Skip to content

Commit 6c96b0a

Browse files
committed
feat: Added sensitive parameter filtering to import and init. Added sensitive parameter hiding to displaying plans
1 parent 46b3259 commit 6c96b0a

File tree

8 files changed

+53
-22
lines changed

8 files changed

+53
-22
lines changed

package-lock.json

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
"ajv": "^8.12.0",
1818
"ajv-formats": "^3.0.1",
1919
"chalk": "^5.3.0",
20-
"codify-schemas": "^1.0.81",
20+
"codify-schemas": "^1.0.83",
2121
"cors": "^2.8.5",
2222
"debug": "^4.3.4",
2323
"detect-indent": "^7.0.1",

src/commands/import.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,9 @@ For more information, visit: https://docs.codifycli.com/commands/import`
4949
'updateExisting': Flags.boolean({
5050
description: 'Force the CLI to try to update an existing file instead of prompting the user with the option of creating a new file',
5151
}),
52+
'includeSensitive': Flags.boolean({
53+
description: 'Allow the import of resources with sensitive parameters. This only applies when a resource id hasn\'t been explicitly included. Otherwise, this parameter will be ignored.',
54+
}),
5255
}
5356

5457
public async run(): Promise<void> {
@@ -70,8 +73,8 @@ For more information, visit: https://docs.codifycli.com/commands/import`
7073
verbosityLevel: flags.debug ? 3 : 0,
7174
typeIds: cleanedArgs,
7275
path: resolvedPath,
73-
secureMode: flags.secure,
7476
updateExisting: flags.updateExisting,
77+
includeSensitive: flags.includeSensitive,
7578
}, this.reporter)
7679

7780
process.exit(0)

src/commands/init.ts

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ import chalk from 'chalk';
22

33
import { BaseCommand } from '../common/base-command.js';
44
import { InitializeOrchestrator } from '../orchestrators/init.js';
5+
import { Flags } from '@oclif/core';
56

67
export default class Init extends BaseCommand {
78
static strict = false;
@@ -17,6 +18,9 @@ For more information, visit: https://docs.codifycli.com/commands/init`
1718

1819
static baseFlags= {
1920
...BaseCommand.baseFlags,
21+
includeSensitive: Flags.boolean({
22+
description: 'Include sensitive resources in the generated configs.',
23+
}),
2024
}
2125

2226
static override examples = [
@@ -29,6 +33,7 @@ For more information, visit: https://docs.codifycli.com/commands/init`
2933
await InitializeOrchestrator.run({
3034
verbosityLevel: flags.debug ? 3 : 0,
3135
path: flags.path,
36+
includeSensitive: flags.includeSensitive,
3237
},this.reporter);
3338

3439
process.exit(0)

src/entities/plan.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,7 @@ export class ResourcePlan {
7373
newValue: null | unknown;
7474
operation: ParameterOperation;
7575
previousValue: null | unknown;
76+
isSensitive?: boolean;
7677
}>
7778

7879
constructor(json: PlanResponseData) {

src/orchestrators/import.ts

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ export interface ImportArgs {
2727
typeIds?: string[];
2828
path: string;
2929
updateExisting?: boolean;
30-
secureMode?: boolean;
30+
includeSensitive?: boolean;
3131
verbosityLevel?: number;
3232
}
3333

@@ -59,7 +59,12 @@ export class ImportOrchestrator {
5959
const { project, pluginManager, resourceDefinitions } = initializeResult;
6060

6161
ctx.subprocessStarted(SubProcessName.IMPORT_RESOURCE)
62-
const importResults = await Promise.all([...resourceDefinitions.keys()].map(async (typeId) => {
62+
63+
// Omit sensitive resources if not included
64+
const typeIdsToImport = [...resourceDefinitions.keys()]
65+
.filter((typeId) => args.includeSensitive || (!args.includeSensitive && (resourceDefinitions.get(typeId)?.sensitiveParameters ?? []).length === 0))
66+
67+
const importResults = await Promise.all(typeIdsToImport.map(async (typeId) => {
6368
try {
6469
return await pluginManager.importResource({
6570
core: { type: typeId },

src/orchestrators/init.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import { resolvePathWithVariables, untildify } from '../utils/index.js';
1111
export interface InitArgs {
1212
path?: string;
1313
verbosityLevel?: number;
14+
includeSensitive?: boolean;
1415
}
1516

1617
export const InitializeOrchestrator = {
@@ -25,7 +26,12 @@ export const InitializeOrchestrator = {
2526
const { pluginManager, resourceDefinitions } = await PluginInitOrchestrator.run(args, reporter);
2627

2728
ctx.subprocessStarted(SubProcessName.IMPORT_RESOURCE)
28-
const importResults = await Promise.all([...resourceDefinitions.keys()].map(async (typeId) => {
29+
30+
// Omit sensitive resources if not included
31+
const typeIdsToImport = [...resourceDefinitions.keys()]
32+
.filter((typeId) => args.includeSensitive || (!args.includeSensitive && (resourceDefinitions.get(typeId)?.sensitiveParameters ?? []).length === 0))
33+
34+
const importResults = await Promise.all(typeIdsToImport.map(async (typeId) => {
2935
try {
3036
return await pluginManager.importResource({
3137
core: { type: typeId },

src/ui/plan-pretty-printer.ts

Lines changed: 24 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,10 @@ function prettyFormatCreatePlan(plan: ResourcePlan): string {
4848
return result;
4949
}
5050

51+
const value = parameter.isSensitive ? '[Sensitive]' : parameter.newValue;
5152
result[parameter.name] = typeof parameter.newValue === 'string'
52-
? escapeNewlines(parameter.newValue)
53-
: parameter.newValue;
53+
? escapeNewlines(value as string)
54+
: value;
5455

5556
return result;
5657
}, {} as Record<string, unknown>)
@@ -69,9 +70,10 @@ function prettyFormatDestroyPlan(plan: ResourcePlan): string {
6970
return result;
7071
}
7172

73+
const value = parameter.isSensitive ? '[Sensitive]' : parameter.previousValue;
7274
result[parameter.name] = typeof parameter.previousValue === 'string'
73-
? escapeNewlines(parameter.previousValue)
74-
: parameter.previousValue;
75+
? escapeNewlines(value as string)
76+
: value;
7577

7678
return result;
7779
}, {} as Record<string, unknown>)
@@ -89,11 +91,11 @@ function prettyFormatModifyPlan(plan: ResourcePlan): string {
8991
];
9092

9193
for (const parameter of plan.parameters) {
92-
9394
// TODO: Add support for object types as well in the future
9495
if ((Array.isArray(parameter.previousValue) || parameter.previousValue === null)
9596
&& (Array.isArray(parameter.newValue) || parameter.newValue === null)
9697
&& !(parameter.previousValue === null && parameter.newValue === null)
98+
&& !parameter.isSensitive
9799
) {
98100
const line = formatArray(parameter);
99101
builder.push(line);
@@ -121,27 +123,36 @@ function escapeNewlines(str: string): string {
121123
function formatParameter(parameter: PlanResponseData['parameters'][0]): string {
122124
switch (parameter.operation) {
123125
case ParameterOperation.NOOP: {
126+
const value = parameter.isSensitive ? '[Sensitive]' : parameter.newValue;
127+
124128
return typeof parameter.newValue === 'string'
125-
? `"${parameter.name}": "${escapeNewlines(parameter.newValue)}",`
126-
: `"${parameter.name}": ${parameter.newValue},`
129+
? `"${parameter.name}": "${escapeNewlines(value as string)}",`
130+
: `"${parameter.name}": ${value},`
127131
}
128132

129133
case ParameterOperation.ADD: {
134+
const value = parameter.isSensitive ? '[Sensitive]' : parameter.newValue;
135+
130136
return typeof parameter.newValue === 'string'
131-
? chalk.green(`"${parameter.name}": "${escapeNewlines(parameter.newValue)}",`)
132-
: chalk.green(`"${parameter.name}": ${parameter.newValue},`)
137+
? chalk.green(`"${parameter.name}": "${escapeNewlines(value as string)}",`)
138+
: chalk.green(`"${parameter.name}": ${value},`)
133139
}
134140

135141
case ParameterOperation.REMOVE: {
142+
const value = parameter.isSensitive ? '[Sensitive]' : parameter.previousValue;
143+
136144
return typeof parameter.previousValue === 'string'
137-
? chalk.red(`"${parameter.name}": "${escapeNewlines(parameter.previousValue)}",`)
138-
: chalk.red(`"${parameter.name}": ${parameter.previousValue},`)
145+
? chalk.red(`"${parameter.name}": "${escapeNewlines(value as string)}",`)
146+
: chalk.red(`"${parameter.name}": ${value},`)
139147
}
140148

141149
case ParameterOperation.MODIFY: {
150+
const newValue = parameter.isSensitive ? '[Sensitive]' : parameter.newValue;
151+
const previousValue = parameter.isSensitive ? '[Sensitive]' : parameter.previousValue;
152+
142153
return typeof parameter.newValue === 'string' && typeof parameter.previousValue === 'string'
143-
? `"${parameter.name}": "${escapeNewlines(parameter.previousValue)}" -> "${escapeNewlines(parameter.newValue)}",`
144-
: `"${parameter.name}": ${parameter.previousValue} -> ${parameter.newValue},`
154+
? `"${parameter.name}": "${escapeNewlines(previousValue as string)}" -> "${escapeNewlines(newValue as string)}",`
155+
: `"${parameter.name}": ${previousValue} -> ${newValue},`
145156
}
146157
}
147158
}

0 commit comments

Comments
 (0)