github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 07:28:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

improvement: refine and expand secret sync ovewrite destination initial sync behavior warnings

Browse Source
This commit is contained in:
Scott Wilson
2025-12-10 10:25:39 -08:00
parent 56dd171cf0
commit 539daf9316
1 changed files with 26 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
frontend/src/components/secret-syncs/forms/SecretSyncOptionsFields/SecretSyncOptionsFields.tsx
View File

@@ -9,7 +9,11 @@ import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
import { FormControl, Input, Select, SelectItem, Switch, Tooltip } from "@app/components/v2";
import { SECRET_SYNC_INITIAL_SYNC_BEHAVIOR_MAP, SECRET_SYNC_MAP } from "@app/helpers/secretSyncs";
import { SecretSync, useSecretSyncOption } from "@app/hooks/api/secretSyncs";
import {
SecretSync,
SecretSyncInitialSyncBehavior,
useSecretSyncOption
} from "@app/hooks/api/secretSyncs";
import { TSecretSyncForm } from "../schemas";
import { AwsParameterStoreSyncOptionsFields } from "./AwsParameterStoreSyncOptionsFields";
@@ -139,13 +143,25 @@ export const SecretSyncOptionsFields = ({ hideInitialSync }: Props) => {
</FormControl>
)}
/>
{!syncOption?.canImportSecrets && (
{!syncOption?.canImportSecrets ? (
<p className="-mt-2.5 mb-2.5 text-xs text-yellow">
<FontAwesomeIcon className="mr-1" size="xs" icon={faTriangleExclamation} />
{destinationName} only supports overwriting destination secrets.{" "}
{!currentSyncOption.disableSecretDeletion &&
"Secrets not present in Infisical will be removed from the destination."}
`Secrets not present in Infisical will be removed from the destination. Consider adding a key schema or disabling secret deletion if you do not want existing secrets to be removed from ${destinationName}.`}
</p>
) : (
currentSyncOption.initialSyncBehavior ===
SecretSyncInitialSyncBehavior.OverwriteDestination &&
!currentSyncOption.disableSecretDeletion && (
<p className="-mt-2.5 mb-2.5 text-xs text-yellow">
<FontAwesomeIcon className="mr-1" size="xs" icon={faTriangleExclamation} />
Secrets not present in Infisical will be removed from the destination. If you have
secrets in {destinationName} that you do not want deleted, consider setting initial
sync behavior to import destination secrets. Alternatively, configure a key schema
or disable secret deletion below to have Infisical ignore these secrets.
</p>
)
)}
</>
)}
@@ -183,26 +199,26 @@ export const SecretSyncOptionsFields = ({ hideInitialSync }: Props) => {
className="max-w-md"
content={
<span>
We highly recommend using a{" "}
We highly recommend configuring a{" "}
<a
href="https://infisical.com/docs/integrations/secret-syncs/overview#key-schemas"
target="_blank"
rel="noopener noreferrer"
className="underline"
>
Key Schema
key schema
</a>{" "}
to ensure that Infisical only manages the specific keys you intend, keeping
everything else untouched.
to ensure that Infisical only manages secrets in {destinationName} that match
the key pattern.
<br />
<br />
Destination secrets that do not match the schema will not be deleted or updated.
</span>
}
>
<div>
<span>Infisical strongly advises setting a Key Schema</span>{" "}
<FontAwesomeIcon icon={faCircleInfo} className="text-mineshaft-400" />
<div className="text-info">
<span>Infisical strongly advises configuring a key schema</span>{" "}
<FontAwesomeIcon icon={faCircleInfo} />
</div>
</Tooltip>
}