn6bEY+W3Ytkk76eYwPAgXfywDBlAb2Unjl1Rg==",
      "dependencies": {
        "cron-parser": "^4.6.0",
-        "fast-glob": "^3.3.2",
+        "glob": "^8.0.3",
        "ioredis": "^5.3.2",
        "lodash": "^4.17.21",
-        "minimatch": "^9.0.3",
        "msgpackr": "^1.10.1",
        "node-abort-controller": "^3.1.1",
        "semver": "^7.5.4",
@ -5518,28 +5507,6 @@
        "uuid": "^9.0.0"
      }
    },
-    "node_modules/bullmq/node_modules/brace-expansion": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-      "dependencies": {
-        "balanced-match": "^1.0.0"
-      }
-    },
-    "node_modules/bullmq/node_modules/minimatch": {
-      "version": "9.0.3",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-      "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
-      "dependencies": {
-        "brace-expansion": "^2.0.1"
-      },
-      "engines": {
-        "node": ">=16 || 14 >=14.17"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
    "node_modules/bundle-require": {
      "version": "4.0.2",
      "resolved": "https://registry.npmjs.org/bundle-require/-/bundle-require-4.0.2.tgz",
@ -6939,6 +6906,7 @@
      "version": "3.3.2",
      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz",
      "integrity": "sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==",
+      "dev": true,
      "dependencies": {
        "@nodelib/fs.stat": "^2.0.2",
        "@nodelib/fs.walk": "^1.2.3",
@ -7090,6 +7058,7 @@
      "version": "7.0.1",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+      "dev": true,
      "dependencies": {
        "to-regex-range": "^5.0.1"
      },
@ -7541,6 +7510,7 @@
      "version": "5.1.2",
      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "dev": true,
      "dependencies": {
        "is-glob": "^4.0.1"
      },
@ -8141,6 +8111,7 @@
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
      "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==",
+      "dev": true,
      "engines": {
        "node": ">=0.10.0"
      }
@ -8171,6 +8142,7 @@
      "version": "4.0.3",
      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
+      "dev": true,
      "dependencies": {
        "is-extglob": "^2.1.1"
      },
@ -8205,6 +8177,7 @@
      "version": "7.0.0",
      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
+      "dev": true,
      "engines": {
        "node": ">=0.12.0"
      }
@ -8961,6 +8934,7 @@
      "version": "1.4.1",
      "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz",
      "integrity": "sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==",
+      "dev": true,
      "engines": {
        "node": ">= 8"
      }
@ -8977,6 +8951,7 @@
      "version": "4.0.5",
      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz",
      "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==",
+      "dev": true,
      "dependencies": {
        "braces": "^3.0.2",
        "picomatch": "^2.3.1"
@ -8989,6 +8964,7 @@
      "version": "2.3.1",
      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "dev": true,
      "engines": {
        "node": ">=8.6"
      },
@ -9808,27 +9784,6 @@
        "url": "https://github.com/sponsors/jaredhanson"
      }
    },
-    "node_modules/passport-openidconnect": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/passport-openidconnect/-/passport-openidconnect-0.1.2.tgz",
-      "integrity": "sha512-JX3rTyW+KFZ/E9OF/IpXJPbyLO9vGzcmXB5FgSP2jfL3LGKJPdV7zUE8rWeKeeI/iueQggOeFa3onrCmhxXZTg==",
-      "dependencies": {
-        "oauth": "0.10.x",
-        "passport-strategy": "1.x.x"
-      },
-      "engines": {
-        "node": ">= 0.6.0"
-      },
-      "funding": {
-        "type": "github",
-        "url": "https://github.com/sponsors/jaredhanson"
-      }
-    },
-    "node_modules/passport-openidconnect/node_modules/oauth": {
-      "version": "0.10.0",
-      "resolved": "https://registry.npmjs.org/oauth/-/oauth-0.10.0.tgz",
-      "integrity": "sha512-1orQ9MT1vHFGQxhuy7E/0gECD3fd2fCC+PIX+/jgmU/gI3EpRocXtmtvxCO5x3WZ443FLTLFWNDjl5MPJf9u+Q=="
-    },
    "node_modules/passport-strategy": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
@ -10602,6 +10557,7 @@
      "version": "1.2.3",
      "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz",
      "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==",
+      "dev": true,
      "funding": [
        {
          "type": "github",
@ -10948,6 +10904,7 @@
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
      "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==",
+      "dev": true,
      "funding": [
        {
          "type": "github",
@ -11748,6 +11705,7 @@
      "version": "5.0.1",
      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
+      "dev": true,
      "dependencies": {
        "is-number": "^7.0.0"
      },
--- a/backend/package.json
+++ b/backend/package.json
@ -41,7 +41,6 @@
    "@types/nodemailer": "^6.4.14",
    "@types/passport-github": "^1.1.12",
    "@types/passport-google-oauth20": "^2.0.14",
-    "@types/passport-openidconnect": "^0.1.3",
    "@types/pg": "^8.10.9",
    "@types/picomatch": "^2.3.3",
    "@types/prompt-sync": "^4.2.3",
@ -95,7 +94,7 @@
    "axios": "^1.6.7",
    "axios-retry": "^4.0.0",
    "bcrypt": "^5.1.1",
-    "bullmq": "^5.3.3",
+    "bullmq": "^5.1.6",
    "dotenv": "^16.4.1",
    "fastify": "^4.26.0",
    "fastify-plugin": "^4.5.1",
@ -115,7 +114,6 @@
    "passport-github": "^1.1.0",
    "passport-gitlab2": "^5.0.0",
    "passport-google-oauth20": "^2.0.0",
-    "passport-openidconnect": "^0.1.2",
    "pg": "^8.11.3",
    "picomatch": "^3.0.1",
    "pino": "^8.16.2",
--- a/backend/src/server/routes/v1/sso-router.ts
+++ b/backend/src/server/routes/v1/sso-router.ts
@ -8,12 +8,9 @@

 import { Authenticator } from "@fastify/passport";
 import fastifySession from "@fastify/session";
-// import { FastifyRequest } from "fastify";
 import { Strategy as GitHubStrategy } from "passport-github";
 import { Strategy as GitLabStrategy } from "passport-gitlab2";
 import { Strategy as GoogleStrategy } from "passport-google-oauth20";
-import { Strategy as OpenIDConnectStrategy } from "passport-openidconnect";
-// const OpenIDConnectStrategy = require('passport-openidconnect');
 import { z } from "zod";

 import { getConfig } from "@app/lib/config/env";
@ -136,136 +133,6 @@ export const registerSsoRouter = async (server: FastifyZodProvider) => {
    );
  }

-  /**
-   * TODO:
-   * 1. Test w static config
-   * 2. Fetch config from db
-   */
-
-  // const getOIDCConfiguration = (req: FastifyRequest, callback: any) => {
-  //   // Fetching things from database or whatever
-  //   const { username } = req.body as { username: string };
-
-  //   process.nextTick(() => {
-  //     const opts = {
-  //       issuer: "",
-  //       authorizationURL: "",
-  //       tokenURL: "",
-  //       userInfoURL: "",
-  //       clientID: "",
-  //       clientSecret: "",
-  //       callbackURL: `${'test'}/api/sso/oidc`,
-  //       // issuer: ISSUER_URL_OIDC_LOGIN,
-  //       // authorizationURL: AUTHORIZATION_URL_OIDC_LOGIN,
-  //       // tokenURL: TOKEN_URL_OIDC_LOGIN,
-  //       // userInfoURL: USER_INFO_URL_OIDC_LOGIN,
-  //       // clientID: CLIENT_ID_OIDC_LOGIN,
-  //       // clientSecret: CLIENT_SECRET_OIDC_LOGIN,
-  //       // callbackURL: `${SITE_URL}/api/sso/oidc`,
-  //       scope: ['profile', 'email'],
-  //       passReqToCallback: true
-  //     }
-
-  //     callback(null, opts);
-  //   });
-  // };
-
-  const ISSUER_URL_OIDC_LOGIN = "https://oauth.id.jumpcloud.com/";
-  const AUTHORIZATION_URL_OIDC_LOGIN = "https://oauth.id.jumpcloud.com/oauth2/auth";
-  const TOKEN_URL_OIDC_LOGIN = "https://oauth.id.jumpcloud.com/oauth2/token";
-  const USER_INFO_URL_OIDC_LOGIN = "https://oauth.id.jumpcloud.com/userinfo";
-  const CLIENT_ID_OIDC_LOGIN = "";
-  const CLIENT_SECRET_OIDC_LOGIN = "";
-  const SITE_URL = "";
-
-  const config = {
-    issuer: ISSUER_URL_OIDC_LOGIN,
-    authorizationURL: AUTHORIZATION_URL_OIDC_LOGIN,
-    tokenURL: TOKEN_URL_OIDC_LOGIN,
-    userInfoURL: USER_INFO_URL_OIDC_LOGIN,
-    clientID: CLIENT_ID_OIDC_LOGIN,
-    clientSecret: CLIENT_SECRET_OIDC_LOGIN,
-    callbackURL: `${SITE_URL}/api/v1/sso/oidc`,
-    scope: ["profile", "email"],
-    passReqToCallback: true
-  };
-
-  if (config) {
-    passport.use(
-      new OpenIDConnectStrategy(config, (req: any, issuer: any, profile: any, done: any) => {
-        try {
-          console.log("oidc");
-          console.log("oidc issuer: ", issuer);
-          console.log("oidc profile: ", profile);
-          // const { name: { familyName, givenName }, emails } = profile;
-          done(null, profile);
-        } catch (err) {
-          console.log("oidc err: ", err);
-          done(null, false);
-        }
-      })
-    );
-  }
-
-  server.route({
-    url: "/login/oidc",
-    method: "GET",
-    preValidation: (req, res) => {
-      console.log("oidc login");
-      return (
-        passport.authenticate("openidconnect", {
-          session: false,
-          scope: ["profile", "email"]
-        }) as any
-      )(req, res);
-    },
-    handler: async (req, res) => {
-      console.log("oidc login 2");
-      if (req.passportUser) {
-        return res.code(200).send({ message: "Authentication successful", user: req.passportUser });
-      }
-      return res.code(401).send({ error: "Authentication failed" });
-    }
-  });
-
-  server.route({
-    url: "/oidc",
-    method: "GET",
-    preValidation: (req, res) => {
-      console.log("oidcx req: ", req); // code, state
-      return (
-        passport.authenticate("openidconnect", {
-          session: false,
-          failureRedirect: "/api/v1/sso/login/provider/error",
-          failureMessage: true
-        }) as any
-      )(req, res);
-    },
-    handler: (req, res) => {
-      console.log("oidc 3");
-      if (req.passportUser.isUserCompleted) {
-        // login
-        return res.redirect(`${SITE_URL}/login/sso?token=${encodeURIComponent(req.passportUser.providerAuthToken)}`);
-      }
-
-      // signup
-      return res.redirect(`${SITE_URL}/signup/sso?token=${encodeURIComponent(req.passportUser.providerAuthToken)}`);
-    }
-  });
-
-  server.route({
-    url: "/login/provider/error",
-    method: "GET",
-    handler: (req, res) => {
-      console.log("reqyx: ", req);
-      console.log("resyx: ", res);
-      return res.status(500).send({
-        error: "Authentication error",
-        details: req.query
-      });
-    }
-  });
-
  server.route({
    url: "/redirect/google",
    method: "GET",
--- a/docs/documentation/platform/ldap.mdx
+++ b/docs/documentation/platform/ldap.mdx
@ -1,36 +0,0 @@
---
-title: "LDAP"
-description: "Log in to Infisical with LDAP"
---
-
-<Info>
-    LDAP is a paid feature.
-   
-   If you're using Infisical Cloud, then it is available under the **Enterprise Tier**. If you're self-hosting Infisical,
-   then you should contact team@infisical.com to purchase an enterprise license to use it.
-</Info>
-
-You can configure your organization in Infisical to have members authenticate with the platform via [LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol); this includes support for Active Directory.
-
-<Steps>
-   <Step title="Prepare the LDAP configuration in Infisical">
-        In Infisical, head to your Organization Settings > Authentication > LDAP Configuration and select **Set up LDAP**.
-        
-        Next, input your LDAP server settings.
-        
-        ![LDAP configuration](/images/platform/ldap/ldap-config.png)
-        
-        Here's some guidance for each field:
-
-        - URL: The LDAP server to connect to such as `ldap://ldap.your-org.com`, `ldaps://ldap.myorg.com:636` (for connection over SSL/TLS), etc.
-        - Bind DN: The distinguished name of object to bind when performing the user search such as `cn=infisical,ou=Users,dc=acme,dc=com`.
-        - Bind Pass: The password to use along with `Bind DN` when performing the user search.
-        - Search Base / User DN: Base DN under which to perform user search such as `ou=Users,dc=example,dc=com`
-        - CA Certificate: The CA certificate to use when verifying the LDAP server certificate.
-   </Step>
-   <Step title="Enable LDAP in Infisical">
-        Enabling LDAP allows members in your organization to log into Infisical via LDAP.
-        
-        ![LDAP toggle](/images/platform/ldap/ldap-toggle.png)
-   </Step>
-</Steps>
--- a/docs/documentation/platform/ldap/general.mdx
+++ b/docs/documentation/platform/ldap/general.mdx
@ -1,36 +0,0 @@
---
-title: "General LDAP"
-description: "Log in to Infisical with LDAP"
---
-
-<Info>
-    LDAP is a paid feature.
-
-   If you're using Infisical Cloud, then it is available under the **Enterprise Tier**. If you're self-hosting Infisical,
-   then you should contact team@infisical.com to purchase an enterprise license to use it.
-</Info>
-
-You can configure your organization in Infisical to have members authenticate with the platform via [LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
-
-<Steps>
-   <Step title="Prepare the LDAP configuration in Infisical">
-        In Infisical, head to your Organization Settings > Authentication > LDAP Configuration and select **Set up LDAP**.
-
-        Next, input your LDAP server settings.
-
-        ![LDAP configuration](/images/platform/ldap/ldap-config.png)
-
-        Here's some guidance for each field:
-
-        - URL: The LDAP server to connect to such as `ldap://ldap.your-org.com`, `ldaps://ldap.myorg.com:636` (for connection over SSL/TLS), etc.
-        - Bind DN: The distinguished name of object to bind when performing the user search such as `cn=infisical,ou=Users,dc=acme,dc=com`.
-        - Bind Pass: The password to use along with `Bind DN` when performing the user search.
-        - Search Base / User DN: Base DN under which to perform user search such as `ou=Users,dc=example,dc=com`
-        - CA Certificate: The CA certificate to use when verifying the LDAP server certificate.
-   </Step>
-   <Step title="Enable LDAP in Infisical">
-        Enabling LDAP allows members in your organization to log into Infisical via LDAP.
-
-        ![LDAP toggle](/images/platform/ldap/ldap-toggle.png)
-   </Step>
-</Steps>
--- a/docs/documentation/platform/ldap/jumpcloud.mdx
+++ b/docs/documentation/platform/ldap/jumpcloud.mdx
@ -1,56 +0,0 @@
---
-title: "JumpCloud LDAP"
-description: "Configure JumpCloud LDAP for Logging into Infisical"
---
-
-<Info>
-    LDAP is a paid feature.
-
-    If you're using Infisical Cloud, then it is available under the **Enterprise Tier**. If you're self-hosting Infisical,
-    then you should contact team@infisical.com to purchase an enterprise license to use it.
-</Info>
-
-<Steps>
-    <Step title="Prepare LDAP in JumpCloud">
-        In JumpCloud, head to USER MANAGEMENT > Users and create a new user via the **Manual user entry** option. This user
-        will be used as a privileged service account to facilitate Infisical's ability to bind/search the LDAP directory.
-
-        When creating the user, input their **First Name**, **Last Name**, **Username** (required), **Company Email** (required), and **Description**.
-        Also, create a password for the user.
-
-        Next, under User Security Settings and Permissions > Permission Settings, check the box next to **Enable as LDAP Bind DN**. 
-
-        ![LDAP JumpCloud](/images/platform/ldap/jumpcloud/ldap-jumpcloud-enable-bind-dn.png)
-
-    </Step>
-    <Step title="Prepare the LDAP configuration in Infisical">
-            In Infisical, head to your Organization Settings > Authentication > LDAP Configuration and select **Set up LDAP**.
-
-            Next, input your JumpCloud LDAP server settings.
-
-            ![LDAP configuration](/images/platform/ldap/ldap-config.png)
-
-            Here's some guidance for each field:
-
-            - URL: The LDAP server to connect to (`ldaps://ldap.jumpcloud.com:636`).
-            - Bind DN: The distinguished name of object to bind when performing the user search (`uid=<ldap-user-username>,ou=Users,o=<your-org-id>,dc=jumpcloud,dc=com`).
-            - Bind Pass: The password to use along with `Bind DN` when performing the user search.
-            - Search Base / User DN: Base DN under which to perform user search (`ou=Users,o=<your-org-id>,dc=jumpcloud,dc=com`).
-            - CA Certificate: The CA certificate to use when verifying the LDAP server certificate (instructions to obtain the certificate for JumpCloud [here](https://jumpcloud.com/support/connect-to-ldap-with-tls-ssl)).
-
-            <Tip>
-                When filling out the **Bind DN** and **Bind Pass** fields, refer to the username and password of the user created in Step 1.
-
-                Also, for the **Bind DN** and **Search Base / User DN** fields, you'll want to use the organization ID that appears 
-                in your LDAP instance **ORG DN**.
-            </Tip>
-    </Step>
-    <Step title="Enable LDAP in Infisical">
-            Enabling LDAP allows members in your organization to log into Infisical via LDAP.
-
-            ![LDAP toggle](/images/platform/ldap/ldap-toggle.png)
-    </Step>
-</Steps>
-
-Resources:
- [JumpCloud Cloud LDAP Guide](https://jumpcloud.com/support/use-cloud-ldap)
--- a/docs/documentation/platform/ldap/overview.mdx
+++ b/docs/documentation/platform/ldap/overview.mdx
@ -1,23 +0,0 @@
---
-title: "LDAP Overview"
-description: "Log in to Infisical with LDAP"
---
-<Info>
-    LDAP is a paid feature.
-
-   If you're using Infisical Cloud, then it is available under the **Enterprise Tier**. If you're self-hosting Infisical,
-   then you should contact sales@infisical.com to purchase an enterprise license to use it.
-</Info>
-
-You can configure your organization in Infisical to have members authenticate with the platform via [LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
-
-To note, configuring LDAP retains the end-to-end encrypted architecture of Infisical because we decouple the authentication and decryption steps; the LDAP server cannot and will not have access to the decryption key needed to decrypt your secrets.
-
-LDAP providers:
-
- Active Directory
- [JumpCloud LDAP](/documentation/platform/ldap/jumpcloud)
- AWS Directory Service
- Foxpass
-
-Check out the general instructions for configuring LDAP [here](/documentation/platform/ldap/general).
--- a/docs/documentation/platform/project-upgrade.mdx
+++ b/docs/documentation/platform/project-upgrade.mdx
@ -1,21 +0,0 @@
---
-title: "Enhancing Security and Usability: Project Upgrades"
---
-
-
-At Infisical, we're constantly striving to elevate the security and usability standards of our platform to better serve our users.
-With this commitment in mind, we're excited to introduce our latest addition, non-E2EE projects, aimed at addressing two significant issues while enhancing how clients interact with Infisical programmatically.
-
-Previously, users encountered a challenge where projects risked becoming inaccessible if the project creator deleted their account.
-Additionally, our API lacked the capability to interact with projects without dealing with complex cryptographic operations.
-These obstacles made API driven automation and collaboration a painful experience for a majority of our users.
-
-To overcome these limitations, our upgrade focuses on disabling end-to-end encryption (E2EE) for projects.
-While this may raise eyebrows, it's important to understand that this decision is a strategic move to make Infisical easer to use and interact with.
-
-But what does this mean for our users? Essentially nothing, there are no changes required on your end. 
-Rest assured, all sensitive data remains encrypted at rest according to the latest industry standards.
-Our commitment to security remains unwavering, and this upgrade is a testament to our dedication to delivering on our promises in both security and usability when it comes to secrets management.
-
-To increase consistency with existing and future integrations, all projects created on Infisical from now on will have end-to-end encryption (E2EE) disabled by default. 
-This will not only reduce confusion for end users, but will also make the Infisical API seamless to use.
--- a/docs/images/platform/ldap/jumpcloud/ldap-jumpcloud-enable-bind-dn.png
+++ b/docs/images/platform/ldap/jumpcloud/ldap-jumpcloud-enable-bind-dn.png
--- a/docs/images/platform/ldap/jumpcloud/ldap-jumpcloud-org-dn.png
+++ b/docs/images/platform/ldap/jumpcloud/ldap-jumpcloud-org-dn.png
--- a/docs/images/platform/ldap/ldap-config.png
+++ b/docs/images/platform/ldap/ldap-config.png
--- a/docs/images/platform/ldap/ldap-toggle.png
+++ b/docs/images/platform/ldap/ldap-toggle.png
--- a/docs/mint.json
+++ b/docs/mint.json
@ -149,14 +149,6 @@
            "documentation/platform/sso/jumpcloud"
          ]
        },
-        {
-          "group": "LDAP",
-          "pages": [
-            "documentation/platform/ldap/overview",
-            "documentation/platform/ldap/jumpcloud",
-            "documentation/platform/ldap/general"
-          ]
-        },
        {
          "group": "SCIM",
          "pages": [
--- a/docs/self-hosting/faq.mdx
+++ b/docs/self-hosting/faq.mdx
@ -15,7 +15,3 @@ However, in the event you choose to use Infisical without SSL, you can do so by
 [Learn more about secure cookies](https://really-simple-ssl.com/definition/what-are-secure-cookies/)
 </Accordion>

-<Accordion title="How can I upgrade my Infisical instance to Postgres version?">
-  Follow the step by step guide [here](self-hosting/guides/mongo-to-postgres) to learn how.
-</Accordion>
-
--- a/docs/self-hosting/guides/mongo-to-postgres.mdx
+++ b/docs/self-hosting/guides/mongo-to-postgres.mdx
@ -6,9 +6,9 @@ description: "How to migrate from MongoDB to PostgreSQL for Infisical"
 This guide will provide step by step instructions on migrating your Infisical instance running on MongoDB to the newly released PostgreSQL version of Infisical.
 The newly released Postgres version of Infisical is the only version of Infisical that will receive feature updates and patches going forward. 

-<Tip>
-  If you have a small set of secrets, we recommend you to download the secrets and upload them to your new instance of Infisical instead of running the migration script.
-</Tip>
+<Info>
+  If your deployment is using a Docker image tag that includes `postgres`, then you are already using the Postgres version of Infisical, and you can skip this guide.
+</Info>

 ## Prerequisites

@ -106,20 +106,13 @@ Once started, the migration script will transform MongoDB data into an equivalen
    git clone https://github.com/Infisical/infisical.git
    ```
  </Step>
-  <Step title="Install dependencies for backend">
-    ```
-    cd backend
-    ```
-
-    ```
-    npm install
-    ```
-  </Step>
-  <Step title="Install dependencies for script">
+  <Step title="Change directory">
+    Once the repository has been cloned, change directory to the  script folder.
    ```
    cd pg-migrator
    ```
-
+  </Step>
+  <Step title="Install dependencies">
    ```
      npm install
    ```
--- a/frontend/src/components/utilities/cryptography/crypto.ts
+++ b/frontend/src/components/utilities/cryptography/crypto.ts
@ -210,14 +210,7 @@ const decryptSymmetric = ({ ciphertext, iv, tag, key }: DecryptSymmetricProps):
  try {
    plaintext = aes.decrypt({ ciphertext, iv, tag, secret: key });
  } catch (err) {
-    console.log("Failed to decrypt with the following parameters", {
-      ciphertext,
-      iv,
-      tag,
-      key
-    });
-    console.log("Failed to perform decryption", err);
-
+    console.log("Failed to perform decryption");
    process.exit(1);
  }

--- a/frontend/src/components/v2/UpgradeProjectAlert/UpgradeProjectAlert.tsx
+++ b/frontend/src/components/v2/UpgradeProjectAlert/UpgradeProjectAlert.tsx
@ -1,5 +1,4 @@
 import { useCallback, useState } from "react";
-import Link from "next/link";
 import { useRouter } from "next/router";
 import { faWarning } from "@fortawesome/free-solid-svg-icons";
 import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
@ -98,31 +97,16 @@ export const UpgradeProjectAlert = ({ project }: UpgradeProjectAlertProps): JSX.
      <div className="flex w-full flex-col text-sm">
        <span className="mb-2 text-lg font-semibold">Upgrade your project</span>
        {membership.role === "admin" ? (
-          <>
-            <p>
-              Upgrade your project version to continue receiving the latest improvements and
-              patches.
-            </p>
-            <Link href="/docs/documentation/platform/project-upgrade">
-              <a target="_blank" className="text-primary-400">
-                Learn more
-              </a>
-            </Link>
-          </>
+          <p>
+            Upgrade your project version to continue receiving the latest improvements and patches.
+          </p>
        ) : (
-          <>
-            <p>
-              <span className="font-bold">Please ask a project admin to upgrade the project.</span>
-              <br />
-              Upgrading the project version is required to continue receiving the latest
-              improvements and patches.
-            </p>
-            <Link href="/docs/documentation/platform/project-upgrade">
-              <a target="_blank" className="text-primary-400">
-                Learn more
-              </a>
-            </Link>
-          </>
+          <p>
+            <span className="font-bold">Please ask a project admin to upgrade the project.</span>
+            <br />
+            Upgrading the project version is required to continue receiving the latest improvements
+            and patches.
+          </p>
        )}
        {currentStatus && <p className="mt-2 opacity-80">Status: {currentStatus}</p>}
      </div>
--- a/helm-charts/infisical-standalone-postgres/Chart.yaml
+++ b/helm-charts/infisical-standalone-postgres/Chart.yaml
@ -7,7 +7,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.5
+version: 1.0.1

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/helm-charts/infisical-standalone-postgres/values.yaml
+++ b/helm-charts/infisical-standalone-postgres/values.yaml
@ -24,9 +24,9 @@ infisical:

  resources:
    limits:
-      memory: 350Mi
+      memory: 210Mi
    requests:
-      cpu: 350m
+      cpu: 200m

 ingress:
  enabled: true