chore: allow secrets env to be used without vaultname

MatrixAI · Oct 18, 2024 · 2848e25 · 2848e25
1 parent 6ed1feb
commit 2848e25
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 7 deletions.
diff --git a/src/secrets/CommandCat.ts b/src/secrets/CommandCat.ts
@@ -98,6 +98,7 @@ class CommandGet extends CommandPolykey {
             if (chunk.error) process.stderr.write(chunk.error);
             else process.stdout.write(chunk.secretContent);
           }
+          process.stderr.write("\n");
         }, meta);
       } finally {
         if (pkClient! != null) await pkClient.stop();

diff --git a/src/utils/parsers.ts b/src/utils/parsers.ts
@@ -125,18 +125,13 @@ function parseSecretPathValue(secretPath: string): [string, string, string?] {
   return [vaultName, directoryPath, value];
 }
 
-function parseSecretPathEnv(secretPath: string): [string, string, string?] {
+function parseSecretPathEnv(secretPath: string): [string, string?, string?] {
   const [vaultName, directoryPath, value] = parseSecretPath(secretPath);
   if (value != null && !environmentVariableRegex.test(value)) {
     throw new commander.InvalidArgumentError(
       `${value} is not a valid environment variable name`,
     );
   }
-  if (directoryPath == null) {
-    throw new commander.InvalidArgumentError(
-      `${secretPath} is not of the format <vaultName>:<directoryPath>[=<value>]`,
-    );
-  }
   return [vaultName, directoryPath, value];
 }
 
@@ -215,7 +210,9 @@ function parseEnvArgs(
   if (current[1].length === 0) {
     // Parse a secret path
     try {
-      current[0].push(parseSecretPathEnv(value));
+      const [vaultName, secretPath, valueData] = parseSecretPathEnv(value);
+      const parsedSecretPath = secretPath == null ? '/' : secretPath;
+      current[0].push([vaultName, parsedSecretPath, valueData]);
     } catch (e) {
       if (!(e instanceof commander.InvalidArgumentError)) throw e;
       // If we get an invalid argument error then we switch over to parsing args verbatim

diff --git a/tests/secrets/write.test.ts b/tests/secrets/write.test.ts
@@ -95,6 +95,41 @@ describe('commandWriteFile', () => {
       });
     },
   );
+  test.prop([stdinArb], { numRuns: 1 })(
+    'should fail writing when secret path is not specified',
+    async (stdinData) => {
+      const vaultName = genVaultName();
+      await polykeyAgent.vaultManager.createVault(vaultName);
+      command = [
+        'secrets',
+        'write',
+        '-np',
+        dataDir,
+        vaultName
+      ];
+
+      const childProcess = await testUtils.pkSpawn(
+        command,
+        {
+          env: { PK_PASSWORD: password },
+          cwd: dataDir,
+        },
+        logger,
+      );
+      // The conditions of stdin being null will not be met in the test, so we
+      // don't have to worry about the fields being null.
+      childProcess.stdin!.write(stdinData);
+      childProcess.stdin!.end();
+      const exitCode = await new Promise((resolve) => {
+        childProcess.once('exit', (code) => {
+          const exitCode = code ?? -255;
+          childProcess.removeAllListeners('data');
+          resolve(exitCode);
+        });
+      });
+      expect(exitCode).not.toBe(0);
+    },
+  );
   test('should overwrite secret', async () => {
     const vaultName = 'vault' as VaultName;
     const vaultId = await polykeyAgent.vaultManager.createVault(vaultName);