From bc527ca0d144dec4ba0df71e9ed11b1585f27f23 Mon Sep 17 00:00:00 2001 From: Carlos Monastyrski Date: Thu, 2 Oct 2025 12:18:54 -0300 Subject: [PATCH] Address greptile comments --- .../aws-certificate-manager-pki-sync-schemas.ts | 2 +- .../aws-certificate-manager/remove-certificates.mdx | 2 +- .../certificate-syncs/aws-certificate-manager.mdx | 7 +++---- .../azure-key-vault-pki-sync-destination-schema.ts | 7 +++++-- frontend/src/hooks/api/pkiSyncs/types/index.ts | 12 +++++++++--- 5 files changed, 19 insertions(+), 11 deletions(-) diff --git a/backend/src/services/pki-sync/aws-certificate-manager/aws-certificate-manager-pki-sync-schemas.ts b/backend/src/services/pki-sync/aws-certificate-manager/aws-certificate-manager-pki-sync-schemas.ts index 2c4af94a8c..eb9ae54444 100644 --- a/backend/src/services/pki-sync/aws-certificate-manager/aws-certificate-manager-pki-sync-schemas.ts +++ b/backend/src/services/pki-sync/aws-certificate-manager/aws-certificate-manager-pki-sync-schemas.ts @@ -12,7 +12,7 @@ export const AwsCertificateManagerPkiSyncConfigSchema = z.object({ }); const AwsCertificateManagerPkiSyncOptionsSchema = z.object({ - canImportCertificates: z.boolean().default(true), + canImportCertificates: z.boolean().default(false), canRemoveCertificates: z.boolean().default(true), certificateNameSchema: z .string() diff --git a/docs/api-reference/endpoints/pki/syncs/aws-certificate-manager/remove-certificates.mdx b/docs/api-reference/endpoints/pki/syncs/aws-certificate-manager/remove-certificates.mdx index 98f99e39af..5ea989f2ae 100644 --- a/docs/api-reference/endpoints/pki/syncs/aws-certificate-manager/remove-certificates.mdx +++ b/docs/api-reference/endpoints/pki/syncs/aws-certificate-manager/remove-certificates.mdx @@ -1,4 +1,4 @@ --- title: "Remove Certificates from AWS Certificate Manager" openapi: "POST /api/v1/pki/syncs/aws-certificate-manager/{pkiSyncId}/remove-certificates" ---- \ No newline at end of file +--- diff --git a/docs/documentation/platform/pki/certificate-syncs/aws-certificate-manager.mdx b/docs/documentation/platform/pki/certificate-syncs/aws-certificate-manager.mdx index e40d1b84f3..7561b9d26d 100644 --- a/docs/documentation/platform/pki/certificate-syncs/aws-certificate-manager.mdx +++ b/docs/documentation/platform/pki/certificate-syncs/aws-certificate-manager.mdx @@ -5,9 +5,9 @@ description: "Learn how to configure an AWS Certificate Manager Certificate Sync **Prerequisites:** - - Set up and configure a [Certificate Authority](/documentation/platform/pki/overview) - - Create an [AWS Connection](/integrations/app-connections/aws) - - Ensure your network security policies allow incoming requests from Infisical to this certificate sync provider, if network restrictions apply. +- Set up and configure a [Certificate Authority](/documentation/platform/pki/overview) +- Create an [AWS Connection](/integrations/app-connections/aws) +- Ensure your network security policies allow incoming requests from Infisical to this certificate sync provider, if network restrictions apply. The AWS Certificate Manager Certificate Sync requires the following ACM permissions to be set on the IAM user/role @@ -38,7 +38,6 @@ description: "Learn how to configure an AWS Certificate Manager Certificate Sync - **AWS Connection**: The AWS Connection to authenticate with. - **AWS Region**: The AWS region where certificates should be stored. -

5. Configure the **Sync Options** to specify how certificates should be synced, then click **Next**. ![Configure Options](/images/certificate-syncs/aws-certificate-manager/acm-options.png) diff --git a/frontend/src/components/pki-syncs/forms/schemas/azure-key-vault-pki-sync-destination-schema.ts b/frontend/src/components/pki-syncs/forms/schemas/azure-key-vault-pki-sync-destination-schema.ts index d3300d9f29..e87e7a52c6 100644 --- a/frontend/src/components/pki-syncs/forms/schemas/azure-key-vault-pki-sync-destination-schema.ts +++ b/frontend/src/components/pki-syncs/forms/schemas/azure-key-vault-pki-sync-destination-schema.ts @@ -8,7 +8,7 @@ export const AzureKeyVaultPkiSyncDestinationSchema = BasePkiSyncSchema().merge( z.object({ destination: z.literal(PkiSync.AzureKeyVault), destinationConfig: z.object({ - vaultBaseUrl: z.string().url("Valid URL is required") + vaultBaseUrl: z.string().min(1, "Vault base URL is required").url("Valid URL is required") }) }) ); @@ -24,7 +24,10 @@ export const UpdateAzureKeyVaultPkiSyncDestinationSchema = destination: z.literal(PkiSync.AzureKeyVault), connection: z.object({ id: z.string().uuid("Invalid connection ID format"), - name: z.string().max(255, "Connection name must be less than 255 characters") + name: z + .string() + .min(1, "Connection name is required") + .max(255, "Connection name must be less than 255 characters") }) }) ); diff --git a/frontend/src/hooks/api/pkiSyncs/types/index.ts b/frontend/src/hooks/api/pkiSyncs/types/index.ts index 90a76fc6b0..899217f522 100644 --- a/frontend/src/hooks/api/pkiSyncs/types/index.ts +++ b/frontend/src/hooks/api/pkiSyncs/types/index.ts @@ -22,7 +22,7 @@ export type TListPkiSyncs = { pkiSyncs: TPkiSync[] }; export type TListPkiSyncOptions = { pkiSyncOptions: TPkiSyncOption[] }; -export type TCreatePkiSyncDTO = { +type TCreatePkiSyncDTOBase = { name: string; description?: string; connectionId: string; @@ -32,11 +32,17 @@ export type TCreatePkiSyncDTO = { certificateNamePrefix?: string; certificateNameSchema?: string; }; - destination: PkiSync; isAutoSyncEnabled: boolean; subscriberId?: string; projectId: string; - destinationConfig: Record; +}; + +export type TCreatePkiSyncDTO = TCreatePkiSyncDTOBase & { + destination: PkiSync; + destinationConfig: { + vaultBaseUrl?: string; + region?: string; + }; }; export type TUpdatePkiSyncDTO = Partial> & {