diff --git a/backend/src/controllers/v3/secretsController.ts b/backend/src/controllers/v3/secretsController.ts index dd01174d1a..f8e5e8702b 100644 --- a/backend/src/controllers/v3/secretsController.ts +++ b/backend/src/controllers/v3/secretsController.ts @@ -5,7 +5,6 @@ import { eventPushSecrets } from "../../events"; import { BotService } from "../../services"; import { containsGlobPatterns, - isValidScope, isValidScopeV3, repackageSecretToRaw } from "../../helpers/secrets"; @@ -100,8 +99,7 @@ export const getSecretsRaw = async (req: Request, res: Response) => { secretPath, requiredPermissions: [PERMISSION_READ_SECRETS] }); - permissionCheckFn = (env: string, secPath: string) => - isValidScope(req.authData.authPayload as IServiceTokenData, env, secPath); + permissionCheckFn = () => true; break; } case ActorType.SERVICE_V3: { @@ -554,8 +552,7 @@ export const getSecrets = async (req: Request, res: Response) => { secretPath, requiredPermissions: [PERMISSION_READ_SECRETS] }); - permissionCheckFn = (env: string, secPath: string) => - isValidScope(req.authData.authPayload as IServiceTokenData, env, secPath); + permissionCheckFn = (env: string, secPath: string) => true; break; } case ActorType.SERVICE_V3: { diff --git a/backend/src/index.ts b/backend/src/index.ts index 3b807b2f5b..fbe85c3c1f 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -226,10 +226,25 @@ const main = async () => { // await createTestUserForDevelopment(); setUpHealthEndpoint(server); - server.on("close", async () => { + + const serverCleanup = async () => { await DatabaseService.closeDatabase(); syncSecretsToThirdPartyServices.close(); githubPushEventSecretScan.close(); + + process.exit(0); + } + + process.on("SIGINT", function () { + server.close(async () => { + await serverCleanup() + }); + }); + + process.on("SIGTERM", function () { + server.close(async () => { + await serverCleanup() + }); }); return server; diff --git a/docs/integrations/build-tools/gradle.mdx b/docs/integrations/build-tools/gradle.mdx new file mode 100644 index 0000000000..5005433d04 --- /dev/null +++ b/docs/integrations/build-tools/gradle.mdx @@ -0,0 +1,91 @@ +--- +title: "Gradle" +description: "How to use Infisical to inject environment variables with Gradle" +--- + +# Using Infisical with Gradle + +By integrating [Infisical CLI](../../cli/overview) with Gradle, you can configure your builds and scripts to different environments, CI/CD pipelines, and more without explicitly setting variables in the command line. + +This documentation provides an overview of how to use Infisical with [Gradle](https://gradle.org/). + +## Basic Usage + +To run a Gradle task with Infisical, you can use the `run` command. The basic structure is: + +``` +infisical run -- [Your command here] +``` + +For example, to run the `generateFile` task in Gradle: + +```groovy build.gradle +task generateFile { + doLast { + String content = System.getenv('ENV_NAME_FROM_INFISICAL') ?: 'Default Content' + file('output.txt').text = content + println "Generated output.txt with content: $content" + } +} +``` + +``` +infisical run -- gradle generateFile +``` + +With this command, Infisical will automatically inject the environment variables associated with the current Infisical project into the Gradle process. +Your Gradle script can then access these variables using `System.getenv('VARIABLE_NAME')`. + +## More Examples + +### 1. Building a Project with a Specific Profile + +Assuming you have different build profiles (e.g., 'development', 'production'), you can use Infisical to switch between them: + +``` +infisical run -- gradle build +``` + +Inside your `build.gradle`, you might have: + +```groovy build.gradle +if (System.getenv('PROFILE') == 'production') { + // production-specific configurations +} +``` + +### 2. Running Tests with Different Database Configurations + +If you want to run tests against different database configurations: + +``` +infisical run -- gradle test +``` + +Your test configuration in `build.gradle` can then adjust the database URL accordingly: + +```groovy build.gradle +test { + systemProperty 'db.url', System.getenv('DB_URL') +} +``` + +### 3. Generating Artifacts with Versioning + +For automated CI/CD pipelines, you might want to inject a build number or version: + +``` +infisical run -- gradle assemble +``` + +And in `build.gradle`: + +```groovy build.gradle +version = System.getenv('BUILD_NUMBER') ?: '1.0.0-SNAPSHOT' +``` + +## Advantages of Using Infisical with Gradle + +1. **Flexibility**: Easily adapt your Gradle builds to different environments without modifying the build scripts or setting environment variables manually. +2. **Reproducibility**: Ensure consistent builds by leveraging the environment variables from the related Infisical project. +3. **Security**: Protect sensitive information by using Infisical's secrets management without exposing them in scripts or logs. diff --git a/docs/mint.json b/docs/mint.json index 975687508d..c6c0eef3de 100644 --- a/docs/mint.json +++ b/docs/mint.json @@ -276,6 +276,12 @@ "integrations/platforms/pm2" ] }, + { + "group": "Build Tool Integrations", + "pages": [ + "integrations/build-tools/gradle" + ] + }, { "group": "Overview", "pages": ["sdks/overview"] diff --git a/frontend/src/components/navigation/NavHeader.tsx b/frontend/src/components/navigation/NavHeader.tsx index f783cdb864..866010c210 100644 --- a/frontend/src/components/navigation/NavHeader.tsx +++ b/frontend/src/components/navigation/NavHeader.tsx @@ -144,7 +144,7 @@ export default function NavHeader({ href={{ pathname: "/project/[id]/secrets/[env]", query }} > - folderName + {folderName} )}