added terraform useragent

Sdk/docs update 2

backend/src/ee/models/auditLog/enums.ts

@@ -8,7 +8,10 @@ export enum UserAgentType {
   WEB = "web",
   CLI = "cli",
   K8_OPERATOR = "k8-operator",
-  OTHER = "other"
+  TERRAFORM = "terraform",
+  OTHER = "other",
+  PYTHON_SDK = "InfisicalPythonSDK",
+  NODE_SDK = "InfisicalNodeSDK"
 }
 
 export enum EventType {

backend/src/helpers/rateLimiter.ts

@@ -10,7 +10,7 @@ export const apiLimiter = rateLimit({
   //   errorHandler: console.error.bind(null, 'rate-limit-mongo')
   // }),
   windowMs: 60 * 1000,
-  max: 350,
+  max: 480,
   standardHeaders: true,
   legacyHeaders: false,
   skip: (request) => {
@@ -30,7 +30,7 @@ const authLimit = rateLimit({
   //   collectionName: "expressRateRecords-authLimit",
   // }),
   windowMs: 60 * 1000,
-  max: 100,
+  max: 300,
   standardHeaders: true,
   legacyHeaders: false,
   keyGenerator: (req, res) => {
@@ -46,8 +46,8 @@ export const passwordLimiter = rateLimit({
   //   errorHandler: console.error.bind(null, 'rate-limit-mongo'),
   //   collectionName: "expressRateRecords-passwordLimiter",
   // }),
-  windowMs: 60 * 60 * 1000,
-  max: 10,
+  windowMs: 60 * 1000,
+  max: 300,
   standardHeaders: true,
   legacyHeaders: false,
   keyGenerator: (req, res) => {

backend/src/utils/posthog.ts

@@ -7,8 +7,14 @@ export const getUserAgentType = function (userAgent: string | undefined) {
     return UserAgentType.CLI;
   } else if (userAgent == UserAgentType.K8_OPERATOR) {
     return UserAgentType.K8_OPERATOR;
+  } else if (userAgent == UserAgentType.TERRAFORM) {
+    return UserAgentType.TERRAFORM;
   } else if (userAgent.toLowerCase().includes("mozilla")) {
     return UserAgentType.WEB;
+  } else if (userAgent.includes(UserAgentType.NODE_SDK)) {
+    return UserAgentType.NODE_SDK;
+  } else if (userAgent.includes(UserAgentType.PYTHON_SDK)) {
+    return UserAgentType.PYTHON_SDK;
   } else {
     return UserAgentType.OTHER;
   }

cli/packages/cmd/export.go

@@ -102,7 +102,7 @@ var exportCmd = &cobra.Command{
 
 		fmt.Print(output)
 
-		Telemetry.CaptureEvent("cli-command:export", posthog.NewProperties().Set("secretsCount", len(secrets)).Set("version", util.CLI_VERSION))
+		// Telemetry.CaptureEvent("cli-command:export", posthog.NewProperties().Set("secretsCount", len(secrets)).Set("version", util.CLI_VERSION))
 	},
 }
 

docs/sdks/languages/java.mdx

@@ -19,6 +19,7 @@ public class Example {
         ClientSettings settings = new ClientSettings();
         settings.setClientID("MACHINE_IDENTITY_CLIENT_ID");
         settings.setClientSecret("MACHINE_IDENTITY_CLIENT_SECRET");
+        settings.setCacheTTL(Long.valueOf(300)); // 300 seconds, 5 minutes
 
         InfisicalClient client = new InfisicalClient(settings);
 
@@ -88,6 +89,11 @@ public class App {
             An access token obtained from the machine identity login endpoint.
         </ParamField>
 
+        <ParamField query="setCacheTTL()" type="number" default="300" optional>
+            Time-to-live (in seconds) for refreshing cached secrets.
+            If manually set to 0, caching will be disabled, this is not recommended.
+        </ParamField>
+
         <ParamField query="setSiteURL()" type="string" default="https://app.infisical.com" optional>
             Your self-hosted absolute site URL including the protocol (e.g. `https://app.infisical.com`)
         </ParamField>
@@ -95,6 +101,10 @@ public class App {
 
 </ParamField>
 
+### Caching
+
+To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it's first fetched. Each time it's fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the "cacheTTL" option when creating the client.
+
 ## Working with Secrets
 
 ### client.listSecrets(options)
@@ -127,7 +137,11 @@ Retrieve all secrets within the Infisical project and environment that client is
             The path from where secrets should be fetched from.
         </ParamField>
 
-        <ParamField query="setIncludeImports" type="string" default="https://app.infisical.com" optional>
+        <ParamField query="setAttachToProcessEnv()" type="boolean" default="false" optional>
+             Whether or not to set the fetched secrets to the process environment. If true, you can access the secrets like so `System.getenv("SECRET_NAME")`.
+        </ParamField>
+
+        <ParamField query="setIncludeImports()" type="boolean" default="false" optional>
              Whether or not to include imported secrets from the current path. Read about [secret import](/documentation/platform/secret-reference)
         </ParamField>
     </Expandable>

docs/sdks/languages/node.mdx

@@ -104,6 +104,11 @@ Import the SDK and create a client instance with your [Machine Identity](/docume
             An access token obtained from the machine identity login endpoint.
         </ParamField>
 
+        <ParamField query="cacheTtl" type="number" default="300" optional>
+            Time-to-live (in seconds) for refreshing cached secrets.
+            If manually set to 0, caching will be disabled, this is not recommended.
+        </ParamField>
+
         <ParamField query="siteUrl" type="string" default="https://app.infisical.com" optional>
             Your self-hosted absolute site URL including the protocol (e.g. `https://app.infisical.com`)
         </ParamField>
@@ -113,6 +118,11 @@ Import the SDK and create a client instance with your [Machine Identity](/docume
     </Expandable>
 
 </ParamField>
+
+### Caching
+
+To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it's first fetched. Each time it's fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the "cacheTtl" option when creating the client.
+
 ## Working with Secrets
 
 ### client.listSecrets(options)
@@ -143,7 +153,11 @@ Retrieve all secrets within the Infisical project and environment that client is
             The path from where secrets should be fetched from.
         </ParamField>
 
-        <ParamField query="includeImports" type="string" default="https://app.infisical.com" optional>
+        <ParamField query="attachToProcessEnv" type="boolean" default="false" optional>
+            Whether or not to set the fetched secrets to the process environment. If true, you can access the secrets like so `process.env["SECRET_NAME"]`.
+        </ParamField>
+
+        <ParamField query="includeImports" type="false" default="boolean" optional>
              Whether or not to include imported secrets from the current path. Read about [secret import](/documentation/platform/secret-reference)
         </ParamField>
     </Expandable>

docs/sdks/languages/python.mdx

@@ -62,24 +62,40 @@ client = InfisicalClient(ClientSettings(
 
 ### Parameters
 
-    <ParamField query="client_id" type="string" optional>
-        Your Infisical Client ID.
-    </ParamField>
-     <ParamField query="client_secret" type="string" optional>
-        Your Infisical Client Secret.
-    </ParamField>
-    <ParamField query="access_token" type="string" optional>
-        If you want to directly pass an access token obtained from the authentication endpoints, you can do so.
-    </ParamField>
-    <ParamField
-      query="site_url"
-      type="string"
-      default="https://app.infisical.com"
-      optional
-    >
-      Your self-hosted absolute site URL including the protocol (e.g.
-      `https://app.infisical.com`)
-    </ParamField>
+<ParamField query="options" type="object">
+    <Expandable title="properties">
+        <ParamField query="client_id" type="string" optional>
+            Your Infisical Client ID.
+        </ParamField>
+        <ParamField query="client_secret" type="string" optional>
+            Your Infisical Client Secret.
+        </ParamField>
+        <ParamField query="access_token" type="string" optional>
+            If you want to directly pass an access token obtained from the authentication endpoints, you can do so.
+        </ParamField>
+
+        <ParamField query="cache_ttl" type="number" default="300" optional>
+            Time-to-live (in seconds) for refreshing cached secrets.
+            If manually set to 0, caching will be disabled, this is not recommended.
+        </ParamField>
+
+
+        <ParamField
+        query="site_url"
+        type="string"
+        default="https://app.infisical.com"
+        optional
+        >
+        Your self-hosted absolute site URL including the protocol (e.g.
+        `https://app.infisical.com`)
+        </ParamField>
+    </Expandable>
+
+</ParamField>
+
+### Caching
+
+To reduce the number of API requests, the SDK temporarily stores secrets it retrieves. By default, a secret remains cached for 5 minutes after it's first fetched. Each time it's fetched again, this 5-minute timer resets. You can adjust this caching duration by setting the "cache_ttl" option when creating the client.
 
 ## Working with Secrets
 
@@ -109,7 +125,11 @@ Retrieve all secrets within the Infisical project and environment that client is
             The path from where secrets should be fetched from.
         </ParamField>
 
-        <ParamField query="include_imports" type="string" default="https://app.infisical.com" optional>
+        <ParamField query="attach_to_process_env" type="boolean" default="false" optional>
+            Whether or not to set the fetched secrets to the process environment. If true, you can access the secrets like so `process.env["SECRET_NAME"]`.
+        </ParamField>
+
+        <ParamField query="include_imports" type="boolean" default="false" optional>
              Whether or not to include imported secrets from the current path. Read about [secret import](/documentation/platform/secret-reference)
         </ParamField>
     </Expandable>
@@ -148,7 +168,7 @@ By default, `getSecret()` fetches and returns a shared secret. If not found, it
         <ParamField query="type" type="string" optional>
             The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "personal".
         </ParamField>
-        <ParamField query="include_imports" type="string" default="https://app.infisical.com" optional>
+        <ParamField query="include_imports" type="boolean" default="false" optional>
             Whether or not to include imported secrets from the current path. Read about [secret import](/documentation/platform/secret-reference)
         </ParamField>
     </Expandable>

docs/sdks/overview.mdx

@@ -31,3 +31,23 @@ From local development to production, Infisical SDKs provide the easiest way for
         Manage secrets for your PHP application on demand
     </Card>
 </CardGroup>
+
+## FAQ
+
+<AccordionGroup>
+    <Accordion title="Isn't it inefficient if my app makes a request every time it needs a secret?">
+        The client SDK caches every secret and implements a 5-minute waiting period before re-requesting it. The waiting period can be controlled by
+        setting the `cacheTTL` parameter at the time of initializing the client.
+        
+        Note: The exact parameter name may differ depending on the language.
+    </Accordion>
+    <Accordion title="Can I attach the environment variables to my process environment?">
+        Yes you can! The client SDK provides a method to attach the secrets to your process environment. When using the `listSecrets()` method, you
+        can pass a `attachToProcessEnv` parameter, which tells the SDK to attach all the found secrets to your process environment.
+        
+        Note: The exact parameter name may differ depending on the language.
+    </Accordion>
+    <Accordion title="What if a request for a secret fails?">
+        The SDK caches every secret and falls back to the cached value if a request fails. If no cached value is found, and the request fails, then the SDK throws an error.
+    </Accordion>
+</AccordionGroup>

frontend/src/hooks/api/auditLogs/constants.tsx

@@ -50,5 +50,8 @@ export const userAgentTTypeoNameMap: { [K in UserAgentType]: string } = {
     [UserAgentType.WEB]: "Web",
     [UserAgentType.CLI]: "CLI",
     [UserAgentType.K8_OPERATOR]: "K8s operator",
+    [UserAgentType.TERRAFORM]: "Terraform",
+    [UserAgentType.NODE_SDK]: "InfisicalNodeSDK",
+    [UserAgentType.PYTHON_SDK]: "InfisicalPythonSDK",
     [UserAgentType.OTHER]: "Other",
 };

frontend/src/hooks/api/auditLogs/enums.tsx

@@ -8,6 +8,9 @@ export enum UserAgentType {
   WEB = "web",
   CLI = "cli",
   K8_OPERATOR = "k8-operator",
+  TERRAFORM = "terraform",
+  NODE_SDK = "node-sdk",
+  PYTHON_SDK = "python-sdk",
   OTHER = "other"
 }