diff --git a/cli/packages/cmd/secrets.go b/cli/packages/cmd/secrets.go index 4e1b09c9e8..e0b564f534 100644 --- a/cli/packages/cmd/secrets.go +++ b/cli/packages/cmd/secrets.go @@ -39,11 +39,16 @@ var secretsCmd = &cobra.Command{ } infisicalToken, err := util.GetInfisicalServiceToken(cmd) - if err != nil { util.HandleError(err, "Unable to parse flag") } + identityAccessToken, err := util.GetInfisicalUniversalAuthAccessToken(cmd) + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + + projectId, err := cmd.Flags().GetString("projectId") if err != nil { util.HandleError(err, "Unable to parse flag") } @@ -78,7 +83,7 @@ var secretsCmd = &cobra.Command{ util.HandleError(err, "Unable to parse flag") } - secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports, Recursive: recursive}, "") + secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, WorkspaceId: projectId, InfisicalToken: infisicalToken, UniversalAuthAccessToken: identityAccessToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: includeImports, Recursive: recursive}, "") if err != nil { util.HandleError(err) } @@ -403,7 +408,10 @@ func getSecretsByNames(cmd *cobra.Command, args []string) { } infisicalToken, err := util.GetInfisicalServiceToken(cmd) - + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + identityAccessToken, err := util.GetInfisicalUniversalAuthAccessToken(cmd) if err != nil { util.HandleError(err, "Unable to parse flag") } @@ -413,6 +421,11 @@ func getSecretsByNames(cmd *cobra.Command, args []string) { util.HandleError(err, "Unable to parse flag") } + projectId, err := cmd.Flags().GetString("projectId") + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + secretsPath, err := cmd.Flags().GetString("path") if err != nil { util.HandleError(err, "Unable to parse path flag") @@ -428,7 +441,7 @@ func getSecretsByNames(cmd *cobra.Command, args []string) { util.HandleError(err, "Unable to parse path flag") } - secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: true, Recursive: recursive}, "") + secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, WorkspaceId: projectId, InfisicalToken: infisicalToken, UniversalAuthAccessToken: identityAccessToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: true, Recursive: recursive}, "") if err != nil { util.HandleError(err, "To fetch all secrets") } @@ -476,7 +489,16 @@ func generateExampleEnv(cmd *cobra.Command, args []string) { } infisicalToken, err := util.GetInfisicalServiceToken(cmd) + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + identityAccessToken, err := util.GetInfisicalUniversalAuthAccessToken(cmd) + if err != nil { + util.HandleError(err, "Unable to parse flag") + } + + projectId, err := cmd.Flags().GetString("projectId") if err != nil { util.HandleError(err, "Unable to parse flag") } @@ -486,7 +508,7 @@ func generateExampleEnv(cmd *cobra.Command, args []string) { util.HandleError(err, "Unable to parse flag") } - secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, InfisicalToken: infisicalToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: true}, "") + secrets, err := util.GetAllEnvironmentVariables(models.GetAllSecretsParameters{Environment: environmentName, WorkspaceId: projectId, InfisicalToken: infisicalToken, UniversalAuthAccessToken: identityAccessToken, TagSlugs: tagSlugs, SecretsPath: secretsPath, IncludeImport: true}, "") if err != nil { util.HandleError(err, "To fetch all secrets") } @@ -686,19 +708,26 @@ func getSecretsByKeys(secrets []models.SingleEnvironmentVariable) map[string]mod func init() { secretsGenerateExampleEnvCmd.Flags().String("token", "", "Fetch secrets using the Infisical Token") + secretsGenerateExampleEnvCmd.Flags().String("universal-auth-client-id", "", "Machine Identity universal auth client ID") + secretsGenerateExampleEnvCmd.Flags().String("universal-auth-client-secret", "", "Machine Identity universal auth client secret") + secretsGenerateExampleEnvCmd.Flags().String("projectId", "", "manually set the projectId to fetch folders from for machine identity") secretsGenerateExampleEnvCmd.Flags().String("path", "/", "Fetch secrets from within a folder path") secretsCmd.AddCommand(secretsGenerateExampleEnvCmd) secretsGetCmd.Flags().String("token", "", "Fetch secrets using the Infisical Token") - secretsCmd.AddCommand(secretsGetCmd) + secretsGetCmd.Flags().String("universal-auth-client-id", "", "Machine Identity universal auth client ID") + secretsGetCmd.Flags().String("universal-auth-client-secret", "", "Machine Identity universal auth client secret") + secretsGetCmd.Flags().String("projectId", "", "manually set the projectId to fetch folders from for machine identity") secretsGetCmd.Flags().String("path", "/", "get secrets within a folder path") secretsGetCmd.Flags().Bool("raw-value", false, "Returns only the value of secret, only works with one secret") secretsGetCmd.Flags().Bool("recursive", false, "Fetch secrets from all sub-folders") + secretsCmd.AddCommand(secretsGetCmd) secretsCmd.Flags().Bool("secret-overriding", true, "Prioritizes personal secrets, if any, with the same name over shared secrets") secretsCmd.AddCommand(secretsSetCmd) secretsSetCmd.Flags().String("path", "/", "set secrets within a folder path") + // Only supports logged in users (JWT auth) secretsSetCmd.PersistentPreRun = func(cmd *cobra.Command, args []string) { util.RequireLogin() util.RequireLocalWorkspaceFile() @@ -707,6 +736,8 @@ func init() { secretsDeleteCmd.Flags().String("type", "personal", "the type of secret to delete: personal or shared (default: personal)") secretsDeleteCmd.Flags().String("path", "/", "get secrets within a folder path") secretsCmd.AddCommand(secretsDeleteCmd) + + // Only supports logged in users (JWT auth) secretsDeleteCmd.PersistentPreRun = func(cmd *cobra.Command, args []string) { util.RequireLogin() util.RequireLocalWorkspaceFile() @@ -718,6 +749,9 @@ func init() { // Add getCmd, createCmd and deleteCmd flags here getCmd.Flags().StringP("path", "p", "/", "The path from where folders should be fetched from") getCmd.Flags().String("token", "", "Fetch folders using the infisical token") + getCmd.Flags().String("universal-auth-client-id", "", "Machine Identity universal auth client ID") + getCmd.Flags().String("universal-auth-client-secret", "", "Machine Identity universal auth client secret") + getCmd.Flags().String("projectId", "", "manually set the projectId to fetch folders from for machine identity") folderCmd.AddCommand(getCmd) // Add createCmd flags here @@ -735,6 +769,9 @@ func init() { // ** End of folders sub command secretsCmd.Flags().String("token", "", "Fetch secrets using the Infisical Token") + secretsCmd.Flags().String("universal-auth-client-id", "", "Machine Identity universal auth client ID") + secretsCmd.Flags().String("universal-auth-client-secret", "", "Machine Identity universal auth client secret") + secretsCmd.Flags().String("projectId", "", "manually set the projectId to fetch folders from for machine identity") secretsCmd.PersistentFlags().String("env", "dev", "Used to select the environment name on which actions should be taken on") secretsCmd.Flags().Bool("expand", true, "Parse shell parameter expansions in your secrets") secretsCmd.Flags().Bool("include-imports", true, "Imported linked secrets ")