feat: vault #1656

chronark · 2024-05-17T18:22:38Z

chore remove Unkeyed, Inc from 404
feat: vault wip

vercel · 2024-05-17T18:22:41Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
dashboard	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2024 3:39pm
workflows	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2024 3:39pm
www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2024 3:39pm

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
planetfall	⬜️ Ignored (Inspect)	Visit Preview		May 20, 2024 3:39pm

changeset-bot · 2024-05-17T18:22:42Z

⚠️ No Changeset found

Latest commit: bc43dfb

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

github-actions · 2024-05-17T18:22:53Z

Thank you for following the naming conventions for pull request titles! 🙏

feat(Dockerfile): update CMD to include "agent" argument feat(Encrypt.bru): add Authorization header with Bearer token feat(Liveness.bru): add Liveness endpoint configuration feat(agent.go): add flag to specify .env file path refactor(proto): rename EncryptedDEK to DataEncryptionKey feat(proto): add Key field to DataEncryptionKey message feat(proto): add EncryptedDataEncryptionKey message feat(proto): add Encrypted field to EncryptedDataEncryptionKey message feat(proto): add KeyEncryptionKey message feat(proto): add GetKey method to DataEncryptionKey message feat(proto): add GetEncrypted method to EncryptedDataEncryptionKey message feat(proto): add GetKey method to KeyEncryptionKey message refactor(proto): remove unused EncryptionKey methods and descriptors feat(proto): add new fields to EncryptionKey message refactor(object.pb.go): remove EncryptionKey message type and update message dependencies refactor(proto): update field names in proto messages for consistency and clarity refactor(vault): update message types indices in service.pb.go feat(vault): add support for GetKeyring method in ReEncryptRequest struct feat(vault): add support for ReEncryptDEKsRequest and ReEncryptDEKsResponse types in service.pb.go fix(proto): fix typo in 'LivenessRequest' message name fix(proto): fix typo in 'LivenessResponse' message name fix(proto): fix typo in 'DecryptRequest' message name fix(proto): fix typo in 'DecryptResponse' message name refactor(service.pb.go): reorder message types to match updated service methods fix(service.pb.go): correct message type export for service methods refactor(vaultv1connect): add Liveness method to VaultServiceClient interface feat(vaultv1connect): implement Liveness method in vaultServiceClient feat(vaultv1connect): add Liveness handler to NewVaultServiceHandler chore(vault): update dependencies in go.sum file feat(vault): add support for github.com/creack/pty package feat(vault): remove unused dependencies from go.sum file feat(vault): add support for github.com/pkg/diff package chore(vault): remove unused dependencies from go.sum feat(vault): update key variable names in coldstart_test.go and migrate_deks_test.go feat(vault): add authorization logic in auth package feat(vault): add authorization check in service methods feat(vault): add keyring package with CreateKey and DecodeAndDecryptKey functions feat(keyring): add functions to encrypt and encode data encryption keys feat(keyring): add functions to get, create, and roll keys in keyring feat(service): add functions to create, decrypt, and encrypt data encryption keys refactor(encryption.go): remove encryption functionality from service package feat(get_dek.go): add getDEK method to retrieve Data Encryption Key feat(reencrypt.go): implement ReEncrypt method for decrypting and re-encrypting data feat(roll_deks.go): add RollDeks method to rotate Data Encryption Keys refactor(service.go): refactor New function to load master keys and create keyring feat(service.go): add keyring package and integrate with Service struct feat(service.go): add loadMasterKeys function to load encryption and decryption keys feat(interface.go): rename ListObjects to ListObjectKeys for consistency fix(storage): update PutObject method parameter name from 'data' to 'b' fix(storage): update GetObject method to handle object not found case fix(storage): update ListObjectKeys method to correctly filter object keys feat(storage): add support for S3 storage implementation feat(storage): add support for creating S3 bucket if necessary feat(storage): initialize S3 storage and log initialization feat(proto): add DataEncryptionKey message feat(proto): remove EncryptionKey message feat(service): add Liveness RPC method to VaultService chore(deployment): comment out clickhouse services in docker-compose.yaml feat(deployment): add vault and minio services to docker-compose.yaml

feat(build.yaml): add support for ENCRYPTION_KEYS variable feat(api): add @unkey/vault package as a dependency feat(env.ts): add VAULT_URL and VAULT_AUTH_SECRET environment variables feat(hono/env.ts): import Vault type from @unkey/vault package feat(middleware/init.ts): create vault client using VAULT_URL and VAULT_AUTH_SECRET feat(testutil/harness.ts): add storeEncryptedKeys fields for entities feat(routes): add support for fetching keyAuth data in various routes feat(schema.ts): add plaintext field to keySchema feat(v1_apis_listKeys.happy.test.ts): add test for retrieving key in plaintext feat(routes): add support for decrypting and displaying raw key in plaintext fix(routes): handle cases where both hash and plaintext are provided, provide either one feat(routes): encrypt plaintext key before storing in database fix(vault): remove unnecessary newline at end of bruno.json fix(vault): add error handling for storage.ErrObjectNotFound in GetKey method fix(vault): update S3_URL in docker-compose.yaml to point to s3 service feat(vault): add support for s3 service in docker-compose.yaml feat(vault): add new buf.gen.yaml and package.json for vault-sdk feat(vault-sdk): add generated proto files for object and service connect feat(vault-sdk): add generated TypeScript classes for vault service messages feat(vault-sdk): add createVaultClient function to create Vault client fix(api): change createdAt property in components interface to be required feat(rbac): add "decrypt_key" action to apiActions enum

…lude planetscale and vault services feat(api_integration_local.yaml): add VAULT_URL and VAULT_AUTH_SECRET environment variables feat(v1_apis_listKeys.happy.test.ts): remove unnecessary console.log statement fix(env.ts): remove ENCRYPTION_KEYS environment variable parsing fix(create.ts): comment out unused imports and code related to encryption fix(createGateway): update createGateway mutation to remove encryption logic fix(createSecret): update createSecret procedure to remove encryption logic fix(decrypt.ts): update decryptSecret procedure to remove encryption logic fix(updateSecret): update updateSecret procedure to remove encryption logic fix(createWebhook): update createWebhook procedure to remove encryption logic refactor(env.ts): remove ENCRYPTION_KEYS field from zEnv object refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(index.ts): comment out encryption key decryption logic refactor(encryption): remove unused encryption environment file refactor(encryption): remove unused encryption environment functions refactor(dashboard.ts): remove encryption key generation from environment variables

chronark added 2 commits May 15, 2024 21:03

chore remove Unkeyed, Inc from 404

15049b8

feat: vault wip

d21c757

vercel bot deployed to Preview – workflows May 17, 2024 18:24 View deployment

vercel bot deployed to Preview – planetfall May 17, 2024 18:25 View deployment

vercel bot deployed to Preview – dashboard May 17, 2024 18:26 View deployment

vercel bot deployed to Preview – www May 17, 2024 18:27 View deployment

chronark added 2 commits May 20, 2024 14:15

chronark marked this pull request as ready for review May 20, 2024 14:59

chronark requested review from perkinsjr, guilhermerodz and domeccleston as code owners May 20, 2024 14:59

chronark changed the title ~~secrets~~ feat: vault May 20, 2024

vercel bot deployed to Preview – planetfall May 20, 2024 15:00 View deployment

vercel bot deployed to Preview – workflows May 20, 2024 15:00 View deployment

vercel bot deployed to Preview – www May 20, 2024 15:01 View deployment

vercel bot deployed to Preview – dashboard May 20, 2024 15:05 View deployment

vercel bot deployed to Preview – www May 20, 2024 15:35 View deployment

vercel bot deployed to Preview – workflows May 20, 2024 15:35 View deployment

vercel bot deployed to Preview – dashboard May 20, 2024 15:39 View deployment

chronark merged commit e606b20 into main May 20, 2024
26 checks passed

chronark deleted the secrets branch May 20, 2024 16:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: vault #1656

feat: vault #1656

chronark commented May 17, 2024

vercel bot commented May 17, 2024 •

edited

changeset-bot bot commented May 17, 2024 •

edited

github-actions bot commented May 17, 2024 •

edited

feat: vault #1656

feat: vault #1656

Conversation

chronark commented May 17, 2024

vercel bot commented May 17, 2024 • edited

changeset-bot bot commented May 17, 2024 • edited

⚠️ No Changeset found

github-actions bot commented May 17, 2024 • edited

vercel bot commented May 17, 2024 •

edited

changeset-bot bot commented May 17, 2024 •

edited

github-actions bot commented May 17, 2024 •

edited