Skip to content

Commit

Permalink
Merge pull request #13 from DopplerHQ/nic/visibility-fixes
Browse files Browse the repository at this point in the history 
Add support for restricted secrets
  • Loading branch information
@nmanoogian
nmanoogian authored May 11, 2023
2 parents 80b45ec + d2eb916 commit edd1194
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 19 deletions.
13 changes: 7 additions & 6 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,22 +23,23 @@ jobs:

- name: Check If Tag Exists
id: tag
run: echo "exists=$([[ ! -z $(git tag -l "$TAG") ]] && echo true || echo false)" >> $GITHUB_OUTPUT;
run: echo "exists=$(gh release view "$TAG" &> /dev/null && echo "true" || echo "false")" >> $GITHUB_OUTPUT;
env:
TAG: ${{ steps.version.outputs.version }}
GH_TOKEN: ${{ github.token }}

- name: NPM Install
if: steps.tag.outputs.exists == false
if: steps.tag.outputs.exists == 'false'
run: npm ci

- name: Build Extension
id: build_extension
if: steps.tag.outputs.exists == false
if: steps.tag.outputs.exists == 'false'
run: npm run package && echo "extension_path=$(ls *.vsix)" >> $GITHUB_OUTPUT;

- name: Create release on GitHub
id: create_release
if: steps.tag.outputs.exists == false
if: steps.tag.outputs.exists == 'false'
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -49,7 +50,7 @@ jobs:
prerelease: false

- name: Upload extension as release asset to GitHub
if: steps.tag.outputs.exists == false
if: steps.tag.outputs.exists == 'false'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -60,7 +61,7 @@ jobs:
asset_content_type: application/zip

- name: Publish to Marketplace
if: steps.tag.outputs.exists == false
if: steps.tag.outputs.exists == 'false'
run: npm run publish
env:
VSCE_PAT: ${{ secrets.VSCE_PAT }}
4 changes: 2 additions & 2 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"description": "Edit your secrets where you edit your code, with 2 way sync.",
"publisher": "doppler",
"author": "doppler",
"version": "0.0.2",
"version": "0.0.3",
"license": "Apache-2.0",
"homepage": "https://github.com/dopplerhq/vscode",
"icon": "media/icon.png",
Expand Down
8 changes: 4 additions & 4 deletions src/lib/doppler/secrets.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,16 @@ import DopplerAuth from "./auth";
import DopplerRequest from "./request";

export interface DopplerSecrets {
[key: string]: string;
[key: string]: string | null;
}

export interface DopplerSecretsUpdate {
[key: string]: string | null;
}

interface DopplerSecretWithRaw {
raw: string;
computed: string;
raw: string | null;
computed: string | null;
}

interface DopplerSecretsWithRaw {
Expand Down Expand Up @@ -44,7 +44,7 @@ export class DopplerSecretsProvider {

public async fetchRaw(project: string, config: string): Promise<DopplerSecrets> {
const response = await this.request.get(`/v3/configs/config/secrets`, {
params: { project, config, include_managed_secrets: false },
params: { project, config, include_managed_secrets: false, raw_only: true },
});

const secretsWithRaw = response.secrets as DopplerSecretsWithRaw;
Expand Down
26 changes: 21 additions & 5 deletions src/lib/explorer/file_system_provider.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { EventEmitter, FileSystemProvider, FileChangeEvent, Event, FileType, Uri, Disposable } from "vscode";
import { EventEmitter, FileSystemProvider, FileChangeEvent, Event, FileType, Uri, Disposable, FileChangeType } from "vscode";
import * as yaml from "yaml";
import * as helpers from "../helpers";
import * as doppler from "../doppler";
Expand All @@ -7,6 +7,7 @@ import { TextEncoder, TextDecoder } from "util";
export default class DopplerFileSystemProvider implements FileSystemProvider {
// Required part of the FileSystemProvider interface
private _emitter = new EventEmitter<FileChangeEvent[]>();
private needsRefresh = false;
readonly onDidChangeFile: Event<FileChangeEvent[]> = this._emitter.event;

generateYAMLMessage() {
Expand All @@ -15,6 +16,9 @@ export default class DopplerFileSystemProvider implements FileSystemProvider {
"This file was generated by Doppler. When you make",
"changes to this file, they will be saved to your",
"config in Doppler as well.",
"",
"A `null` value indicates that the secret is restricted.",
"Restricted secrets may be overwritten but cannot be read.",
];
const longestLineLength = Math.max(...lines.map((el) => el.length)) + 1;
const paddingSpaces = Array(padding).join(" ");
Expand Down Expand Up @@ -43,20 +47,31 @@ export default class DopplerFileSystemProvider implements FileSystemProvider {
return `${comment}\n\n${yamlFile}`;
}

async getContent(uri: Uri) {
const { project, config } = helpers.parser.fromURI(uri);
return this.jsonToYAML(await doppler.secrets.fetchRaw(project, config));
}

async stat(uri: Uri) {
const content = await this.readFile(uri);
if (this.needsRefresh) {
setTimeout(() => {
this._emitter.fire([{ uri: uri, type: FileChangeType.Changed }]);
}, 0);
this.needsRefresh = false;
}

return {
type: FileType.File,
size: content.length,
// vscode will stat and readFile for each file read, it's much less expensive to report a 0-size file.
// This doesn't seem to have a significant impact otherwise.
size: 0,
ctime: Date.now(),
mtime: Date.now(),
};
}

async readFile(uri: Uri) {
const { project, config } = helpers.parser.fromURI(uri);
const content = this.jsonToYAML(await doppler.secrets.fetchRaw(project, config));
const content = await this.getContent(uri);
return new TextEncoder().encode(content);
}

Expand Down Expand Up @@ -84,6 +99,7 @@ export default class DopplerFileSystemProvider implements FileSystemProvider {
if (Object.keys(changed_secrets).length > 0) {
await doppler.secrets.update(project, config, changed_secrets);
}
this.needsRefresh = true;
}

watch(uri: Uri): Disposable {
Expand Down
2 changes: 1 addition & 1 deletion src/lib/hover/providers.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ async function hover(language: string, document: TextDocument, position: Positio
const text = ["**Doppler**", `Project: ${project}`, `Config: ${config}`].join("</br>");
const markdown = new MarkdownString();
markdown.appendMarkdown(text);
markdown.appendCodeblock(value);
markdown.appendCodeblock(value ?? "[RESTRICTED]");
markdown.supportHtml = true;
return new Hover(markdown);
}
Expand Down

0 comments on commit edd1194

Please sign in to comment.