synced/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2025-03-31 22:09:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

..

365 Commits
patch-3 ... infisical/

Author SHA1 Message Date
Maidul Islam
d33ef9e4e1 jump cloud patch 2024-01-28 13:53:24 -05:00
Maidul Islam
bbf2634e73 prepend sso with site url 2024-01-27 20:20:02 -05:00
Maidul Islam
1980f802fa update rate limits 2024-01-27 19:05:17 -05:00
Maidul Islam
6ecd289e6c update rate limits 2024-01-27 18:38:57 -05:00
Maidul Islam
b8a6f5dc54 add email templates and disposable_emails.text to build 2024-01-27 18:15:12 -05:00
Maidul Islam
dedbc4fd60 remove unused imports 2024-01-27 17:11:40 -05:00
Maidul Islam
d14099990f remove notice 2024-01-27 17:04:53 -05:00
Maidul Islam
3f5ab2a09e remove console.log 2024-01-27 17:04:02 -05:00
Maidul Islam
a191f437e9 patch blind index route 2024-01-27 17:03:16 -05:00
Maidul Islam
1a375ec45b patch import * 2024-01-27 12:35:53 -05:00
Maidul Islam
81f3a6a7a8 add loca host to docker prod 2024-01-27 12:27:15 -05:00
Maidul Islam
dc8b64708a add debug logs 2024-01-27 11:20:17 -05:00
Maidul Islam
dd3790c995 patch git workflow 2024-01-27 10:31:30 -05:00
Maidul Islam
a91b6ebc03 new workflow for releasing standalone 2024-01-27 10:28:49 -05:00
Maidul Islam
e68d1d06a8 Merge pull request from akhilmhdh/feat/patch-pg-v2 
feat: changed backend-pg to backend
 2024-01-27 10:06:34 -05:00
Akhil Mohan
8f754d659a feat: resolved tiny bug secret blind indexing 2024-01-27 20:23:19 +05:30
Maidul Islam
bef28fea2d Update release-standalone-docker-img.yml 2024-01-27 09:42:20 -05:00
Maidul Islam
28f15de8df Update build-docker-image-to-prod.yml 2024-01-27 09:40:59 -05:00
Akhil Mohan
66d258f02b feat: changed backend-pg to backend 2024-01-27 19:14:33 +05:30
Maidul Islam
d13eafcef7 Merge pull request from akhilmhdh/feat/infisical-pg 
Hello world from PG
 2024-01-27 02:26:05 -05:00
Maidul Islam
6db47499de add index for blind index 2024-01-27 12:40:37 +05:30
Maidul Islam
1cefb036e0 ignore dup user and make email unique 2024-01-27 12:40:37 +05:30
Maidul Islam
af77ad8b2f update rate limits 2024-01-27 12:40:37 +05:30
Maidul Islam
dd0f9f5216 patch secret apporval request secrets 2024-01-27 12:40:37 +05:30
Maidul Islam
29df6f067e remove unnecessary concole 2024-01-27 12:40:37 +05:30
Maidul Islam
4dc9a3692e add mongo to docker compose 2024-01-27 12:40:37 +05:30
Maidul Islam
49bb2121b9 update helm values 2024-01-27 12:40:37 +05:30
Maidul Islam
07679d9318 add postgres helm chart 2024-01-27 12:40:37 +05:30
Maidul Islam
fb271726fe make emails not unique for now 2024-01-27 12:40:37 +05:30
Maidul Islam
f9e7d4ddd2 make MI access token have string id 2024-01-27 12:40:37 +05:30
Maidul Islam
442c454932 make email unique 2024-01-27 12:40:37 +05:30
Maidul Islam
8b22ee1fac coerce strings to number responses 2024-01-27 12:40:37 +05:30
Maidul Islam
8a10dc8983 make before and after more clear in roll back 2024-01-27 12:40:37 +05:30
Maidul Islam
d57920706a patch bug validateAccessTokenExp bug 2024-01-27 12:40:37 +05:30
Maidul Islam
425611b409 remove uuid from snapshot project response 2024-01-27 12:40:37 +05:30
Maidul Islam
b20489982d delete unneeded file 2024-01-27 12:40:37 +05:30
Maidul Islam
4b569ee4b4 make access token non uui 2024-01-27 12:40:37 +05:30
Akhil Mohan
af9661b221 feat(infisical-pg): minor bug fixes in frontend and pg migrator secret approval req 2024-01-27 12:40:37 +05:30
Akhil Mohan
53f16f01b8 feat(infisical-pg): fixed audit log to estimate doc count and resolve cors issue 2024-01-27 12:40:37 +05:30
Maidul Islam
f519d1cffc remove async from validateAccessTokenExp 2024-01-27 12:40:37 +05:30
Akhil Mohan
b8b28d2710 feat(infisical-pg): resolved linting issues 2024-01-27 12:40:37 +05:30
Akhil Mohan
deab700716 feat(infisical-pg): made api key backward compat 2024-01-27 12:40:37 +05:30
Akhil Mohan
4d184003a8 feat(infisical-pg): made identity ua client sec backward compat 2024-01-27 12:40:37 +05:30
Maidul Islam
9849312317 remove console 2024-01-27 12:40:37 +05:30
Akhil Mohan
79454a6aea feat(infisical-pg): fixed org bot gone missing 2024-01-27 12:40:37 +05:30
Akhil Mohan
8e0fb9fe9b feat(infisical-pg): wrapped saml get option in try catch 2024-01-27 12:40:37 +05:30
Maidul Islam
a729114376 remove prefix from redis 2024-01-27 12:40:37 +05:30
Maidul Islam
0c20cb0f91 JWT_AUTH_SECRET => AUTH_SECRET 2024-01-27 12:40:37 +05:30
Maidul Islam
d1597ed8da find by id of ormify patch 2024-01-27 12:40:37 +05:30
Maidul Islam
6cee8dc7e5 uni auth remove auth type 2024-01-27 12:40:37 +05:30
Maidul Islam
13040439c3 coerce big int from string to number from sql 2024-01-27 12:40:37 +05:30
Maidul Islam
9a4f294749 add prefix to queue 2024-01-27 12:40:37 +05:30
Maidul Islam
2436a572f0 revert to only arm build 2024-01-27 12:40:37 +05:30
Maidul Islam
7cd21e3a93 remove timeout and signal from license requester 2024-01-27 12:40:37 +05:30
Maidul Islam
e28416b50b patch service token migration backwards with mongo 2024-01-27 12:40:37 +05:30
Akhil Mohan
9677836b76 feat(infisical-pg): added telemtry service 2024-01-27 12:40:37 +05:30
Maidul Islam
ca858f8e13 rename ci 2024-01-27 12:40:37 +05:30
Maidul Islam
c2beff493f add linux/amd64,linux/arm64 for standone release 2024-01-27 12:40:37 +05:30
Maidul Islam
34fafd815c set postgres ci to only linux/arm64 2024-01-27 12:40:37 +05:30
Maidul Islam
c05ebbb864 set SmtpHost.Sendgrid secure=true 2024-01-27 12:40:37 +05:30
Maidul Islam
372f2be2f3 increase license server request time out 2024-01-27 12:40:37 +05:30
Maidul Islam
23e621f557 increase license request timeout 2024-01-27 12:40:36 +05:30
Maidul Islam
464b80140f add 443 port to docker 2024-01-27 12:40:36 +05:30
Maidul Islam
01cd496afe update status api 2024-01-27 12:40:36 +05:30
Maidul Islam
6094940a8b add success message 2024-01-27 12:40:36 +05:30
Maidul Islam
30b959babb JWT_AUTH_SECRET => AUTH_SECRET 2024-01-27 12:40:36 +05:30
Maidul Islam
cec14efe86 add logs to license server 2024-01-27 12:40:36 +05:30
Maidul Islam
b3f090d87e only amd 2024-01-27 12:40:36 +05:30
Maidul Islam
1deb6827cf add STANDALONE_MODE to docker file 2024-01-27 12:40:36 +05:30
Maidul Islam
24dbf11962 add back arm 2024-01-27 12:40:36 +05:30
Maidul Islam
20fb3906aa only amd 2024-01-27 12:40:36 +05:30
Maidul Islam
e7e2ca0f45 update postgress workflow 2024-01-27 12:40:36 +05:30
Maidul Islam
caabf2c952 patch bot keys 2024-01-27 12:40:36 +05:30
Maidul Islam
35eade0206 update to alpine node 20 2024-01-27 12:40:36 +05:30
Maidul Islam
6d1b79430d lower node alpine 2024-01-27 12:40:36 +05:30
Maidul Islam
7864524944 remove QEMU 2024-01-27 12:40:36 +05:30
Maidul Islam
adc90e91fe update build-push-actio version 2024-01-27 12:40:36 +05:30
Maidul Islam
db7db0cc04 remove version 2024-01-27 12:40:36 +05:30
Maidul Islam
aa4d9ad267 Revert "update npm time out" 
This reverts commit 38a7b1acf1a445ea62dcad5b60e9624733976b78.
 2024-01-27 12:40:36 +05:30
Maidul Islam
27fd857120 update npm time out 2024-01-27 12:40:36 +05:30
Maidul Islam
205e46571a remove depot 2024-01-27 12:40:36 +05:30
Maidul Islam
70a6a7cfa1 create CI for standalone image 2024-01-27 12:40:36 +05:30
Maidul Islam
558315c24b set secret blind index count to Number 2024-01-27 12:40:36 +05:30
Maidul Islam
a2bd808196 rename project roles message 2024-01-27 12:40:36 +05:30
Maidul Islam
cfb0d4ee96 add no access to org service role 2024-01-27 12:40:36 +05:30
Maidul Islam
15fc4fd609 set cascade in trusted ip for project id 2024-01-27 12:40:36 +05:30
Maidul Islam
83bff9ae14 make protectedKey protectedKeyIV protectedKeyTag nullable 2024-01-27 12:40:36 +05:30
Maidul Islam
86ba6355cf more patches to migrator 2024-01-27 12:40:36 +05:30
Akhil Mohan
6b427adfe0 feat(infisical-pg): added v3 secret blind index enable feature 2024-01-27 12:40:36 +05:30
Akhil Mohan
01f711ad19 feat(infisical-pg): completed audit log migrator 2024-01-27 12:39:54 +05:30
Akhil Mohan
fa572f7ee0 feat(infisical-pg): completed standalone and docker node version 2024-01-27 12:39:54 +05:30
Maidul Islam
249edf98e9 remove notNullable from various tables 2024-01-27 12:39:54 +05:30
Maidul Islam
753a4daf69 remove authType from mi access token 2024-01-27 12:39:54 +05:30
Maidul Islam
b9320ed9bd comment out corrupt seed files 2024-01-27 12:39:54 +05:30
Maidul Islam
8eace5528f point migrations to pg backend folder 2024-01-27 12:39:54 +05:30
Daniel Hougaard
9407c16e83 Update queue-service.ts 2024-01-27 12:39:54 +05:30
Daniel Hougaard
dcdcc40a4a Update smtp-service.ts 2024-01-27 12:39:54 +05:30
Daniel Hougaard
edd78eaeba Refactor 2024-01-27 12:39:54 +05:30
Daniel Hougaard
c21ea6fb75 Cleanup 2024-01-27 12:39:54 +05:30
Daniel Hougaard
a60dbe523b Refactor to secret queue 2024-01-27 12:39:54 +05:30
Daniel Hougaard
bb9a6b4272 Update index.ts 2024-01-27 12:39:54 +05:30
Daniel Hougaard
eaca1b694a Log 2024-01-27 12:39:54 +05:30
Daniel Hougaard
0afb44af29 Handle deletion 2024-01-27 12:39:54 +05:30
Daniel Hougaard
3b39e38c89 Secret reminder types 2024-01-27 12:39:54 +05:30
Daniel Hougaard
4189d1028d Optional secret reminder typing 2024-01-27 12:39:54 +05:30
Daniel Hougaard
f227824fb8 Added secret reminders email 2024-01-27 12:39:54 +05:30
Daniel Hougaard
49d6918297 Update secret-service.ts 2024-01-27 12:39:54 +05:30
Daniel Hougaard
00212f1c72 Secret reminder queue factory 2024-01-27 12:39:54 +05:30
Daniel Hougaard
987f0c9081 Added secret reminder service 2024-01-27 12:39:54 +05:30
Daniel Hougaard
e4f00f74e9 Added new special query for getting org from project ID 2024-01-27 12:39:54 +05:30
Daniel Hougaard
ce580f417e Registered secret reminder service 2024-01-27 12:39:54 +05:30
Daniel Hougaard
c1662d6db5 Added secret reminder to queue service 2024-01-27 12:39:54 +05:30
Daniel Hougaard
2dae59c6be Update fastify.d.ts 2024-01-27 12:39:54 +05:30
Akhil Mohan
9bd764e535 feat(infisical-pg): updated pg migrator to new table name changes 2024-01-27 12:39:54 +05:30
Akhil Mohan
e4f32f092a feat(infisical-pg): completed test for secret folder and import 2024-01-27 12:39:54 +05:30
Maidul Islam
e02c082c7a more patches for migration script 2024-01-27 12:39:54 +05:30
Akhil Mohan
80b6c4ad94 feat(infisical-pg): completed tag support to all secret operations 2024-01-27 12:39:54 +05:30
Akhil Mohan
42eb01e1e2 feat(infisical-pg): completed support for tags in secret snapshot 2024-01-27 12:39:54 +05:30
Maidul Islam
b8157122e6 patches for dangling data 2024-01-27 12:39:54 +05:30
Akhil Mohan
4f66749430 feat(infisical-pg): added secret version tag 2024-01-27 12:39:54 +05:30
Maidul Islam
bfe5ee672b patches for migration 2024-01-27 12:39:54 +05:30
Akhil Mohan
32a1a0a9e5 feat(infisical-pg): removed short form names in secret approval to long form 2024-01-27 12:39:54 +05:30
Akhil Mohan
f7e1da65d5 feat(infisical-pg): added slug for org and project, resolved build error 2024-01-27 12:39:53 +05:30
Akhil Mohan
6bf9bc1d2c feat(infisical-pg): changed all dal to DAL as said by maidul 2024-01-27 12:38:23 +05:30
Akhil Mohan
59c747cf72 feat(infisical-pg): added rate limiter and bootstrap 2024-01-27 12:38:23 +05:30
Akhil Mohan
b04030a060 feat(infisical-pg): resolved missing integration auth api 2024-01-27 12:38:23 +05:30
Akhil Mohan
e8fd693da3 feat(infisical-pg): added single scope service token auto filling for get secret by name raw and version option for both get secret by name 2024-01-27 12:38:23 +05:30
Akhil Mohan
6c2803da93 feat(infisical-pg): crct permission for secret approval policy check 2024-01-27 12:38:23 +05:30
Akhil Mohan
4031f4a559 feat(infisical-pg): idempotent folder creation 2024-01-27 12:38:23 +05:30
Akhil Mohan
8ab89bc420 feat(infisical-pg): resolved import secret breaking cli backward compatiability 2024-01-27 12:38:23 +05:30
Akhil Mohan
e46e87d758 feat(infisical-pg): fixed secret deletion not getting triggered 2024-01-27 12:38:23 +05:30
Akhil Mohan
9c2ef15314 feat(infisical-pg): fixed missing secret path and commiter message in frontend 2024-01-27 12:38:23 +05:30
Maidul Islam
3213dafba9 add check to make sure user can only create service token for secrets they have access to 2024-01-27 12:38:23 +05:30
Maidul Islam
33c3c5ecc5 add permission check for target env/path for imports 2024-01-27 12:38:23 +05:30
Akhil Mohan
627c8711dc feat(infisical-pg): fixed v3 raw endpoint auto filling based on service token data single scoped 2024-01-27 12:38:23 +05:30
Akhil Mohan
8d3d4f222f feat(infisical-pg): fixed service token cli endpoint 2024-01-27 12:38:23 +05:30
Maidul Islam
65d3038414 set ignoreTrailingSlash to true in fastify 2024-01-27 12:38:23 +05:30
Akhil Mohan
6b7b888fb4 feat(infisical-pg): fixed service token return body 2024-01-27 12:38:23 +05:30
Akhil Mohan
bf059e0fe5 feat(infisical-pg): fixed secret rotation and secret approval limit offset 2024-01-27 12:38:23 +05:30
Daniel Hougaard
28fdf4ed4b Update service-token-router.ts 2024-01-27 12:38:23 +05:30
Tuan Dang
2606e42079 Correct Cloudflare Pages authorization page 2024-01-27 12:38:23 +05:30
Tuan Dang
b1285b401b Patch integration issues 2024-01-27 12:38:23 +05:30
Tuan Dang
3afafbb885 Add Makefile, pg-admin to docker compose 2024-01-27 12:38:23 +05:30
Maidul Islam
257547ff4d fix delete secret scans after git app uninstall 2024-01-27 12:38:23 +05:30
Maidul Islam
da4ae3c503 switch getSapOfFolder to check for secrets instead of approval 2024-01-27 12:38:23 +05:30
Maidul Islam
fb79e9e6fb update project add user text typo 2024-01-27 12:38:23 +05:30
Akhil Mohan
5373cb6afb feat(infisical-pg): added secret version api, fixed pass reset flow, smtp connection issue fixed 2024-01-27 12:38:23 +05:30
Daniel Hougaard
31c0bf6831 Fixed UI glitch 2024-01-27 12:38:23 +05:30
Daniel Hougaard
67618046c0 Fixed creating service tokens with no expiry 2024-01-27 12:38:23 +05:30
Maidul Islam
df642179ba fix typo 2024-01-27 12:38:23 +05:30
Daniel Hougaard
c7d0f2325c Fixed secret creation 2024-01-27 12:38:23 +05:30
Akhil Mohan
bb6d482ff9 feat(infisical-pg): added global error handler, try catch in oauth passport 2024-01-27 12:38:23 +05:30
Daniel Hougaard
4f619d7e48 Fixed signup for gitlab and github 2024-01-27 12:38:23 +05:30
Akhil Mohan
295c1e5d4a feat(infisical-pg): fixed ts issue on passport type change 2024-01-27 12:38:23 +05:30
Daniel Hougaard
0be3ad9517 Fixed eslint bug 2024-01-27 12:38:23 +05:30
Daniel Hougaard
606ed25104 Fixed GitHub auth registration issue 2024-01-27 12:38:23 +05:30
Akhil Mohan
c880a48749 feat(infisical-pg): fixed radix issue, bugs in oauth and tag cascade on 2024-01-27 12:38:23 +05:30
Akhil Mohan
92f7b45e01 feat(infisical-pg): fixed plan going undefined and resolved project missing on env delete 2024-01-27 12:38:23 +05:30
Akhil Mohan
5fe8bdc00b feat(infisical-pg): completed first version of pg migrator 2024-01-27 12:38:23 +05:30
Akhil Mohan
9f813d72f2 feat(infisical-pg): resolved multi integration auth and ip v6 support in ua 2024-01-27 12:38:23 +05:30
Akhil Mohan
d90fdac5ce feat(infisical-pg): fixed bugs in integrations and self hosted license failure 2024-01-27 12:38:23 +05:30
Akhil Mohan
87709dc86f feat(infisical-pg): first setup for postgres migration script 2024-01-27 12:38:23 +05:30
Akhil Mohan
deb8e74749 feat(infisical-pg): fixed some bugs on org invite missing auth method 2024-01-27 12:38:23 +05:30
Akhil Mohan
3519412639 feat: added secret raw endpoint and include imports 2024-01-27 12:38:23 +05:30
Akhil Mohan
0506389ada feat: added logged in based testing by injecting jwt token logic 2024-01-27 12:38:23 +05:30
Akhil Mohan
dd7c449483 feat: added login test and fixed super admin bug 2024-01-27 12:38:23 +05:30
Akhil Mohan
c7572a3374 feat: completed license server integration 2024-01-27 12:38:23 +05:30
Akhil Mohan
fe416556f2 feat: changed req.auth.userId to permission.id to satisfy type error 2024-01-27 12:38:23 +05:30
Akhil Mohan
20fb99f042 feat: added token based communications 2024-01-27 12:38:23 +05:30
Akhil Mohan
daa94db874 feat(infisical-pg): changed back to old infisical-radar url 2024-01-27 12:38:23 +05:30
Akhil Mohan
850e7bff98 feat(infisical-pg): completed secret scanner 2024-01-27 12:38:23 +05:30
Akhil Mohan
bfaf87c4c2 feat(infisical-pg): completed saml integration 2024-01-27 12:38:23 +05:30
Akhil Mohan
55f1392faf feat(infisical-pg): completed sync in secret approval 2024-01-27 12:38:23 +05:30
Akhil Mohan
0bf658e501 feat(infisical-pg): completed webhook and integration trigger queue 2024-01-27 12:38:23 +05:30
Akhil Mohan
aed94ff5bb feat(infisical-pg): resolved integration invalid cred error 2024-01-27 12:38:23 +05:30
Akhil Mohan
0d3f09d668 feat(infisical-pg): completed checklist run for dashboard 2024-01-27 12:38:23 +05:30
Akhil Mohan
16f0ac6d43 feat(infisical-pg): completed audit log moved ee routes to normal routing pattern 2024-01-27 12:38:23 +05:30
Akhil Mohan
6e6a1c87f2 feat(infisical-pg): completed secrets fetching from imports based on priority 2024-01-27 12:38:23 +05:30
Akhil Mohan
b5aa6c0000 feat(infisical-pg): completed secret rollback 2024-01-27 12:38:23 +05:30
Akhil Mohan
784cdb4201 feat(infisical-pg): completed secret rotation with queue service 2024-01-27 12:38:23 +05:30
Akhil Mohan
17e61bfc68 feat(infisical-pg): completed secret approval policy and services for approval requests 2024-01-27 12:38:23 +05:30
Akhil Mohan
a6a60b7bbb feat(infisical-pg): fixing minor compatiability issues with frontend and backend on identity 2024-01-27 12:38:23 +05:30
Akhil Mohan
d154f68a59 feat(infisical-pg: completed machine identity services 2024-01-27 12:38:23 +05:30
Akhil Mohan
f5159583ae feat(infisical-pg: completed webhook and service token 2024-01-27 12:38:23 +05:30
Akhil Mohan
771bec6d6d feat(infisical-pg): completed integration, integration auth and project bot api migration 2024-01-27 12:38:23 +05:30
Akhil Mohan
010963a80c feat(infisical-pg): completed nested folder support for secret,folder and import operations 2024-01-27 12:38:23 +05:30
Akhil Mohan
0e1191f2ea feat(infisical-pg): completed root folder level secret, secret import and folder 2024-01-27 12:38:23 +05:30
Akhil Mohan
8a6ab7f2f6 feat(infisical-pg): connected project api changes with frontend 2024-01-27 12:38:22 +05:30
Akhil Mohan
4f3582a98b feat(infisical-pg): added routes for workspaces and updated frontend 2024-01-27 12:38:22 +05:30
Akhil Mohan
498a90c484 feat(infisical-pg: linted after import order fix 2024-01-27 12:38:22 +05:30
Akhil Mohan
76e5d61da5 feat(infisical-pg: added services for project, project key and environment 2024-01-27 12:38:22 +05:30
Akhil Mohan
53bb3bc610 feat(infisical-pg): added database schema for project, its membership role and env 2024-01-27 12:38:22 +05:30
Akhil Mohan
1df7b88abf feat(infisical-pg): added e2e test setup 2024-01-27 12:38:22 +05:30
Akhil Mohan
3670b16657 feat(infisical-pg): new org role routes completed 2024-01-27 12:38:22 +05:30
Akhil Mohan
9a4b2f7d81 feat(infisical-pg): resolved type check issue and linted frontend 2024-01-27 12:38:22 +05:30
Akhil Mohan
fadb36edb8 feat(infisical-pg): removed _id with id for new backend 2024-01-27 12:38:22 +05:30
Akhil Mohan
fbe5a1adb0 feat(infisical-pg): added github,gitlab and google oauth 2024-01-27 12:38:22 +05:30
Akhil Mohan
d0695a8998 feat(infisical-pg): added a seed setup with test user creation and org creation 2024-01-27 12:38:22 +05:30
Akhil Mohan
a19e8ad016 feat(infisical-pg): updated names and simplified dal layer using ormify 2024-01-27 12:38:22 +05:30
Akhil Mohan
15b57de0ed feat(infisical-pg): test first milestone one flow 2024-01-27 12:38:22 +05:30
Akhil Mohan
aaba4a0895 feat(infisical-pg): changed frontend api types _id to normal id 2024-01-27 12:38:22 +05:30
Akhil Mohan
f3b37de3f3 feat(infisical-pg): auth injection completed and validation in password router 2024-01-27 12:38:22 +05:30
Akhil Mohan
fcfd6b3fb2 feat(infisical-pg): completed signup, login, password and backup key migration 2024-01-27 12:38:22 +05:30
Akhil Mohan
05205d1eff feat(infisical-pg): added all previous simple server middlewares, swagger support 2024-01-27 12:38:22 +05:30
Akhil Mohan
2243bcb3a4 feat: added dev and prod setup using esbuild 2024-01-27 12:38:22 +05:30
Maidul Islam
356e981401 Merge pull request from akhilmhdh/feat/migration-mode 
feat(infisical-pg): added migration mode env and page
 2024-01-27 00:58:58 -05:00
Maidul Islam
5b41fb0ff5 update text and patch notice 2024-01-27 00:21:57 -05:00
Maidul Islam
8893aec213 patch saml sso for rippling 2024-01-23 01:11:29 -05:00
Daniel Hougaard
c4cb8f8008 Merge pull request from Infisical/daniel/better-sdk-docs 
(Docs): Improve SDK docs
 2024-01-23 08:53:28 +04:00
Daniel Hougaard
046557c97f Add .NET 2024-01-23 08:47:29 +04:00
Daniel Hougaard
a15ba28c18 Update node guide to reflect new SDK 2024-01-23 08:47:20 +04:00
Daniel Hougaard
8386f4dcbd Update python guide to reflect new SDK 2024-01-23 08:47:11 +04:00
Daniel Hougaard
ada0fd9c5b Add new item for fallbacks 2024-01-23 08:47:01 +04:00
Maidul Islam
6376c29e49 update maintenace notice 2024-01-19 17:28:35 -05:00
Vladyslav Matsiiako
402692614e updated maintenance page 2024-01-19 12:59:18 -08:00
Akhil Mohan
34de6d4e29 feat(infisical-pg): added migration mode env and page 2024-01-20 01:20:14 +05:30
vmatsiiako
829e906650 Merge pull request from Infisical/daniel/changelog-jan-2024 
[JAN] Changelog points
 2024-01-18 20:25:52 -05:00
Daniel Hougaard
b7cbb0f1a8 Update overview.mdx 2024-01-19 00:14:03 +04:00
Daniel Hougaard
a50ffbb59d Update overview.mdx 2024-01-19 00:13:57 +04:00
Daniel Hougaard
48eda0c684 Update overview.mdx 2024-01-15 15:55:37 +04:00
Maidul Islam
ed89413689 Merge pull request from Infisical/update-blog 
Update blog notification
 2024-01-12 13:52:11 -05:00
Maidul Islam
0c94f77a6d Merge pull request from akhilmhdh/feat/banner 
feat: added main banner for migration
 2024-01-12 10:48:21 -05:00
Vladyslav Matsiiako
e6068826f8 update migration notification 2024-01-11 23:34:46 -08:00
Maidul Islam
cfa0a2044e Merge pull request from Infisical/add-project-config-flag-for-workspace 
add project-config-dir flag for run command
 2024-01-11 17:21:03 -05:00
Maidul Islam
134b503c28 remove log 2024-01-11 17:19:39 -05:00
Maidul Islam
efcbf1aa88 add project-config-dir flag for run command 2024-01-11 16:39:02 -05:00
vmatsiiako
284c18db07 Merge pull request from Infisical/daniel/sdk-seo-improvements 
(Docs): SDK SEO Improvements & links to packages/repos
 2024-01-11 10:53:08 -08:00
Daniel Hougaard
1410a44610 SEO Improvements and links to packages/repos 2024-01-11 22:34:11 +04:00
Akhil Mohan
746ffb3840 feat: added main banner for migration 2024-01-11 23:09:57 +05:30
vmatsiiako
f9f12eafdf Update saml docs 2024-01-10 15:02:10 -08:00
Maidul Islam
11470a5a0e Merge pull request from Infisical/daniel/project-docs-secret-reminders 
(Docs): Personal overrides and secret reminders awareness
 2024-01-10 17:43:16 -05:00
Daniel Hougaard
9fe2190115 Update project.mdx 2024-01-11 02:40:37 +04:00
Maidul Islam
9e2bd31833 Merge pull request from Infisical/daniel/csharp-docs 
(Docs): .NET SDK documentation & updates existing SDK docs
 2024-01-10 16:28:40 -05:00
Daniel Hougaard
e88b0ad3c4 Update python.mdx 2024-01-11 01:25:10 +04:00
Daniel Hougaard
74644fd8bb Added cryptography docs and fixed formatting 2024-01-11 01:12:38 +04:00
Daniel Hougaard
2069ac1554 Added CSharp and removed unfinished SDK's 2024-01-11 01:12:26 +04:00
Daniel Hougaard
5a2516e0a7 Removed unsupported languages to remove clutter 2024-01-11 01:12:17 +04:00
Daniel Hougaard
b52bc3bed7 Added CSharp docs 2024-01-11 01:12:05 +04:00
Maidul Islam
4a153e5658 Merge pull request from akhilmhdh/fix/sec-interpolation-undefined 
fix(secret-reference): fixed undefined if value not found
 2024-01-10 09:59:09 -05:00
Akhil Mohan
7324822be5 fix(secret-reference): fixed undefined if value not found 2024-01-10 11:45:46 +05:30
Maidul Islam
766f301aea patch agent config by env 2024-01-09 14:30:29 -05:00
Vladyslav Matsiiako
8fbc930012 updated notification text 2024-01-08 13:51:40 -08:00
Vladyslav Matsiiako
0e5190a920 added the december update blog 2024-01-08 13:47:58 -08:00
Maidul Islam
b815e3eb56 Merge pull request from Infisical/daniel/fix-sdk-contribution-image 
(Fix): Image in SDK contribution guide not loading
 2024-01-08 14:56:27 -05:00
Daniel Hougaard
31231cfcca Update developing.mdx 2024-01-08 23:30:10 +04:00
Maidul Islam
ee772e4a77 allow reading universal auth creds from env in agent 2024-01-07 17:00:42 -05:00
Maidul Islam
7bc29c5981 Merge pull request from Infisical/query-by-secret-version 
Add version query param to GET secret raw and regular endpoints
 2024-01-07 16:07:49 -05:00
Maidul Islam
e9a89930da Merge pull request from Infisical/multi-integration-auth 
Enable new integration auth credential for each new integration
 2024-01-07 14:49:04 -05:00
BlackMagiq
b85499859c Merge pull request from Infisical/identities-ipv6 
Add IPv6 consideration to default universal auth IP allowlist
 2024-01-07 16:37:06 +01:00
Tuan Dang
7f17194c0f Add IPv6 consideration to default identities IP allowlist 2024-01-07 16:32:25 +01:00
Tuan Dang
1e1ad450d2 Add version query param to GET secret endpoint 2024-01-07 14:25:33 +01:00
Tuan Dang
5287b322d8 Enable new integration auth for each new integration 2024-01-07 12:49:59 +01:00
Maidul Islam
45d96be1ff added base64 support for config and templates 2024-01-06 23:43:04 -05:00
Maidul Islam
12840bfdbd add exit after auth setting 2024-01-06 17:17:21 -05:00
BlackMagiq
fef5369738 Merge pull request from Infisical/identity-apis 
Update various identities items
 2024-01-06 17:11:01 +01:00
Tuan Dang
c94b7d63f6 Update various identities items 2024-01-06 17:04:44 +01:00
BlackMagiq
485ddc5c50 Merge pull request from Infisical/patch-railway 
Fix client-side railway integration issue
 2024-01-06 16:14:16 +01:00
Tuan Dang
edd9c66e49 Remove commented print statements 2024-01-06 16:11:22 +01:00
Tuan Dang
0a3b85534b Fix client-side railway integration issue 2024-01-06 16:09:15 +01:00
Maidul Islam
ec2cc5162e Merge pull request from Infisical/daniel/sdk-contribution-guide 
Contribution guide refactor & SDK contribution guide
 2024-01-05 20:26:17 -05:00
Daniel Hougaard
7ce472957c Fixed quality 2024-01-06 04:04:09 +04:00
Daniel Hougaard
8529e0da3d Update developing.mdx 2024-01-06 03:41:31 +04:00
Daniel Hougaard
e5a5433f10 Update developing.mdx 2024-01-06 03:00:14 +04:00
Daniel Hougaard
ee6e518ff8 Update link to contribution guide 2024-01-06 02:58:26 +04:00
Daniel Hougaard
15a7222505 Update mint.json 2024-01-06 02:58:16 +04:00
Daniel Hougaard
25d482cc62 Create sdk-flow.png 2024-01-06 02:58:12 +04:00
Daniel Hougaard
785a2bec6a Added SDK guide 2024-01-06 02:58:08 +04:00
Daniel Hougaard
449466f326 Restructure 2024-01-06 02:58:02 +04:00
Daniel Hougaard
4131e9c3f1 Added getting started section 2024-01-06 02:57:53 +04:00
Daniel Hougaard
310595256f Restructured existing guide 2024-01-06 02:57:21 +04:00
Maidul Islam
1737880e58 Merge pull request from Infisical/snyk-fix-b96b562a611b0789d0a73c522a261f22 
[Snyk] Security upgrade probot from 12.3.1 to 12.3.3
 2024-01-05 11:20:43 -05:00
Maidul Islam
b72483f5f2 Merge pull request from Emiliaaah/fix-agent-secret-path 
fix(cli): secret-path directive for agent
 2024-01-05 10:39:39 -05:00
Daniel Hougaard
ee14bda706 Merge pull request from rlaisqls/error-message-typos 
Fix error message typos
 2024-01-05 18:18:20 +04:00
Emilia
e56463d52b fix(cli): secret-path directive for agent 2024-01-05 15:05:57 +01:00
Maidul Islam
ebd3d7c7c4 Merge pull request from Infisical/fix-vercel-preview-env 
Fix: Vercel integration preview environment client side error
 2024-01-04 10:18:25 -05:00
Daniel Hougaard
9ecbfe201b Update create.tsx 2024-01-04 17:42:31 +04:00
Maidul Islam
ba2a03897f update secret import create notif 2024-01-04 01:55:34 -05:00
Maidul Islam
304f14c0ed update service token create notif 2024-01-04 01:52:03 -05:00
Maidul Islam
51e5c25e16 update imports/service token crud 2024-01-04 00:55:03 -05:00
Maidul Islam
0f6490b1e7 move cli to bin folder 2024-01-03 20:17:34 -05:00
Maidul Islam
f894e48fcb remove unused import 2024-01-02 13:55:01 -05:00
Maidul Islam
37cfa22619 add back macos build 2024-01-02 13:47:15 -05:00
Maidul Islam
94557344b7 wrap cli into a docker image 2024-01-02 13:43:55 -05:00
Tuan Dang
d5063018eb Added identities, universal auth, agent to changelog 2024-01-02 10:05:43 +01:00
Maidul Islam
51d68505d3 Merge pull request from Infisical/posthog-revamp 
removed posthog cli export events
 2023-12-29 15:18:59 -05:00
rlaisqls
ade27ad072 Fix typos 2023-12-29 13:26:08 +09:00
Maidul Islam
683c512bce Merge pull request from Infisical/ui-improvements 
ui and docs improvements
 2023-12-25 14:33:47 -05:00
Vladyslav Matsiiako
43ff28b5fb added terraform useragent 2023-12-24 17:13:29 -08:00
Vladyslav Matsiiako
ce41855e84 added sdk useragent and channel 2023-12-24 16:58:48 -08:00
Vladyslav Matsiiako
d24461b17c removed posthog cli export events 2023-12-24 15:49:18 -08:00
Vladyslav Matsiiako
1797e56f9f fixed sdk guides 2023-12-24 13:30:59 -08:00
Daniel Hougaard
74f3ca5356 Merge pull request from Infisical/sdk/docs-update-2 
Sdk/docs update 2
 2023-12-24 21:57:52 +04:00
Daniel Hougaard
db27beaf0b Update overview.mdx 2023-12-24 21:54:57 +04:00
Daniel Hougaard
d6e55f51f2 Updated Python docs 2023-12-24 21:36:47 +04:00
Daniel Hougaard
e9b5996567 Updated node caching docs 2023-12-24 21:36:40 +04:00
Daniel Hougaard
094fe73917 Updated Java caching docs 2023-12-24 21:36:31 +04:00
Daniel Hougaard
dc3f85e92e Re-added an updated FAQ 2023-12-24 17:11:20 +04:00
Daniel Hougaard
c463256058 Updated Python docs 2023-12-24 17:11:08 +04:00
Daniel Hougaard
8df22302fd Updated Node docs 2023-12-24 17:11:03 +04:00
Daniel Hougaard
f37fa2bbf5 Updated Java docs 2023-12-24 17:10:54 +04:00
Vladyslav Matsiiako
597c9d6f2a fix docs sdk errors 2023-12-23 17:17:10 -08:00
Vladyslav Matsiiako
24d2eea930 ui and docs improvements 2023-12-23 16:06:00 -08:00
Maidul Islam
382cb910af tps 2023-12-23 17:31:34 -05:00
vmatsiiako
6725475575 Merge pull request from Infisical/sdk/docs-update 
SDK documentation update
 2023-12-23 09:30:35 -08:00
Daniel Hougaard
026864951b Updated links 2023-12-23 15:55:20 +04:00
Daniel Hougaard
287ed05ab7 Removed FAQ for now 2023-12-23 15:50:14 +04:00
Daniel Hougaard
37b036e614 Update overview.mdx 2023-12-23 15:49:03 +04:00
Daniel Hougaard
024914c168 Update python.mdx 2023-12-23 15:48:24 +04:00
Daniel Hougaard
19e8b6d37b Update node.mdx 2023-12-23 15:48:21 +04:00
Daniel Hougaard
b6d648f1f3 Added Java docs 2023-12-23 15:48:14 +04:00
Daniel Hougaard
a514a62a29 Fixed typos 2023-12-23 15:48:02 +04:00
Daniel Hougaard
2f24956651 Updated coming soon description 2023-12-23 15:47:16 +04:00
Daniel Hougaard
13d058025c Formatting and link changes 2023-12-23 15:29:24 +04:00
Daniel Hougaard
8ccaa7f29b Updated python docs 2023-12-23 15:29:17 +04:00
Daniel Hougaard
b83964051c Added required to required fields 2023-12-23 15:29:08 +04:00
Daniel Hougaard
0a2b078bdc Update node.mdx 2023-12-23 15:12:39 +04:00
Daniel Hougaard
40d16fa996 Updated Node.js docs 2023-12-23 15:10:30 +04:00
vmatsiiako
a3739cfe50 Update overview.mdx 2023-12-21 22:24:53 -08:00
vmatsiiako
a73623258e Update kubernetes-helm.mdx 2023-12-21 17:47:49 -08:00
BlackMagiq
6da39f41a6 Merge pull request from Infisical/restyle-self-hosting-docs 
Restyle self-hosting docs for Docker / Docker Compose
 2023-12-20 19:53:21 +07:00
Tuan Dang
69bbbfcfd8 Restyle self-hosting docs for Docker / Docker Compose 2023-12-20 19:52:17 +07:00
BlackMagiq
c9d58ec77d Merge pull request from Infisical/self-hosting-railway 
Add self-hosting docs for Railway
 2023-12-20 17:06:54 +07:00
Tuan Dang
cb364186d8 Add self-hosting docs for Railway 2023-12-20 17:05:28 +07:00
BlackMagiq
918afe05b6 Merge pull request from Infisical/self-hosting-aws-lightsail 
Finish self-hosting docs for AWS Lightsail
 2023-12-20 15:56:05 +07:00
Tuan Dang
e822820151 Finish self-hosting docs for AWS Lightsail 2023-12-20 15:42:02 +07:00
Maidul Islam
b5ac49eefe Merge pull request from akhilmhdh/feat/token-expire-null 
fix: made expire optional on service token creation
 2023-12-19 09:35:16 -05:00
BlackMagiq
b21d1a0ed2 Merge pull request from Infisical/self-hosting-azure-app-service 
Add self-hosting docs for Azure App Service
 2023-12-19 21:01:06 +07:00
Tuan Dang
70f1122362 Add self-hosting docs for Azure App Service 2023-12-19 20:57:08 +07:00
Akhil Mohan
ea03db8a2c fix: made expire optional on service token creation 2023-12-19 15:46:03 +05:30
BlackMagiq
38d9abca17 Merge pull request from Infisical/self-hosting-azure-container-instances 
Add self-hosting docs for Azure Container Instances
 2023-12-19 15:21:01 +07:00
Tuan Dang
5bed2580c3 Add self-hosting docs for Azure Container Instances 2023-12-19 15:19:24 +07:00
Maidul Islam
d0b899897b Merge pull request from Infisical/add-crd-owner 
add crd owner
 2023-12-18 19:26:26 -05:00
Maidul Islam
1861dc85de add crd owner 2023-12-18 19:25:23 -05:00
BlackMagiq
bc6bf33674 Merge pull request from Infisical/self-hosting-gcp-cloud-run 
Add docs for deploying Infisical with GCP Cloud Run
 2023-12-18 16:54:00 +07:00
Tuan Dang
44fd35baf5 Add docs for deploying Infisical with GCP Cloud Run 2023-12-18 16:52:28 +07:00
BlackMagiq
8ddfee4c36 Merge pull request from Infisical/self-hosting-flyio 
Add self-hosting docs for Fly.io
 2023-12-18 12:11:32 +07:00
Tuan Dang
4d0bff4377 Add self-hosting docs for Fly.io 2023-12-18 12:10:18 +07:00
snyk-bot
c7b2489d0b fix: backend/package.json & backend/package-lock.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PROBOT-6129524
 2023-12-17 14:48:29 +00:00
Maidul Islam
68eb0f8dd9 throw bad request when max uses reached 2023-12-15 15:40:20 -05:00
Maidul Islam
5941e8e836 Merge pull request from akhilmhdh/fix/secret-approval-patch 
fix: secret approval loading failed for commiter on approval
 2023-12-15 09:29:41 -05:00
Akhil Mohan
80e50d13ec fix: secret approval loading failed for commiter on approval 2023-12-15 18:10:54 +05:30
BlackMagiq
99c8dda4e1 Merge pull request from Infisical/sso-docs 
Update SSO docs to use Mintlify steps
 2023-12-15 13:58:31 +07:00
Tuan Dang
14c8e3fa3b Update SSO docs to use Mintlify steps 2023-12-15 13:54:28 +07:00
Maidul Islam
7aa3cb53a2 Merge pull request from Infisical/patch-5 
extract base from template source path
 2023-12-14 15:19:39 -05:00
Maidul Islam
567309e848 extract base from template source path 2023-12-14 15:17:14 -05:00
BlackMagiq
f264340903 Merge pull request from Infisical/saml-org-redirect 
Update redirect to org after SAML SSO
 2023-12-14 23:12:31 +07:00
Tuan Dang
51b788cc5b Update redirect to org after SSO 2023-12-14 23:07:22 +07:00
BlackMagiq
8e0f424249 Merge pull request from Infisical/integrations-docs 
Add Mintlify steps to integration pages
 2023-12-14 12:08:39 +07:00
Tuan Dang
f3767d3963 Add Mintlify steps to integration pages 2023-12-14 11:35:50 +07:00
Maidul Islam
51cbfdbc46 update uni auth doc image paths 2023-12-13 19:32:16 -05:00
Maidul Islam
f5a580eb72 fix broken link to uni auth 2023-12-13 19:15:06 -05:00
Maidul Islam
460ebf3296 patch getDistinctId 2023-12-13 19:12:02 -05:00
Maidul Islam
7f7f11c970 Merge pull request from Infisical/patch-4 
parse bot not found in agent
 2023-12-13 18:25:27 -05:00
Maidul Islam
f799e224a0 use RequestError instead of Error for bot 2023-12-13 18:22:29 -05:00
Maidul Islam
8a87277fe6 parse bot not found in agent 2023-12-13 18:07:39 -05:00
Maidul Islam
32805c726a add docs for uni auth in agent 2023-12-13 17:27:30 -05:00
Maidul Islam
6c4a6d31e4 Merge pull request from Infisical/identities-docs 
Update Identities Documentation + related API Reference Items
 2023-12-13 16:57:13 -05:00
Maidul Islam
e7b89b645f Merge branch 'main' into identities-docs 2023-12-13 16:56:35 -05:00
Maidul Islam
b60cf2eb07 make minor updates to auth docs 2023-12-13 16:52:57 -05:00
Maidul Islam
cf5a79995f revert defaults to 30 days 2023-12-13 16:52:23 -05:00
Maidul Islam
c51f09fd3a Merge pull request from Infisical/patch-3 
sync package.lock frontend
 2023-12-13 14:45:48 -05:00
Tuan Dang
6cda14328b Update getting started guide for fetching secrets via API 2023-12-12 17:59:56 +07:00
Tuan Dang
b551ee50e7 Fix merge conflicts 2023-12-12 15:50:14 +07:00
Tuan Dang
93aeacc6b6 Add API reference docs for identity / universal auth endpoints 2023-12-12 13:42:17 +07:00
Tuan Dang
5f29562fad Update existing endpoints in API reference to support Identities, update Identities docs 2023-12-11 20:01:32 +07:00
1396 changed files with 119551 additions and 81116 deletions
.github/workflows
build-docker-image-to-prod.ymlrelease-standalone-docker-img-postgres-offical.ymlrelease-standalone-docker-img.yml
.gitignore.goreleaser.yamlDockerfile.standalone-infisicalMakefileREADME.md
backend-mongo
.dockerignore.eslintignore.eslintrc.prettierrcDockerfileenvironment.d.tshealthcheck.js
img
dashboard.png
jest.config.tsnodemon.jsonpackage-lock.jsonpackage.jsonspec.json
src
bootstrap.ts
config
index.tsrequest.tsserverConfig.tsstorage.ts
controllers
v1
adminController.tsauthController.tsbotController.tsindex.tsintegrationAuthController.tsintegrationController.tskeyController.tsmembershipController.tsmembershipOrgController.tsorganizationController.tspasswordController.tssecretController.tssecretImpsController.tssecretScanningController.tssecretsFolderController.tsserviceTokenController.tssignupController.tsuniversalAuthController.tsuserActionController.tsuserController.tswebhookController.tsworkspaceController.ts
v2
authController.tsenvironmentController.tsindex.tsmembershipController.tsorganizationsController.tssecretController.tssecretsController.tsserviceTokenDataController.tssignupController.tstagController.tsusersController.tsworkspaceController.ts
v3
authController.tsindex.tssecretsController.tssignupController.tsusersController.tsworkspacesController.ts
data
disposable_emails.txt
ee
LICENSE
controllers
v1
cloudProductsController.tsidentitiesController.tsindex.tsmembershipController.tsorganizationsController.tsroleController.tssecretApprovalPolicyController.tssecretApprovalRequestsController.tssecretController.tssecretRotationController.tssecretRotationProviderController.tssecretSnapshotController.tsssoController.tsusersController.tsworkspaceController.ts
v3
apiKeyDataController.tsindex.ts
helpers
checkMembershipPermissions.tsorganizations.tssecret.tssecretVersion.ts
models
auditLog
auditLog.tsenums.tsindex.tstypes.ts
folderVersion.tsgitAppInstallationSession.tsgitAppOrganizationInstallation.tsgitRisks.tsindex.tsrole.tssecretApprovalPolicy.tssecretApprovalRequest.tssecretSnapshot.tssecretVersion.tsssoConfig.tstrustedIp.ts
routes
v1
cloudProducts.tsidentities.tsindex.tsorganizations.tsrole.tssecret.tssecretApprovalPolicy.tssecretApprovalRequest.tssecretRotation.tssecretRotationProvider.tssecretScanning.tssecretSnapshot.tssso.tsusers.tsworkspace.ts
v3
apiKeyData.tsindex.ts
secretRotation
db.tsmodels.ts
queue
queue.tsqueue.utils.ts
service.ts
templates
index.tsmysql.tspostgres.tssendgrid.ts
types.ts
services
EEAuditLogService.tsEELicenseService.tsEESecretService.ts
GithubSecretScanning
GithubSecretScanningService.tshelper.tstypes.ts
ProjectRoleService.tsRoleService.tsSecretApprovalService.tsindex.ts
validation
role.tssecretApproval.tssecretApprovalRequest.tssecretRotation.tssecretRotationProvider.ts
events
index.tsintegration.tssecret.ts
helpers
auth.tsbot.tsbotOrg.tsdatabase.tsevent.tsindex.tsintegration.tskey.tsmembership.tsmembershipOrg.tsnodemailer.tsorganization.tsrateLimiter.tsreminder.tssecret.tssecrets.tssignup.tstoken.tsuser.tsvalidation.tsworkspace.ts
index.ts
integrations
apps.tsexchange.tsindex.tsrefresh.tsrevoke.tssync.tsteams.ts
interfaces
middleware
index.ts
services
BotService
index.ts
SecretService
index.ts
utils
crypto.tsindex.ts
middleware
index.tsrequestErrorHandler.tsrequireAuth.tsrequireBlindIndicesEnabled.tsrequireE2EEOff.tsrequireMfaAuth.tsrequireSecretAuth.tsrequireSecretsAuth.tsrequireServiceTokenAuth.tsrequireSignupAuth.tsrequireSuperAdminAccess.tsrequireWorkspaceAuth.tsserverAdmin.tsvalidateRequest.ts
models
apiKeyData.tsapiKeyDataV2.tsbackupPrivateKey.tsbot.tsbotKey.tsbotOrg.tsfolder.tsidentity.tsidentityAccessToken.tsidentityMembership.tsidentityMembershipOrg.tsidentityUniversalAuth.tsidentityUniversalAuthClientSecret.tsincidentContactOrg.tsindex.ts
integration
index.tsintegration.tstypes.ts
integrationAuth
index.tsintegrationAuth.tstypes.ts
key.tsloginSRPDetail.tsmembership.tsmembershipOrg.tsorganization.tssecret.tssecretBlindIndexData.tssecretImports.tsserverConfig.tsserviceToken.tsserviceTokenData.tstag.tstoken.tstokenData.tstokenVersion.tsuser.tsuserAction.tswebhooks.tsworkspace.ts
queues
integrations
syncSecretsToThirdPartyServices.ts
reminders
sendSecretReminders.ts
secret-scanning
githubScanFullRepository.tsgithubScanPushEvent.ts
routes
status
index.tsstatus.ts
v1
admin.tsauth.tsbot.tsindex.tsintegration.tsintegrationAuth.tsinviteOrg.tskey.tsmembership.tsmembershipOrg.tsorganization.tspassword.tssecret.tssecretImps.tssecretsFolder.tsserviceToken.tssignup.tssso.tsuniversalAuth.tsuser.tsuserAction.tswebhook.tsworkspace.ts
v2
auth.tsenvironment.tsindex.tsmembership.tsorganizations.tssecret.tssecrets.tsserviceTokenData.tssignup.tstags.tsusers.tsworkspace.ts
v3
auth.tsindex.tssecrets.tssignup.tsusers.tsworkspaces.ts
services
BotOrgService.tsBotService.tsDatabaseService.tsEventService.tsFolderService.tsIntegrationService.tsRedisService.tsSecretImportService.tsSecretService.tsTelemetryService.tsTokenService.tsWebhookService.tshealth.tsindex.tssmtp.ts
templates
emailMfa.handlebarsemailVerification.handlebarshistoricalSecretLeakIncident.handlebarsnewDevice.handlebarsorganizationInvitation.handlebarspasswordReset.handlebarssecretLeakIncident.handlebarssecretReminder.handlebarsworkspaceInvitation.handlebars
types
express
index.d.ts
secret
index.d.ts
utils
addDevelopmentUser.tsaes-gcm.ts
authn
authModeValidators
apiKey.tsapiKeyV2.tsidentity.tsindex.tsjwt.tsserviceTokenV2.ts
helpers
authDataExtractors.tsindex.ts
passport
github.tsgitlab.tsgoogle.tshelpers.tsindex.tssaml.ts
crypto
index.ts
errors.tsfolder.ts
ip
index.tsip.ts
logging
index.tslogger.ts
posthog.tsrequestError.ts
setup
backfillData.tsindex.tsreencryptData.tsvalidateConfig.ts
validation
action.tsadmin.tsapiKeyDataV3.tsauth.tsbot.tscloudProducts.tsenvironments.tsfolders.tshasuraCloudIntegration.tsidentities.tsindex.tsintegration.tsintegrationAuth.tskey.tsmembership.tsmembershipOrg.tsorganization.tssecretImports.tssecretScanning.tssecretSnapshot.tssecrets.tsserviceTokenData.tssso.tstags.tsuser.tswebhooks.tsworkspace.ts
variables
authentication.tscrypto.tsenvironment.tsevent.tsindex.tsintegration.tsorganization.tspermission.tssecret.tssmtp.tstoken.tsuser.ts
swagger
index.ts
test-resources
docker-compose.test.ymlenv-vars.js
tests
data
batch-create-secrets-with-some-missing-params.jsonbatch-secrets-no-override.jsonbatch-secrets-with-overrides.json
helper
helper.ts
integration-tests/routes/v2
secrets.test.tsservice-tokens.ts
setupTests.ts
unit-tests/utils
crypto.test.tsposthog.test.ts
tsconfig.json
backend
.eslintignore.eslintrc.js.gitignore.prettierrc.jsonDockerfileDockerfile.dev
e2e-test
mocks
queue.tssmtp.ts
routes
v1
login.spec.tsorg.spec.tsproject-env.spec.tssecret-folder.spec.tssecret-import.spec.tsstatus.spec.ts
v3
secrets.spec.ts
vitest-environment-knex.ts
nodemon.jsonpackage-lock.jsonpackage.json
scripts
create-backend-file.tscreate-migration.tscreate-seed-file.tsgenerate-schema-types.ts
src
@types
fastify-zod.d.tsfastify.d.tsknex.d.tspassport-gitlab2.d.ts
cache
redis.ts
db
index.tsinstance.tsknexfile.ts
migrations
20231128072457_user.ts20231128092347_user-encryption-key.ts20231129072939_auth-token.ts20231130072734_auth-token-session.ts20231201151432_backup-key.ts20231204092737_organization.ts20231204092747_org-membership.ts20231205151331_incident-contact.ts20231207055643_user-action.ts20231207055701_super-admin.ts20231207105059_api-key.ts20231212110939_project.ts20231212110946_project-membership.ts20231218092441_secret-folder.ts20231218092508_secret-import.ts20231218092517_secret-tag.ts20231218103423_secret.ts20231220052508_secret-version.ts20231222092113_project-bot.ts20231222172455_integration.ts20231225072545_service-token.ts20231225072552_webhook.ts20231228074856_identity.ts20231228074908_identity-universal-auth.ts20231228075011_identity-access-token.ts20231228075023_identity-membership.ts20240101054849_secret-approval-policy.ts20240101104907_secret-approval-request.ts20240102152111_secret-rotation.ts20240104140641_secret-snapshot.ts20240107153439_saml-config.ts20240107163155_org-bot.ts20240108134148_audit-log.ts20240111051011_secret-scanning.ts20240113103743_trusted-ip.ts
schemas
api-keys.tsaudit-logs.tsauth-token-sessions.tsauth-tokens.tsbackup-private-key.tsgit-app-install-sessions.tsgit-app-org.tsidentities.tsidentity-access-tokens.tsidentity-org-memberships.tsidentity-project-memberships.tsidentity-ua-client-secrets.tsidentity-universal-auths.tsincident-contacts.tsindex.tsintegration-auths.tsintegrations.tsmodels.tsorg-bots.tsorg-memberships.tsorg-roles.tsorganizations.tsproject-bots.tsproject-environments.tsproject-keys.tsproject-memberships.tsproject-roles.tsprojects.tssaml-configs.tssecret-approval-policies-approvers.tssecret-approval-policies.tssecret-approval-request-secret-tags.tssecret-approval-requests-reviewers.tssecret-approval-requests-secrets.tssecret-approval-requests.tssecret-blind-indexes.tssecret-folder-versions.tssecret-folders.tssecret-imports.tssecret-rotation-outputs.tssecret-rotations.tssecret-scanning-git-risks.tssecret-snapshot-folders.tssecret-snapshot-secrets.tssecret-snapshots.tssecret-tag-junction.tssecret-tags.tssecret-version-tag-junction.tssecret-versions.tssecrets.tsservice-tokens.tssuper-admin.tstrusted-ips.tsuser-actions.tsuser-encryption-keys.tsusers.tswebhooks.ts
seed-data.ts
seeds
1-user.ts2-org.ts3-project.ts
utils.ts
ee
LICENSE.md
routes/v1
index.tslicense-router.tsorg-role-router.tsproject-role-router.tsproject-router.tssaml-router.tssecret-approval-policy-router.tssecret-approval-request-router.tssecret-rotation-provider-router.tssecret-rotation-router.tssecret-scanning-router.tssecret-version-router.tssnapshot-router.tstrusted-ip-router.ts
services
audit-log
audit-log-dal.tsaudit-log-queue.tsaudit-log-service.tsaudit-log-types.ts
license
licence-fns.tslicense-dal.tslicense-service.tslicense-types.ts
permission
org-permission.tspermission-dal.tspermission-service.tspermission-types.tsproject-permission.ts
saml-config
saml-config-dal.tssaml-config-service.tssaml-config-types.ts
secret-approval-policy
secret-approval-policy-approver-dal.tssecret-approval-policy-dal.tssecret-approval-policy-service.tssecret-approval-policy-types.ts
secret-approval-request
secret-approval-request-dal.tssecret-approval-request-reviewer-dal.tssecret-approval-request-secret-dal.tssecret-approval-request-service.tssecret-approval-request-types.ts
secret-rotation
secret-rotation-dal.ts
secret-rotation-queue
index.tssecret-rotation-queue-fn.tssecret-rotation-queue-types.tssecret-rotation-queue.ts
secret-rotation-service.tssecret-rotation-types.ts
templates
index.tsmysql.tspostgres.tssendgrid.tstypes.ts
secret-scanning
git-app-dal.tsgit-app-install-session-dal.tssecret-scanning-dal.ts
secret-scanning-queue
index.tssecret-scanning-fns.tssecret-scanning-queue-types.tssecret-scanning-queue.ts
secret-scanning-service.tssecret-scanning-types.ts
secret-snapshot
secret-snapshot-service.tssecret-snapshot-types.tssnapshot-dal.tssnapshot-folder-dal.tssnapshot-secret-dal.ts
trusted-ip
trusted-ip-dal.tstrusted-ip-service.tstrusted-ip-types.ts
lib
casl
index.ts
config
env.tsrequest.ts
crypto
encryption.tsindex.tssrp.ts
dates
index.ts
errors
index.ts
fn
array.tsindex.tsobject.tsstring.ts
ip
index.ts
knex
index.tsjoin.tsselect.ts
logger
index.tslogger.ts
nanoid
index.ts
picomatch
index.ts
requests
github.ts
types
index.ts
validator
disposable_emails.txtindex.tsvalidate-email.ts
zod
index.ts
main.ts
queue
index.tsqueue-service.ts
server
app.tsboot-strap-check.ts
config
rateLimiter.ts
plugins
audit-log.ts
auth
inject-identity.tsinject-permission.tssuperAdmin.tsverify-auth.ts
error-handler.tsexternal-nextjs.tsfastify-zod.tsip.tssecret-scanner.tsswagger.ts
routes
index.tssanitizedSchemas.ts
v1
admin-router.tsauth-router.tsbot-router.tsidentity-access-token-router.tsidentity-router.tsidentity-ua.tsindex.tsintegration-auth-router.tsintegration-router.tsinvite-org-router.tsorganization-router.tspassword-router.tsproject-env-router.tsproject-key-router.tsproject-membership-router.tsproject-router.tssecret-folder-router.tssecret-import-router.tssecret-tag-router.tssso-router.tsuser-action-router.tsuser-router.tswebhook-router.ts
v2
identity-org-router.tsidentity-project-router.tsindex.tsmfa-router.tsorganization-router.tsproject-router.tsservice-token-router.tsuser-router.ts
v3
index.tslogin-router.tssecret-blind-index-router.tssecret-router.tssignup-router.tsuser-router.ts
services
api-key
api-key-dal.tsapi-key-service.tsapi-key-types.ts
auth-token
auth-token-dal.tsauth-token-service.tsauth-token-types.ts
auth
auth-dal.tsauth-fns.tsauth-login-service.tsauth-login-type.tsauth-password-service.tsauth-password-type.tsauth-signup-service.tsauth-signup-type.tsauth-type.ts
identity-access-token
identity-access-token-dal.tsidentity-access-token-service.tsidentity-access-token-types.ts
identity-project
identity-project-dal.tsidentity-project-service.tsidentity-project-types.ts
identity-ua
identity-ua-client-secret-dal.tsidentity-ua-dal.tsidentity-ua-service.tsidentity-ua-types.ts
identity
identity-dal.tsidentity-org-dal.tsidentity-service.tsidentity-types.ts
integration-auth
integration-app-list.tsintegration-auth-dal.tsintegration-auth-service.tsintegration-auth-types.tsintegration-list.tsintegration-sync-secret.tsintegration-team.tsintegration-token.ts
integration
integration-dal.tsintegration-service.tsintegration-types.ts
org
incident-contacts-dal.tsorg-bot-dal.tsorg-dal.tsorg-role-dal.tsorg-role-service.tsorg-service.tsorg-types.ts
project-bot
project-bot-dal.tsproject-bot-service.tsproject-bot-types.ts
project-env
project-env-dal.tsproject-env-service.tsproject-env-types.ts
project-key
project-key-dal.tsproject-key-service.tsproject-key-types.ts
project-membership
project-membership-dal.tsproject-membership-service.tsproject-membership-types.ts
project-role
project-role-dal.tsproject-role-service.tsproject-role-types.ts
project
project-dal.tsproject-service.tsproject-types.ts
secret-blind-index
secret-blind-index-dal.tssecret-blind-index-service.tssecret-blind-index-types.ts
secret-folder
secret-folder-dal.tssecret-folder-service.tssecret-folder-types.tssecret-folder-version-dal.ts
secret-import
secret-import-dal.tssecret-import-fns.tssecret-import-service.tssecret-import-types.ts
secret-tag
secret-tag-dal.tssecret-tag-service.tssecret-tag-types.ts
secret
secret-dal.tssecret-fns.tssecret-queue.tssecret-service.tssecret-types.tssecret-version-dal.tssecret-version-tag-dal.ts
service-token
service-token-dal.tsservice-token-service.tsservice-token-types.ts
smtp
smtp-service.ts
templates
emailMfa.handlebarsemailVerification.handlebarshistoricalSecretLeakIncident.handlebarsnewDevice.handlebarsorganizationInvitation.handlebarspasswordReset.handlebarssecretLeakIncident.handlebarssecretReminder.handlebarsworkspaceInvitation.handlebars
super-admin
super-admin-dal.tssuper-admin-service.tssuper-admin-types.ts
telemetry
telemetry-service.tstelemetry-types.ts
user
user-dal.tsuser-service.tsuser-types.ts
webhook
webhook-dal.tswebhook-fns.tswebhook-service.tswebhook-types.ts
utils/authn/helpers
index.ts
tsconfig.jsontsup.config.jsvitest.e2e.config.ts
cli
docker
Dockerfilealpine
packages
api
api.go
cmd
agent.goexport.gorun.gosecrets.go
util
config.gohelper.gosecrets.go
docker-compose.pg.yml
docs
api-reference
endpoints
environments
create.mdx
identities
create.mdxdelete.mdxupdate.mdx
organizations
delete-membership.mdxlist-identity-memberships.mdxmemberships.mdxupdate-membership.mdxworkspaces.mdx
service-tokens
get.mdx
universal-auth
attach.mdxcreate-client-secret.mdxlist-client-secrets.mdxlogin.mdxrenew-access-token.mdxretrieve.mdxrevoke-client-secret.mdxupdate.mdx
users
me.mdxmy-organizations.mdx
workspaces
delete-identity-membership.mdxdelete-membership.mdxlist-identity-memberships.mdxmemberships.mdxupdate-identity-membership.mdxupdate-membership.mdxworkspace-key.mdx
overview
authentication.mdxblind-indices.mdx
examples
e2ee-enabled.mdx
introduction.mdx
changelog
overview.mdx
cli/commands
run.mdx
contributing
getting-started
code-of-conduct.mdxfaq.mdxoverview.mdxpull-requests.mdx
platform
developing.mdx
sdk
developing.mdx
documentation
getting-started
api.mdxsdks.mdx
guides
nextjs-vercel.mdxnode.mdxpython.mdx
platform
identities
overview.mdxuniversal-auth.mdx
identity.mdxproject.mdxsecret-reference.mdx
sso
azure.mdxgithub.mdxgitlab.mdxgoogle.mdxjumpcloud.mdxokta.mdxoverview.mdx
images
getting-started/api
org-create-project-1.pngorg-create-project-2.pngproject-create-secret.pngproject-dashboard.pngproject-explore-env.png
platform
identities
identities-org-client-secret-create-1.pngidentities-org-client-secret-create-2.pngidentities-org-client-secret.pngidentities-org-create-auth-method.pngidentities-org-create.pngidentities-org.pngidentities-project-create.pngidentities-project.png
machine-identity
machine-identity-org-client-secret-create-1.pngmachine-identity-org-client-secret-create-2.pngmachine-identity-org-client-secret.pngmachine-identity-org-create.pngmachine-identity-org.pngmachine-identity-project-create.pngmachine-identity-project.png
sdk-flow.png
self-hosting/deployment-options
aws-lightsail
awsl-container-service-overview.pngawsl-create-container-service-capacity.pngawsl-create-container-service-deployment.pngawsl-create-container-service-envars.pngawsl-create-container-service-public-endpoint.pngawsl-create-container-service-summary.pngawsl-create-container-service.pngawsl-select-lightsail.png
azure-app-services
aas-app-service-configuration.pngaas-app-service-deployment-complete.pngaas-app-service-overview.pngaas-create-app-service-basics.pngaas-create-app-service-docker.pngaas-create-app-service-review.pngaas-create-app-service.pngaas-select-app-services.png
azure-container-instances
aci-container-instance-overview.pngaci-create-container-instance-advanced.pngaci-create-container-instance-basics-1.pngaci-create-container-instance-basics-2.pngaci-create-container-instance-networking.pngaci-create-container-instance-review.pngaci-create-container-instance.pngaci-select-container-instances.png
flyio
flyio-secrets.png
gcp-cloud-run
gcp-cloud-run-create-project-2.pnggcp-cloud-run-create-project.pnggcp-cloud-run-create-service-docker-image.pnggcp-cloud-run-create-service-envars.pnggcp-cloud-run-create-service.pnggcp-cloud-run-select-cloud-run.pnggcp-cloud-run-service-details.png
railway
railway-create-project.pngrailway-deploy-template-infisical.pngrailway-deploy-template.pngrailway-infisical-architecture.pngrailway-infisical-service.pngrailway-template-infisical.pngrailway-template-mongodb.pngrailway-template-overview.pngrailway-template-redis.png
infisical-agent
overview.mdx
integrations
cicd
bitbucket.mdxcircleci.mdxcodefresh.mdxgithubactions.mdxgitlab.mdxtravisci.mdx
cloud
aws-parameter-store.mdxaws-secret-manager.mdxazure-key-vault.mdxcheckly.mdxcloudflare-pages.mdxcloudflare-workers.mdxflyio.mdxgcp-secret-manager.mdxhasura-cloud.mdxheroku.mdxlaravel-forge.mdxnetlify.mdxnorthflank.mdxqovery.mdxrailway.mdxrender.mdxsupabase.mdxteamcity.mdxterraform-cloud.mdxvercel.mdxwindmill.mdx
internals
components.mdx
mint.json
sdks
languages
csharp.mdxgo.mdxjava.mdxnode.mdxphp.mdxpython.mdxruby.mdxrust.mdx
overview.mdx
self-hosting
configuration
envars.mdx
deployment-options
aws-lightsail.mdxazure-app-services.mdxazure-container-instances.mdxdocker-compose.mdxfly.io.mdxgcp-cloud-run.mdxkubernetes-helm.mdxrailway.mdxstandalone-infisical.mdx
overview.mdx
spec.yaml
frontend
.eslintrc.jspackage-lock.jsonpackage.json
public
data
frequentInterfaces.ts
images
infisical-update-december-2023.pngmaintenance.png
src
components
AddTagPopoverContent
AddTagPopoverContent.tsx
basic
dialog
UpgradePlan.tsx
table
ProjectUsersTable.tsx
dashboard
AddTagsMenu.tsxKeyPair.tsx
navigation
NavHeader.tsx
signup
DonwloadBackupPDFStep.tsxUserInfoStep.tsx
tags/CreateTagModal
CreateTagModal.tsx
utilities
config
index.ts
intercom
intercom.ts
v2
Alert
Alert.tsx
ContentLoader
ContentLoader.tsx
UpgradePlanModal
UpgradePlanModal.tsx
context
OrgPermissionContext
OrgPermissionContext.tsx
OrganizationContext
OrganizationContext.tsx
ProjectPermissionContext
ProjectPermissionContext.tsx
ServerConfigContext
ServerConfigContext.tsx
SubscriptionContext
SubscriptionContext.tsx
UserContext
UserContext.tsx
WorkspaceContext
WorkspaceContext.tsx
helpers
project.ts
hooks/api
admin
types.ts
apiKeys
types.ts
auditLogs
constants.tsxenums.tsxtypes.tsx
auth
queries.tsx
bots
types.ts
identities
enums.tsxtypes.ts
incidentContacts
queries.tsxtypes.ts
integrationAuth
index.tsxqueries.tsxtypes.ts
integrations
queries.tsxtypes.ts
keys
queries.tsxtypes.ts
organization
types.ts
roles
index.tsxmutation.tsxqueries.tsxtypes.ts
secretApproval
types.ts
secretApprovalRequest
queries.tsxtypes.ts
secretFolders
queries.tsxtypes.ts
secretImports
mutation.tsxqueries.tsxtypes.ts
secretRotation
types.ts
secretSnapshots
queries.tsxtypes.ts
secrets
queries.tsxtypes.ts
serviceTokens
queries.tsxtypes.ts
ssoConfig
queries.tsx
subscriptions
types.ts
tags
queries.tsxtypes.ts
trustedIps
types.ts
types.ts
users
mutation.tsxqueries.tsxtypes.ts
webhooks
types.ts
workspace
index.tsxqueries.tsxtypes.ts
layouts
AdminLayout
AdminLayout.tsx
AppLayout
AppLayout.tsx
components/NavBar
NavBar.tsx
pages
api/secret-scanning
createSecretScanningSession.tsgetInstallationStatus.tsgetRisksByOrganization.ts
dashboard.tsx
integrations
aws-parameter-store
authorize.tsxcreate.tsx
aws-secret-manager
authorize.tsxcreate.tsx
azure-key-vault
create.tsx
oauth2
callback.tsx
bitbucket
create.tsx
oauth2
callback.tsx
checkly
authorize.tsxcreate.tsx
circleci
authorize.tsxcreate.tsx
cloud-66
authorize.tsxcreate.tsx
cloudflare-pages
authorize.tsxcreate.tsx
cloudflare-workers
authorize.tsxcreate.tsx
codefresh
authorize.tsxcreate.tsx
digital-ocean-app-platform
authorize.tsxcreate.tsx
flyio
authorize.tsxcreate.tsx
gcp-secret-manager
authorize.tsxcreate.tsx
oauth2
callback.tsx
github
create.tsx
oauth2
callback.tsx
gitlab
authorize.tsxcreate.tsx
oauth2
callback.tsx
hashicorp-vault
authorize.tsxcreate.tsx
hasura-cloud
authorize.tsxcreate.tsx
heroku
create.tsx
oauth2
callback.tsx
laravel-forge
authorize.tsxcreate.tsx
netlify
create.tsx
oauth2
callback.tsx
northflank
authorize.tsxcreate.tsx
qovery
authorize.tsxcreate.tsx
railway
authorize.tsxcreate.tsx
render
authorize.tsxcreate.tsx
supabase
authorize.tsxcreate.tsx
teamcity
authorize.tsxcreate.tsx
terraform-cloud
authorize.tsxcreate.tsx
travisci
authorize.tsxcreate.tsx
vercel
create.tsx
oauth2
callback.tsx
windmill
authorize.tsxcreate.tsx
org/[id]
overview
index.tsx
secret-scanning
index.tsx
signup
index.tsx
signupinvite.tsx
views
IntegrationsPage
IntegrationsPage.tsx
components/IntegrationsSection
IntegrationsSection.tsx
Login
Login.utils.tsx
components
InitialStep
InitialStep.tsx
MFAStep
MFAStep.tsx
PasswordStep
PasswordStep.tsx
Org
MembersPage
MembersPage.tsx
components
OrgIdentityTab/components/IdentitySection
IdentityModal.tsxIdentitySection.tsxIdentityTable.tsxIdentityUniversalAuthClientSecretModal.tsxIdentityUniversalAuthForm.tsx
OrgMembersTab/components/OrgMembersSection
AddOrgMemberModal.tsxOrgMembersSection.tsxOrgMembersTable.tsx
OrgMembersTable
OrgMembersTable.tsx
OrgRoleTabSection
OrgRoleModifySection
OrgRoleModifySection.tsxOrgRoleModifySection.utils.ts
OrgRoleTabSection.tsxOrgRoleTable.tsx
components
CreateOrgModal.tsx
Project
AuditLogsPage/components
LogsFilter.tsxLogsTable.tsxLogsTableRow.tsx
IPAllowListPage/components
IPAllowlistModal.tsxIPAllowlistSection.tsxIPAllowlistTable.tsx
MembersPage/components
IdentityTab/components/IdentitySection
IdentityModal.tsxIdentitySection.tsxIdentityTable.tsx
MemberListTab
MemberListTab.tsx
ProjectRoleListTab
ProjectRoleListTab.tsx
components
ProjectRoleList
ProjectRoleList.tsx
ProjectRoleModifySection
ProjectRoleModifySection.tsxProjectRoleModifySection.utils.ts
ServiceTokenTab/components/ServiceTokenSection
AddServiceTokenModal.tsxServiceTokenTable.tsx
SecretApprovalPage
SecretApprovalPage.tsx
components
SecretApprovalPolicyList
SecretApprovalPolicyList.tsx
components
SecretApprovalPolicyRow.tsxSecretPolicyForm.tsx
SecretApprovalRequest
SecretApprovalRequest.tsx
components
SecretApprovalRequestAction.tsxSecretApprovalRequestChangeItem.tsxSecretApprovalRequestChanges.tsx
SecretMainPage
SecretMainPage.tsx
components
ActionBar
ActionBar.tsxCreateSecretImportForm.tsx
FolderListView
FolderListView.tsx
PitDrawer
PitDrawer.tsx
SecretDropzone
CopySecretsFromBoard.tsxSecretDropzone.tsx
SecretImportListView
SecretImportItem.tsxSecretImportListView.tsx
SecretListView
SecretDetaiSidebar.tsxSecretItem.tsxSecretListView.tsxSecretListView.utils.ts
SnapshotView
SecretItem.tsxSnapshotView.tsx
SecretOverviewPage
SecretOverviewPage.tsx
components
ProjectIndexSecretsSection
ProjectIndexSecretsSection.tsx
SecretOverviewTableRow
SecretOverviewTableRow.tsx
SecretRotationPage
SecretRotationPage.tsx
components/CreateRotationForm
CreateRotationForm.tsx
steps
RotationOutputForm.tsx
SecretScanning/components
SecretScanningLogsTable.tsx
Settings
BillingSettingsPage/components
BillingCloudTab
CurrentPlanSection.tsxManagePlansTable.tsxPreviewSection.tsx
BillingDetailsTab
CompanyNameSection.tsxInvoiceEmailSection.tsxPmtMethodsSection.tsxPmtMethodsTable.tsxTaxIDModal.tsxTaxIDTable.tsx
BillingReceiptsTab
InvoicesTable.tsx
BillingSelfHostedTab
LicensesSection.tsx
OrgSettingsPage/components
OrgAuthTab
OrgSSOSection.tsxSSOModal.tsx
OrgDeleteSection
OrgDeleteSection.tsx
OrgIncidentContactsSection
AddOrgIncidentContactModal.tsxOrgIncidentContactsTable.tsx
OrgNameChangeSection
OrgNameChangeSection.tsx
PersonalSettingsPage
APIKeySection
APIKeyTable.tsx
APIKeyV2Section
APIKeyV2Table.tsx
SessionsSection
SessionsTable.tsx
UserNameSection
UserNameSection.tsx
ProjectSettingsPage/components
AutoCapitalizationSection
AutoCapitalizationSection.tsx
DeleteProjectSection
DeleteProjectSection.tsx
E2EESection
E2EESection.tsx
EnvironmentSection
AddEnvironmentModal.tsxEnvironmentSection.tsxEnvironmentTable.tsxUpdateEnvironmentModal.tsx
ProjectNameChangeSection
ProjectNameChangeSection.tsx
SecretTagsSection
AddSecretTagModal.tsxSecretTagsSection.tsxSecretTagsTable.tsx
WebhooksTab
WebhooksTab.tsx
Signup
SignupSSO.tsx
components/UserInfoSSOStep
UserInfoSSOStep.tsx
admin
DashboardPage
DashboardPage.tsx
SignUpPage
SignUpPage.tsx
tsconfig.jsontsconfig.tsbuildinfo
helm-charts
infisical-standalone-postgres
.gitignore.helmignoreChart.lockChart.yaml
templates
NOTES.txt_helpers.tplinfisical-deployment.yamlingress.yaml
values.yaml
secrets-operator
Chart.yaml
k8-operator/controllers
infisicalsecret_helper.go
package-lock.jsonpackage.json
pg-migrator
.gitignorepackage-lock.jsonpackage.json
src
@types
knex.d.ts
audit-log-migrator.tsfolder.tsindex.ts
migrations
20231128072457_user.ts20231128092347_user-encryption-key.ts20231129072939_auth-token.ts20231130072734_auth-token-session.ts20231201151432_backup-key.ts20231204092737_organization.ts20231204092747_org-membership.ts20231205151331_incident-contact.ts20231207055643_user-action.ts20231207055701_super-admin.ts20231207105059_api-key.ts20231212110939_project.ts20231212110946_project-membership.ts20231218092441_secret-folder.ts20231218092508_secret-import.ts20231218092517_secret-tag.ts20231218103423_secret.ts20231220052508_secret-version.ts20231222092113_project-bot.ts20231222172455_integration.ts20231225072545_service-token.ts20231225072552_webhook.ts20231228074856_identity.ts20231228074908_identity-universal-auth.ts20231228075011_identity-access-token.ts20231228075023_identity-membership.ts20240101054849_secret-approval-policy.ts20240101104907_secret-approval-request.ts20240102152111_secret-rotation.ts20240104140641_secret-snapshot.ts20240107153439_saml-config.ts20240107163155_org-bot.ts20240108134148_audit-log.ts20240111051011_secret-scanning.ts20240113103743_trusted-ip.ts
models
apiKeyData.tsapiKeyDataV2.ts
auditLog
auditLog.tsenums.tsindex.tstypes.ts
backupPrivateKey.tsbot.tsbotKey.tsbotOrg.tsfolder.tsfolderVersion.tsgitAppInstallationSession.tsgitAppOrganizationInstallation.tsgitRisks.tsidentity.tsidentityAccessToken.tsidentityMembership.tsidentityMembershipOrg.tsidentityUniversalAuth.tsidentityUniversalAuthClientSecret.tsincidentContactOrg.tsindex.ts
integration
index.tsintegration.tstypes.ts
integrationAuth
index.tsintegrationAuth.tstypes.ts
key.tsloginSRPDetail.tsmembership.tsmembershipOrg.tsorganization.tsrole.tssecret.tssecretApprovalPolicy.tssecretApprovalRequest.tssecretBlindIndexData.tssecretImports.tssecretRotation.tssecretSnapshot.tssecretVersion.tsserverConfig.tsserviceToken.tsserviceTokenData.tsssoConfig.tstag.tstoken.tstokenData.tstokenVersion.tstrustedIp.tsuser.tsuserAction.tswebhooks.tsworkspace.ts
rollback.ts
schemas
api-keys.tsaudit-logs.tsauth-token-sessions.tsauth-tokens.tsbackup-private-key.tsgit-app-install-sessions.tsgit-app-org.tsidentities.tsidentity-access-tokens.tsidentity-org-memberships.tsidentity-project-memberships.tsidentity-ua-client-secrets.tsidentity-universal-auths.tsincident-contacts.tsindex.tsintegration-auths.tsintegrations.tsmodels.tsorg-bots.tsorg-memberships.tsorg-roles.tsorganizations.tsproject-bots.tsproject-environments.tsproject-keys.tsproject-memberships.tsproject-roles.tsprojects.tssaml-configs.tssecret-approval-policies-approvers.tssecret-approval-policies.tssecret-approval-request-secret-tags.tssecret-approval-requests-reviewers.tssecret-approval-requests-secrets.tssecret-approval-requests.tssecret-blind-indexes.tssecret-folder-versions.tssecret-folders.tssecret-imports.tssecret-rotation-outputs.tssecret-rotations.tssecret-scanning-git-risks.tssecret-snapshot-folders.tssecret-snapshot-secrets.tssecret-snapshots.tssecret-tag-junction.tssecret-tags.tssecret-version-tag-junction.tssecret-versions.tssecrets.tsservice-tokens.tssuper-admin.tstrusted-ips.tsuser-actions.tsuser-encryption-keys.tsusers.tswebhooks.ts
utils.ts
tsconfig.json
standalone-entrypoint.sh

1
.github/workflows/build-docker-image-to-prod.yml vendored

@ -3,6 +3,7 @@ on:
push:
tags:
- "infisical/v*.*.*"
- "!infisical/v*.*.*-postgres"
jobs:
backend-image:

57
.github/workflows/release-standalone-docker-img-postgres-offical.yml vendored Normal file

@ -0,0 +1,57 @@
name: Release standalone docker image
on:
push:
tags:
- "infisical/v*.*.*-postgres"
jobs:
infisical-standalone:
name: Build infisical standalone image postgres
runs-on: ubuntu-latest
steps:
- name: Extract version from tag
id: extract_version
run: echo "::set-output name=version::${GITHUB_REF_NAME#infisical/}"
- name: ☁️ Checkout source
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: 📦 Install dependencies to test all dependencies
run: npm ci --only-production
working-directory: backend
- name: version output
run: |
echo "Output Value: ${{ steps.version.outputs.major }}"
echo "Output Value: ${{ steps.version.outputs.minor }}"
echo "Output Value: ${{ steps.version.outputs.patch }}"
echo "Output Value: ${{ steps.version.outputs.version }}"
echo "Output Value: ${{ steps.version.outputs.version_type }}"
echo "Output Value: ${{ steps.version.outputs.increment }}"
- name: Save commit hashes for tag
id: commit
uses: pr-mpt/actions-commit-hash@v2
- name: 🔧 Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: 🐋 Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up Depot CLI
uses: depot/setup-action@v1
- name: 📦 Build backend and export to Docker
uses: depot/build-push-action@v1
with:
project: 64mmf0n610
token: ${{ secrets.DEPOT_PROJECT_TOKEN }}
push: true
context: .
tags: |
infisical/infisical:latest-postgres
infisical/infisical:${{ steps.commit.outputs.short }}
infisical/infisical:${{ steps.extract_version.outputs.version }}
platforms: linux/amd64,linux/arm64
file: Dockerfile.standalone-infisical
build-args: |
POSTHOG_API_KEY=${{ secrets.PUBLIC_POSTHOG_API_KEY }}
INFISICAL_PLATFORM_VERSION=${{ steps.extract_version.outputs.version }}

1
.github/workflows/release-standalone-docker-img.yml vendored

@ -3,6 +3,7 @@ on:
push:
tags:
- "infisical/v*.*.*"
- "!infisical/v*.*.*-postgres"
jobs:
infisical-standalone:

3
.gitignore vendored

@ -1,6 +1,7 @@
# backend
node_modules
.env
.env.test
.env.dev
.env.gamma
.env.prod
@ -61,4 +62,4 @@ yarn-error.log*
# Editor specific
.vscode/*
frontend-build
frontend-build

22
.goreleaser.yaml

@ -108,7 +108,7 @@ brews:
zsh_completion.install "completions/infisical.zsh" => "_infisical"
fish_completion.install "completions/infisical.fish"
man1.install "manpages/infisical.1.gz"
- name: 'infisical@{{.Version}}'
- name: "infisical@{{.Version}}"
tap:
owner: Infisical
name: homebrew-get-cli
@ -186,12 +186,14 @@ aurs:
# man pages
install -Dm644 "./manpages/infisical.1.gz" "${pkgdir}/usr/share/man/man1/infisical.1.gz"
# dockers:
# - dockerfile: cli/docker/Dockerfile
# goos: linux
# goarch: amd64
# ids:
# - infisical
# image_templates:
# - "infisical/cli:{{ .Version }}"
# - "infisical/cli:latest"
dockers:
- dockerfile: docker/alpine
goos: linux
goarch: amd64
ids:
- all-other-builds
image_templates:
- "infisical/cli:{{ .Version }}"
- "infisical/cli:{{ .Major }}.{{ .Minor }}"
- "infisical/cli:{{ .Major }}"
- "infisical/cli:latest"

12
Dockerfile.standalone-infisical

@ -2,7 +2,7 @@ ARG POSTHOG_HOST=https://app.posthog.com
ARG POSTHOG_API_KEY=posthog-api-key
ARG INTERCOM_ID=intercom-id
FROM node:16-alpine AS base
FROM node:20-alpine AS base
FROM base AS frontend-dependencies
@ -73,6 +73,7 @@ RUN npm ci --only-production
COPY /backend .
COPY --chown=non-root-user:nodejs standalone-entrypoint.sh standalone-entrypoint.sh
RUN npm i -D tsconfig-paths
RUN npm run build
# Production stage
@ -103,14 +104,17 @@ ENV NEXT_PUBLIC_INTERCOM_ID=$INTERCOM_ID \
WORKDIR /
COPY --from=backend-runner /app /backend
COPY --from=backend-runner /app/dist/services/smtp/templates /backend/dist/templates
COPY --from=frontend-runner /app ./backend/frontend-build
ENV PORT 8080
ENV HOST=0.0.0.0
ENV HTTPS_ENABLED false
ENV NODE_ENV production
ENV STANDALONE_BUILD true
ENV STANDALONE_MODE true
WORKDIR /backend
ENV TELEMETRY_ENABLED true
@ -119,10 +123,8 @@ HEALTHCHECK --interval=10s --timeout=3s --start-period=10s \
CMD node healthcheck.js
EXPOSE 8080
EXPOSE 443
USER non-root-user
CMD ["./standalone-entrypoint.sh"]

3
Makefile

@ -7,6 +7,9 @@ push:
up-dev:
docker-compose -f docker-compose.dev.yml up --build
up-pg-dev:
docker compose -f docker-compose.pg.yml up --build
i-dev:
infisical run -- docker-compose -f docker-compose.dev.yml up --build

2
README.md

@ -129,7 +129,7 @@ Note that this security address should be used only for undisclosed vulnerabilit
## Contributing
Whether it's big or small, we love contributions. Check out our guide to see how to [get started](https://infisical.com/docs/contributing/overview).
Whether it's big or small, we love contributions. Check out our guide to see how to [get started](https://infisical.com/docs/contributing/getting-started).
Not sure where to get started? You can:

11
backend-mongo/.dockerignore Normal file

@ -0,0 +1,11 @@
node_modules
.env
.env.*
.git
.gitignore
Dockerfile
.dockerignore
docker-compose.*
.DS_Store
*.swp
*~

2
backend-mongo/.eslintignore Normal file

@ -0,0 +1,2 @@
node_modules
built

0
backend/.eslintrc → backend-mongo/.eslintrc

0
backend/.prettierrc → backend-mongo/.prettierrc

33
backend-mongo/Dockerfile Normal file

@ -0,0 +1,33 @@
# Build stage
FROM node:16-alpine AS build
WORKDIR /app
COPY package*.json ./
RUN npm ci --only-production
COPY . .
RUN npm run build
# Production stage
FROM node:16-alpine
WORKDIR /app
ENV npm_config_cache /home/node/.npm
COPY package*.json ./
RUN npm ci --only-production && npm cache clean --force
COPY --from=build /app .
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical=0.8.1 && apk add --no-cache git
HEALTHCHECK --interval=10s --timeout=3s --start-period=10s \
CMD node healthcheck.js
EXPOSE 4000
CMD ["node", "build/index.js"]

0
backend/environment.d.ts → backend-mongo/environment.d.ts vendored

0
backend/healthcheck.js → backend-mongo/healthcheck.js

0
backend/img/dashboard.png → backend-mongo/img/dashboard.png

Side by Side Swipe Overlay

Before

(image error) Size: 493 KiB

After

(image error) Size: 493 KiB

0
backend/jest.config.ts → backend-mongo/jest.config.ts

6
backend-mongo/nodemon.json Normal file

@ -0,0 +1,6 @@
{
"watch": ["src"],
"ext": ".ts,.js",
"ignore": [],
"exec": "ts-node ./src/index.ts"
}

32861
backend-mongo/package-lock.json generated Normal file

File diff suppressed because it is too large Load Diff

148
backend-mongo/package.json Normal file

@ -0,0 +1,148 @@
{
"dependencies": {
"@aws-sdk/client-secrets-manager": "^3.319.0",
"@casl/ability": "^6.5.0",
"@casl/mongoose": "^7.2.1",
"@godaddy/terminus": "^4.12.0",
"@node-saml/passport-saml": "^4.0.4",
"@octokit/rest": "^19.0.5",
"@sentry/node": "^7.77.0",
"@sentry/tracing": "^7.48.0",
"@serdnam/pino-cloudwatch-transport": "^1.0.4",
"@types/crypto-js": "^4.1.1",
"@types/libsodium-wrappers": "^0.7.10",
"@ucast/mongo2js": "^1.3.4",
"ajv": "^8.12.0",
"argon2": "^0.30.3",
"aws-sdk": "^2.1364.0",
"axios": "^1.6.0",
"axios-retry": "^3.4.0",
"bcrypt": "^5.1.0",
"bigint-conversion": "^2.4.0",
"cookie-parser": "^1.4.6",
"cors": "^2.8.5",
"crypto-js": "^4.2.0",
"dotenv": "^16.0.1",
"express": "^4.18.1",
"express-async-errors": "^3.1.1",
"express-rate-limit": "^6.7.0",
"express-validator": "^6.14.2",
"handlebars": "^4.7.7",
"helmet": "^5.1.1",
"infisical-node": "^1.2.1",
"ioredis": "^5.3.2",
"jmespath": "^0.16.0",
"js-yaml": "^4.1.0",
"jsonwebtoken": "^9.0.0",
"jsrp": "^0.2.4",
"libsodium-wrappers": "^0.7.10",
"lodash": "^4.17.21",
"mongoose": "^7.4.1",
"mysql2": "^3.6.2",
"nanoid": "^3.3.6",
"node-cache": "^5.1.2",
"nodemailer": "^6.8.0",
"ora": "^5.4.1",
"passport": "^0.6.0",
"passport-github": "^1.1.0",
"passport-gitlab2": "^5.0.0",
"passport-google-oauth20": "^2.0.0",
"pg": "^8.11.3",
"pino": "^8.16.1",
"pino-http": "^8.5.1",
"posthog-node": "^2.6.0",
"probot": "^12.3.3",
"query-string": "^7.1.3",
"rate-limit-mongo": "^2.3.2",
"rimraf": "^3.0.2",
"swagger-ui-express": "^4.6.2",
"tweetnacl": "^1.0.3",
"tweetnacl-util": "^0.15.1",
"typescript": "^4.9.3",
"utility-types": "^3.10.0",
"zod": "^3.22.3"
},
"overrides": {
"rate-limit-mongo": {
"mongodb": "5.8.0"
}
},
"name": "infisical-api",
"version": "1.0.0",
"main": "src/index.js",
"scripts": {
"start": "node build/index.js",
"dev": "nodemon index.js",
"swagger-autogen": "node ./swagger/index.ts",
"build": "rimraf ./build && tsc && cp -R ./src/templates ./build && cp -R ./src/data ./build",
"lint": "eslint . --ext .ts",
"lint-and-fix": "eslint . --ext .ts --fix",
"lint-staged": "lint-staged",
"pretest": "docker compose -f test-resources/docker-compose.test.yml up -d",
"test": "cross-env NODE_ENV=test jest --verbose --testTimeout=10000 --detectOpenHandles; npm run posttest",
"test:ci": "npm test -- --watchAll=false --ci --reporters=default --reporters=jest-junit --reporters=github-actions --coverage --testLocationInResults --json --outputFile=coverage/report.json",
"posttest": "docker compose -f test-resources/docker-compose.test.yml down"
},
"repository": {
"type": "git",
"url": "git+https://github.com/Infisical/infisical-api.git"
},
"author": "",
"license": "ISC",
"bugs": {
"url": "https://github.com/Infisical/infisical-api/issues"
},
"homepage": "https://github.com/Infisical/infisical-api#readme",
"description": "",
"devDependencies": {
"@jest/globals": "^29.3.1",
"@posthog/plugin-scaffold": "^1.3.4",
"@swc/core": "^1.3.99",
"@swc/helpers": "^0.5.3",
"@types/bcrypt": "^5.0.0",
"@types/bcryptjs": "^2.4.2",
"@types/bull": "^4.10.0",
"@types/cookie-parser": "^1.4.3",
"@types/cors": "^2.8.12",
"@types/express": "^4.17.14",
"@types/jest": "^29.5.0",
"@types/jmespath": "^0.15.1",
"@types/jsonwebtoken": "^8.5.9",
"@types/lodash": "^4.14.191",
"@types/node": "^18.11.3",
"@types/nodemailer": "^6.4.6",
"@types/passport": "^1.0.12",
"@types/pg": "^8.10.7",
"@types/picomatch": "^2.3.0",
"@types/pino": "^7.0.5",
"@types/supertest": "^2.0.12",
"@types/swagger-jsdoc": "^6.0.1",
"@types/swagger-ui-express": "^4.1.3",
"@typescript-eslint/eslint-plugin": "^5.54.0",
"@typescript-eslint/parser": "^5.40.1",
"cross-env": "^7.0.3",
"eslint": "^8.26.0",
"eslint-plugin-unused-imports": "^2.0.0",
"install": "^0.13.0",
"jest": "^29.3.1",
"jest-junit": "^15.0.0",
"nodemon": "^2.0.19",
"npm": "^8.19.3",
"pino-pretty": "^10.2.3",
"regenerator-runtime": "^0.14.0",
"smee-client": "^1.2.3",
"supertest": "^6.3.3",
"swagger-autogen": "^2.23.5",
"ts-jest": "^29.0.3",
"ts-node": "^10.9.1"
},
"jest-junit": {
"outputDirectory": "reports",
"outputName": "jest-junit.xml",
"ancestorSeparator": " ",
"uniqueOutputName": "false",
"suiteNameTemplate": "{filepath}",
"classNameTemplate": "{classname}",
"titleTemplate": "{title}"
}
}

1282
backend/spec.json → backend-mongo/spec.json

File diff suppressed because it is too large Load Diff

0
backend/src/bootstrap.ts → backend-mongo/src/bootstrap.ts

3
backend/src/config/index.ts → backend-mongo/src/config/index.ts

@ -6,6 +6,9 @@ export const client = new InfisicalClient({
token: process.env.INFISICAL_TOKEN!
});
export const getIsMigrationMode = async () =>
(await client.getSecret("MIGRATION_MODE")).secretValue === "true";
export const getPort = async () => (await client.getSecret("PORT")).secretValue || 4000;
export const getEncryptionKey = async () => {
const secretValue = (await client.getSecret("ENCRYPTION_KEY")).secretValue;

0
backend/src/config/request.ts → backend-mongo/src/config/request.ts

6
backend/src/config/serverConfig.ts → backend-mongo/src/config/serverConfig.ts

@ -3,11 +3,11 @@ import { IServerConfig, ServerConfig } from "../models/serverConfig";
let serverConfig: IServerConfig;
export const serverConfigInit = async () => {
const cfg = await ServerConfig.findOne({});
const cfg = await ServerConfig.findOne({}).lean();
if (!cfg) {
const cfg = new ServerConfig();
await cfg.save();
serverConfig = cfg;
serverConfig = cfg.toObject();
} else {
serverConfig = cfg;
}
@ -19,6 +19,6 @@ export const getServerConfig = () => serverConfig;
export const updateServerConfig = async (data: Partial<IServerConfig>) => {
const cfg = await ServerConfig.findByIdAndUpdate(serverConfig._id, data, { new: true });
if (!cfg) throw new Error("Failed to update server config");
serverConfig = cfg;
serverConfig = cfg.toObject();
return serverConfig;
};

0
backend/src/config/storage.ts → backend-mongo/src/config/storage.ts

7
backend/src/controllers/v1/adminController.ts → backend-mongo/src/controllers/v1/adminController.ts

@ -1,5 +1,5 @@
import { Request, Response } from "express";
import { getHttpsEnabled } from "../../config";
import { getHttpsEnabled, getIsMigrationMode } from "../../config";
import { getServerConfig, updateServerConfig as setServerConfig } from "../../config/serverConfig";
import { initializeDefaultOrg, issueAuthTokens } from "../../helpers";
import { validateRequest } from "../../helpers/validation";
@ -8,9 +8,10 @@ import { TelemetryService } from "../../services";
import { BadRequestError, UnauthorizedRequestError } from "../../utils/errors";
import * as reqValidator from "../../validation/admin";
export const getServerConfigInfo = (_req: Request, res: Response) => {
export const getServerConfigInfo = async (_req: Request, res: Response) => {
const config = getServerConfig();
return res.send({ config });
const isMigrationModeOn = await getIsMigrationMode();
return res.send({ config: { ...config, isMigrationModeOn } });
};
export const updateServerConfig = async (req: Request, res: Response) => {

0
backend/src/controllers/v1/authController.ts → backend-mongo/src/controllers/v1/authController.ts

0
backend/src/controllers/v1/botController.ts → backend-mongo/src/controllers/v1/botController.ts

0
backend/src/controllers/v1/index.ts → backend-mongo/src/controllers/v1/index.ts

98
backend/src/controllers/v1/integrationAuthController.ts → backend-mongo/src/controllers/v1/integrationAuthController.ts

@ -2,7 +2,7 @@ import { Request, Response } from "express";
import { Types } from "mongoose";
import { standardRequest } from "../../config/request";
import { getApps, getTeams, revokeAccess } from "../../integrations";
import { Bot, IntegrationAuth, Workspace } from "../../models";
import { Bot, IIntegrationAuth, Integration, IntegrationAuth, Workspace } from "../../models";
import { EventType } from "../../ee/models";
import { IntegrationService } from "../../services";
import { EEAuditLogService } from "../../ee/services";
@ -130,7 +130,6 @@ export const oAuthExchange = async (req: Request, res: Response) => {
export const saveIntegrationToken = async (req: Request, res: Response) => {
// TODO: refactor
// TODO: check if access token is valid for each integration
let integrationAuth;
const {
body: { workspaceId, integration, url, accessId, namespace, accessToken, refreshToken }
} = await validateRequest(reqValidator.SaveIntegrationAccessTokenV1, req);
@ -152,31 +151,21 @@ export const saveIntegrationToken = async (req: Request, res: Response) => {
if (!bot) throw new Error("Bot must be enabled to save integration access token");
integrationAuth = await IntegrationAuth.findOneAndUpdate(
{
workspace: new Types.ObjectId(workspaceId),
integration
},
{
workspace: new Types.ObjectId(workspaceId),
integration,
url,
namespace,
algorithm: ALGORITHM_AES_256_GCM,
keyEncoding: ENCODING_SCHEME_UTF8,
...(integration === INTEGRATION_GCP_SECRET_MANAGER
? {
metadata: {
authMethod: "serviceAccount"
}
let integrationAuth = await new IntegrationAuth({
workspace: new Types.ObjectId(workspaceId),
integration,
url,
namespace,
algorithm: ALGORITHM_AES_256_GCM,
keyEncoding: ENCODING_SCHEME_UTF8,
...(integration === INTEGRATION_GCP_SECRET_MANAGER
? {
metadata: {
authMethod: "serviceAccount"
}
: {})
},
{
new: true,
upsert: true
}
);
}
: {})
}).save();
// encrypt and save integration access details
if (refreshToken) {
@ -188,12 +177,12 @@ export const saveIntegrationToken = async (req: Request, res: Response) => {
// encrypt and save integration access details
if (accessId || accessToken) {
integrationAuth = await IntegrationService.setIntegrationAuthAccess({
integrationAuth = (await IntegrationService.setIntegrationAuthAccess({
integrationAuthId: integrationAuth._id.toString(),
accessId,
accessToken,
accessExpiresAt: undefined
});
})) as IIntegrationAuth;
}
if (!integrationAuth) throw new Error("Failed to save integration access token");
@ -1208,13 +1197,64 @@ export const getIntegrationAuthTeamCityBuildConfigs = async (req: Request, res:
});
};
/**
* Delete all integration authorizations and integrations for workspace with id [workspaceId]
* with integration name [integration]
* @param req
* @param res
* @returns
*/
export const deleteIntegrationAuths = async (req: Request, res: Response) => {
const {
query: { integration, workspaceId }
} = await validateRequest(reqValidator.DeleteIntegrationAuthsV1, req);
const { permission } = await getAuthDataProjectPermissions({
authData: req.authData,
workspaceId: new Types.ObjectId(workspaceId)
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Delete,
ProjectPermissionSub.Integrations
);
const integrationAuths = await IntegrationAuth.deleteMany({
integration,
workspace: new Types.ObjectId(workspaceId)
});
const integrations = await Integration.deleteMany({
integration,
workspace: new Types.ObjectId(workspaceId)
});
await EEAuditLogService.createAuditLog(
req.authData,
{
type: EventType.UNAUTHORIZE_INTEGRATION,
metadata: {
integration
}
},
{
workspaceId: new Types.ObjectId(workspaceId)
}
);
return res.status(200).send({
integrationAuths,
integrations
});
}
/**
* Delete integration authorization with id [integrationAuthId]
* @param req
* @param res
* @returns
*/
export const deleteIntegrationAuth = async (req: Request, res: Response) => {
export const deleteIntegrationAuthById = async (req: Request, res: Response) => {
const {
params: { integrationAuthId }
} = await validateRequest(reqValidator.DeleteIntegrationAuthV1, req);

15
backend/src/controllers/v1/integrationController.ts → backend-mongo/src/controllers/v1/integrationController.ts

@ -251,6 +251,21 @@ export const deleteIntegration = async (req: Request, res: Response) => {
});
if (!deletedIntegration) throw new Error("Failed to find integration");
const numOtherIntegrationsUsingSameAuth = await Integration.countDocuments({
integrationAuth: deletedIntegration.integrationAuth,
_id: {
$nin: [deletedIntegration._id]
}
});
if (numOtherIntegrationsUsingSameAuth === 0) {
// no other integrations are using the same integration auth
// -> delete integration auth associated with the integration being deleted
await IntegrationAuth.deleteOne({
_id: deletedIntegration.integrationAuth
});
}
await EEAuditLogService.createAuditLog(
req.authData,

0
backend/src/controllers/v1/keyController.ts → backend-mongo/src/controllers/v1/keyController.ts

0
backend/src/controllers/v1/membershipController.ts → backend-mongo/src/controllers/v1/membershipController.ts

0
backend/src/controllers/v1/membershipOrgController.ts → backend-mongo/src/controllers/v1/membershipOrgController.ts

0
backend/src/controllers/v1/organizationController.ts → backend-mongo/src/controllers/v1/organizationController.ts

0
backend/src/controllers/v1/passwordController.ts → backend-mongo/src/controllers/v1/passwordController.ts

0
backend/src/controllers/v1/secretController.ts → backend-mongo/src/controllers/v1/secretController.ts

23
backend/src/controllers/v1/secretImpsController.ts → backend-mongo/src/controllers/v1/secretImpsController.ts

@ -111,11 +111,17 @@ export const createSecretImp = async (req: Request, res: Response) => {
authData: req.authData,
workspaceId: new Types.ObjectId(workspaceId)
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Create,
subject(ProjectPermissionSub.Secrets, { environment, secretPath: directory })
);
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Create,
subject(ProjectPermissionSub.Secrets, { environment: secretImport.environment, secretPath: secretImport.secretPath })
);
}
const folders = await Folder.findOne({
@ -323,7 +329,7 @@ export const updateSecretImport = async (req: Request, res: Response) => {
authData: req.authData,
workspaceId: importSecDoc.workspace
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Edit,
subject(ProjectPermissionSub.Secrets, {
@ -331,6 +337,13 @@ export const updateSecretImport = async (req: Request, res: Response) => {
secretPath
})
);
secretImports.forEach(({ environment, secretPath }) => {
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Create,
subject(ProjectPermissionSub.Secrets, { environment, secretPath })
);
})
}
const orderBefore = importSecDoc.imports;
@ -453,7 +466,7 @@ export const deleteSecretImport = async (req: Request, res: Response) => {
authData: req.authData,
workspaceId: importSecDoc.workspace
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Delete,
subject(ProjectPermissionSub.Secrets, {
@ -620,7 +633,7 @@ export const getAllSecretsFromImport = async (req: Request, res: Response) => {
authData: req.authData,
workspaceId: new Types.ObjectId(workspaceId)
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Read,
subject(ProjectPermissionSub.Secrets, {
@ -677,7 +690,7 @@ export const getAllSecretsFromImport = async (req: Request, res: Response) => {
authData: req.authData,
workspaceId: importSecDoc.workspace
});
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Read,
subject(ProjectPermissionSub.Secrets, {

0
backend/src/controllers/v1/secretScanningController.ts → backend-mongo/src/controllers/v1/secretScanningController.ts

0
backend/src/controllers/v1/secretsFolderController.ts → backend-mongo/src/controllers/v1/secretsFolderController.ts

0
backend/src/controllers/v1/serviceTokenController.ts → backend-mongo/src/controllers/v1/serviceTokenController.ts

0
backend/src/controllers/v1/signupController.ts → backend-mongo/src/controllers/v1/signupController.ts

493
backend/src/controllers/v1/universalAuthController.ts → backend-mongo/src/controllers/v1/universalAuthController.ts

@ -60,6 +60,52 @@ const packageUniversalAuthClientSecretData = (identityUniversalAuthClientSecret:
* @param res
*/
export const renewAccessToken = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Renew access token'
#swagger.description = 'Renew access token'
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"accessToken": {
"type": "string",
"description": "Access token to renew",
"example": "..."
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"accessToken": {
"type": "string",
"description": "(Same) Access token after successful renewal"
},
"expiresIn": {
"type": "number",
"description": "TTL of access token in seconds"
},
"tokenType": {
"type": "string",
"description": "Type of access token (e.g. Bearer)"
}
},
"description": "Access token and its details"
}
}
}
}
*/
const {
body: {
accessToken
@ -83,9 +129,14 @@ export const renewAccessToken = async (req: Request, res: Response) => {
accessTokenTTL,
accessTokenLastRenewedAt,
accessTokenMaxTTL,
createdAt: accessTokenCreatedAt
createdAt: accessTokenCreatedAt,
accessTokenNumUses,
accessTokenNumUsesLimit
} = identityAccessToken;
if (accessTokenNumUses >= accessTokenNumUsesLimit) {
throw BadRequestError({ message: "Unable to renew because access token number of uses limit reached" })
}
// ttl check
if (accessTokenTTL > 0) {
@ -150,6 +201,57 @@ export const renewAccessToken = async (req: Request, res: Response) => {
* @param res
*/
export const loginIdentityUniversalAuth = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Login with Universal Auth'
#swagger.description = 'Login with Universal Auth'
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientId": {
"type": "string",
"description": "Client ID for identity to login with Universal Auth",
"example": "..."
},
"clientSecret": {
"type": "string",
"description": "Client Secret for identity to login with Universal Auth",
"example": "..."
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"accessToken": {
"type": "string",
"description": "Access token issued after successful login"
},
"expiresIn": {
"type": "number",
"description": "TTL of access token in seconds"
},
"tokenType": {
"type": "string",
"description": "Type of access token (e.g. Bearer)"
}
},
"description": "Access token and its details"
}
}
}
}
*/
const {
body: {
clientId,
@ -303,7 +405,105 @@ export const loginIdentityUniversalAuth = async (req: Request, res: Response) =>
});
}
export const addIdentityUniversalAuth = async (req: Request, res: Response) => {
/**
* Attach identity universal auth method onto identity with id [identityId]
* @param req
* @param res
*/
export const attachIdentityUniversalAuth = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Attach Universal Auth configuration onto identity'
#swagger.description = 'Attach Universal Auth configuration onto identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity to attach Universal Auth onto",
"required": true,
"type": "string",
"in": "path"
}
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientSecretTrustedIps": {
type: "array",
items: {
type: "object",
"properties": {
"ipAddress": {
type: "string",
description: "IP address to trust",
default: "0.0.0.0/0"
}
}
},
"description": "List of IPs or CIDR ranges that the Client Secret can be used from together with the Client ID to get back an access token. By default, Client Secrets are given the 0.0.0.0/0 entry representing all possible IPv4 addresses.",
"example": "...",
"default": [{ ipAddress: "0.0.0.0/0" }]
},
"accessTokenTTL": {
"type": "number",
"description": "The incremental lifetime for an acccess token in seconds; a value of 0 implies an infinite incremental lifetime.",
"example": "...",
"default": 100
},
"accessTokenMaxTTL": {
"type": "number",
"description": "The maximum lifetime for an acccess token in seconds; a value of 0 implies an infinite maximum lifetime.",
"example": "...",
"default": 2592000
},
"accessTokenNumUsesLimit": {
"type": "number",
"description": "The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses.",
"example": "...",
"default": 0
},
"accessTokenTrustedIps": {
type: "array",
items: {
type: "object",
"properties": {
"ipAddress": {
type: "string",
description: "IP address to trust",
default: "0.0.0.0/0"
}
}
},
"description": "List of IPs or CIDR ranges that access tokens can be used from. By default, each token is given the 0.0.0.0/0 entry representing all possible IPv4 addresses.",
"example": "...",
"default": [{ ipAddress: "0.0.0.0/0" }]
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityUniversalAuth": {
$ref: '#/definitions/IdentityUniversalAuth'
}
},
"description": "Details of attached Universal Auth"
}
}
}
}
*/
const {
params: { identityId },
body: {
@ -350,7 +550,7 @@ export const addIdentityUniversalAuth = async (req: Request, res: Response) => {
// validate trusted ips
const reformattedClientSecretTrustedIps = clientSecretTrustedIps.map((clientSecretTrustedIp) => {
if (!plan.ipAllowlisting && clientSecretTrustedIp.ipAddress !== "0.0.0.0/0") return res.status(400).send({
if (!plan.ipAllowlisting && (clientSecretTrustedIp.ipAddress !== "0.0.0.0/0" && clientSecretTrustedIp.ipAddress !== "::/0")) return res.status(400).send({
message: "Failed to add IP access range to service token due to plan restriction. Upgrade plan to add IP access range."
});
@ -364,7 +564,7 @@ export const addIdentityUniversalAuth = async (req: Request, res: Response) => {
});
const reformattedAccessTokenTrustedIps = accessTokenTrustedIps.map((accessTokenTrustedIp) => {
if (!plan.ipAllowlisting && accessTokenTrustedIp.ipAddress !== "0.0.0.0/0") return res.status(400).send({
if (!plan.ipAllowlisting && (accessTokenTrustedIp.ipAddress !== "0.0.0.0/0" && accessTokenTrustedIp.ipAddress !== "::/0")) return res.status(400).send({
message: "Failed to add IP access range to service token due to plan restriction. Upgrade plan to add IP access range."
});
@ -414,7 +614,98 @@ export const addIdentityUniversalAuth = async (req: Request, res: Response) => {
});
}
/**
* Update identity universal auth method on identity with id [identityId]
* @param req
* @param res
*/
export const updateIdentityUniversalAuth = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Update Universal Auth configuration on identity'
#swagger.description = 'Update Universal Auth configuration on identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity to update Universal Auth on",
"required": true,
"type": "string",
"in": "path"
}
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientSecretTrustedIps": {
type: "array",
items: {
type: "object",
"properties": {
"ipAddress": {
type: "string",
description: "IP address to trust"
}
}
},
"description": "List of IPs or CIDR ranges that the Client Secret can be used from together with the Client ID to get back an access token. By default, Client Secrets are given the 0.0.0.0/0 entry representing all possible IPv4 addresses.",
"example": "...",
},
"accessTokenTTL": {
"type": "number",
"description": "The incremental lifetime for an acccess token in seconds; a value of 0 implies an infinite incremental lifetime.",
"example": "...",
},
"accessTokenMaxTTL": {
"type": "number",
"description": "The maximum lifetime for an acccess token in seconds; a value of 0 implies an infinite maximum lifetime.",
"example": "...",
},
"accessTokenNumUsesLimit": {
"type": "number",
"description": "The maximum number of times that an access token can be used; a value of 0 implies infinite number of uses.",
"example": "...",
},
"accessTokenTrustedIps": {
type: "array",
items: {
type: "object",
"properties": {
"ipAddress": {
type: "string",
description: "IP address to trust"
}
}
},
"description": "List of IPs or CIDR ranges that access tokens can be used from. By default, each token is given the 0.0.0.0/0 entry representing all possible IPv4 addresses.",
"example": "...",
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityUniversalAuth": {
$ref: '#/definitions/IdentityUniversalAuth'
}
},
"description": "Details of updated Universal Auth"
}
}
}
}
*/
const {
params: { identityId },
body: {
@ -459,7 +750,7 @@ export const updateIdentityUniversalAuth = async (req: Request, res: Response) =
let reformattedClientSecretTrustedIps;
if (clientSecretTrustedIps) {
reformattedClientSecretTrustedIps = clientSecretTrustedIps.map((clientSecretTrustedIp) => {
if (!plan.ipAllowlisting && clientSecretTrustedIp.ipAddress !== "0.0.0.0/0") return res.status(400).send({
if (!plan.ipAllowlisting && (clientSecretTrustedIp.ipAddress !== "0.0.0.0/0" && clientSecretTrustedIp.ipAddress !== "::/0")) return res.status(400).send({
message: "Failed to add IP access range to service token due to plan restriction. Upgrade plan to add IP access range."
});
@ -476,7 +767,7 @@ export const updateIdentityUniversalAuth = async (req: Request, res: Response) =
let reformattedAccessTokenTrustedIps;
if (accessTokenTrustedIps) {
reformattedAccessTokenTrustedIps = accessTokenTrustedIps.map((accessTokenTrustedIp) => {
if (!plan.ipAllowlisting && accessTokenTrustedIp.ipAddress !== "0.0.0.0/0") return res.status(400).send({
if (!plan.ipAllowlisting && (accessTokenTrustedIp.ipAddress !== "0.0.0.0/0" && accessTokenTrustedIp.ipAddress !== "::/0")) return res.status(400).send({
message: "Failed to add IP access range to service token due to plan restriction. Upgrade plan to add IP access range."
});
@ -526,7 +817,43 @@ export const updateIdentityUniversalAuth = async (req: Request, res: Response) =
});
}
/**
* Return identity universal auth method on identity with id [identityId]
* @param req
* @param res
*/
export const getIdentityUniversalAuth = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Retrieve Universal Auth configuration on identity'
#swagger.description = 'Retrieve Universal Auth configuration on identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity to retrieve Universal Auth on",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityUniversalAuth": {
$ref: '#/definitions/IdentityUniversalAuth'
}
},
"description": "Details of retrieved Universal Auth"
}
}
}
}
*/
const {
params: { identityId }
} = await validateRequest(reqValidator.GetUniversalAuthForIdentityV1, req);
@ -577,7 +904,77 @@ export const getIdentityUniversalAuth = async (req: Request, res: Response) => {
});
}
/**
* Create client secret for identity universal auth method on identity with id [identityId]
* @param req
* @param res
*/
export const createUniversalAuthClientSecret = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Create Universal Auth Client Secret for identity'
#swagger.description = 'Create Universal Auth Client Secret for identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity to create Universal Auth Client Secret for",
"required": true,
"type": "string",
"in": "path"
}
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"description": {
"type": "string",
"description": "A description for the Client Secret to create.",
"example": "..."
},
"ttl": {
"type": "number",
"description": "The time-to-live for the Client Secret to create. By default, the TTL will be set to 0 which implies that the Client Secret will never expire; a value of 0 implies an infinite lifetime.",
"example": "...",
"default": 0
},
"numUsesLimit": {
"type": "number",
"description": "The maximum number of times that the Client Secret can be used together with the Client ID to get back an access token; a value of 0 implies infinite number of uses.",
"example": "...",
"default": 0
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientSecret": {
"type": "string",
"description": "The created Client Secret"
},
"clientSecretData": {
$ref: '#/definitions/IdentityUniversalAuthClientSecretData'
}
},
"description": "Details of the created Client Secret"
}
}
}
}
*/
const {
params: { identityId },
body: {
@ -660,7 +1057,46 @@ export const createUniversalAuthClientSecret = async (req: Request, res: Respons
});
}
export const getUniversalAuthClientSecrets = async (req: Request, res: Response) => {
/**
* Return list of client secret details for identity universal auth method on identity with id [identityId]
* @param req
* @param res
*/
export const getUniversalAuthClientSecretsDetails = async (req: Request, res: Response) => {
/*
#swagger.summary = 'List Universal Auth Client Secrets for identity'
#swagger.description = 'List Universal Auth Client Secrets for identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity for which to get Client Secrets for",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientSecretData": {
type: "array",
items: {
$ref: '#/definitions/IdentityUniversalAuthClientSecretData'
}
}
},
"description": "Details of the Client Secrets"
}
}
}
}
*/
const {
params: { identityId }
} = await validateRequest(reqValidator.GetUniversalAuthClientSecretsV1, req);
@ -720,7 +1156,50 @@ export const getUniversalAuthClientSecrets = async (req: Request, res: Response)
});
}
/**
* Revoke client secret for identity universal auth method on identity with id [identityId]
* @param req
* @param res
*/
export const revokeUniversalAuthClientSecret = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Revoke Universal Auth Client Secret for identity'
#swagger.description = 'Revoke Universal Auth Client Secret for identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity under which Client Secret was issued for",
"required": true,
"type": "string",
"in": "path"
}
#swagger.parameters['clientSecretId'] = {
"description": "ID of Client Secret to revoke",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"clientSecretData": {
$ref: '#/definitions/IdentityUniversalAuthClientSecretData'
}
},
"description": "Details of the revoked Client Secret"
}
}
}
}
*/
const {
params: { identityId, clientSecretId }
} = await validateRequest(reqValidator.RevokeUniversalAuthClientSecretV1, req);

0
backend/src/controllers/v1/userActionController.ts → backend-mongo/src/controllers/v1/userActionController.ts

0
backend/src/controllers/v1/userController.ts → backend-mongo/src/controllers/v1/userController.ts

0
backend/src/controllers/v1/webhookController.ts → backend-mongo/src/controllers/v1/webhookController.ts

0
backend/src/controllers/v1/workspaceController.ts → backend-mongo/src/controllers/v1/workspaceController.ts

0
backend/src/controllers/v2/authController.ts → backend-mongo/src/controllers/v2/authController.ts

0
backend/src/controllers/v2/environmentController.ts → backend-mongo/src/controllers/v2/environmentController.ts

0
backend/src/controllers/v2/index.ts → backend-mongo/src/controllers/v2/index.ts

0
backend/src/controllers/v2/membershipController.ts → backend-mongo/src/controllers/v2/membershipController.ts

95
backend/src/controllers/v2/organizationsController.ts → backend-mongo/src/controllers/v2/organizationsController.ts

@ -1,9 +1,13 @@
import { Request, Response } from "express";
import { Types } from "mongoose";
import {
IdentityMembershipOrg,
Membership,
IWorkspace,
Identity,
IdentityMembership,
IdentityMembershipOrg,
Membership,
MembershipOrg,
User,
Workspace
} from "../../models";
import { Role } from "../../ee/models";
@ -33,11 +37,12 @@ import { ForbiddenError } from "@casl/ability";
*/
export const getOrganizationMemberships = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Return organization memberships'
#swagger.description = 'Return organization memberships'
#swagger.summary = 'Return organization user memberships'
#swagger.description = 'Return organization user memberships'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['organizationId'] = {
@ -94,11 +99,12 @@ export const getOrganizationMemberships = async (req: Request, res: Response) =>
*/
export const updateOrganizationMembership = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Update organization membership'
#swagger.description = 'Update organization membership'
#swagger.summary = 'Update organization user membership'
#swagger.description = 'Update organization user membership'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['organizationId'] = {
@ -214,11 +220,12 @@ export const updateOrganizationMembership = async (req: Request, res: Response)
*/
export const deleteOrganizationMembership = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Delete organization membership'
#swagger.description = 'Delete organization membership'
#swagger.summary = 'Delete organization user membership'
#swagger.description = 'Delete organization user membership'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['organizationId'] = {
@ -295,7 +302,8 @@ export const getOrganizationWorkspaces = async (req: Request, res: Response) =>
#swagger.description = 'Return projects in organization that user is part of'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['organizationId'] = {
@ -323,6 +331,7 @@ export const getOrganizationWorkspaces = async (req: Request, res: Response) =>
}
}
*/
const {
params: { organizationId }
} = await validateRequest(reqValidator.GetOrgWorkspacesv2, req);
@ -348,13 +357,27 @@ export const getOrganizationWorkspaces = async (req: Request, res: Response) =>
).map((w) => w._id.toString())
);
const workspaces = (
await Membership.find({
user: req.user._id
}).populate("workspace")
)
.filter((m) => workspacesSet.has(m.workspace._id.toString()))
.map((m) => m.workspace);
let workspaces: IWorkspace[] = [];
if (req.authData.authPayload instanceof Identity) {
workspaces = (
await IdentityMembership.find({
identity: req.authData.authPayload._id
}).populate<{ workspace: IWorkspace }>("workspace")
)
.filter((m) => workspacesSet.has(m.workspace._id.toString()))
.map((m) => m.workspace);
}
if (req.authData.authPayload instanceof User) {
workspaces = (
await Membership.find({
user: req.authData.authPayload._id
}).populate<{ workspace: IWorkspace }>("workspace")
)
.filter((m) => workspacesSet.has(m.workspace._id.toString()))
.map((m) => m.workspace);
}
return res.status(200).send({
workspaces
@ -425,6 +448,40 @@ export const deleteOrganizationById = async (req: Request, res: Response) => {
* @returns
*/
export const getOrganizationIdentityMemberships = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Return organization identity memberships'
#swagger.description = 'Return organization identity memberships'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['organizationId'] = {
"description": "ID of organization",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityMemberships": {
"type": "array",
"items": {
$ref: "#/components/schemas/IdentityMembershipOrg"
},
"description": "Identity memberships of organization"
}
}
}
}
}
}
*/
const {
params: { organizationId }
} = await validateRequest(reqValidator.GetOrgIdentityMembershipsV2, req);

0
backend/src/controllers/v2/secretController.ts → backend-mongo/src/controllers/v2/secretController.ts

0
backend/src/controllers/v2/secretsController.ts → backend-mongo/src/controllers/v2/secretsController.ts

10
backend/src/controllers/v2/serviceTokenDataController.ts → backend-mongo/src/controllers/v2/serviceTokenDataController.ts

@ -13,7 +13,7 @@ import {
ProjectPermissionSub,
getAuthDataProjectPermissions
} from "../../ee/services/ProjectRoleService";
import { ForbiddenError } from "@casl/ability";
import { ForbiddenError, subject } from "@casl/ability";
import { Types } from "mongoose";
/**
@ -86,6 +86,14 @@ export const createServiceTokenData = async (req: Request, res: Response) => {
ProjectPermissionSub.ServiceTokens
);
scopes.forEach(({ environment, secretPath }) => {
ForbiddenError.from(permission).throwUnlessCan(
ProjectPermissionActions.Create,
subject(ProjectPermissionSub.Secrets, { environment, secretPath: secretPath })
);
})
const secret = crypto.randomBytes(16).toString("hex");
const secretHash = await bcrypt.hash(secret, await getSaltRounds());

0
backend/src/controllers/v2/signupController.ts → backend-mongo/src/controllers/v2/signupController.ts

0
backend/src/controllers/v2/tagController.ts → backend-mongo/src/controllers/v2/tagController.ts

0
backend/src/controllers/v2/usersController.ts → backend-mongo/src/controllers/v2/usersController.ts

154
backend/src/controllers/v2/workspaceController.ts → backend-mongo/src/controllers/v2/workspaceController.ts

@ -249,11 +249,12 @@ export const getWorkspaceServiceTokenData = async (req: Request, res: Response)
*/
export const getWorkspaceMemberships = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Return project memberships'
#swagger.description = 'Return project memberships'
#swagger.summary = 'Return project user memberships'
#swagger.description = 'Return project user memberships'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
@ -312,11 +313,12 @@ export const getWorkspaceMemberships = async (req: Request, res: Response) => {
*/
export const updateWorkspaceMembership = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Update project membership'
#swagger.description = 'Update project membership'
#swagger.summary = 'Update project user membership'
#swagger.description = 'Update project user membership'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
@ -340,7 +342,7 @@ export const updateWorkspaceMembership = async (req: Request, res: Response) =>
"properties": {
"role": {
"type": "string",
"description": "Role of membership - either admin or member",
"description": "Role to update to for project membership",
}
}
}
@ -402,11 +404,12 @@ export const updateWorkspaceMembership = async (req: Request, res: Response) =>
*/
export const deleteWorkspaceMembership = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Delete project membership'
#swagger.description = 'Delete project membership'
#swagger.summary = 'Delete project user membership'
#swagger.description = 'Delete project user membership'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
@ -594,7 +597,60 @@ export const addIdentityToWorkspace = async (req: Request, res: Response) => {
* @param req
* @param res
*/
export const updateIdentityWorkspaceRole = async (req: Request, res: Response) => {
export const updateIdentityWorkspaceRole = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Update project identity membership'
#swagger.description = 'Update project identity membership'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
"description": "ID of project",
"required": true,
"type": "string"
}
#swagger.parameters['identityId'] = {
"description": "ID of identity whose membership to update in project",
"required": true,
"type": "string"
}
#swagger.requestBody = {
"required": true,
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"role": {
"type": "string",
"description": "Role to update to for identity project membership",
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityMembership": {
$ref: "#/components/schemas/IdentityMembership",
"description": "Updated identity membership"
}
}
}
}
}
}
*/
const {
params: { workspaceId, identityId },
body: {
@ -676,12 +732,48 @@ export const updateIdentityWorkspaceRole = async (req: Request, res: Response) =
}
/**
* Delete identity with id [identityId] to workspace
* Delete identity with id [identityId] from workspace
* with id [workspaceId]
* @param req
* @param res
*/
export const deleteIdentityFromWorkspace = async (req: Request, res: Response) => {
export const deleteIdentityFromWorkspace = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Delete project identity membership'
#swagger.description = 'Delete project identity membership'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
"description": "ID of project",
"required": true,
"type": "string"
}
#swagger.parameters['identityId'] = {
"description": "ID of identity whose membership to delete in project",
"required": true,
"type": "string"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityMembership": {
$ref: "#/components/schemas/IdentityMembership",
"description": "Deleted identity membership"
}
}
}
}
}
}
*/
const {
params: { workspaceId, identityId }
} = await validateRequest(reqValidator.DeleteIdentityFromWorkspaceV2, req);
@ -732,7 +824,41 @@ export const deleteIdentityFromWorkspace = async (req: Request, res: Response) =
* @param res
* @returns
*/
export const getWorkspaceIdentityMemberships = async (req: Request, res: Response) => {
export const getWorkspaceIdentityMemberships = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Return project identity memberships'
#swagger.description = 'Return project identity memberships'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
"description": "ID of project",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identityMemberships": {
"type": "array",
"items": {
$ref: "#/components/schemas/IdentityMembership"
},
"description": "Identity memberships of project"
}
}
}
}
}
}
*/
const {
params: { workspaceId }
} = await validateRequest(reqValidator.GetWorkspaceIdentityMembersV2, req);

0
backend/src/controllers/v3/authController.ts → backend-mongo/src/controllers/v3/authController.ts

0
backend/src/controllers/v3/index.ts → backend-mongo/src/controllers/v3/index.ts

10
backend/src/controllers/v3/secretsController.ts → backend-mongo/src/controllers/v3/secretsController.ts

@ -348,7 +348,7 @@ export const getSecretByNameRaw = async (req: Request, res: Response) => {
}
*/
const {
query: { secretPath, environment, workspaceId, type, include_imports },
query: { secretPath, environment, workspaceId, type, include_imports, version },
params: { secretName }
} = await validateRequest(reqValidator.GetSecretByNameRawV3, req);
@ -371,7 +371,8 @@ export const getSecretByNameRaw = async (req: Request, res: Response) => {
type,
secretPath,
authData: req.authData,
include_imports
include_imports,
version
});
const key = await BotService.getWorkspaceKeyWithBot({
@ -865,7 +866,7 @@ export const getSecrets = async (req: Request, res: Response) => {
*/
export const getSecretByName = async (req: Request, res: Response) => {
const {
query: { secretPath, environment, workspaceId, type, include_imports },
query: { secretPath, environment, workspaceId, type, include_imports, version },
params: { secretName }
} = await validateRequest(reqValidator.GetSecretByNameV3, req);
@ -888,7 +889,8 @@ export const getSecretByName = async (req: Request, res: Response) => {
type,
secretPath,
authData: req.authData,
include_imports
include_imports,
version
});
return res.status(200).send({

0
backend/src/controllers/v3/signupController.ts → backend-mongo/src/controllers/v3/signupController.ts

0
backend/src/controllers/v3/usersController.ts → backend-mongo/src/controllers/v3/usersController.ts

0
backend/src/controllers/v3/workspacesController.ts → backend-mongo/src/controllers/v3/workspacesController.ts

0
backend/src/data/disposable_emails.txt → backend-mongo/src/data/disposable_emails.txt

0
backend/src/ee/LICENSE → backend-mongo/src/ee/LICENSE

0
backend/src/ee/controllers/v1/cloudProductsController.ts → backend-mongo/src/ee/controllers/v1/cloudProductsController.ts

136
backend/src/ee/controllers/v1/identitiesController.ts → backend-mongo/src/ee/controllers/v1/identitiesController.ts

@ -42,6 +42,58 @@ import { ForbiddenError } from "@casl/ability";
* @returns
*/
export const createIdentity = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Create identity'
#swagger.description = 'Create identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "Name of entity to create",
"example": "development"
},
"organizationId": {
"type": "string",
"description": "ID of organization where to create identity",
"example": "dev-environment"
},
"role": {
"type": "string",
"description": "Role to assume for organization membership",
"example": "no-access"
}
},
"required": ["name", "organizationId", "role"]
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identity": {
$ref: '#/definitions/Identity'
}
},
"description": "Details of the created identity"
}
}
}
}
*/
const {
body: {
name,
@ -120,6 +172,59 @@ export const createIdentity = async (req: Request, res: Response) => {
* @returns
*/
export const updateIdentity = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Update identity'
#swagger.description = 'Update identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity to update",
"required": true,
"type": "string",
"in": "path"
}
#swagger.requestBody = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "Name of entity to update to",
"example": "development"
},
"role": {
"type": "string",
"description": "Role to update to for organization membership",
"example": "no-access"
}
}
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identity": {
$ref: '#/definitions/Identity'
}
},
"description": "Details of the updated identity"
}
}
}
}
*/
const {
params: { identityId },
body: {
@ -242,6 +347,37 @@ export const createIdentity = async (req: Request, res: Response) => {
* @returns
*/
export const deleteIdentity = async (req: Request, res: Response) => {
/*
#swagger.summary = 'Delete identity'
#swagger.description = 'Delete identity'
#swagger.security = [{
"bearerAuth": []
}]
#swagger.parameters['identityId'] = {
"description": "ID of identity",
"required": true,
"type": "string",
"in": "path"
}
#swagger.responses[200] = {
content: {
"application/json": {
"schema": {
"type": "object",
"properties": {
"identity": {
$ref: '#/definitions/Identity'
}
},
"description": "Details of the deleted identity"
}
}
}
}
*/
const {
params: { identityId }
} = await validateRequest(reqValidator.DeleteIdentityV1, req);

0
backend/src/ee/controllers/v1/index.ts → backend-mongo/src/ee/controllers/v1/index.ts

0
backend/src/ee/controllers/v1/membershipController.ts → backend-mongo/src/ee/controllers/v1/membershipController.ts

0
backend/src/ee/controllers/v1/organizationsController.ts → backend-mongo/src/ee/controllers/v1/organizationsController.ts

0
backend/src/ee/controllers/v1/roleController.ts → backend-mongo/src/ee/controllers/v1/roleController.ts

0
backend/src/ee/controllers/v1/secretApprovalPolicyController.ts → backend-mongo/src/ee/controllers/v1/secretApprovalPolicyController.ts

18
backend/src/ee/controllers/v1/secretApprovalRequestsController.ts → backend-mongo/src/ee/controllers/v1/secretApprovalRequestsController.ts

@ -17,12 +17,12 @@ export const getSecretApprovalRequestCount = async (req: Request, res: Response)
} = await validateRequest(reqValidator.getSecretApprovalRequestCount, req);
if (!(req.authData.authPayload instanceof User)) return;
const membership = await Membership.findOne({
user: req.authData.authPayload._id,
workspace: new Types.ObjectId(workspaceId)
});
if (!membership) throw UnauthorizedRequestError();
const approvalRequestCount = await SecretApprovalRequest.aggregate([
@ -73,12 +73,12 @@ export const getSecretApprovalRequests = async (req: Request, res: Response) =>
} = await validateRequest(reqValidator.getSecretApprovalRequests, req);
if (!(req.authData.authPayload instanceof User)) return;
const membership = await Membership.findOne({
user: req.authData.authPayload._id,
workspace: new Types.ObjectId(workspaceId)
});
if (!membership) throw UnauthorizedRequestError();
const query = {
@ -168,13 +168,13 @@ export const getSecretApprovalRequestDetails = async (req: Request, res: Respons
user: req.authData.authPayload._id,
workspace: secretApprovalRequest.workspace
});
if (!membership) throw UnauthorizedRequestError();
// allow to fetch only if its admin or is the committer or approver
if (
membership.role !== "admin" &&
secretApprovalRequest.committer !== membership.id &&
!secretApprovalRequest.committer.equals(membership.id) &&
!secretApprovalRequest.policy.approvers.find(
(approverId) => approverId.toString() === membership._id.toString()
)
@ -215,7 +215,7 @@ export const updateSecretApprovalReviewStatus = async (req: Request, res: Respon
user: req.authData.authPayload._id,
workspace: secretApprovalRequest.workspace
});
if (!membership) throw UnauthorizedRequestError();
if (
@ -257,7 +257,7 @@ export const mergeSecretApprovalRequest = async (req: Request, res: Response) =>
user: req.authData.authPayload._id,
workspace: secretApprovalRequest.workspace
});
if (!membership) throw UnauthorizedRequestError();
if (
@ -307,7 +307,7 @@ export const updateSecretApprovalRequestStatus = async (req: Request, res: Respo
user: req.authData.authPayload._id,
workspace: secretApprovalRequest.workspace
});
if (!membership) throw UnauthorizedRequestError();
if (

0
backend/src/ee/controllers/v1/secretController.ts → backend-mongo/src/ee/controllers/v1/secretController.ts

0
backend/src/ee/controllers/v1/secretRotationController.ts → backend-mongo/src/ee/controllers/v1/secretRotationController.ts

0
backend/src/ee/controllers/v1/secretRotationProviderController.ts → backend-mongo/src/ee/controllers/v1/secretRotationProviderController.ts

0
backend/src/ee/controllers/v1/secretSnapshotController.ts → backend-mongo/src/ee/controllers/v1/secretSnapshotController.ts

0
backend/src/ee/controllers/v1/ssoController.ts → backend-mongo/src/ee/controllers/v1/ssoController.ts

0
backend/src/ee/controllers/v1/usersController.ts → backend-mongo/src/ee/controllers/v1/usersController.ts

32
backend/src/ee/controllers/v1/workspaceController.ts → backend-mongo/src/ee/controllers/v1/workspaceController.ts

@ -62,15 +62,30 @@ export const getWorkspaceSecretSnapshots = async (req: Request, res: Response) =
#swagger.description = 'Return project secret snapshots ids'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
"description": "ID of project",
"description": "ID of project where to get secret snapshots for",
"required": true,
"type": "string"
}
#swagger.parameters['environment'] = {
"description": "Slug of environment where to get secret snapshots for",
"required": true,
"type": "string",
"in": "query"
}
#swagger.parameters['directory'] = {
"description": "Path where to get secret snapshots for like / or /foo/bar. Default is /",
"required": false,
"type": "string",
"in": "query"
}
#swagger.parameters['offset'] = {
"description": "Number of secret snapshots to skip",
"required": false,
@ -195,11 +210,12 @@ export const rollbackWorkspaceSecretSnapshot = async (req: Request, res: Respons
#swagger.description = 'Roll back project secrets to those captured in a secret snapshot version.'
#swagger.security = [{
"apiKeyAuth": []
"apiKeyAuth": [],
"bearerAuth": []
}]
#swagger.parameters['workspaceId'] = {
"description": "ID of project",
"description": "ID of project where to roll back",
"required": true,
"type": "string"
}
@ -211,6 +227,14 @@ export const rollbackWorkspaceSecretSnapshot = async (req: Request, res: Respons
"schema": {
"type": "object",
"properties": {
"environment": {
"type": "string",
"description": "Slug of environment where to roll back"
},
"directory": {
"type": "string",
"description": "Path where to roll back for like / or /foo/bar. Default is /"
},
"version": {
"type": "integer",
"description": "Version of secret snapshot to roll back to",

0
backend/src/ee/controllers/v3/apiKeyDataController.ts → backend-mongo/src/ee/controllers/v3/apiKeyDataController.ts

0
backend/src/ee/controllers/v3/index.ts → backend-mongo/src/ee/controllers/v3/index.ts

0
backend/src/ee/helpers/checkMembershipPermissions.ts → backend-mongo/src/ee/helpers/checkMembershipPermissions.ts

0
backend/src/ee/helpers/organizations.ts → backend-mongo/src/ee/helpers/organizations.ts

0
backend/src/ee/helpers/secret.ts → backend-mongo/src/ee/helpers/secret.ts

0
backend/src/ee/helpers/secretVersion.ts → backend-mongo/src/ee/helpers/secretVersion.ts

0
backend/src/ee/models/auditLog/auditLog.ts → backend-mongo/src/ee/models/auditLog/auditLog.ts

5
backend/src/ee/models/auditLog/enums.ts → backend-mongo/src/ee/models/auditLog/enums.ts

@ -8,7 +8,10 @@ export enum UserAgentType {
WEB = "web",
CLI = "cli",
K8_OPERATOR = "k8-operator",
OTHER = "other"
TERRAFORM = "terraform",
OTHER = "other",
PYTHON_SDK = "InfisicalPythonSDK",
NODE_SDK = "InfisicalNodeSDK"
}
export enum EventType {

0
backend/src/ee/models/auditLog/index.ts → backend-mongo/src/ee/models/auditLog/index.ts

0
backend/src/ee/models/auditLog/types.ts → backend-mongo/src/ee/models/auditLog/types.ts

0
backend/src/ee/models/folderVersion.ts → backend-mongo/src/ee/models/folderVersion.ts

0
backend/src/ee/models/gitAppInstallationSession.ts → backend-mongo/src/ee/models/gitAppInstallationSession.ts

0
backend/src/ee/models/gitAppOrganizationInstallation.ts → backend-mongo/src/ee/models/gitAppOrganizationInstallation.ts

0
backend/src/ee/models/gitRisks.ts → backend-mongo/src/ee/models/gitRisks.ts

0
backend/src/ee/models/index.ts → backend-mongo/src/ee/models/index.ts

0
backend/src/ee/models/role.ts → backend-mongo/src/ee/models/role.ts

0
backend/src/ee/models/secretApprovalPolicy.ts → backend-mongo/src/ee/models/secretApprovalPolicy.ts

Some files were not shown because too many files have changed in this diff Show More