Secrets Sync #23667
Merged
Secrets Sync #23667
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* ember engine setup for secrets sync * Update ui/lib/sync/addon/routes.js Co-authored-by: claire bontempo <[email protected]> --------- Co-authored-by: claire bontempo <[email protected]>
github-actions
bot
added
the
hashicorp-contributed-pr
* adds mirage setup for sync endpoints * updates secret_name default in sync-association mirage factory
* add models * adapters * base model adapter * update test response * add sync destinations helper * finish renaming base destination model/adapter * add comment * add serializer * use normalizeItems instead * destination serializer test * add destination find method; * add conditional operand
* add models * adapters * base model adapter * update test response * add sync destinations helper * finish renaming base destination model/adapter * add comment * add serializer * doc-link helper * add version service * landing and overview component * overview page * add tests
* add models * adapters * base model adapter * update test response * add sync destinations helper * finish renaming base destination model/adapter * add comment * add serializer * doc-link helper * add version service * landing and overview component * overview page * build out serializer and adapters * update mirage * fix merge conflicts * one more conflict! * pull transformQueryResponse to separate method in adapter * move data transforming all to serializer and tests * add note to paginationd ocs docs * conditionally render CTA * add lazyPaginatedQuery method to destinations route * remove partial error
* add category to destinations * build select type page * refactor prompt config situation * routing for destinations * update select-type routing * make card width fixed * revert CTA routing change, keep shouldRenderOverview * add header for gif demo to form * cleanup scope * more scope cleanup * add test * add type selector * rename components * rename again * remove async * fix tests * fix select type rename in test * delete renamed test * fix import of general selectors * rename using component syntax
* add model attribute metadata * add form and save url, remove name and type from serializer * move checkbox list to form field helper * add styling to alert inline * use newly made class * fix cancel action and cleanup form * change quotes * remove checkbox action from form component * add tests * address feedback * add API error test * use create record method instead * adapter test for create record * return from find method if type is undefined
* refactor getter in base destination model * add getters back to model
* change labels to match params * add maskedParams to base model * add details route * add details view; * update mirage * fix secrets sync link; * delete parent destination route * add copyright header * add secrets route * move sync route outside of secrets/ route * upate mirage * export to-label * finish tests * make ternary * rename header tabs * fix selector in test
* remove destination header component, add headers/tabs to all routes * fix header padding * move tabs + toolbar back into component... * add copyright header * add delete modal * lol revert again * add extra line after copyright header
* adds route and page component for sync destinations list view * filters by type first for sync destinations * adds test for store.filterData method * Update ui/app/services/store.js Co-authored-by: Kianna <[email protected]> * updates nav link label for secrets sync * moves sync destinations types out of app-types * moves loading-dropdown-option component to core addon and adds to destination list item menu * change true assertion to deepEqual in sync destinations test * adds copyright header to sync-destinations type file * clear store dataset on sync destination create --------- Co-authored-by: Kianna <[email protected]>
* adds route and page component for sync destinations list view * filters by type first for sync destinations * adds test for store.filterData method * adds capabilities checks for sync destinations * removes canList from sync destinations capabilities * updates sync header tests * Update ui/tests/integration/components/sync/sync-header-test.js Co-authored-by: claire bontempo <[email protected]> * updates sync destination response serialization * updates sync destination serializer test * updates sync destinations page test assertions * fixes mirage sync destinations payload issue * removes commented out method in sync destination adapter * fixes inconsistencies with url generation for sync destinations delete * fixes sync destinations page test --------- Co-authored-by: claire bontempo <[email protected]>
* adds model, adapter and serializer for sync associations * updates sync association adapter save methods to use adapterOptions to determine action
* renames sync destination header component and adds tests * adds destination secrets route and page component * adds setup-models helper for sync testing * moves destination details test into subdir * adds destination secrets page component tests * adds controller for destination secrets route * fixes pagination route on destination secrets view * fixes sync association updated_at assertion based on timezone * updates kv secret details external route name
|
Build Results: |
zofskeez
force-pushed
the
ui/VAULT-17968/secrets-sync
branch
from
2c92663 to
b37e040
Compare
* add error substate * add loading substates * delete loading from secrets route
* removes is-version helper and injects service into components * updates sync tests using version service to new API * adds comment back for tracked property in secret detials page component
* updates filter-input component to conditionally show search icon * adds kv-suggestion-input component to core addon * updates destination sync page component to use KvSuggestionInput component * fixes issue in kv-suggestion-input where a partial search term was not replaced with the selected suggestion value * updates kv-suggestion-input to retain focus on suggestion click * fixes test * updates kv-suggestion-input to conditionally render label component * adds comments to kv-suggestion-input regarding trigger * moves alert banner in sync page below button set * moves inputId from getter to class property on kv-suggestion-input
* add form field groups to sync models * update create-and-edit form to use confirmLeave and enableInput component * enable input component * add more stars * update css comments * Update ui/app/styles/helper-classes/flexbox-and-grid.scss * make attrOptions optional * remove decorator * add env variables to subtexr * add subtext to textfile * fix overviwe transition bug * remove breadcrumbs to getter * WIP adapter update * update mirage response * add update method with PATCH * add patch to application adapter * fix typo * finish tests * remove validations because could use environment variables * use getter and setter in model * move update record business to serializer * rest of logic in serializer; gp ; gp * add model validation warnings * cleanup getters * pull create/update logic into method for mirage * add test for validation warning * update KV copy
* adds success banner to destination sync page * move submit disabled logic to getter in destination sync page * adds id and for attributes to kv mount input in sync page * hides sync success banner on submit
* use Sync secrets everywhere (remove new) * revert test name change
* fixes issues filtering destinations list * adds test
…ult into ui/VAULT-17968/secrets-sync
hashishaw
approved these changes
Dec 13, 2023
| accessKeyId; // obfuscated, never returned by API | ||
|
|
||
| @attr('string', { | ||
| label: 'Secret access key', |
There was a problem hiding this comment.
Should this and accessKeyId be masked inputs?
There was a problem hiding this comment.
They weren't in the designs 🤔 But this is a good question - we have a meeting scheduled to do a design review/walk through in the new year. I'll make a note to ask this!
| subText: | ||
| 'Client secret of an Azure app registration. If empty, Vault will use the AZURE_CLIENT_SECRET environment variable if configured.', | ||
| }) | ||
| clientSecret; // obfuscated, never returned by API |
There was a problem hiding this comment.
Same with this. Really any secrets should be masked, I would think.
There was a problem hiding this comment.
We don't mask them for OIDC config...but maybe that was built before we used that component
| }) | ||
| credentials; // obfuscated, never returned by API | ||
|
|
||
| // TODO - confirm if project_id is going to be added to READ response (not editable) |
There was a problem hiding this comment.
This is still a TODO 😞 - waiting for manually testing creds to confirm this
| <div class="tabs-container box is-bottomless is-marginless is-paddingless"> | ||
| <nav class="tabs" aria-label="destination tabs"> | ||
| <ul> | ||
| <LinkTo @route="secrets.overview" data-test-tab="Overview">Overview</LinkTo> |
There was a problem hiding this comment.
These need to be wrapped in <li>
Suggested change
| <LinkTo @route="secrets.overview" data-test-tab="Overview">Overview</LinkTo> | |
| <li><LinkTo @route="secrets.overview" data-test-tab="Overview">Overview</LinkTo></li> |
| <nav class="tabs" aria-label="destination tabs"> | ||
| <ul> | ||
| <LinkTo @route="secrets.overview" data-test-tab="Overview">Overview</LinkTo> | ||
| <LinkTo @route="secrets.destinations" data-test-tab="Destinations">Destinations</LinkTo> |
There was a problem hiding this comment.
Suggested change
| <LinkTo @route="secrets.destinations" data-test-tab="Destinations">Destinations</LinkTo> | |
| <li><LinkTo @route="secrets.destinations" data-test-tab="Destinations">Destinations</LinkTo></li> |
| </ul> | ||
| </nav> | ||
| </div> | ||
| <Toolbar> |
There was a problem hiding this comment.
This, ToolbarActions, and ToolbarLink needs aria-label
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for secrets syncing in the UI. The new sync enterprise feature enables users to sync KVv2 secrets in Vault to external destinations such as AWS Secrets Manager, Azure Key Vault and more.
Screen.Recording.2023-12-12.at.8.50.55.PM.mov