github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 07:58:15 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add Northflank sync features and enhance documentation

Browse Source 
- Implemented new Northflank sync functionality, including routes for listing secret groups and managing syncs.
- Added types and schemas for Northflank projects and secret groups to improve data handling.
- Updated frontend components to support Northflank sync configuration and review.
- Enhanced API documentation with detailed instructions for Northflank integration and usage.
- Included new images and examples in the documentation for better clarity.
This commit is contained in:
Victor Santos
2025-10-22 21:33:07 -03:00
parent 9eec95b427
commit 9fb9ef1c83
48 changed files with 776 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/lib/api-docs/constants.ts
View File

@@ -2607,6 +2607,12 @@ export const SecretSyncs = {
siteName: "The name of the Netlify site to sync secrets to.",
siteId: "The ID of the Netlify site to sync secrets to.",
context: "The Netlify context to sync secrets to."
},
NORTHFLANK: {
projectId: "The ID of the Northflank project to sync secrets to.",
projectName: "The name of the Northflank project to sync secrets to.",
secretGroupId: "The ID of the Northflank secret group to sync secrets to.",
secretGroupName: "The name of the Northflank secret group to sync secrets to."
}
}
};

34
backend/src/server/routes/v1/app-connection-routers/northflank-connection-router.ts
View File

@@ -50,4 +50,38 @@ export const registerNorthflankConnectionRouter = async (server: FastifyZodProvi
return { projects };
}
});
server.route({
method: "GET",
url: `/:connectionId/projects/:projectId/secret-groups`,
config: {
rateLimit: readLimit
},
schema: {
params: z.object({
connectionId: z.string().uuid(),
projectId: z.string()
}),
response: {
200: z.object({
secretGroups: z
.object({
name: z.string(),
id: z.string()
})
.array()
})
}
},
onRequest: verifyAuth([AuthMode.JWT]),
handler: async (req) => {
const { connectionId, projectId } = req.params;
const secretGroups = await server.services.appConnection.northflank.listSecretGroups(
connectionId,
projectId,
req.permission
);
return { secretGroups };
}
});
};

43
backend/src/services/app-connection/northflank/northflank-connection-fns.ts
View File

@@ -5,7 +5,12 @@ import { BadRequestError } from "@app/lib/errors";
import { AppConnection } from "@app/services/app-connection/app-connection-enums";
import { NorthflankConnectionMethod } from "./northflank-connection-enums";
import { TNorthflankConnection, TNorthflankConnectionConfig, TNorthflankProject } from "./northflank-connection-types";
import {
TNorthflankConnection,
TNorthflankConnectionConfig,
TNorthflankProject,
TNorthflankSecretGroup
} from "./northflank-connection-types";
const NORTHFLANK_API_URL = "https://api.northflank.com";
@@ -71,3 +76,39 @@ export const listProjects = async (appConnection: TNorthflankConnection): Promis
});
}
};
export const listSecretGroups = async (
appConnection: TNorthflankConnection,
projectId: string
): Promise<TNorthflankSecretGroup[]> => {
const { credentials } = appConnection;
try {
const {
data: {
data: { secrets }
}
} = await request.get<{ data: { secrets: TNorthflankSecretGroup[] } }>(
`${NORTHFLANK_API_URL}/v1/projects/${projectId}/secrets`,
{
headers: {
Authorization: `Bearer ${credentials.apiToken}`,
Accept: "application/json"
}
}
);
return secrets;
} catch (error: unknown) {
if (error instanceof AxiosError) {
throw new BadRequestError({
message: `Failed to list Northflank secret groups: ${error.message || "Unknown error"}`
});
}
throw new BadRequestError({
message: "Unable to list Northflank secret groups",
error
});
}
};

26
backend/src/services/app-connection/northflank/northflank-connection-service.ts
View File

@@ -2,8 +2,11 @@ import { logger } from "@app/lib/logger";
import { OrgServiceActor } from "@app/lib/types";
import { AppConnection } from "../app-connection-enums";
import { listProjects as getNorthflankProjects } from "./northflank-connection-fns";
import { TNorthflankConnection } from "./northflank-connection-types";
import {
listProjects as getNorthflankProjects,
listSecretGroups as getNorthflankSecretGroups
} from "./northflank-connection-fns";
import { TNorthflankConnection, TNorthflankSecretGroup } from "./northflank-connection-types";
type TGetAppConnectionFunc = (
app: AppConnection,
@@ -24,7 +27,24 @@ export const northflankConnectionService = (getAppConnection: TGetAppConnectionF
}
};
const listSecretGroups = async (
connectionId: string,
projectId: string,
actor: OrgServiceActor
): Promise<TNorthflankSecretGroup[]> => {
const appConnection = await getAppConnection(AppConnection.Northflank, connectionId, actor);
try {
const secretGroups = await getNorthflankSecretGroups(appConnection, projectId);
return secretGroups;
} catch (error) {
logger.error({ error, connectionId, projectId, actor: actor.type }, "Failed to list Northflank secret groups");
return [];
}
};
return {
listProjects
listProjects,
listSecretGroups
};
};

5
backend/src/services/app-connection/northflank/northflank-connection-types.ts
View File

@@ -28,3 +28,8 @@ export type TNorthflankProject = {
id: string;
name: string;
};
export type TNorthflankSecretGroup = {
id: string;
name: string;
};

135
backend/src/services/secret-sync/northflank/northflank-sync-fns.ts
View File

@@ -1,22 +1,123 @@
import { logger } from "@app/lib/logger";
import { TSecretMap, TSecretSyncWithCredentials } from "@app/services/secret-sync/secret-sync-types";
import { request } from "@app/lib/config/request";
import { matchesSchema } from "@app/services/secret-sync/secret-sync-fns";
import { TSecretMap } from "@app/services/secret-sync/secret-sync-types";
export const NorthflankSyncFns = {
syncSecrets: async (secretSync: TSecretSyncWithCredentials, secretMap: TSecretMap): Promise<void> => {
// TODO: Will be implemented in the follow up PR
logger.error({ secretSync, secretMap }, "Northflank secret sync not yet implemented");
throw new Error("Northflank secret sync not yet implemented");
},
import { SecretSyncError } from "../secret-sync-errors";
import { TNorthflankSyncWithCredentials } from "./northflank-sync-types";
getSecrets: async (secretSync: TSecretSyncWithCredentials): Promise<TSecretMap> => {
// TODO: Will be implemented in the follow up PR
logger.error({ secretSync }, "Northflank secret retrieval not yet implemented");
throw new Error("Northflank secret retrieval not yet implemented");
},
const NORTHFLANK_API_URL = "https://api.northflank.com";
removeSecrets: async (secretSync: TSecretSyncWithCredentials, secretMap: TSecretMap): Promise<void> => {
// TODO: Will be implemented in the follow up PR
logger.error({ secretSync, secretMap }, "Northflank secret removal not yet implemented");
throw new Error("Northflank secret removal not yet implemented");
const getNorthflankSecrets = async (secretSync: TNorthflankSyncWithCredentials): Promise<Record<string, string>> => {
const {
destinationConfig: { projectId, secretGroupId },
connection: {
credentials: { apiToken }
}
} = secretSync;
try {
const {
data: {
data: {
secrets: { variables }
}
}
} = await request.get<{
data: {
secrets: {
variables: Record<string, string>;
};
};
}>(`${NORTHFLANK_API_URL}/v1/projects/${projectId}/secrets/${secretGroupId}/details`, {
headers: {
Authorization: `Bearer ${apiToken}`,
Accept: "application/json"
}
});
return variables;
} catch (error: unknown) {
throw new SecretSyncError({
error,
message: "Failed to fetch Northflank secrets"
});
}
};
const updateNorthflankSecrets = async (
secretSync: TNorthflankSyncWithCredentials,
variables: Record<string, string>
): Promise<void> => {
const {
destinationConfig: { projectId, secretGroupId },
connection: {
credentials: { apiToken }
}
} = secretSync;
try {
await request.patch(
`${NORTHFLANK_API_URL}/v1/projects/${projectId}/secrets/${secretGroupId}`,
{
secrets: {
variables
}
},
{
headers: {
Authorization: `Bearer ${apiToken}`,
Accept: "application/json"
}
}
);
} catch (error: unknown) {
throw new SecretSyncError({
error,
message: "Failed to update Northflank secrets"
});
}
};
export const NorthflankSyncFns = {
syncSecrets: async (secretSync: TNorthflankSyncWithCredentials, secretMap: TSecretMap): Promise<void> => {
const northflankSecrets = await getNorthflankSecrets(secretSync);
const updatedVariables: Record<string, string> = {};
for (const [key, value] of Object.entries(northflankSecrets)) {
const shouldKeep =
!secretMap[key] && // this prevents duplicates from infisical secrets, because we add all of them to the updateVariables in the next loop
(secretSync.syncOptions.disableSecretDeletion ||
!matchesSchema(key, secretSync.environment?.slug || "", secretSync.syncOptions.keySchema));
if (shouldKeep) {
updatedVariables[key] = value;
}
}
for (const [key, { value }] of Object.entries(secretMap)) {
updatedVariables[key] = value;
}
await updateNorthflankSecrets(secretSync, updatedVariables);
},
getSecrets: async (secretSync: TNorthflankSyncWithCredentials): Promise<TSecretMap> => {
const northflankSecrets = await getNorthflankSecrets(secretSync);
return Object.fromEntries(Object.entries(northflankSecrets).map(([key, value]) => [key, { value }]));
},
removeSecrets: async (secretSync: TNorthflankSyncWithCredentials, secretMap: TSecretMap): Promise<void> => {
const northflankSecrets = await getNorthflankSecrets(secretSync);
const updatedVariables: Record<string, string> = {};
for (const [key, value] of Object.entries(northflankSecrets)) {
if (!(key in secretMap)) {
updatedVariables[key] = value;
}
}
await updateNorthflankSecrets(secretSync, updatedVariables);
}
};

15
backend/src/services/secret-sync/northflank/northflank-sync-schemas.ts
View File

@@ -1,5 +1,6 @@
import { z } from "zod";
import { SecretSyncs } from "@app/lib/api-docs";
import { AppConnection } from "@app/services/app-connection/app-connection-enums";
import { SecretSync } from "@app/services/secret-sync/secret-sync-enums";
import {
@@ -10,8 +11,18 @@ import {
import { TSyncOptionsConfig } from "@app/services/secret-sync/secret-sync-types";
const NorthflankSyncDestinationConfigSchema = z.object({
// TODO: Will be implemented in the follow up secret sync PR
placeholder: z.string().optional()
projectId: z
.string()
.trim()
.min(1, "Project ID is required")
.describe(SecretSyncs.DESTINATION_CONFIG.NORTHFLANK.projectId),
projectName: z.string().trim().optional().describe(SecretSyncs.DESTINATION_CONFIG.NORTHFLANK.projectName),
secretGroupId: z
.string()
.trim()
.min(1, "Secret Group ID is required")
.describe(SecretSyncs.DESTINATION_CONFIG.NORTHFLANK.secretGroupId),
secretGroupName: z.string().trim().optional().describe(SecretSyncs.DESTINATION_CONFIG.NORTHFLANK.secretGroupName)
});
const NorthflankSyncOptionsConfig: TSyncOptionsConfig = { canImportSecrets: true };

4
docs/api-reference/endpoints/secret-syncs/northflank/create.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Create"
openapi: "POST /api/v1/secret-syncs/northflank"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/delete.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Delete"
openapi: "DELETE /api/v1/secret-syncs/northflank/{syncId}"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/get-by-id.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by ID"
openapi: "GET /api/v1/secret-syncs/northflank/{syncId}"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/get-by-name.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Get by Name"
openapi: "GET /api/v1/secret-syncs/northflank/sync-name/{syncName}"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/import-secrets.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Import Secrets"
openapi: "POST /api/v1/secret-syncs/northflank/{syncId}/import-secrets"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/list.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "List"
openapi: "GET /api/v1/secret-syncs/northflank"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/remove-secrets.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Remove Secrets"
openapi: "POST /api/v1/secret-syncs/northflank/{syncId}/remove-secrets"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/sync-secrets.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Sync Secrets"
openapi: "POST /api/v1/secret-syncs/northflank/{syncId}/sync-secrets"
---

4
docs/api-reference/endpoints/secret-syncs/northflank/update.mdx Normal file
View File

@@ -0,0 +1,4 @@
---
title: "Update"
openapi: "PATCH /api/v1/secret-syncs/northflank/{syncId}"
---

15
docs/docs.json
View File

@@ -555,6 +555,7 @@
"integrations/secret-syncs/humanitec",
"integrations/secret-syncs/laravel-forge",
"integrations/secret-syncs/netlify",
"integrations/secret-syncs/northflank",
"integrations/secret-syncs/oci-vault",
"integrations/secret-syncs/railway",
"integrations/secret-syncs/render",
@@ -2312,6 +2313,20 @@
"api-reference/endpoints/secret-syncs/netlify/remove-secrets"
]
},
{
"group": "Northflank",
"pages": [
"api-reference/endpoints/secret-syncs/northflank/list",
"api-reference/endpoints/secret-syncs/northflank/get-by-id",
"api-reference/endpoints/secret-syncs/northflank/get-by-name",
"api-reference/endpoints/secret-syncs/northflank/create",
"api-reference/endpoints/secret-syncs/northflank/update",
"api-reference/endpoints/secret-syncs/northflank/delete",
"api-reference/endpoints/secret-syncs/northflank/sync-secrets",
"api-reference/endpoints/secret-syncs/northflank/import-secrets",
"api-reference/endpoints/secret-syncs/northflank/remove-secrets"
]
},
{
"group": "OCI",
"pages": [

0
docs/images/app-connections/northflank/step-4.png → docs/images/app-connections/northflank/step-4-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 21 KiB

After

Width:  |  Height:  |  Size: 21 KiB

BIN
docs/images/app-connections/northflank/step-4-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 40 KiB

BIN
docs/images/secret-syncs/northflank/configure-destination.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 129 KiB

BIN
docs/images/secret-syncs/northflank/configure-details.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
docs/images/secret-syncs/northflank/configure-source.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 107 KiB

BIN
docs/images/secret-syncs/northflank/configure-sync-options.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 132 KiB

BIN
docs/images/secret-syncs/northflank/review-configuration.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 131 KiB

BIN
docs/images/secret-syncs/northflank/select-option.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 142 KiB

BIN
docs/images/secret-syncs/northflank/sync-created.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 105 KiB

6
docs/integrations/app-connections/northflank.mdx
View File

@@ -27,7 +27,11 @@ Infisical supports the use of [API Tokens](https://northflank.com/docs/v1/api/us
Add the **Projects** -> **Manage** -> **Read** permission.
![Create API Role](/images/app-connections/northflank/step-4.png)
![Create API Role](/images/app-connections/northflank/step-4-1.png)
Add the **Config & Secrets** -> **Secret Groups** -> **List**, **Update** and **Read Values** permissions.
![Create API Role](/images/app-connections/northflank/step-4-2.png)
Scroll to the bottom and save the API role.
</Step>

160
docs/integrations/secret-syncs/northflank.mdx Normal file
View File

@@ -0,0 +1,160 @@
---
title: "Northflank Sync"
description: "Learn how to configure a Northflank Sync for Infisical."
---
**Prerequisites:**
- Create a [Northflank Connection](/integrations/app-connections/northflank)
<Tabs>
<Tab title="Infisical UI">
<Steps>
<Step title="Add Sync">
Navigate to **Project** > **Integrations** and select the **Secret Syncs** tab. Click on the **Add Sync** button.
![Secret Syncs Tab](/images/secret-syncs/general/secret-sync-tab.png)
</Step>
<Step title="Select 'Northflank'">
![Select Northflank](/images/secret-syncs/northflank/select-option.png)
</Step>
<Step title="Configure source">
Configure the **Source** from where secrets should be retrieved, then click **Next**.
![Configure Source](/images/secret-syncs/northflank/configure-source.png)
- **Environment**: The project environment to retrieve secrets from.
- **Secret Path**: The folder path to retrieve secrets from.
<Tip>
If you need to sync secrets from multiple folder locations, check out [secret imports](/documentation/platform/secret-reference#secret-imports).
</Tip>
</Step>
<Step title="Configure destination">
Configure the **Destination** to where secrets should be deployed, then click **Next**.
![Configure Destination](/images/secret-syncs/northflank/configure-destination.png)
- **Northflank Connection**: The Northflank Connection to authenticate with.
- **Project**: The Northflank project to sync secrets to.
- **Secret Group**: The Northflank secret group to sync secrets to.
</Step>
<Step title="Configure sync options">
Configure the **Sync Options** to specify how secrets should be synced, then click **Next**.
![Configure Sync Options](/images/secret-syncs/northflank/configure-sync-options.png)
- **Initial Sync Behavior**: Determines how Infisical should resolve the initial sync.
- **Overwrite Destination Secrets**: Removes any secrets at the destination endpoint not present in Infisical.
- **Import Destination Secrets - Prioritize Infisical Values**: Imports any secrets present in the Northflank destination prior to syncing, prioritizing values from Infisical over Northflank when keys conflict.
- **Import Destination Secrets - Prioritize Northflank Values**: Imports any secrets present in the Northflank destination prior to syncing, prioritizing values from Northflank over Infisical when keys conflict.
- **Key Schema**: Template that determines how secret names are transformed when syncing, using `{{secretKey}}` as a placeholder for the original secret name and `{{environment}}` for the environment.
<Note>
We highly recommend using a Key Schema to ensure that Infisical only manages the specific keys you intend, keeping everything else untouched.
</Note>
- **Auto-Sync Enabled**: If enabled, secrets will automatically be synced from the source location when changes occur. Disable to enforce manual syncing only.
- **Disable Secret Deletion**: If enabled, Infisical will not remove secrets from the sync destination. Enable this option if you intend to manage some secrets manually outside of Infisical.
</Step>
<Step title="Configure details">
Configure the **Details** of your Northflank Sync, then click **Next**.
![Configure Details](/images/secret-syncs/northflank/configure-details.png)
- **Name**: The name of your sync. Must be slug-friendly.
- **Description**: An optional description for your sync.
</Step>
<Step title="Review configuration">
Review your Northflank Sync configuration, then click **Create Sync**.
![Review Configuration](/images/secret-syncs/northflank/review-configuration.png)
</Step>
<Step title="Sync created">
If enabled, your Northflank Sync will begin syncing your secrets to the destination endpoint.
![Sync Created](/images/secret-syncs/northflank/sync-created.png)
</Step>
</Steps>
</Tab>
<Tab title="API">
To create a **Northflank Sync**, make an API request to the [Create Northflank Sync](/api-reference/endpoints/secret-syncs/northflank/create) API endpoint.
### Sample request
```bash Request
curl --request POST \
--url https://app.infisical.com/api/v1/secret-syncs/northflank \
--header 'Content-Type: application/json' \
--data '{
"name": "my-northflank-sync",
"projectId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"description": "an example sync",
"connectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"environment": "dev",
"secretPath": "/my-secrets",
"isAutoSyncEnabled": true,
"syncOptions": {
"initialSyncBehavior": "overwrite-destination",
"keySchema": "INFISICAL_{{secretKey}}"
},
"destinationConfig": {
"projectId": "my-project-id",
"secretGroupId": "my-secret-group-id"
}
}'
```
### Sample response
```bash Response
{
"secretSync": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"name": "my-northflank-sync",
"description": "an example sync",
"isAutoSyncEnabled": true,
"version": 1,
"folderId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"connectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"createdAt": "2023-11-07T05:31:56Z",
"updatedAt": "2023-11-07T05:31:56Z",
"syncStatus": "succeeded",
"lastSyncJobId": "123",
"lastSyncMessage": null,
"lastSyncedAt": "2023-11-07T05:31:56Z",
"importStatus": null,
"lastImportJobId": null,
"lastImportMessage": null,
"lastImportedAt": null,
"removeStatus": null,
"lastRemoveJobId": null,
"lastRemoveMessage": null,
"lastRemovedAt": null,
"syncOptions": {
"initialSyncBehavior": "overwrite-destination",
"keySchema": "INFISICAL_{{secretKey}}",
"disableSecretDeletion": false
},
"projectId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"connection": {
"app": "northflank",
"name": "my-northflank-connection",
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
},
"environment": {
"slug": "dev",
"name": "Development",
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
},
"folder": {
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"path": "/my-secrets"
},
"destination": "northflank",
"destinationConfig": {
"projectId": "my-project-id",
"secretGroupId": "my-secret-group-id"
}
}
}
```
</Tab>
</Tabs>

123
frontend/src/components/secret-syncs/forms/SecretSyncDestinationFields/NorthflankSyncFields.tsx Normal file
View File

@@ -0,0 +1,123 @@
import { Controller, useFormContext, useWatch } from "react-hook-form";
import { SingleValue } from "react-select";
import { faCircleInfo } from "@fortawesome/free-solid-svg-icons";
import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
import { SecretSyncConnectionField } from "@app/components/secret-syncs/forms/SecretSyncConnectionField";
import { FilterableSelect, FormControl, Tooltip } from "@app/components/v2";
import {
TNorthflankProject,
TNorthflankSecretGroup,
useNorthflankConnectionListProjects,
useNorthflankConnectionListSecretGroups
} from "@app/hooks/api/appConnections/northflank";
import { SecretSync } from "@app/hooks/api/secretSyncs";
import { TSecretSyncForm } from "../schemas";
export const NorthflankSyncFields = () => {
const { control, setValue } = useFormContext<
TSecretSyncForm & { destination: SecretSync.Northflank }
>();
const connectionId = useWatch({ name: "connection.id", control });
const projectId = useWatch({ name: "destinationConfig.projectId", control });
const { data: projects = [], isPending: isProjectsLoading } = useNorthflankConnectionListProjects(
connectionId,
{
enabled: Boolean(connectionId)
}
);
const { data: secretGroups = [], isPending: isSecretGroupsLoading } =
useNorthflankConnectionListSecretGroups(connectionId, projectId, {
enabled: Boolean(connectionId) && Boolean(projectId)
});
return (
<>
<SecretSyncConnectionField
onChange={() => {
setValue("destinationConfig.projectId", "");
setValue("destinationConfig.projectName", "");
setValue("destinationConfig.secretGroupId", "");
setValue("destinationConfig.secretGroupName", "");
}}
/>
<Controller
name="destinationConfig.projectId"
control={control}
render={({ field: { value, onChange }, fieldState: { error } }) => (
<FormControl
isError={Boolean(error)}
errorText={error?.message}
label="Project"
isRequired
helperText={
<Tooltip content="Ensure the project exists in the connection's Northflank team and the connection has access to it.">
<div>
<span>Don&#39;t see the project you&#39;re looking for?</span>{" "}
<FontAwesomeIcon icon={faCircleInfo} className="text-mineshaft-400" />
</div>
</Tooltip>
}
>
<FilterableSelect
menuPlacement="top"
isLoading={isProjectsLoading && Boolean(connectionId)}
isDisabled={!connectionId}
value={projects.find((p) => p.id === value) ?? null}
onChange={(option) => {
const v = option as SingleValue<TNorthflankProject>;
onChange(v?.id ?? null);
setValue("destinationConfig.projectName", v?.name ?? "");
setValue("destinationConfig.secretGroupId", "");
setValue("destinationConfig.secretGroupName", "");
}}
options={projects}
placeholder="Select a project..."
getOptionLabel={(option) => option.name}
getOptionValue={(option) => option.id}
/>
</FormControl>
)}
/>
<Controller
name="destinationConfig.secretGroupId"
control={control}
render={({ field: { value, onChange }, fieldState: { error } }) => (
<FormControl
isError={Boolean(error)}
errorText={error?.message}
label="Secret Group"
isRequired
helperText={
<Tooltip content="Ensure the secret group exists in the connection's Northflank project and the connection has access to it.">
<div>
<span>Don&#39;t see the secret group you&#39;re looking for?</span>{" "}
<FontAwesomeIcon icon={faCircleInfo} className="text-mineshaft-400" />
</div>
</Tooltip>
}
>
<FilterableSelect
isLoading={isSecretGroupsLoading && Boolean(projectId)}
isDisabled={!projectId}
value={secretGroups.find((sg) => sg.id === value) ?? null}
onChange={(option) => {
const v = option as SingleValue<TNorthflankSecretGroup>;
onChange(v?.id ?? null);
setValue("destinationConfig.secretGroupName", v?.name ?? "");
}}
options={secretGroups}
placeholder="Select a secret group..."
getOptionLabel={(option) => option.name}
getOptionValue={(option) => option.id}
/>
</FormControl>
)}
/>
</>
);
};

3
frontend/src/components/secret-syncs/forms/SecretSyncDestinationFields/SecretSyncDestinationFields.tsx
View File

@@ -25,6 +25,7 @@ import { HerokuSyncFields } from "./HerokuSyncFields";
import { HumanitecSyncFields } from "./HumanitecSyncFields";
import { LaravelForgeSyncFields } from "./LaravelForgeSyncFields";
import { NetlifySyncFields } from "./NetlifySyncFields";
import { NorthflankSyncFields } from "./NorthflankSyncFields";
import { OCIVaultSyncFields } from "./OCIVaultSyncFields";
import { RailwaySyncFields } from "./RailwaySyncFields";
import { RenderSyncFields } from "./RenderSyncFields";
@@ -103,6 +104,8 @@ export const SecretSyncDestinationFields = () => {
return <BitbucketSyncFields />;
case SecretSync.LaravelForge:
return <LaravelForgeSyncFields />;
case SecretSync.Northflank:
return <NorthflankSyncFields />;
default:
throw new Error(`Unhandled Destination Config Field: ${destination}`);
}

1
frontend/src/components/secret-syncs/forms/SecretSyncOptionsFields/SecretSyncOptionsFields.tsx
View File

@@ -68,6 +68,7 @@ export const SecretSyncOptionsFields = ({ hideInitialSync }: Props) => {
case SecretSync.Supabase:
case SecretSync.DigitalOceanAppPlatform:
case SecretSync.Netlify:
case SecretSync.Northflank:
case SecretSync.Bitbucket:
case SecretSync.LaravelForge:
AdditionalSyncOptionsFieldsComponent = null;

20
frontend/src/components/secret-syncs/forms/SecretSyncReviewFields/NorthflankSyncReviewFields.tsx Normal file
View File

@@ -0,0 +1,20 @@
import { useFormContext } from "react-hook-form";
import { TSecretSyncForm } from "@app/components/secret-syncs/forms/schemas";
import { GenericFieldLabel } from "@app/components/v2";
import { SecretSync } from "@app/hooks/api/secretSyncs";
export const NorthflankSyncReviewFields = () => {
const { watch } = useFormContext<TSecretSyncForm & { destination: SecretSync.Northflank }>();
const projectName = watch("destinationConfig.projectName");
const projectId = watch("destinationConfig.projectId");
const secretGroupName = watch("destinationConfig.secretGroupName");
const secretGroupId = watch("destinationConfig.secretGroupId");
return (
<>
<GenericFieldLabel label="Project">{projectName || projectId}</GenericFieldLabel>
<GenericFieldLabel label="Secret Group">{secretGroupName || secretGroupId}</GenericFieldLabel>
</>
);
};

4
frontend/src/components/secret-syncs/forms/SecretSyncReviewFields/SecretSyncReviewFields.tsx
View File

@@ -37,6 +37,7 @@ import { HerokuSyncReviewFields } from "./HerokuSyncReviewFields";
import { HumanitecSyncReviewFields } from "./HumanitecSyncReviewFields";
import { LaravelForgeSyncReviewFields } from "./LaravelForgeSyncReviewFields";
import { NetlifySyncReviewFields } from "./NetlifySyncReviewFields";
import { NorthflankSyncReviewFields } from "./NorthflankSyncReviewFields";
import { OCIVaultSyncReviewFields } from "./OCIVaultSyncReviewFields";
import { OnePassSyncReviewFields } from "./OnePassSyncReviewFields";
import { RailwaySyncReviewFields } from "./RailwaySyncReviewFields";
@@ -166,6 +167,9 @@ export const SecretSyncReviewFields = () => {
case SecretSync.Netlify:
DestinationFieldsComponent = <NetlifySyncReviewFields />;
break;
case SecretSync.Northflank:
DestinationFieldsComponent = <NorthflankSyncReviewFields />;
break;
case SecretSync.Bitbucket:
DestinationFieldsComponent = <BitbucketSyncReviewFields />;
break;

16
frontend/src/components/secret-syncs/forms/schemas/northflank-sync-destination-schema.ts Normal file
View File

@@ -0,0 +1,16 @@
import { z } from "zod";
import { BaseSecretSyncSchema } from "@app/components/secret-syncs/forms/schemas/base-secret-sync-schema";
import { SecretSync } from "@app/hooks/api/secretSyncs";
export const NorthflankSyncDestinationSchema = BaseSecretSyncSchema().merge(
z.object({
destination: z.literal(SecretSync.Northflank),
destinationConfig: z.object({
projectId: z.string().trim().min(1, "Project ID is required"),
projectName: z.string().trim().optional(),
secretGroupId: z.string().trim().min(1, "Secret Group ID is required"),
secretGroupName: z.string().trim().optional()
})
})
);

2
frontend/src/components/secret-syncs/forms/schemas/secret-sync-schema.ts
View File

@@ -22,6 +22,7 @@ import { HerokuSyncDestinationSchema } from "./heroku-sync-destination-schema";
import { HumanitecSyncDestinationSchema } from "./humanitec-sync-destination-schema";
import { LaravelForgeSyncDestinationSchema } from "./laravel-forge-sync-destination-schema";
import { NetlifySyncDestinationSchema } from "./netlify-sync-destination-schema";
import { NorthflankSyncDestinationSchema } from "./northflank-sync-destination-schema";
import { OCIVaultSyncDestinationSchema } from "./oci-vault-sync-destination-schema";
import { RailwaySyncDestinationSchema } from "./railway-sync-destination-schema";
import { RenderSyncDestinationSchema } from "./render-sync-destination-schema";
@@ -62,6 +63,7 @@ const SecretSyncUnionSchema = z.discriminatedUnion("destination", [
ChecklySyncDestinationSchema,
DigitalOceanAppPlatformSyncDestinationSchema,
NetlifySyncDestinationSchema,
NorthflankSyncDestinationSchema,
BitbucketSyncDestinationSchema,
LaravelForgeSyncDestinationSchema
]);

5
frontend/src/helpers/secretSyncs.ts
View File

@@ -114,6 +114,10 @@ export const SECRET_SYNC_MAP: Record<SecretSync, { name: string; image: string }
name: "Bitbucket",
image: "Bitbucket.png"
},
[SecretSync.Northflank]: {
name: "Northflank",
image: "Northflank.png"
},
[SecretSync.LaravelForge]: {
name: "Laravel Forge",
image: "Laravel Forge.png"
@@ -150,6 +154,7 @@ export const SECRET_SYNC_CONNECTION_MAP: Record<SecretSync, AppConnection> = {
[SecretSync.Checkly]: AppConnection.Checkly,
[SecretSync.DigitalOceanAppPlatform]: AppConnection.DigitalOcean,
[SecretSync.Netlify]: AppConnection.Netlify,
[SecretSync.Northflank]: AppConnection.Northflank,
[SecretSync.Bitbucket]: AppConnection.Bitbucket,
[SecretSync.LaravelForge]: AppConnection.LaravelForge
};

2
frontend/src/hooks/api/appConnections/northflank/index.ts Normal file
View File

@@ -0,0 +1,2 @@
export * from "./queries";
export * from "./types";

65
frontend/src/hooks/api/appConnections/northflank/queries.tsx Normal file
View File

@@ -0,0 +1,65 @@
import { useQuery, UseQueryOptions } from "@tanstack/react-query";
import { apiRequest } from "@app/config/request";
import { appConnectionKeys } from "@app/hooks/api/appConnections";
import { TNorthflankProject, TNorthflankSecretGroup } from "./types";
const northflankConnectionKeys = {
all: [...appConnectionKeys.all, "northflank"] as const,
listProjects: (connectionId: string) =>
[...northflankConnectionKeys.all, "projects", connectionId] as const,
listSecretGroups: (connectionId: string, projectId: string) =>
[...northflankConnectionKeys.all, "secret-groups", connectionId, projectId] as const
};
export const useNorthflankConnectionListProjects = (
connectionId: string,
options?: Omit<
UseQueryOptions<
TNorthflankProject[],
unknown,
TNorthflankProject[],
ReturnType<typeof northflankConnectionKeys.listProjects>
>,
"queryKey" | "queryFn"
>
) => {
return useQuery({
queryKey: northflankConnectionKeys.listProjects(connectionId),
queryFn: async () => {
const { data } = await apiRequest.get<{ projects: TNorthflankProject[] }>(
`/api/v1/app-connections/northflank/${connectionId}/projects`
);
return data.projects;
},
...options
});
};
export const useNorthflankConnectionListSecretGroups = (
connectionId: string,
projectId: string,
options?: Omit<
UseQueryOptions<
TNorthflankSecretGroup[],
unknown,
TNorthflankSecretGroup[],
ReturnType<typeof northflankConnectionKeys.listSecretGroups>
>,
"queryKey" | "queryFn"
>
) => {
return useQuery({
queryKey: northflankConnectionKeys.listSecretGroups(connectionId, projectId),
queryFn: async () => {
const { data } = await apiRequest.get<{ secretGroups: TNorthflankSecretGroup[] }>(
`/api/v1/app-connections/northflank/${connectionId}/projects/${projectId}/secret-groups`
);
return data.secretGroups;
},
...options
});
};

9
frontend/src/hooks/api/appConnections/northflank/types.ts Normal file
View File

@@ -0,0 +1,9 @@
export type TNorthflankProject = {
id: string;
name: string;
};
export type TNorthflankSecretGroup = {
id: string;
name: string;
};

1
frontend/src/hooks/api/secretSyncs/enums.ts
View File

@@ -28,6 +28,7 @@ export enum SecretSync {
Checkly = "checkly",
DigitalOceanAppPlatform = "digital-ocean-app-platform",
Netlify = "netlify",
Northflank = "northflank",
Bitbucket = "bitbucket",
LaravelForge = "laravel-forge"
}

2
frontend/src/hooks/api/secretSyncs/types/index.ts
View File

@@ -23,6 +23,7 @@ import { THerokuSync } from "./heroku-sync";
import { THumanitecSync } from "./humanitec-sync";
import { TLaravelForgeSync } from "./laravel-forge-sync";
import { TNetlifySync } from "./netlify-sync";
import { TNorthflankSync } from "./northflank-sync";
import { TOCIVaultSync } from "./oci-vault-sync";
import { TRailwaySync } from "./railway-sync";
import { TRenderSync } from "./render-sync";
@@ -70,6 +71,7 @@ export type TSecretSync =
| TSupabaseSync
| TDigitalOceanAppPlatformSync
| TNetlifySync
| TNorthflankSync
| TBitbucketSync
| TLaravelForgeSync;

19
frontend/src/hooks/api/secretSyncs/types/northflank-sync.ts Normal file
View File

@@ -0,0 +1,19 @@
import { AppConnection } from "@app/hooks/api/appConnections/enums";
import { SecretSync } from "@app/hooks/api/secretSyncs";
import { TRootSecretSync } from "@app/hooks/api/secretSyncs/types/root-sync";
export type TNorthflankSync = TRootSecretSync & {
destination: SecretSync.Northflank;
destinationConfig: {
projectId: string;
projectName?: string;
secretGroupId: string;
secretGroupName?: string;
};
connection: {
app: AppConnection.Northflank;
name: string;
id: string;
};
};

14
frontend/src/pages/secret-manager/IntegrationsListPage/components/SecretSyncsTab/SecretSyncTable/SecretSyncDestinationCol/NorthflankSyncDestinationCol.tsx Normal file
View File

@@ -0,0 +1,14 @@
import { TNorthflankSync } from "@app/hooks/api/secretSyncs/types/northflank-sync";
import { getSecretSyncDestinationColValues } from "../helpers";
import { SecretSyncTableCell } from "../SecretSyncTableCell";
type Props = {
secretSync: TNorthflankSync;
};
export const NorthflankSyncDestinationCol = ({ secretSync }: Props) => {
const { primaryText, secondaryText } = getSecretSyncDestinationColValues(secretSync);
return <SecretSyncTableCell primaryText={primaryText} secondaryText={secondaryText} />;
};

3
frontend/src/pages/secret-manager/IntegrationsListPage/components/SecretSyncsTab/SecretSyncTable/SecretSyncDestinationCol/SecretSyncDestinationCol.tsx
View File

@@ -22,6 +22,7 @@ import { HerokuSyncDestinationCol } from "./HerokuSyncDestinationCol";
import { HumanitecSyncDestinationCol } from "./HumanitecSyncDestinationCol";
import { LaravelForgeSyncDestinationCol } from "./LaravelForgeSyncDestinationCol";
import { NetlifySyncDestinationCol } from "./NetlifySyncDestinationCol";
import { NorthflankSyncDestinationCol } from "./NorthflankSyncDestinationCol";
import { OCIVaultSyncDestinationCol } from "./OCIVaultSyncDestinationCol";
import { RailwaySyncDestinationCol } from "./RailwaySyncDestinationCol";
import { RenderSyncDestinationCol } from "./RenderSyncDestinationCol";
@@ -96,6 +97,8 @@ export const SecretSyncDestinationCol = ({ secretSync }: Props) => {
return <DigitalOceanAppPlatformSyncDestinationCol secretSync={secretSync} />;
case SecretSync.Netlify:
return <NetlifySyncDestinationCol secretSync={secretSync} />;
case SecretSync.Northflank:
return <NorthflankSyncDestinationCol secretSync={secretSync} />;
case SecretSync.Bitbucket:
return <BitbucketSyncDestinationCol secretSync={secretSync} />;
case SecretSync.LaravelForge:

4
frontend/src/pages/secret-manager/IntegrationsListPage/components/SecretSyncsTab/SecretSyncTable/helpers/index.ts
View File

@@ -194,6 +194,10 @@ export const getSecretSyncDestinationColValues = (secretSync: TSecretSync) => {
primaryText = destinationConfig.workspaceSlug;
secondaryText = destinationConfig.repositorySlug;
break;
case SecretSync.Northflank:
primaryText = destinationConfig.projectName || destinationConfig.projectId;
secondaryText = destinationConfig.secretGroupName || destinationConfig.secretGroupId;
break;
case SecretSync.LaravelForge:
primaryText = destinationConfig.siteName || destinationConfig.siteId;
secondaryText = destinationConfig.orgName || destinationConfig.orgSlug;

21
frontend/src/pages/secret-manager/SecretSyncDetailsByIDPage/components/SecretSyncDestinationSection/NorthflankSyncDestinationSection.tsx Normal file
View File

@@ -0,0 +1,21 @@
import { GenericFieldLabel } from "@app/components/secret-syncs";
import { TNorthflankSync } from "@app/hooks/api/secretSyncs/types/northflank-sync";
type Props = {
secretSync: TNorthflankSync;
};
export const NorthflankSyncDestinationSection = ({ secretSync }: Props) => {
const { destinationConfig } = secretSync;
return (
<>
<GenericFieldLabel label="Project">
{destinationConfig.projectName || destinationConfig.projectId}
</GenericFieldLabel>
<GenericFieldLabel label="Secret Group">
{destinationConfig.secretGroupName || destinationConfig.secretGroupId}
</GenericFieldLabel>
</>
);
};

4
frontend/src/pages/secret-manager/SecretSyncDetailsByIDPage/components/SecretSyncDestinationSection/SecretSyncDestinatonSection.tsx
View File

@@ -33,6 +33,7 @@ import { HerokuSyncDestinationSection } from "./HerokuSyncDestinationSection";
import { HumanitecSyncDestinationSection } from "./HumanitecSyncDestinationSection";
import { LaravelForgeSyncDestinationSection } from "./LaravelForgeSyncDestinationSection";
import { NetlifySyncDestinationSection } from "./NetlifySyncDestinationSection";
import { NorthflankSyncDestinationSection } from "./NorthflankSyncDestinationSection";
import { OCIVaultSyncDestinationSection } from "./OCIVaultSyncDestinationSection";
import { RailwaySyncDestinationSection } from "./RailwaySyncDestinationSection";
import { RenderSyncDestinationSection } from "./RenderSyncDestinationSection";
@@ -146,6 +147,9 @@ export const SecretSyncDestinationSection = ({ secretSync, onEditDestination }:
case SecretSync.Netlify:
DestinationComponents = <NetlifySyncDestinationSection secretSync={secretSync} />;
break;
case SecretSync.Northflank:
DestinationComponents = <NorthflankSyncDestinationSection secretSync={secretSync} />;
break;
case SecretSync.Bitbucket:
DestinationComponents = <BitbucketSyncDestinationSection secretSync={secretSync} />;
break;

1
frontend/src/pages/secret-manager/SecretSyncDetailsByIDPage/components/SecretSyncOptionsSection/SecretSyncOptionsSection.tsx
View File

@@ -70,6 +70,7 @@ export const SecretSyncOptionsSection = ({ secretSync, onEditOptions }: Props) =
case SecretSync.Checkly:
case SecretSync.DigitalOceanAppPlatform:
case SecretSync.Netlify:
case SecretSync.Northflank:
case SecretSync.Bitbucket:
case SecretSync.LaravelForge:
AdditionalSyncOptionsComponent = null;