From fd17871da468018a5f6f19bde9f753c5cc4f6aed Mon Sep 17 00:00:00 2001 From: Michael Sukkarieh Date: Fri, 31 Oct 2025 14:33:28 -0700 Subject: [PATCH 1/6] chore(tech-debt): Remove built-in secret manager (#592) --- CHANGELOG.md | 3 + docs/docs/connections/ado-cloud.mdx | 24 +- docs/docs/connections/ado-server.mdx | 24 +- docs/docs/connections/gitea.mdx | 23 +- docs/docs/connections/github.mdx | 23 +- docs/docs/connections/gitlab.mdx | 23 +- docs/snippets/bitbucket-app-password.mdx | 23 - docs/snippets/bitbucket-token.mdx | 21 - docs/snippets/schemas/v2/index.schema.mdx | 9 - docs/snippets/schemas/v3/app.schema.mdx | 26 - .../schemas/v3/azuredevops.schema.mdx | 18 - docs/snippets/schemas/v3/bitbucket.schema.mdx | 18 - .../snippets/schemas/v3/connection.schema.mdx | 90 -- docs/snippets/schemas/v3/gitea.schema.mdx | 18 - docs/snippets/schemas/v3/github.schema.mdx | 18 - docs/snippets/schemas/v3/githubApp.schema.mdx | 76 -- docs/snippets/schemas/v3/gitlab.schema.mdx | 18 - docs/snippets/schemas/v3/index.schema.mdx | 818 ------------------ .../schemas/v3/languageModel.schema.mdx | 702 --------------- docs/snippets/schemas/v3/shared.schema.mdx | 39 - packages/backend/src/azuredevops.ts | 5 +- packages/backend/src/bitbucket.ts | 5 +- packages/backend/src/connectionManager.ts | 14 +- packages/backend/src/ee/githubAppManager.ts | 6 +- .../backend/src/ee/repoPermissionSyncer.ts | 2 +- packages/backend/src/gitea.ts | 7 +- packages/backend/src/github.ts | 5 +- packages/backend/src/gitlab.ts | 5 +- packages/backend/src/repoCompileUtils.ts | 67 +- packages/backend/src/repoIndexManager.ts | 2 +- packages/backend/src/utils.ts | 14 +- packages/crypto/src/tokenUtils.ts | 23 +- .../migration.sql | 11 + packages/db/prisma/schema.prisma | 14 - packages/schemas/src/v2/index.schema.ts | 9 - packages/schemas/src/v3/app.schema.ts | 26 - packages/schemas/src/v3/app.type.ts | 19 +- packages/schemas/src/v3/azuredevops.schema.ts | 18 - packages/schemas/src/v3/azuredevops.type.ts | 19 +- packages/schemas/src/v3/bitbucket.schema.ts | 18 - packages/schemas/src/v3/bitbucket.type.ts | 19 +- packages/schemas/src/v3/connection.schema.ts | 90 -- packages/schemas/src/v3/connection.type.ts | 95 +- packages/schemas/src/v3/gitea.schema.ts | 18 - packages/schemas/src/v3/gitea.type.ts | 19 +- packages/schemas/src/v3/github.schema.ts | 18 - packages/schemas/src/v3/github.type.ts | 19 +- packages/schemas/src/v3/gitlab.schema.ts | 18 - packages/schemas/src/v3/gitlab.type.ts | 19 +- packages/schemas/src/v3/index.schema.ts | 818 ------------------ packages/schemas/src/v3/index.type.ts | 420 +++------ .../schemas/src/v3/languageModel.schema.ts | 702 --------------- packages/schemas/src/v3/languageModel.type.ts | 306 ++----- packages/schemas/src/v3/shared.schema.ts | 39 - packages/schemas/src/v3/shared.type.ts | 19 +- packages/web/src/actions.ts | 89 +- .../components/importSecretDialog.tsx | 315 ------- .../web/src/app/[domain]/settings/layout.tsx | 4 - .../secrets/components/importSecretCard.tsx | 67 -- .../secrets/components/secretsList.tsx | 158 ---- .../app/[domain]/settings/secrets/page.tsx | 36 - .../web/src/app/api/(server)/chat/route.ts | 2 +- packages/web/src/features/chat/actions.ts | 66 +- packages/web/src/lib/strings.ts | 7 - schemas/v2/index.json | 3 - schemas/v3/azuredevops.json | 7 +- schemas/v3/bitbucket.json | 7 +- schemas/v3/gitea.json | 7 +- schemas/v3/github.json | 7 +- schemas/v3/gitlab.json | 7 +- schemas/v3/shared.json | 13 - 71 files changed, 416 insertions(+), 5301 deletions(-) delete mode 100644 docs/snippets/schemas/v3/githubApp.schema.mdx create mode 100644 packages/db/prisma/migrations/20251031191203_remove_secret_table/migration.sql delete mode 100644 packages/web/src/app/[domain]/components/importSecretDialog.tsx delete mode 100644 packages/web/src/app/[domain]/settings/secrets/components/importSecretCard.tsx delete mode 100644 packages/web/src/app/[domain]/settings/secrets/components/secretsList.tsx delete mode 100644 packages/web/src/app/[domain]/settings/secrets/page.tsx delete mode 100644 packages/web/src/lib/strings.ts diff --git a/CHANGELOG.md b/CHANGELOG.md index a0bf5e9e..594f30d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Fixed "The account is already associated with another user" errors with GitLab oauth provider. [#584](https://github.com/sourcebot-dev/sourcebot/pull/584) - Fixed error when viewing a generic git connection in `/settings/connections`. [#588](https://github.com/sourcebot-dev/sourcebot/pull/588) +## Removed +- Removed built-in secret manager. [#592](https://github.com/sourcebot-dev/sourcebot/pull/592) + ## [4.8.1] - 2025-10-29 ### Fixed diff --git a/docs/docs/connections/ado-cloud.mdx b/docs/docs/connections/ado-cloud.mdx index cc20c745..7071afb1 100644 --- a/docs/docs/connections/ado-cloud.mdx +++ b/docs/docs/connections/ado-cloud.mdx @@ -86,7 +86,7 @@ If you're not familiar with Sourcebot [connections](/docs/connections/overview), Azure Devops Cloud requires you to provide a PAT in order to index your repositories. To learn how to create PAT, check out the [Azure Devops docs](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows). Sourcebot needs the `Read` access for the `Code` scope in order to find and clone your repos. -Next, provide the access token via the `token` property, either as an environment variable or a secret: +Next, provide the access token via an environment variable which is referenced in the `token` property: @@ -113,28 +113,6 @@ Next, provide the access token via the `token` property, either as an environmen ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "azuredevops", - "deploymentType": "cloud", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - ## Schema reference diff --git a/docs/docs/connections/ado-server.mdx b/docs/docs/connections/ado-server.mdx index 1cfc0252..a62d94c2 100644 --- a/docs/docs/connections/ado-server.mdx +++ b/docs/docs/connections/ado-server.mdx @@ -100,7 +100,7 @@ If you're not familiar with Sourcebot [connections](/docs/connections/overview), Azure Devops Server requires you to provide a PAT in order to index your repositories. To learn how to create PAT, check out the [Azure Devops docs](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows). Sourcebot needs the `Read` access for the `Code` scope in order to find and clone your repos. -Next, provide the access token via the `token` property, either as an environment variable or a secret: +Next, provide the access token via an environment variable which is referenced in the `token` property: @@ -127,28 +127,6 @@ Next, provide the access token via the `token` property, either as an environmen ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "azuredevops", - "deploymentType": "server", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - ## Schema reference diff --git a/docs/docs/connections/gitea.mdx b/docs/docs/connections/gitea.mdx index 1d439c76..0f8505cb 100644 --- a/docs/docs/connections/gitea.mdx +++ b/docs/docs/connections/gitea.mdx @@ -81,7 +81,7 @@ In order to index private repositories, you'll need to generate a Gitea access t ![Gitea Access token creation](/images/gitea_pat_creation.png) -Next, provide the access token via the `token` property, either as an environment variable or a secret: +Next, provide the access token via an environment variable which is referenced in the `token` property: @@ -107,27 +107,6 @@ Next, provide the access token via the `token` property, either as an environmen ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "gitea", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - ## Connecting to a custom Gitea diff --git a/docs/docs/connections/github.mdx b/docs/docs/connections/github.mdx index 98fc5b50..e87a1f6d 100644 --- a/docs/docs/connections/github.mdx +++ b/docs/docs/connections/github.mdx @@ -128,7 +128,7 @@ In order to index private repositories, you'll need to generate a access token a -Next, provide the access token via the `token` property, either as an environment variable or a secret: +Next, provide the access token via an environment variable which is referenced in the `token` property: @@ -154,27 +154,6 @@ Next, provide the access token via the `token` property, either as an environmen ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "github", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - ## Connecting to a custom GitHub host diff --git a/docs/docs/connections/gitlab.mdx b/docs/docs/connections/gitlab.mdx index 2680064b..1b71b7ae 100644 --- a/docs/docs/connections/gitlab.mdx +++ b/docs/docs/connections/gitlab.mdx @@ -116,7 +116,7 @@ In order to index private projects, you'll need to generate a GitLab Personal Ac ![GitLab PAT Scope](/images/gitlab_pat_scopes.png) -Next, provide the PAT via the `token` property, either as an environment variable or a secret: +Next, provide the PAT via an environment variable which is referenced in the `token` property: @@ -142,27 +142,6 @@ Next, provide the PAT via the `token` property, either as an environment variabl ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "gitlab", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - ## Connecting to a custom GitLab host diff --git a/docs/snippets/bitbucket-app-password.mdx b/docs/snippets/bitbucket-app-password.mdx index 0a5fdac3..2d4511c3 100644 --- a/docs/snippets/bitbucket-app-password.mdx +++ b/docs/snippets/bitbucket-app-password.mdx @@ -24,27 +24,4 @@ ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your access token: - - ![](/images/secrets_list.png) - - 2. Add the `token` and `user` (username associated with the app password you created) properties to your connection config: - - ```json - { - "type": "bitbucket", - "deploymentType": "cloud", - "user": "myusername", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - \ No newline at end of file diff --git a/docs/snippets/bitbucket-token.mdx b/docs/snippets/bitbucket-token.mdx index 94197e01..26efe248 100644 --- a/docs/snippets/bitbucket-token.mdx +++ b/docs/snippets/bitbucket-token.mdx @@ -22,25 +22,4 @@ ghcr.io/sourcebot-dev/sourcebot:latest ``` - - - Secrets are only supported when [authentication](/docs/configuration/auth/overview) is enabled. - - 1. Navigate to **Secrets** in settings and create a new secret with your PAT: - - ![](/images/secrets_list.png) - - 2. Add the `token` property to your connection config: - - ```json - { - "type": "bitbucket", - "token": { - "secret": "mysecret" - } - // .. rest of config .. - } - ``` - - \ No newline at end of file diff --git a/docs/snippets/schemas/v2/index.schema.mdx b/docs/snippets/schemas/v2/index.schema.mdx index df78084a..f061d3b3 100644 --- a/docs/snippets/schemas/v2/index.schema.mdx +++ b/docs/snippets/schemas/v2/index.schema.mdx @@ -77,7 +77,6 @@ "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -274,7 +273,6 @@ "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -465,7 +463,6 @@ "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -779,7 +776,6 @@ "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -976,7 +972,6 @@ "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1167,7 +1162,6 @@ "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1563,7 +1557,6 @@ "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1760,7 +1753,6 @@ "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1951,7 +1943,6 @@ "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } diff --git a/docs/snippets/schemas/v3/app.schema.mdx b/docs/snippets/schemas/v3/app.schema.mdx index 6d5e5a21..1e95a482 100644 --- a/docs/snippets/schemas/v3/app.schema.mdx +++ b/docs/snippets/schemas/v3/app.schema.mdx @@ -28,19 +28,6 @@ "privateKey": { "description": "The private key of the GitHub App.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -90,19 +77,6 @@ "privateKey": { "description": "The private key of the GitHub App.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/azuredevops.schema.mdx b/docs/snippets/schemas/v3/azuredevops.schema.mdx index fab796de..e187f276 100644 --- a/docs/snippets/schemas/v3/azuredevops.schema.mdx +++ b/docs/snippets/schemas/v3/azuredevops.schema.mdx @@ -11,25 +11,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/bitbucket.schema.mdx b/docs/snippets/schemas/v3/bitbucket.schema.mdx index 829d0254..85202242 100644 --- a/docs/snippets/schemas/v3/bitbucket.schema.mdx +++ b/docs/snippets/schemas/v3/bitbucket.schema.mdx @@ -15,25 +15,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/connection.schema.mdx b/docs/snippets/schemas/v3/connection.schema.mdx index 48750ae1..10311eba 100644 --- a/docs/snippets/schemas/v3/connection.schema.mdx +++ b/docs/snippets/schemas/v3/connection.schema.mdx @@ -15,25 +15,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -228,25 +210,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -435,25 +399,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -707,25 +653,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -880,25 +808,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/gitea.schema.mdx b/docs/snippets/schemas/v3/gitea.schema.mdx index f236e3fe..f663ba47 100644 --- a/docs/snippets/schemas/v3/gitea.schema.mdx +++ b/docs/snippets/schemas/v3/gitea.schema.mdx @@ -11,25 +11,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/github.schema.mdx b/docs/snippets/schemas/v3/github.schema.mdx index 1858eee8..49ea2ce6 100644 --- a/docs/snippets/schemas/v3/github.schema.mdx +++ b/docs/snippets/schemas/v3/github.schema.mdx @@ -11,25 +11,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/githubApp.schema.mdx b/docs/snippets/schemas/v3/githubApp.schema.mdx deleted file mode 100644 index 2d1aea88..00000000 --- a/docs/snippets/schemas/v3/githubApp.schema.mdx +++ /dev/null @@ -1,76 +0,0 @@ -{/* THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY! */} -```json -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "type": "object", - "title": "GithubAppConfig", - "properties": { - "type": { - "const": "githubApp", - "description": "GitHub App Configuration" - }, - "deploymentHostname": { - "type": "string", - "format": "hostname", - "default": "github.com", - "description": "The hostname of the GitHub App deployment.", - "examples": [ - "github.com", - "github.example.com" - ] - }, - "id": { - "type": "string", - "description": "The ID of the GitHub App." - }, - "privateKey": { - "description": "The private key of the GitHub App.", - "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - } - ] - } - }, - "required": [ - "type", - "id" - ], - "oneOf": [ - { - "required": [ - "privateKey" - ] - }, - { - "required": [ - "privateKeyPath" - ] - } - ], - "additionalProperties": false -} -``` diff --git a/docs/snippets/schemas/v3/gitlab.schema.mdx b/docs/snippets/schemas/v3/gitlab.schema.mdx index 1d322f44..4783aee6 100644 --- a/docs/snippets/schemas/v3/gitlab.schema.mdx +++ b/docs/snippets/schemas/v3/gitlab.schema.mdx @@ -11,25 +11,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/index.schema.mdx b/docs/snippets/schemas/v3/index.schema.mdx index 89ed6be2..38351682 100644 --- a/docs/snippets/schemas/v3/index.schema.mdx +++ b/docs/snippets/schemas/v3/index.schema.mdx @@ -298,25 +298,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -511,25 +493,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -718,25 +682,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -990,25 +936,7 @@ }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1163,25 +1091,7 @@ }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1453,19 +1363,6 @@ "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1484,19 +1381,6 @@ "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1515,19 +1399,6 @@ "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1569,19 +1440,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1626,19 +1484,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1672,19 +1517,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1733,19 +1565,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1783,19 +1602,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1840,19 +1646,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1886,19 +1679,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1943,19 +1723,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1989,19 +1756,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2062,19 +1816,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2108,19 +1849,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2183,19 +1911,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2229,19 +1944,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2286,19 +1988,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2332,19 +2021,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2395,19 +2071,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2451,19 +2114,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2508,19 +2158,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2557,19 +2194,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2601,19 +2225,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2669,19 +2280,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2715,19 +2313,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2776,19 +2361,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2822,19 +2394,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2882,19 +2441,6 @@ "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2913,19 +2459,6 @@ "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2944,19 +2477,6 @@ "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2998,19 +2518,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3055,19 +2562,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3101,19 +2595,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3162,19 +2643,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3212,19 +2680,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3269,19 +2724,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3315,19 +2757,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3372,19 +2801,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3418,19 +2834,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3491,19 +2894,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3537,19 +2927,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3612,19 +2989,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3658,19 +3022,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3715,19 +3066,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3761,19 +3099,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3824,19 +3149,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3880,19 +3192,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3937,19 +3236,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3986,19 +3272,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4030,19 +3303,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4098,19 +3358,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4144,19 +3391,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4205,19 +3439,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4251,19 +3472,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4324,19 +3532,6 @@ }, "privateKey": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4386,19 +3581,6 @@ }, "privateKey": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/languageModel.schema.mdx b/docs/snippets/schemas/v3/languageModel.schema.mdx index accfc95c..ebc1bc92 100644 --- a/docs/snippets/schemas/v3/languageModel.schema.mdx +++ b/docs/snippets/schemas/v3/languageModel.schema.mdx @@ -22,19 +22,6 @@ "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -53,19 +40,6 @@ "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -84,19 +58,6 @@ "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -138,19 +99,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -195,19 +143,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -241,19 +176,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -302,19 +224,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -352,19 +261,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -409,19 +305,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -455,19 +338,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -512,19 +382,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -558,19 +415,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -631,19 +475,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -677,19 +508,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -752,19 +570,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -798,19 +603,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -855,19 +647,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -901,19 +680,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -964,19 +730,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1020,19 +773,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1077,19 +817,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1126,19 +853,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1170,19 +884,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1238,19 +939,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1284,19 +972,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1345,19 +1020,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1391,19 +1053,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1451,19 +1100,6 @@ "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1482,19 +1118,6 @@ "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1513,19 +1136,6 @@ "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1567,19 +1177,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1624,19 +1221,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1670,19 +1254,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1731,19 +1302,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1781,19 +1339,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1838,19 +1383,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1884,19 +1416,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1941,19 +1460,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1987,19 +1493,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2060,19 +1553,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2106,19 +1586,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2181,19 +1648,6 @@ }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2227,19 +1681,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2284,19 +1725,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2330,19 +1758,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2393,19 +1808,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2449,19 +1851,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2506,19 +1895,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2555,19 +1931,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2599,19 +1962,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2667,19 +2017,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2713,19 +2050,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2774,19 +2098,6 @@ }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2820,19 +2131,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/docs/snippets/schemas/v3/shared.schema.mdx b/docs/snippets/schemas/v3/shared.schema.mdx index 82ca9195..4087a944 100644 --- a/docs/snippets/schemas/v3/shared.schema.mdx +++ b/docs/snippets/schemas/v3/shared.schema.mdx @@ -6,19 +6,6 @@ "definitions": { "Token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -86,19 +73,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -130,19 +104,6 @@ }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/backend/src/azuredevops.ts b/packages/backend/src/azuredevops.ts index de587935..aa0fbf55 100644 --- a/packages/backend/src/azuredevops.ts +++ b/packages/backend/src/azuredevops.ts @@ -2,7 +2,6 @@ import { AzureDevOpsConnectionConfig } from "@sourcebot/schemas/v3/azuredevops.t import { createLogger } from "@sourcebot/logger"; import { measure, fetchWithRetry } from "./utils.js"; import micromatch from "micromatch"; -import { PrismaClient } from "@sourcebot/db"; import { BackendException, BackendError } from "@sourcebot/error"; import { processPromiseResults, throwIfAnyFailed } from "./connectionUtils.js"; import * as Sentry from "@sentry/node"; @@ -29,13 +28,11 @@ function createAzureDevOpsConnection( export const getAzureDevOpsReposFromConfig = async ( config: AzureDevOpsConnectionConfig, - orgId: number, - db: PrismaClient ) => { const baseUrl = config.url || `https://${AZUREDEVOPS_CLOUD_HOSTNAME}`; const token = config.token ? - await getTokenFromConfig(config.token, orgId, db) : + await getTokenFromConfig(config.token) : undefined; if (!token) { diff --git a/packages/backend/src/bitbucket.ts b/packages/backend/src/bitbucket.ts index 75adc311..c6fa87ff 100644 --- a/packages/backend/src/bitbucket.ts +++ b/packages/backend/src/bitbucket.ts @@ -3,7 +3,6 @@ import { createBitbucketServerClient } from "@coderabbitai/bitbucket/server"; import { BitbucketConnectionConfig } from "@sourcebot/schemas/v3/bitbucket.type"; import type { ClientOptions, ClientPathsWithMethod } from "openapi-fetch"; import { createLogger } from "@sourcebot/logger"; -import { PrismaClient } from "@sourcebot/db"; import { measure, fetchWithRetry } from "./utils.js"; import * as Sentry from "@sentry/node"; import { @@ -58,9 +57,9 @@ type ServerPaginatedResponse = { readonly nextPageStart: number; } -export const getBitbucketReposFromConfig = async (config: BitbucketConnectionConfig, orgId: number, db: PrismaClient) => { +export const getBitbucketReposFromConfig = async (config: BitbucketConnectionConfig) => { const token = config.token ? - await getTokenFromConfig(config.token, orgId, db) : + await getTokenFromConfig(config.token) : undefined; if (config.deploymentType === 'server' && !config.url) { diff --git a/packages/backend/src/connectionManager.ts b/packages/backend/src/connectionManager.ts index 40637ff0..006a3bf2 100644 --- a/packages/backend/src/connectionManager.ts +++ b/packages/backend/src/connectionManager.ts @@ -179,25 +179,25 @@ export class ConnectionManager { const result = await (async () => { switch (config.type) { case 'github': { - return await compileGithubConfig(config, job.data.connectionId, orgId, this.db, abortController); + return await compileGithubConfig(config, job.data.connectionId, abortController); } case 'gitlab': { - return await compileGitlabConfig(config, job.data.connectionId, orgId, this.db); + return await compileGitlabConfig(config, job.data.connectionId); } case 'gitea': { - return await compileGiteaConfig(config, job.data.connectionId, orgId, this.db); + return await compileGiteaConfig(config, job.data.connectionId); } case 'gerrit': { - return await compileGerritConfig(config, job.data.connectionId, orgId); + return await compileGerritConfig(config, job.data.connectionId); } case 'bitbucket': { - return await compileBitbucketConfig(config, job.data.connectionId, orgId, this.db); + return await compileBitbucketConfig(config, job.data.connectionId); } case 'azuredevops': { - return await compileAzureDevOpsConfig(config, job.data.connectionId, orgId, this.db); + return await compileAzureDevOpsConfig(config, job.data.connectionId); } case 'git': { - return await compileGenericGitHostConfig(config, job.data.connectionId, orgId); + return await compileGenericGitHostConfig(config, job.data.connectionId); } } })(); diff --git a/packages/backend/src/ee/githubAppManager.ts b/packages/backend/src/ee/githubAppManager.ts index ffe5f529..d8a72dff 100644 --- a/packages/backend/src/ee/githubAppManager.ts +++ b/packages/backend/src/ee/githubAppManager.ts @@ -55,11 +55,7 @@ export class GithubAppManager { for (const app of githubApps) { const deploymentHostname = app.deploymentHostname as string || GITHUB_DEFAULT_DEPLOYMENT_HOSTNAME; - - // @todo: we should move SINGLE_TENANT_ORG_ID to shared package or just remove the need to pass this in - // when resolving tokens - const SINGLE_TENANT_ORG_ID = 1; - const privateKey = await getTokenFromConfig(app.privateKey, SINGLE_TENANT_ORG_ID, this.db); + const privateKey = await getTokenFromConfig(app.privateKey); const octokitApp = new App({ appId: Number(app.id), diff --git a/packages/backend/src/ee/repoPermissionSyncer.ts b/packages/backend/src/ee/repoPermissionSyncer.ts index 4353c34e..9a1593d6 100644 --- a/packages/backend/src/ee/repoPermissionSyncer.ts +++ b/packages/backend/src/ee/repoPermissionSyncer.ts @@ -163,7 +163,7 @@ export class RepoPermissionSyncer { logger.info(`Syncing permissions for repo ${repo.displayName}...`); - const credentials = await getAuthCredentialsForRepo(repo, this.db, logger); + const credentials = await getAuthCredentialsForRepo(repo, logger); if (!credentials) { throw new Error(`No credentials found for repo ${id}`); } diff --git a/packages/backend/src/gitea.ts b/packages/backend/src/gitea.ts index ab3eee3f..91493b0f 100644 --- a/packages/backend/src/gitea.ts +++ b/packages/backend/src/gitea.ts @@ -4,7 +4,6 @@ import { measure } from './utils.js'; import fetch from 'cross-fetch'; import { createLogger } from '@sourcebot/logger'; import micromatch from 'micromatch'; -import { PrismaClient } from '@sourcebot/db'; import { processPromiseResults, throwIfAnyFailed } from './connectionUtils.js'; import * as Sentry from "@sentry/node"; import { env } from './env.js'; @@ -13,13 +12,13 @@ import { getTokenFromConfig } from "@sourcebot/crypto"; const logger = createLogger('gitea'); const GITEA_CLOUD_HOSTNAME = "gitea.com"; -export const getGiteaReposFromConfig = async (config: GiteaConnectionConfig, orgId: number, db: PrismaClient) => { +export const getGiteaReposFromConfig = async (config: GiteaConnectionConfig) => { const hostname = config.url ? new URL(config.url).hostname : GITEA_CLOUD_HOSTNAME; const token = config.token ? - await getTokenFromConfig(config.token, orgId, db) : + await getTokenFromConfig(config.token) : hostname === GITEA_CLOUD_HOSTNAME ? env.FALLBACK_GITEA_CLOUD_TOKEN : undefined; @@ -53,7 +52,7 @@ export const getGiteaReposFromConfig = async (config: GiteaConnectionConfig, org allRepos = allRepos.filter(repo => repo.full_name !== undefined); allRepos = allRepos.filter(repo => { if (repo.full_name === undefined) { - logger.warn(`Repository with undefined full_name found: orgId=${orgId}, repoId=${repo.id}`); + logger.warn(`Repository with undefined full_name found: repoId=${repo.id}`); return false; } return true; diff --git a/packages/backend/src/github.ts b/packages/backend/src/github.ts index 550d259d..7d4d617f 100644 --- a/packages/backend/src/github.ts +++ b/packages/backend/src/github.ts @@ -1,6 +1,5 @@ import { Octokit } from "@octokit/rest"; import * as Sentry from "@sentry/node"; -import { PrismaClient } from "@sourcebot/db"; import { createLogger } from "@sourcebot/logger"; import { GithubConnectionConfig } from "@sourcebot/schemas/v3/github.type"; import { hasEntitlement } from "@sourcebot/shared"; @@ -92,13 +91,13 @@ const getOctokitWithGithubApp = async ( } } -export const getGitHubReposFromConfig = async (config: GithubConnectionConfig, orgId: number, db: PrismaClient, signal: AbortSignal): Promise<{ repos: OctokitRepository[], warnings: string[] }> => { +export const getGitHubReposFromConfig = async (config: GithubConnectionConfig, signal: AbortSignal): Promise<{ repos: OctokitRepository[], warnings: string[] }> => { const hostname = config.url ? new URL(config.url).hostname : GITHUB_CLOUD_HOSTNAME; const token = config.token ? - await getTokenFromConfig(config.token, orgId, db) : + await getTokenFromConfig(config.token) : hostname === GITHUB_CLOUD_HOSTNAME ? env.FALLBACK_GITHUB_CLOUD_TOKEN : undefined; diff --git a/packages/backend/src/gitlab.ts b/packages/backend/src/gitlab.ts index 55bae70c..6063f7bd 100644 --- a/packages/backend/src/gitlab.ts +++ b/packages/backend/src/gitlab.ts @@ -3,7 +3,6 @@ import micromatch from "micromatch"; import { createLogger } from "@sourcebot/logger"; import { GitlabConnectionConfig } from "@sourcebot/schemas/v3/gitlab.type" import { measure, fetchWithRetry } from "./utils.js"; -import { PrismaClient } from "@sourcebot/db"; import { processPromiseResults, throwIfAnyFailed } from "./connectionUtils.js"; import * as Sentry from "@sentry/node"; import { env } from "./env.js"; @@ -34,13 +33,13 @@ export const createGitLabFromOAuthToken = async ({ oauthToken, url }: { oauthTok }); } -export const getGitLabReposFromConfig = async (config: GitlabConnectionConfig, orgId: number, db: PrismaClient) => { +export const getGitLabReposFromConfig = async (config: GitlabConnectionConfig) => { const hostname = config.url ? new URL(config.url).hostname : GITLAB_CLOUD_HOSTNAME; const token = config.token ? - await getTokenFromConfig(config.token, orgId, db) : + await getTokenFromConfig(config.token) : hostname === GITLAB_CLOUD_HOSTNAME ? env.FALLBACK_GITLAB_CLOUD_TOKEN : undefined; diff --git a/packages/backend/src/repoCompileUtils.ts b/packages/backend/src/repoCompileUtils.ts index d3172543..77508226 100644 --- a/packages/backend/src/repoCompileUtils.ts +++ b/packages/backend/src/repoCompileUtils.ts @@ -7,7 +7,7 @@ import { BitbucketRepository, getBitbucketReposFromConfig } from "./bitbucket.js import { getAzureDevOpsReposFromConfig } from "./azuredevops.js"; import { SchemaRestRepository as BitbucketServerRepository } from "@coderabbitai/bitbucket/server/openapi"; import { SchemaRepository as BitbucketCloudRepository } from "@coderabbitai/bitbucket/cloud/openapi"; -import { CodeHostType, Prisma, PrismaClient } from '@sourcebot/db'; +import { CodeHostType, Prisma } from '@sourcebot/db'; import { WithRequired } from "./types.js" import { marshalBool } from "./utils.js"; import { createLogger } from '@sourcebot/logger'; @@ -19,6 +19,7 @@ import { getOriginUrl, isPathAValidGitRepoRoot, isUrlAValidGitRepo } from './git import assert from 'assert'; import GitUrlParse from 'git-url-parse'; import { RepoMetadata } from '@sourcebot/shared'; +import { SINGLE_TENANT_ORG_ID } from './constants.js'; export type RepoData = WithRequired; @@ -32,10 +33,8 @@ type CompileResult = { export const compileGithubConfig = async ( config: GithubConnectionConfig, connectionId: number, - orgId: number, - db: PrismaClient, abortController: AbortController): Promise => { - const gitHubReposResult = await getGitHubReposFromConfig(config, orgId, db, abortController.signal); + const gitHubReposResult = await getGitHubReposFromConfig(config, abortController.signal); const gitHubRepos = gitHubReposResult.repos; const warnings = gitHubReposResult.warnings; @@ -66,7 +65,7 @@ export const compileGithubConfig = async ( isPublic: isPublic, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -104,11 +103,9 @@ export const compileGithubConfig = async ( export const compileGitlabConfig = async ( config: GitlabConnectionConfig, - connectionId: number, - orgId: number, - db: PrismaClient): Promise => { + connectionId: number): Promise => { - const gitlabReposResult = await getGitLabReposFromConfig(config, orgId, db); + const gitlabReposResult = await getGitLabReposFromConfig(config); const gitlabRepos = gitlabReposResult.repos; const warnings = gitlabReposResult.warnings; @@ -144,7 +141,7 @@ export const compileGitlabConfig = async ( isArchived: !!project.archived, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -180,11 +177,9 @@ export const compileGitlabConfig = async ( export const compileGiteaConfig = async ( config: GiteaConnectionConfig, - connectionId: number, - orgId: number, - db: PrismaClient): Promise => { + connectionId: number): Promise => { - const giteaReposResult = await getGiteaReposFromConfig(config, orgId, db); + const giteaReposResult = await getGiteaReposFromConfig(config); const giteaRepos = giteaReposResult.repos; const warnings = giteaReposResult.warnings; @@ -217,7 +212,7 @@ export const compileGiteaConfig = async ( isArchived: !!repo.archived, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -251,8 +246,7 @@ export const compileGiteaConfig = async ( export const compileGerritConfig = async ( config: GerritConnectionConfig, - connectionId: number, - orgId: number): Promise => { + connectionId: number): Promise => { const gerritRepos = await getGerritReposFromConfig(config); const hostUrl = config.url; @@ -298,7 +292,7 @@ export const compileGerritConfig = async ( isArchived: false, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -332,11 +326,9 @@ export const compileGerritConfig = async ( export const compileBitbucketConfig = async ( config: BitbucketConnectionConfig, - connectionId: number, - orgId: number, - db: PrismaClient): Promise => { + connectionId: number): Promise => { - const bitbucketReposResult = await getBitbucketReposFromConfig(config, orgId, db); + const bitbucketReposResult = await getBitbucketReposFromConfig(config); const bitbucketRepos = bitbucketReposResult.repos; const warnings = bitbucketReposResult.warnings; @@ -415,7 +407,7 @@ export const compileBitbucketConfig = async ( isArchived: isArchived, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -450,15 +442,14 @@ export const compileBitbucketConfig = async ( export const compileGenericGitHostConfig = async ( config: GenericGitHostConnectionConfig, - connectionId: number, - orgId: number, + connectionId: number ): Promise => { const configUrl = new URL(config.url); if (configUrl.protocol === 'file:') { - return compileGenericGitHostConfig_file(config, orgId, connectionId); + return compileGenericGitHostConfig_file(config, connectionId); } else if (configUrl.protocol === 'http:' || configUrl.protocol === 'https:') { - return compileGenericGitHostConfig_url(config, orgId, connectionId); + return compileGenericGitHostConfig_url(config, connectionId); } else { // Schema should prevent this, but throw an error just in case. @@ -468,7 +459,6 @@ export const compileGenericGitHostConfig = async ( export const compileGenericGitHostConfig_file = async ( config: GenericGitHostConnectionConfig, - orgId: number, connectionId: number, ): Promise => { const configUrl = new URL(config.url); @@ -481,7 +471,7 @@ export const compileGenericGitHostConfig_file = async ( const repos: RepoData[] = []; const warnings: string[] = []; - + await Promise.all(repoPaths.map(async (repoPath) => { const isGitRepo = await isPathAValidGitRepoRoot({ path: repoPath, @@ -518,7 +508,7 @@ export const compileGenericGitHostConfig_file = async ( isArchived: false, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -547,7 +537,6 @@ export const compileGenericGitHostConfig_file = async ( export const compileGenericGitHostConfig_url = async ( config: GenericGitHostConnectionConfig, - orgId: number, connectionId: number, ): Promise => { const remoteUrl = new URL(config.url); @@ -582,7 +571,7 @@ export const compileGenericGitHostConfig_url = async ( isArchived: false, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { @@ -604,11 +593,9 @@ export const compileGenericGitHostConfig_url = async ( export const compileAzureDevOpsConfig = async ( config: AzureDevOpsConnectionConfig, - connectionId: number, - orgId: number, - db: PrismaClient): Promise => { + connectionId: number): Promise => { - const azureDevOpsReposResult = await getAzureDevOpsReposFromConfig(config, orgId, db); + const azureDevOpsReposResult = await getAzureDevOpsReposFromConfig(config); const azureDevOpsRepos = azureDevOpsReposResult.repos; const warnings = azureDevOpsReposResult.warnings; @@ -621,18 +608,18 @@ export const compileAzureDevOpsConfig = async ( if (!repo.project) { throw new Error(`No project found for repository ${repo.name}`); } - + const repoDisplayName = `${repo.project.name}/${repo.name}`; const repoName = path.join(repoNameRoot, repoDisplayName); const isPublic = repo.project.visibility === ProjectVisibility.Public; - + if (!repo.remoteUrl) { throw new Error(`No remoteUrl found for repository ${repoDisplayName}`); } if (!repo.id) { throw new Error(`No id found for repository ${repoDisplayName}`); } - + // Construct web URL for the repository const webUrl = repo.webUrl || `${hostUrl}/${repo.project.name}/_git/${repo.name}`; @@ -652,7 +639,7 @@ export const compileAzureDevOpsConfig = async ( isPublic: isPublic, org: { connect: { - id: orgId, + id: SINGLE_TENANT_ORG_ID, }, }, connections: { diff --git a/packages/backend/src/repoIndexManager.ts b/packages/backend/src/repoIndexManager.ts index 042ba8c7..3b98e0e0 100644 --- a/packages/backend/src/repoIndexManager.ts +++ b/packages/backend/src/repoIndexManager.ts @@ -290,7 +290,7 @@ export class RepoIndexManager { const metadata = repoMetadataSchema.parse(repo.metadata); - const credentials = await getAuthCredentialsForRepo(repo, this.db); + const credentials = await getAuthCredentialsForRepo(repo); const cloneUrlMaybeWithToken = credentials?.cloneUrlWithToken ?? repo.cloneUrl; const authHeader = credentials?.authHeader ?? undefined; diff --git a/packages/backend/src/utils.ts b/packages/backend/src/utils.ts index 0fe98098..dd1e7dfa 100644 --- a/packages/backend/src/utils.ts +++ b/packages/backend/src/utils.ts @@ -1,7 +1,7 @@ import { Logger } from "winston"; import { RepoAuthCredentials, RepoWithConnections } from "./types.js"; import path from 'path'; -import { PrismaClient, Repo } from "@sourcebot/db"; +import { Repo } from "@sourcebot/db"; import { getTokenFromConfig } from "@sourcebot/crypto"; import * as Sentry from "@sentry/node"; import { GithubConnectionConfig, GitlabConnectionConfig, GiteaConnectionConfig, BitbucketConnectionConfig, AzureDevOpsConnectionConfig } from '@sourcebot/schemas/v3/connection.type'; @@ -110,7 +110,7 @@ export const fetchWithRetry = async ( // fetch the token here using the connections from the repo. Multiple connections could be referencing this repo, and each // may have their own token. This method will just pick the first connection that has a token (if one exists) and uses that. This // may technically cause syncing to fail if that connection's token just so happens to not have access to the repo it's referencing. -export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: PrismaClient, logger?: Logger): Promise => { +export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, logger?: Logger): Promise => { // If we have github apps configured we assume that we must use them for github service auth if (repo.external_codeHostType === 'github' && hasEntitlement('github-app') && GithubAppManager.getInstance().appsConfigured()) { logger?.debug(`Using GitHub App for service auth for repo ${repo.displayName} hosted at ${repo.external_codeHostUrl}`); @@ -139,7 +139,7 @@ export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: P if (connection.connectionType === 'github') { const config = connection.config as unknown as GithubConnectionConfig; if (config.token) { - const token = await getTokenFromConfig(config.token, connection.orgId, db); + const token = await getTokenFromConfig(config.token); return { hostUrl: config.url, token, @@ -154,7 +154,7 @@ export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: P } else if (connection.connectionType === 'gitlab') { const config = connection.config as unknown as GitlabConnectionConfig; if (config.token) { - const token = await getTokenFromConfig(config.token, connection.orgId, db); + const token = await getTokenFromConfig(config.token); return { hostUrl: config.url, token, @@ -170,7 +170,7 @@ export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: P } else if (connection.connectionType === 'gitea') { const config = connection.config as unknown as GiteaConnectionConfig; if (config.token) { - const token = await getTokenFromConfig(config.token, connection.orgId, db); + const token = await getTokenFromConfig(config.token); return { hostUrl: config.url, token, @@ -185,7 +185,7 @@ export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: P } else if (connection.connectionType === 'bitbucket') { const config = connection.config as unknown as BitbucketConnectionConfig; if (config.token) { - const token = await getTokenFromConfig(config.token, connection.orgId, db); + const token = await getTokenFromConfig(config.token); const username = config.user ?? 'x-token-auth'; return { hostUrl: config.url, @@ -202,7 +202,7 @@ export const getAuthCredentialsForRepo = async (repo: RepoWithConnections, db: P } else if (connection.connectionType === 'azuredevops') { const config = connection.config as unknown as AzureDevOpsConnectionConfig; if (config.token) { - const token = await getTokenFromConfig(config.token, connection.orgId, db); + const token = await getTokenFromConfig(config.token); // For ADO server, multiple auth schemes may be supported. If the ADO deployment supports NTLM, the git clone will default // to this over basic auth. As a result, we cannot embed the token in the clone URL and must force basic auth by passing in the token diff --git a/packages/crypto/src/tokenUtils.ts b/packages/crypto/src/tokenUtils.ts index be5a064d..b474c0e0 100644 --- a/packages/crypto/src/tokenUtils.ts +++ b/packages/crypto/src/tokenUtils.ts @@ -1,26 +1,7 @@ -import { PrismaClient } from "@sourcebot/db"; import { Token } from "@sourcebot/schemas/v3/shared.type"; -import { decrypt } from "./index.js"; -export const getTokenFromConfig = async (token: Token, orgId: number, db: PrismaClient) => { - if ('secret' in token) { - const secretKey = token.secret; - const secret = await db.secret.findUnique({ - where: { - orgId_key: { - key: secretKey, - orgId - } - } - }); - - if (!secret) { - throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`); - } - - const decryptedToken = decrypt(secret.iv, secret.encryptedValue); - return decryptedToken; - } else if ('env' in token) { +export const getTokenFromConfig = async (token: Token) => { + if ('env' in token) { const envToken = process.env[token.env]; if (!envToken) { throw new Error(`Environment variable ${token.env} not found.`); diff --git a/packages/db/prisma/migrations/20251031191203_remove_secret_table/migration.sql b/packages/db/prisma/migrations/20251031191203_remove_secret_table/migration.sql new file mode 100644 index 00000000..1b2f8dc2 --- /dev/null +++ b/packages/db/prisma/migrations/20251031191203_remove_secret_table/migration.sql @@ -0,0 +1,11 @@ +/* + Warnings: + + - You are about to drop the `Secret` table. If the table is not empty, all the data it contains will be lost. + +*/ +-- DropForeignKey +ALTER TABLE "Secret" DROP CONSTRAINT "Secret_orgId_fkey"; + +-- DropTable +DROP TABLE "Secret"; diff --git a/packages/db/prisma/schema.prisma b/packages/db/prisma/schema.prisma index 313de621..d182eec4 100644 --- a/packages/db/prisma/schema.prisma +++ b/packages/db/prisma/schema.prisma @@ -253,7 +253,6 @@ model Org { members UserToOrg[] connections Connection[] repos Repo[] - secrets Secret[] apiKeys ApiKey[] isOnboarded Boolean @default(false) imageUrl String? @@ -303,19 +302,6 @@ model UserToOrg { @@id([orgId, userId]) } -model Secret { - orgId Int - key String - encryptedValue String - iv String - - createdAt DateTime @default(now()) - - org Org @relation(fields: [orgId], references: [id], onDelete: Cascade) - - @@id([orgId, key]) -} - model ApiKey { name String hash String @id @unique diff --git a/packages/schemas/src/v2/index.schema.ts b/packages/schemas/src/v2/index.schema.ts index a37f2f3c..a4e9c304 100644 --- a/packages/schemas/src/v2/index.schema.ts +++ b/packages/schemas/src/v2/index.schema.ts @@ -76,7 +76,6 @@ const schema = { "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -273,7 +272,6 @@ const schema = { "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -464,7 +462,6 @@ const schema = { "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -778,7 +775,6 @@ const schema = { "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -975,7 +971,6 @@ const schema = { "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1166,7 +1161,6 @@ const schema = { "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1562,7 +1556,6 @@ const schema = { "token": { "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1759,7 +1752,6 @@ const schema = { "token": { "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } @@ -1950,7 +1942,6 @@ const schema = { "token": { "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } diff --git a/packages/schemas/src/v3/app.schema.ts b/packages/schemas/src/v3/app.schema.ts index 87a7eb27..a6d1280c 100644 --- a/packages/schemas/src/v3/app.schema.ts +++ b/packages/schemas/src/v3/app.schema.ts @@ -27,19 +27,6 @@ const schema = { "privateKey": { "description": "The private key of the GitHub App.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -89,19 +76,6 @@ const schema = { "privateKey": { "description": "The private key of the GitHub App.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/app.type.ts b/packages/schemas/src/v3/app.type.ts index c087a759..d0a4e34e 100644 --- a/packages/schemas/src/v3/app.type.ts +++ b/packages/schemas/src/v3/app.type.ts @@ -18,17 +18,10 @@ export interface GitHubAppConfig { /** * The private key of the GitHub App. */ - privateKey: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + privateKey: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } diff --git a/packages/schemas/src/v3/azuredevops.schema.ts b/packages/schemas/src/v3/azuredevops.schema.ts index 3b36fbed..f0d56085 100644 --- a/packages/schemas/src/v3/azuredevops.schema.ts +++ b/packages/schemas/src/v3/azuredevops.schema.ts @@ -10,25 +10,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/azuredevops.type.ts b/packages/schemas/src/v3/azuredevops.type.ts index b6ef68da..9c6c96f1 100644 --- a/packages/schemas/src/v3/azuredevops.type.ts +++ b/packages/schemas/src/v3/azuredevops.type.ts @@ -8,19 +8,12 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ diff --git a/packages/schemas/src/v3/bitbucket.schema.ts b/packages/schemas/src/v3/bitbucket.schema.ts index a7c857ce..a5de1b91 100644 --- a/packages/schemas/src/v3/bitbucket.schema.ts +++ b/packages/schemas/src/v3/bitbucket.schema.ts @@ -14,25 +14,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/bitbucket.type.ts b/packages/schemas/src/v3/bitbucket.type.ts index 260d949d..cbd8d9d8 100644 --- a/packages/schemas/src/v3/bitbucket.type.ts +++ b/packages/schemas/src/v3/bitbucket.type.ts @@ -12,19 +12,12 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Bitbucket URL */ diff --git a/packages/schemas/src/v3/connection.schema.ts b/packages/schemas/src/v3/connection.schema.ts index e0bcbc48..64872ab1 100644 --- a/packages/schemas/src/v3/connection.schema.ts +++ b/packages/schemas/src/v3/connection.schema.ts @@ -14,25 +14,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -227,25 +209,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -434,25 +398,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -706,25 +652,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -879,25 +807,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/connection.type.ts b/packages/schemas/src/v3/connection.type.ts index df31c465..0f62c980 100644 --- a/packages/schemas/src/v3/connection.type.ts +++ b/packages/schemas/src/v3/connection.type.ts @@ -17,19 +17,12 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -106,19 +99,12 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -177,19 +163,12 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -263,19 +242,12 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Bitbucket URL */ @@ -320,19 +292,12 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ diff --git a/packages/schemas/src/v3/gitea.schema.ts b/packages/schemas/src/v3/gitea.schema.ts index 1e1283ee..2e15067e 100644 --- a/packages/schemas/src/v3/gitea.schema.ts +++ b/packages/schemas/src/v3/gitea.schema.ts @@ -10,25 +10,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/gitea.type.ts b/packages/schemas/src/v3/gitea.type.ts index ec9e3046..afbedaf3 100644 --- a/packages/schemas/src/v3/gitea.type.ts +++ b/packages/schemas/src/v3/gitea.type.ts @@ -8,19 +8,12 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ diff --git a/packages/schemas/src/v3/github.schema.ts b/packages/schemas/src/v3/github.schema.ts index c29e1c08..d32ff6fe 100644 --- a/packages/schemas/src/v3/github.schema.ts +++ b/packages/schemas/src/v3/github.schema.ts @@ -10,25 +10,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/github.type.ts b/packages/schemas/src/v3/github.type.ts index 4cb73c9b..980f2f9f 100644 --- a/packages/schemas/src/v3/github.type.ts +++ b/packages/schemas/src/v3/github.type.ts @@ -8,19 +8,12 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ diff --git a/packages/schemas/src/v3/gitlab.schema.ts b/packages/schemas/src/v3/gitlab.schema.ts index 72d367e1..ee0cfd56 100644 --- a/packages/schemas/src/v3/gitlab.schema.ts +++ b/packages/schemas/src/v3/gitlab.schema.ts @@ -10,25 +10,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/gitlab.type.ts b/packages/schemas/src/v3/gitlab.type.ts index f25193b8..98a8d960 100644 --- a/packages/schemas/src/v3/gitlab.type.ts +++ b/packages/schemas/src/v3/gitlab.type.ts @@ -8,19 +8,12 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ diff --git a/packages/schemas/src/v3/index.schema.ts b/packages/schemas/src/v3/index.schema.ts index e49d998b..90e7c0ae 100644 --- a/packages/schemas/src/v3/index.schema.ts +++ b/packages/schemas/src/v3/index.schema.ts @@ -297,25 +297,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -510,25 +492,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -717,25 +681,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -989,25 +935,7 @@ const schema = { }, "token": { "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1162,25 +1090,7 @@ const schema = { }, "token": { "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ], "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1452,19 +1362,6 @@ const schema = { "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1483,19 +1380,6 @@ const schema = { "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1514,19 +1398,6 @@ const schema = { "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1568,19 +1439,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1625,19 +1483,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1671,19 +1516,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1732,19 +1564,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1782,19 +1601,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1839,19 +1645,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1885,19 +1678,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1942,19 +1722,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1988,19 +1755,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2061,19 +1815,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2107,19 +1848,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2182,19 +1910,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2228,19 +1943,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2285,19 +1987,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2331,19 +2020,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2394,19 +2070,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2450,19 +2113,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2507,19 +2157,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2556,19 +2193,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2600,19 +2224,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2668,19 +2279,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2714,19 +2312,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2775,19 +2360,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2821,19 +2393,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2881,19 +2440,6 @@ const schema = { "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2912,19 +2458,6 @@ const schema = { "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2943,19 +2476,6 @@ const schema = { "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2997,19 +2517,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3054,19 +2561,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3100,19 +2594,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3161,19 +2642,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3211,19 +2679,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3268,19 +2723,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3314,19 +2756,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3371,19 +2800,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3417,19 +2833,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3490,19 +2893,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3536,19 +2926,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3611,19 +2988,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3657,19 +3021,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3714,19 +3065,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3760,19 +3098,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3823,19 +3148,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3879,19 +3191,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3936,19 +3235,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -3985,19 +3271,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4029,19 +3302,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4097,19 +3357,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4143,19 +3390,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4204,19 +3438,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4250,19 +3471,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4323,19 +3531,6 @@ const schema = { }, "privateKey": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -4385,19 +3580,6 @@ const schema = { }, "privateKey": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/index.type.ts b/packages/schemas/src/v3/index.type.ts index eb2b412c..75acc3d8 100644 --- a/packages/schemas/src/v3/index.type.ts +++ b/packages/schemas/src/v3/index.type.ts @@ -155,19 +155,12 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -244,19 +237,12 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -315,19 +301,12 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -401,19 +380,12 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Bitbucket URL */ @@ -458,19 +430,12 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ @@ -551,51 +516,30 @@ export interface AmazonBedrockLanguageModel { /** * Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable. */ - accessKeyId?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeyId?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable. */ - accessKeySecret?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeySecret?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable. */ - sessionToken?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + sessionToken?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The AWS region. Defaults to the `AWS_REGION` environment variable. */ @@ -616,20 +560,12 @@ export interface LanguageModelHeaders { */ [k: string]: | string - | ( - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - } - ); + | { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } export interface AnthropicLanguageModel { /** @@ -647,19 +583,12 @@ export interface AnthropicLanguageModel { /** * Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -686,19 +615,12 @@ export interface AzureLanguageModel { /** * Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Sets a custom api version. Defaults to `preview`. */ @@ -725,19 +647,12 @@ export interface DeepSeekLanguageModel { /** * Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -760,19 +675,12 @@ export interface GoogleGenerativeAILanguageModel { /** * Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -803,19 +711,12 @@ export interface GoogleVertexAnthropicLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -846,19 +747,12 @@ export interface GoogleVertexLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -881,19 +775,12 @@ export interface MistralLanguageModel { /** * Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -916,19 +803,12 @@ export interface OpenAILanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -955,19 +835,12 @@ export interface OpenAICompatibleLanguageModel { /** * Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer . */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Base URL of the OpenAI-compatible chat completions API endpoint. */ @@ -989,20 +862,12 @@ export interface LanguageModelQueryParams { */ [k: string]: | string - | ( - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - } - ); + | { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } export interface OpenRouterLanguageModel { /** @@ -1020,19 +885,12 @@ export interface OpenRouterLanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -1055,19 +913,12 @@ export interface XaiLanguageModel { /** * Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -1090,17 +941,10 @@ export interface GitHubAppConfig { /** * The private key of the GitHub App. */ - privateKey: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + privateKey: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } diff --git a/packages/schemas/src/v3/languageModel.schema.ts b/packages/schemas/src/v3/languageModel.schema.ts index 3bdb4c00..e3f72781 100644 --- a/packages/schemas/src/v3/languageModel.schema.ts +++ b/packages/schemas/src/v3/languageModel.schema.ts @@ -21,19 +21,6 @@ const schema = { "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -52,19 +39,6 @@ const schema = { "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -83,19 +57,6 @@ const schema = { "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -137,19 +98,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -194,19 +142,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -240,19 +175,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -301,19 +223,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -351,19 +260,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -408,19 +304,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -454,19 +337,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -511,19 +381,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -557,19 +414,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -630,19 +474,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -676,19 +507,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -751,19 +569,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -797,19 +602,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -854,19 +646,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -900,19 +679,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -963,19 +729,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1019,19 +772,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1076,19 +816,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1125,19 +852,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1169,19 +883,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1237,19 +938,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1283,19 +971,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1344,19 +1019,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1390,19 +1052,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1450,19 +1099,6 @@ const schema = { "accessKeyId": { "description": "Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1481,19 +1117,6 @@ const schema = { "accessKeySecret": { "description": "Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1512,19 +1135,6 @@ const schema = { "sessionToken": { "description": "Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable.", "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1566,19 +1176,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1623,19 +1220,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1669,19 +1253,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1730,19 +1301,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1780,19 +1338,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1837,19 +1382,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1883,19 +1415,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1940,19 +1459,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -1986,19 +1492,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2059,19 +1552,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2105,19 +1585,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2180,19 +1647,6 @@ const schema = { }, "credentials": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2226,19 +1680,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2283,19 +1724,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2329,19 +1757,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2392,19 +1807,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2448,19 +1850,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2505,19 +1894,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2554,19 +1930,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2598,19 +1961,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2666,19 +2016,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2712,19 +2049,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2773,19 +2097,6 @@ const schema = { }, "token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -2819,19 +2130,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/languageModel.type.ts b/packages/schemas/src/v3/languageModel.type.ts index 58b9aac6..48f5b83e 100644 --- a/packages/schemas/src/v3/languageModel.type.ts +++ b/packages/schemas/src/v3/languageModel.type.ts @@ -30,51 +30,30 @@ export interface AmazonBedrockLanguageModel { /** * Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable. */ - accessKeyId?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeyId?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable. */ - accessKeySecret?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeySecret?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable. */ - sessionToken?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + sessionToken?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * The AWS region. Defaults to the `AWS_REGION` environment variable. */ @@ -95,20 +74,12 @@ export interface LanguageModelHeaders { */ [k: string]: | string - | ( - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - } - ); + | { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } export interface AnthropicLanguageModel { /** @@ -126,19 +97,12 @@ export interface AnthropicLanguageModel { /** * Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -165,19 +129,12 @@ export interface AzureLanguageModel { /** * Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Sets a custom api version. Defaults to `preview`. */ @@ -204,19 +161,12 @@ export interface DeepSeekLanguageModel { /** * Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -239,19 +189,12 @@ export interface GoogleGenerativeAILanguageModel { /** * Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -282,19 +225,12 @@ export interface GoogleVertexAnthropicLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -325,19 +261,12 @@ export interface GoogleVertexLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -360,19 +289,12 @@ export interface MistralLanguageModel { /** * Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -395,19 +317,12 @@ export interface OpenAILanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -434,19 +349,12 @@ export interface OpenAICompatibleLanguageModel { /** * Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer . */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Base URL of the OpenAI-compatible chat completions API endpoint. */ @@ -468,20 +376,12 @@ export interface LanguageModelQueryParams { */ [k: string]: | string - | ( - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - } - ); + | { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; } export interface OpenRouterLanguageModel { /** @@ -499,19 +399,12 @@ export interface OpenRouterLanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ @@ -534,19 +427,12 @@ export interface XaiLanguageModel { /** * Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable. */ - token?: - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; + }; /** * Optional base URL. */ diff --git a/packages/schemas/src/v3/shared.schema.ts b/packages/schemas/src/v3/shared.schema.ts index 5ecacd44..44238cad 100644 --- a/packages/schemas/src/v3/shared.schema.ts +++ b/packages/schemas/src/v3/shared.schema.ts @@ -5,19 +5,6 @@ const schema = { "definitions": { "Token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -85,19 +72,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { @@ -129,19 +103,6 @@ const schema = { }, { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { diff --git a/packages/schemas/src/v3/shared.type.ts b/packages/schemas/src/v3/shared.type.ts index 727de2be..23113f50 100644 --- a/packages/schemas/src/v3/shared.type.ts +++ b/packages/schemas/src/v3/shared.type.ts @@ -4,19 +4,12 @@ * This interface was referenced by `Shared`'s JSON-Schema * via the `definition` "Token". */ -export type Token = - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - } - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; +export type Token = { + /** + * The name of the environment variable that contains the token. Only supported in declarative connection configs. + */ + env: string; +}; export interface Shared { [k: string]: unknown; diff --git a/packages/web/src/actions.ts b/packages/web/src/actions.ts index 7c3a472a..895084e0 100644 --- a/packages/web/src/actions.ts +++ b/packages/web/src/actions.ts @@ -255,89 +255,6 @@ export const completeOnboarding = async (domain: string): Promise<{ success: boo }) )); -export const getSecrets = async (domain: string): Promise<{ createdAt: Date; key: string; }[] | ServiceError> => sew(() => - withAuth((userId) => - withOrgMembership(userId, domain, async ({ org }) => { - const secrets = await prisma.secret.findMany({ - where: { - orgId: org.id, - }, - select: { - key: true, - createdAt: true - } - }); - - return secrets.map((secret) => ({ - key: secret.key, - createdAt: secret.createdAt, - })); - }))); - -export const createSecret = async (key: string, value: string, domain: string): Promise<{ success: boolean } | ServiceError> => sew(() => - withAuth((userId) => - withOrgMembership(userId, domain, async ({ org }) => { - const encrypted = encrypt(value); - const existingSecret = await prisma.secret.findUnique({ - where: { - orgId_key: { - orgId: org.id, - key, - } - } - }); - - if (existingSecret) { - return secretAlreadyExists(); - } - - await prisma.secret.create({ - data: { - orgId: org.id, - key, - encryptedValue: encrypted.encryptedData, - iv: encrypted.iv, - } - }); - - - return { - success: true, - } - }))); - -export const checkIfSecretExists = async (key: string, domain: string): Promise => sew(() => - withAuth((userId) => - withOrgMembership(userId, domain, async ({ org }) => { - const secret = await prisma.secret.findUnique({ - where: { - orgId_key: { - orgId: org.id, - key, - } - } - }); - - return !!secret; - }))); - -export const deleteSecret = async (key: string, domain: string): Promise<{ success: boolean } | ServiceError> => sew(() => - withAuth((userId) => - withOrgMembership(userId, domain, async ({ org }) => { - await prisma.secret.delete({ - where: { - orgId_key: { - orgId: org.id, - key, - } - } - }); - - return { - success: true, - } - }))); - export const verifyApiKey = async (apiKeyPayload: ApiKeyPayload): Promise<{ apiKey: ApiKey } | ServiceError> => sew(async () => { const parts = apiKeyPayload.apiKey.split("-"); if (parts.length !== 2 || parts[0] !== "sourcebot") { @@ -1778,21 +1695,21 @@ export const getRepoImage = async (repoId: number): Promise void; - onSecretCreated: (key: string) => void; - codeHostType: CodeHostType; -} - - -export const ImportSecretDialog = ({ open, onOpenChange, onSecretCreated, codeHostType }: ImportSecretDialogProps) => { - const [showValue, setShowValue] = useState(false); - const domain = useDomain(); - const { toast } = useToast(); - const captureEvent = useCaptureEvent(); - - const formSchema = z.object({ - key: z.string().min(1).refine(async (key) => { - const doesSecretExist = await checkIfSecretExists(key, domain); - if(!isServiceError(doesSecretExist)) { - captureEvent('wa_secret_combobox_import_secret_fail', { - type: codeHostType, - error: "A secret with this key already exists.", - }); - } - return isServiceError(doesSecretExist) || !doesSecretExist; - }, "A secret with this key already exists."), - value: z.string().min(1), - }); - - const form = useForm>({ - resolver: zodResolver(formSchema), - defaultValues: { - key: "", - value: "", - }, - }); - const { isSubmitting } = form.formState; - - const onSubmit = useCallback(async (data: z.infer) => { - const response = await createSecret(data.key, data.value, domain); - if (isServiceError(response)) { - toast({ - description: `❌ Failed to create secret. Reason: ${response.message}` - }); - captureEvent('wa_secret_combobox_import_secret_fail', { - type: codeHostType, - error: response.message, - }); - } else { - toast({ - description: `✅ Secret created successfully!` - }); - captureEvent('wa_secret_combobox_import_secret_success', { - type: codeHostType, - }); - form.reset(); - onOpenChange(false); - onSecretCreated(data.key); - } - }, [domain, toast, onOpenChange, onSecretCreated, form, codeHostType, captureEvent]); - - const codeHostSpecificStep = useMemo(() => { - switch (codeHostType) { - case 'github': - return ; - case 'gitlab': - return ; - case 'bitbucketCloud': - return ; - case 'bitbucketServer': - return ; - case 'gitea': - return ; - case 'gerrit': - return null; - } - }, [codeHostType]); - - - return ( - - - - Import a secret - - Secrets are used to authenticate with a code host. They are encrypted at rest using AES-256-CBC. - Checkout our security docs for more information. - - - -
- { - event.stopPropagation(); - form.handleSubmit(onSubmit)(event); - }} - > - {codeHostSpecificStep} - - - ( - - Value - -
- - -
- - - The secret value to store securely. - - - - )} - /> - - - - ( - - Key - - - - - A unique name to identify this secret. - - - - )} - /> - - -
- -
-
- - - - ) -} - -const GitHubPATCreationStep = ({ step }: { step: number }) => { - return ( - Navigate here on github.com (or your enterprise instance) and create a new personal access token. Sourcebot needs the repo scope in order to access private repositories: - > - Create a personal access token - - ) -} - -const GitLabPATCreationStep = ({ step }: { step: number }) => { - return ( - Navigate here on gitlab.com (or your self-hosted instance) and create a new personal access token. Sourcebot needs the read_api scope in order to access private projects: - > - Create a personal access token - - ) -} - -const GiteaPATCreationStep = ({ step }: { step: number }) => { - return ( - Navigate here on gitea.com (or your self-hosted instance) and create a new access token. Sourcebot needs the read:repository, read:user, and read:organization scopes: - > - Create a personal access token - - ) -} - -const BitbucketCloudPATCreationStep = ({ step }: { step: number }) => { - return ( - Please check out our docs for more information on how to create auth credentials for Bitbucket Cloud. - > - - ) -} - -const BitbucketServerPATCreationStep = ({ step }: { step: number }) => { - return ( - Please check out our docs for more information on how to create auth credentials for Bitbucket Data Center. - > - - ) -} - -interface SecretCreationStepProps { - step: number; - title: string; - description: string | React.ReactNode; - children?: React.ReactNode; -} - -const SecretCreationStep = ({ step, title, description, children }: SecretCreationStepProps) => { - return ( -
-
- {step} - -
-

- {title} -

-

- {description} -

- {children} -
- ) -} \ No newline at end of file diff --git a/packages/web/src/app/[domain]/settings/layout.tsx b/packages/web/src/app/[domain]/settings/layout.tsx index 8367a4ba..ccac2e99 100644 --- a/packages/web/src/app/[domain]/settings/layout.tsx +++ b/packages/web/src/app/[domain]/settings/layout.tsx @@ -106,10 +106,6 @@ export default async function SettingsLayout( isNotificationDotVisible: connectionStats.numberOfConnectionsWithFirstTimeSyncJobsInProgress > 0, } ] : []), - { - title: "Secrets", - href: `/${domain}/settings/secrets`, - }, { title: "API Keys", href: `/${domain}/settings/apiKeys`, diff --git a/packages/web/src/app/[domain]/settings/secrets/components/importSecretCard.tsx b/packages/web/src/app/[domain]/settings/secrets/components/importSecretCard.tsx deleted file mode 100644 index 4d9a5666..00000000 --- a/packages/web/src/app/[domain]/settings/secrets/components/importSecretCard.tsx +++ /dev/null @@ -1,67 +0,0 @@ -'use client'; - -import { CodeHostIconButton } from "@/app/[domain]/components/codeHostIconButton"; -import { Card, CardTitle, CardDescription, CardHeader, CardContent } from "@/components/ui/card"; -import { getCodeHostIcon } from "@/lib/utils"; -import { cn } from "@/lib/utils"; -import { CodeHostType } from "@sourcebot/db"; -import { useState } from "react"; -import { ImportSecretDialog } from "@/app/[domain]/components/importSecretDialog"; -import { useRouter } from "next/navigation"; - -interface ImportSecretCardProps { - className?: string; -} - -export const ImportSecretCard = ({ className }: ImportSecretCardProps) => { - const [selectedCodeHost, setSelectedCodeHost] = useState(null); - const [isImportSecretDialogOpen, setIsImportSecretDialogOpen] = useState(false); - const router = useRouter(); - - return ( - <> - - - Import a new secret - Import a secret from a code host to allow Sourcebot to sync private repositories. - - - { - setSelectedCodeHost("github"); - setIsImportSecretDialogOpen(true); - }} - /> - { - setSelectedCodeHost("gitlab"); - setIsImportSecretDialogOpen(true); - }} - /> - { - setSelectedCodeHost("gitea"); - setIsImportSecretDialogOpen(true); - }} - /> - - - {selectedCodeHost && ( - { - router.refresh(); - }} - codeHostType={selectedCodeHost ?? "github"} - /> - )} - - ) -} \ No newline at end of file diff --git a/packages/web/src/app/[domain]/settings/secrets/components/secretsList.tsx b/packages/web/src/app/[domain]/settings/secrets/components/secretsList.tsx deleted file mode 100644 index 92ed4df7..00000000 --- a/packages/web/src/app/[domain]/settings/secrets/components/secretsList.tsx +++ /dev/null @@ -1,158 +0,0 @@ -'use client'; - -import { Input } from "@/components/ui/input"; -import { LucideKeyRound, MoreVertical, Search, LucideTrash } from "lucide-react"; -import { useState, useMemo, useCallback } from "react"; -import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select"; -import { getFormattedDate, isServiceError } from "@/lib/utils"; -import { DropdownMenu, DropdownMenuContent, DropdownMenuItem, DropdownMenuTrigger } from "@/components/ui/dropdown-menu"; -import { Button } from "@/components/ui/button"; -import { AlertDialog, AlertDialogAction, AlertDialogCancel, AlertDialogContent, AlertDialogDescription, AlertDialogFooter, AlertDialogHeader, AlertDialogTitle } from "@/components/ui/alert-dialog"; -import { deleteSecret } from "@/actions"; -import { useDomain } from "@/hooks/useDomain"; -import { useToast } from "@/components/hooks/use-toast"; -import { useRouter } from "next/navigation"; -import { CodeSnippet } from "@/app/components/codeSnippet"; - -interface Secret { - key: string; - createdAt: Date; -} - -interface SecretsListProps { - secrets: Secret[]; -} - -export const SecretsList = ({ secrets }: SecretsListProps) => { - const [searchQuery, setSearchQuery] = useState(""); - const [dateSort, setDateSort] = useState<"newest" | "oldest">("newest"); - const [secretToDelete, setSecretToDelete] = useState(null); - const [isDeleteDialogOpen, setIsDeleteDialogOpen] = useState(false); - const domain = useDomain(); - const { toast } = useToast(); - const router = useRouter(); - - const filteredSecrets = useMemo(() => { - return secrets - .filter((secret) => { - const searchLower = searchQuery.toLowerCase(); - const matchesSearch = secret.key.toLowerCase().includes(searchLower); - return matchesSearch; - }) - .sort((a, b) => { - return dateSort === "newest" - ? b.createdAt.getTime() - a.createdAt.getTime() - : a.createdAt.getTime() - b.createdAt.getTime() - }); - }, [secrets, searchQuery, dateSort]); - - const onDeleteSecret = useCallback(() => { - deleteSecret(secretToDelete?.key ?? "", domain) - .then((response) => { - if (isServiceError(response)) { - toast({ - description: `❌ Failed to delete secret. Reason: ${response.message}` - }) - } else { - toast({ - description: `✅ Secret deleted successfully.` - }); - router.refresh(); - } - }) - }, [domain, secretToDelete?.key, toast, router]); - - return ( -
-
-
- - setSearchQuery(e.target.value)} - /> -
- - -
- -
-
- {secrets.length === 0 || (filteredSecrets.length === 0 && searchQuery.length > 0) ? ( -
-

No Secrets Found

-

- {filteredSecrets.length === 0 && searchQuery.length > 0 ? "No secrets found matching your filters." : "Use the form above to create a new secret."} -

-
- ) : ( - filteredSecrets.map((secret) => ( -
-
- -

{secret.key}

-
-
-

- Created {getFormattedDate(secret.createdAt)} -

- - - - - - { - setSecretToDelete(secret); - setIsDeleteDialogOpen(true); - }} - > - - Delete secret - - - -
-
- )) - )} -
-
- - - - Delete Secret - - Are you sure you want to delete the secret {secretToDelete?.key}? Any connections that use this secret will fail to sync. - - - - Cancel - - Delete - - - - -
- ) -} diff --git a/packages/web/src/app/[domain]/settings/secrets/page.tsx b/packages/web/src/app/[domain]/settings/secrets/page.tsx deleted file mode 100644 index 02714f59..00000000 --- a/packages/web/src/app/[domain]/settings/secrets/page.tsx +++ /dev/null @@ -1,36 +0,0 @@ -import { getSecrets } from "@/actions"; -import { SecretsList } from "./components/secretsList"; -import { isServiceError } from "@/lib/utils"; -import { ImportSecretCard } from "./components/importSecretCard"; -import { ServiceErrorException } from "@/lib/serviceError"; - -interface SecretsPageProps { - params: Promise<{ - domain: string; - }> -} - -export default async function SecretsPage(props: SecretsPageProps) { - const params = await props.params; - - const { - domain - } = params; - - const secrets = await getSecrets(domain); - if (isServiceError(secrets)) { - throw new ServiceErrorException(secrets); - } - - return ( -
-
-

Manage Secrets

-

These secrets grant Sourcebot access to private code.

-
- - - -
- ) -} \ No newline at end of file diff --git a/packages/web/src/app/api/(server)/chat/route.ts b/packages/web/src/app/api/(server)/chat/route.ts index d7f9368b..8f045305 100644 --- a/packages/web/src/app/api/(server)/chat/route.ts +++ b/packages/web/src/app/api/(server)/chat/route.ts @@ -92,7 +92,7 @@ export async function POST(req: Request) { }); } - const { model, providerOptions } = await _getAISDKLanguageModelAndOptions(languageModelConfig, org.id); + const { model, providerOptions } = await _getAISDKLanguageModelAndOptions(languageModelConfig); return createMessageStreamResponse({ messages, diff --git a/packages/web/src/features/chat/actions.ts b/packages/web/src/features/chat/actions.ts index 0e9638c4..ad4e9f12 100644 --- a/packages/web/src/features/chat/actions.ts +++ b/packages/web/src/features/chat/actions.ts @@ -21,7 +21,7 @@ import { createXai } from '@ai-sdk/xai'; import { fromNodeProviderChain } from '@aws-sdk/credential-providers'; import { createOpenRouter } from '@openrouter/ai-sdk-provider'; import { getTokenFromConfig } from "@sourcebot/crypto"; -import { ChatVisibility, OrgRole, Prisma, PrismaClient } from "@sourcebot/db"; +import { ChatVisibility, OrgRole, Prisma } from "@sourcebot/db"; import { LanguageModel } from "@sourcebot/schemas/v3/languageModel.type"; import { Token } from "@sourcebot/schemas/v3/shared.type"; import { loadConfig } from "@sourcebot/shared"; @@ -204,7 +204,7 @@ export const generateAndUpdateChatNameFromMessage = async ({ chatId, languageMod }); } - const { model } = await _getAISDKLanguageModelAndOptions(languageModelConfig, org.id); + const { model } = await _getAISDKLanguageModelAndOptions(languageModelConfig); const prompt = `Convert this question into a short topic title (max 50 characters). @@ -374,7 +374,7 @@ export const _getConfiguredLanguageModelsFull = async (): Promise>, }> => { @@ -386,16 +386,16 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or baseURL: config.baseUrl, region: config.region ?? env.AWS_REGION, accessKeyId: config.accessKeyId - ? await getTokenFromConfig(config.accessKeyId, orgId, prisma) + ? await getTokenFromConfig(config.accessKeyId) : env.AWS_ACCESS_KEY_ID, secretAccessKey: config.accessKeySecret - ? await getTokenFromConfig(config.accessKeySecret, orgId, prisma) + ? await getTokenFromConfig(config.accessKeySecret) : env.AWS_SECRET_ACCESS_KEY, sessionToken: config.sessionToken - ? await getTokenFromConfig(config.sessionToken, orgId, prisma) + ? await getTokenFromConfig(config.sessionToken) : env.AWS_SESSION_TOKEN, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, // Fallback to the default Node.js credential provider chain if no credentials are provided. // See: https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-credential-providers/#fromnodeproviderchain @@ -412,10 +412,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const anthropic = createAnthropic({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.ANTHROPIC_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -434,11 +434,11 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or case 'azure': { const azure = createAzure({ baseURL: config.baseUrl, - apiKey: config.token ? (await getTokenFromConfig(config.token, orgId, prisma)) : env.AZURE_API_KEY, + apiKey: config.token ? (await getTokenFromConfig(config.token)) : env.AZURE_API_KEY, apiVersion: config.apiVersion, resourceName: config.resourceName ?? env.AZURE_RESOURCE_NAME, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -449,9 +449,9 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or case 'deepseek': { const deepseek = createDeepSeek({ baseURL: config.baseUrl, - apiKey: config.token ? (await getTokenFromConfig(config.token, orgId, prisma)) : env.DEEPSEEK_API_KEY, + apiKey: config.token ? (await getTokenFromConfig(config.token)) : env.DEEPSEEK_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -463,10 +463,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const google = createGoogleGenerativeAI({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.GOOGLE_GENERATIVE_AI_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -480,11 +480,11 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or location: config.region ?? env.GOOGLE_VERTEX_REGION, ...(config.credentials ? { googleAuthOptions: { - keyFilename: await getTokenFromConfig(config.credentials, orgId, prisma), + keyFilename: await getTokenFromConfig(config.credentials), } } : {}), headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -506,11 +506,11 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or location: config.region ?? env.GOOGLE_VERTEX_REGION, ...(config.credentials ? { googleAuthOptions: { - keyFilename: await getTokenFromConfig(config.credentials, orgId, prisma), + keyFilename: await getTokenFromConfig(config.credentials), } } : {}), headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -522,10 +522,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const mistral = createMistral({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.MISTRAL_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -537,10 +537,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const openai = createOpenAI({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.OPENAI_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -558,13 +558,13 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or baseURL: config.baseUrl, name: config.displayName ?? modelId, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : undefined, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, queryParams: config.queryParams - ? await extractLanguageModelKeyValuePairs(config.queryParams, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.queryParams) : undefined, }); @@ -585,10 +585,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const openrouter = createOpenRouter({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.OPENROUTER_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -600,10 +600,10 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const xai = createXai({ baseURL: config.baseUrl, apiKey: config.token - ? await getTokenFromConfig(config.token, orgId, prisma) + ? await getTokenFromConfig(config.token) : env.XAI_API_KEY, headers: config.headers - ? await extractLanguageModelKeyValuePairs(config.headers, orgId, prisma) + ? await extractLanguageModelKeyValuePairs(config.headers) : undefined, }); @@ -617,9 +617,7 @@ export const _getAISDKLanguageModelAndOptions = async (config: LanguageModel, or const extractLanguageModelKeyValuePairs = async ( pairs: { [k: string]: string | Token; - }, - orgId: number, - db: PrismaClient, + } ): Promise> => { const resolvedPairs: Record = {}; @@ -633,7 +631,7 @@ const extractLanguageModelKeyValuePairs = async ( continue; } - const value = await getTokenFromConfig(val, orgId, db); + const value = await getTokenFromConfig(val); resolvedPairs[key] = value; } diff --git a/packages/web/src/lib/strings.ts b/packages/web/src/lib/strings.ts deleted file mode 100644 index 9fbcfd47..00000000 --- a/packages/web/src/lib/strings.ts +++ /dev/null @@ -1,7 +0,0 @@ - -export const strings = { - connectionConfigDescription: "Configure what repositories, organizations, users, etc. you want to sync with Sourcebot. Use the quick actions below to help you configure your connection.", - createSecretDescription: "Secrets are used to authenticate with the code host, allowing Sourcebot to access private repositories.", -} - -export default strings; diff --git a/schemas/v2/index.json b/schemas/v2/index.json index 67334c2a..0c9a79a2 100644 --- a/schemas/v2/index.json +++ b/schemas/v2/index.json @@ -76,7 +76,6 @@ "$ref": "#/definitions/Token", "description": "A Personal Access Token (PAT).", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } ] }, @@ -210,7 +209,6 @@ "$ref": "#/definitions/Token", "description": "An authentication token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } ] }, @@ -332,7 +330,6 @@ "$ref": "#/definitions/Token", "description": "An access token.", "examples": [ - "secret-token", { "env": "ENV_VAR_CONTAINING_TOKEN" } ] }, diff --git a/schemas/v3/azuredevops.json b/schemas/v3/azuredevops.json index 6cc27833..573a7335 100644 --- a/schemas/v3/azuredevops.json +++ b/schemas/v3/azuredevops.json @@ -9,12 +9,7 @@ }, "token": { "$ref": "./shared.json#/definitions/Token", - "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ] + "description": "A Personal Access Token (PAT)." }, "url": { "type": "string", diff --git a/schemas/v3/bitbucket.json b/schemas/v3/bitbucket.json index be2fdda9..a980a17c 100644 --- a/schemas/v3/bitbucket.json +++ b/schemas/v3/bitbucket.json @@ -13,12 +13,7 @@ }, "token": { "$ref": "./shared.json#/definitions/Token", - "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ] + "description": "An authentication token." }, "url": { "type": "string", diff --git a/schemas/v3/gitea.json b/schemas/v3/gitea.json index d5c87665..35f38fb1 100644 --- a/schemas/v3/gitea.json +++ b/schemas/v3/gitea.json @@ -9,12 +9,7 @@ }, "token": { "$ref": "./shared.json#/definitions/Token", - "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ] + "description": "A Personal Access Token (PAT)." }, "url": { "type": "string", diff --git a/schemas/v3/github.json b/schemas/v3/github.json index ec4a9f4f..c2002782 100644 --- a/schemas/v3/github.json +++ b/schemas/v3/github.json @@ -9,12 +9,7 @@ }, "token": { "$ref": "./shared.json#/definitions/Token", - "description": "A Personal Access Token (PAT).", - "examples": [ - { - "secret": "SECRET_KEY" - } - ] + "description": "A Personal Access Token (PAT)." }, "url": { "type": "string", diff --git a/schemas/v3/gitlab.json b/schemas/v3/gitlab.json index ab5b4e62..9d3b1ca9 100644 --- a/schemas/v3/gitlab.json +++ b/schemas/v3/gitlab.json @@ -9,12 +9,7 @@ }, "token": { "$ref": "./shared.json#/definitions/Token", - "description": "An authentication token.", - "examples": [ - { - "secret": "SECRET_KEY" - } - ] + "description": "An authentication token." }, "url": { "type": "string", diff --git a/schemas/v3/shared.json b/schemas/v3/shared.json index baa6dae8..a290edd1 100644 --- a/schemas/v3/shared.json +++ b/schemas/v3/shared.json @@ -4,19 +4,6 @@ "definitions": { "Token": { "anyOf": [ - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false - }, { "type": "object", "properties": { From 58456d616b757145c2c63110b80574e452799942 Mon Sep 17 00:00:00 2001 From: Brian Phillips <28457+brianphillips@users.noreply.github.com> Date: Fri, 31 Oct 2025 16:49:43 -0500 Subject: [PATCH 2/6] add p-limit to GitHub API calls to avoid overwhelming the node process (or the API rate limits) (#591) --- CHANGELOG.md | 1 + packages/backend/package.json | 1 + packages/backend/src/github.ts | 17 +++++++++++------ yarn.lock | 17 +++++++++++++++++ 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 594f30d8..aca40e8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Fixed issue with GitHub app token tracking and refreshing. [#583](https://github.com/sourcebot-dev/sourcebot/pull/583) - Fixed "The account is already associated with another user" errors with GitLab oauth provider. [#584](https://github.com/sourcebot-dev/sourcebot/pull/584) - Fixed error when viewing a generic git connection in `/settings/connections`. [#588](https://github.com/sourcebot-dev/sourcebot/pull/588) +- Fixed issue with an unbounded `Promise.allSettled(...)` when retrieving details from the GitHub API about a large number of repositories (or orgs or users). [#591](https://github.com/sourcebot-dev/sourcebot/pull/591) ## Removed - Removed built-in secret manager. [#592](https://github.com/sourcebot-dev/sourcebot/pull/592) diff --git a/packages/backend/package.json b/packages/backend/package.json index f1466c0e..8b0659d2 100644 --- a/packages/backend/package.json +++ b/packages/backend/package.json @@ -51,6 +51,7 @@ "ioredis": "^5.4.2", "lowdb": "^7.0.1", "micromatch": "^4.0.8", + "p-limit": "^7.2.0", "posthog-node": "^4.2.1", "prom-client": "^15.1.3", "simple-git": "^3.27.0", diff --git a/packages/backend/src/github.ts b/packages/backend/src/github.ts index 7d4d617f..5b8aaa5a 100644 --- a/packages/backend/src/github.ts +++ b/packages/backend/src/github.ts @@ -4,6 +4,7 @@ import { createLogger } from "@sourcebot/logger"; import { GithubConnectionConfig } from "@sourcebot/schemas/v3/github.type"; import { hasEntitlement } from "@sourcebot/shared"; import micromatch from "micromatch"; +import pLimit from "p-limit"; import { processPromiseResults, throwIfAnyFailed } from "./connectionUtils.js"; import { GithubAppManager } from "./ee/githubAppManager.js"; import { env } from "./env.js"; @@ -11,6 +12,10 @@ import { fetchWithRetry, measure } from "./utils.js"; import { getTokenFromConfig } from "@sourcebot/crypto"; export const GITHUB_CLOUD_HOSTNAME = "github.com"; + +// Limit concurrent GitHub requests to avoid hitting rate limits and overwhelming installations. +const MAX_CONCURRENT_GITHUB_QUERIES = 5; +const githubQueryLimit = pLimit(MAX_CONCURRENT_GITHUB_QUERIES); const logger = createLogger('github'); export type OctokitRepository = { @@ -194,7 +199,7 @@ export const getReposForAuthenticatedUser = async (visibility: 'all' | 'private' } const getReposOwnedByUsers = async (users: string[], octokit: Octokit, signal: AbortSignal, url?: string) => { - const results = await Promise.allSettled(users.map(async (user) => { + const results = await Promise.allSettled(users.map((user) => githubQueryLimit(async () => { try { logger.debug(`Fetching repository info for user ${user}...`); @@ -243,7 +248,7 @@ const getReposOwnedByUsers = async (users: string[], octokit: Octokit, signal: A } throw error; } - })); + }))); throwIfAnyFailed(results); const { validItems: repos, warnings } = processPromiseResults(results); @@ -255,7 +260,7 @@ const getReposOwnedByUsers = async (users: string[], octokit: Octokit, signal: A } const getReposForOrgs = async (orgs: string[], octokit: Octokit, signal: AbortSignal, url?: string) => { - const results = await Promise.allSettled(orgs.map(async (org) => { + const results = await Promise.allSettled(orgs.map((org) => githubQueryLimit(async () => { try { logger.debug(`Fetching repository info for org ${org}...`); @@ -291,7 +296,7 @@ const getReposForOrgs = async (orgs: string[], octokit: Octokit, signal: AbortSi } throw error; } - })); + }))); throwIfAnyFailed(results); const { validItems: repos, warnings } = processPromiseResults(results); @@ -303,7 +308,7 @@ const getReposForOrgs = async (orgs: string[], octokit: Octokit, signal: AbortSi } const getRepos = async (repoList: string[], octokit: Octokit, signal: AbortSignal, url?: string) => { - const results = await Promise.allSettled(repoList.map(async (repo) => { + const results = await Promise.allSettled(repoList.map((repo) => githubQueryLimit(async () => { try { const [owner, repoName] = repo.split('/'); logger.debug(`Fetching repository info for ${repo}...`); @@ -341,7 +346,7 @@ const getRepos = async (repoList: string[], octokit: Octokit, signal: AbortSigna } throw error; } - })); + }))); throwIfAnyFailed(results); const { validItems: repos, warnings } = processPromiseResults(results); diff --git a/yarn.lock b/yarn.lock index 4afea5e7..402e6610 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7807,6 +7807,7 @@ __metadata: json-schema-to-typescript: "npm:^15.0.4" lowdb: "npm:^7.0.1" micromatch: "npm:^4.0.8" + p-limit: "npm:^7.2.0" posthog-node: "npm:^4.2.1" prom-client: "npm:^15.1.3" simple-git: "npm:^3.27.0" @@ -16463,6 +16464,15 @@ __metadata: languageName: node linkType: hard +"p-limit@npm:^7.2.0": + version: 7.2.0 + resolution: "p-limit@npm:7.2.0" + dependencies: + yocto-queue: "npm:^1.2.1" + checksum: 10c0/18e5ea305c31fdc0cf5260da7b63adfd46748cd72d4b40a31a13bd23eeece729c9308047fb5d848d7fa006d1b2fc2f36bb0d9dd173a300c38cd6dc1ed3355382 + languageName: node + linkType: hard + "p-locate@npm:^5.0.0": version: 5.0.0 resolution: "p-locate@npm:5.0.0" @@ -20836,6 +20846,13 @@ __metadata: languageName: node linkType: hard +"yocto-queue@npm:^1.2.1": + version: 1.2.1 + resolution: "yocto-queue@npm:1.2.1" + checksum: 10c0/5762caa3d0b421f4bdb7a1926b2ae2189fc6e4a14469258f183600028eb16db3e9e0306f46e8ebf5a52ff4b81a881f22637afefbef5399d6ad440824e9b27f9f + languageName: node + linkType: hard + "zod-to-json-schema@npm:^3.24.1, zod-to-json-schema@npm:^3.24.5": version: 3.24.5 resolution: "zod-to-json-schema@npm:3.24.5" From d1655d458739b2b85e7233f5f2573e2340b786c8 Mon Sep 17 00:00:00 2001 From: bkellam Date: Fri, 31 Oct 2025 14:58:33 -0700 Subject: [PATCH 3/6] run update roadmap on pushes to main --- .github/workflows/update-roadmap-released.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/update-roadmap-released.yml b/.github/workflows/update-roadmap-released.yml index b40955a1..8a89034a 100644 --- a/.github/workflows/update-roadmap-released.yml +++ b/.github/workflows/update-roadmap-released.yml @@ -1,6 +1,9 @@ name: Update Roadmap Released on: + push: + branches: + - main pull_request: types: [closed] workflow_dispatch: From 2c0540f6bfb9f95ba3de5bc85c25d24d68bf6434 Mon Sep 17 00:00:00 2001 From: Derek Miller <20miller10@gmail.com> Date: Sat, 1 Nov 2025 17:15:09 -0500 Subject: [PATCH 4/6] fix(backend): Limit concurrent git operations to prevent resource exhaustion (#590) (#593) When syncing generic-git-host connections with thousands of repositories, unbounded Promise.all caused resource exhaustion (EAGAIN errors) by spawning too many concurrent git processes. This resulted in valid repositories being incorrectly skipped during sync. - Add p-limit to control concurrent git operations (max 100) - Follow existing pattern from github.ts for consistency - Prevents file descriptor and process limit exhaustion - Uses rolling concurrency to avoid head-of-line blocking Fixes #590 --- CHANGELOG.md | 1 + packages/backend/src/repoCompileUtils.ts | 10 ++++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aca40e8f..24e03b1a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Fixed "The account is already associated with another user" errors with GitLab oauth provider. [#584](https://github.com/sourcebot-dev/sourcebot/pull/584) - Fixed error when viewing a generic git connection in `/settings/connections`. [#588](https://github.com/sourcebot-dev/sourcebot/pull/588) - Fixed issue with an unbounded `Promise.allSettled(...)` when retrieving details from the GitHub API about a large number of repositories (or orgs or users). [#591](https://github.com/sourcebot-dev/sourcebot/pull/591) +- Fixed resource exhaustion (EAGAIN errors) when syncing generic-git-host connections with thousands of repositories. [#593](https://github.com/sourcebot-dev/sourcebot/pull/593) ## Removed - Removed built-in secret manager. [#592](https://github.com/sourcebot-dev/sourcebot/pull/592) diff --git a/packages/backend/src/repoCompileUtils.ts b/packages/backend/src/repoCompileUtils.ts index 77508226..04a8b3b5 100644 --- a/packages/backend/src/repoCompileUtils.ts +++ b/packages/backend/src/repoCompileUtils.ts @@ -20,11 +20,17 @@ import assert from 'assert'; import GitUrlParse from 'git-url-parse'; import { RepoMetadata } from '@sourcebot/shared'; import { SINGLE_TENANT_ORG_ID } from './constants.js'; +import pLimit from 'p-limit'; export type RepoData = WithRequired; const logger = createLogger('repo-compile-utils'); +// Limit concurrent git operations to prevent resource exhaustion (EAGAIN errors) +// when processing thousands of repositories simultaneously +const MAX_CONCURRENT_GIT_OPERATIONS = 100; +const gitOperationLimit = pLimit(MAX_CONCURRENT_GIT_OPERATIONS); + type CompileResult = { repoData: RepoData[], warnings: string[], @@ -472,7 +478,7 @@ export const compileGenericGitHostConfig_file = async ( const repos: RepoData[] = []; const warnings: string[] = []; - await Promise.all(repoPaths.map(async (repoPath) => { + await Promise.all(repoPaths.map((repoPath) => gitOperationLimit(async () => { const isGitRepo = await isPathAValidGitRepoRoot({ path: repoPath, }); @@ -526,7 +532,7 @@ export const compileGenericGitHostConfig_file = async ( } repos.push(repo); - })); + }))); return { repoData: repos, From 7e161e6df3c6a53f76d50522d810630dcaa0eda7 Mon Sep 17 00:00:00 2001 From: bkellam Date: Sat, 1 Nov 2025 15:17:51 -0700 Subject: [PATCH 5/6] alter roadmap release update trigger --- .github/workflows/update-roadmap-released.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/update-roadmap-released.yml b/.github/workflows/update-roadmap-released.yml index 8a89034a..e77da88d 100644 --- a/.github/workflows/update-roadmap-released.yml +++ b/.github/workflows/update-roadmap-released.yml @@ -4,8 +4,6 @@ on: push: branches: - main - pull_request: - types: [closed] workflow_dispatch: schedule: - cron: "0 */6 * * *" From 26ec7af7f08a31bf6ee4674d69736f07242807f2 Mon Sep 17 00:00:00 2001 From: Brendan Kellam Date: Sat, 1 Nov 2025 22:02:55 -0700 Subject: [PATCH 6/6] feat(worker,web): Support google secrets as a token type (#594) --- docs/snippets/schemas/v3/app.schema.mdx | 30 +- .../schemas/v3/azuredevops.schema.mdx | 15 +- docs/snippets/schemas/v3/bitbucket.schema.mdx | 15 +- .../snippets/schemas/v3/connection.schema.mdx | 75 +- docs/snippets/schemas/v3/gitea.schema.mdx | 15 +- docs/snippets/schemas/v3/github.schema.mdx | 15 +- docs/snippets/schemas/v3/gitlab.schema.mdx | 15 +- docs/snippets/schemas/v3/index.schema.mdx | 915 ++++++++++++++++-- .../schemas/v3/languageModel.schema.mdx | 810 ++++++++++++++-- docs/snippets/schemas/v3/shared.schema.mdx | 45 +- packages/crypto/package.json | 1 + packages/crypto/src/tokenUtils.ts | 18 +- packages/schemas/src/v3/app.schema.ts | 30 +- packages/schemas/src/v3/app.type.ts | 19 +- packages/schemas/src/v3/azuredevops.schema.ts | 15 +- packages/schemas/src/v3/azuredevops.type.ts | 19 +- packages/schemas/src/v3/bitbucket.schema.ts | 15 +- packages/schemas/src/v3/bitbucket.type.ts | 19 +- packages/schemas/src/v3/connection.schema.ts | 75 +- packages/schemas/src/v3/connection.type.ts | 95 +- packages/schemas/src/v3/gitea.schema.ts | 15 +- packages/schemas/src/v3/gitea.type.ts | 19 +- packages/schemas/src/v3/github.schema.ts | 15 +- packages/schemas/src/v3/github.type.ts | 19 +- packages/schemas/src/v3/gitlab.schema.ts | 15 +- packages/schemas/src/v3/gitlab.type.ts | 19 +- packages/schemas/src/v3/index.schema.ts | 915 ++++++++++++++++-- packages/schemas/src/v3/index.type.ts | 420 +++++--- .../schemas/src/v3/languageModel.schema.ts | 810 ++++++++++++++-- packages/schemas/src/v3/languageModel.type.ts | 306 ++++-- packages/schemas/src/v3/shared.schema.ts | 45 +- packages/schemas/src/v3/shared.type.ts | 19 +- packages/web/src/actions.ts | 4 +- schemas/v3/shared.json | 15 +- yarn.lock | 289 +++++- 35 files changed, 4614 insertions(+), 567 deletions(-) diff --git a/docs/snippets/schemas/v3/app.schema.mdx b/docs/snippets/schemas/v3/app.schema.mdx index 1e95a482..2b2090b5 100644 --- a/docs/snippets/schemas/v3/app.schema.mdx +++ b/docs/snippets/schemas/v3/app.schema.mdx @@ -33,13 +33,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -82,13 +95,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/docs/snippets/schemas/v3/azuredevops.schema.mdx b/docs/snippets/schemas/v3/azuredevops.schema.mdx index e187f276..f94d6b64 100644 --- a/docs/snippets/schemas/v3/azuredevops.schema.mdx +++ b/docs/snippets/schemas/v3/azuredevops.schema.mdx @@ -17,13 +17,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/bitbucket.schema.mdx b/docs/snippets/schemas/v3/bitbucket.schema.mdx index 85202242..b2d1c459 100644 --- a/docs/snippets/schemas/v3/bitbucket.schema.mdx +++ b/docs/snippets/schemas/v3/bitbucket.schema.mdx @@ -21,13 +21,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/connection.schema.mdx b/docs/snippets/schemas/v3/connection.schema.mdx index 10311eba..3664e62d 100644 --- a/docs/snippets/schemas/v3/connection.schema.mdx +++ b/docs/snippets/schemas/v3/connection.schema.mdx @@ -21,13 +21,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -216,13 +229,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -405,13 +431,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -659,13 +698,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -814,13 +866,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/gitea.schema.mdx b/docs/snippets/schemas/v3/gitea.schema.mdx index f663ba47..a9664f50 100644 --- a/docs/snippets/schemas/v3/gitea.schema.mdx +++ b/docs/snippets/schemas/v3/gitea.schema.mdx @@ -17,13 +17,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/github.schema.mdx b/docs/snippets/schemas/v3/github.schema.mdx index 49ea2ce6..547a8c78 100644 --- a/docs/snippets/schemas/v3/github.schema.mdx +++ b/docs/snippets/schemas/v3/github.schema.mdx @@ -17,13 +17,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/gitlab.schema.mdx b/docs/snippets/schemas/v3/gitlab.schema.mdx index 4783aee6..886c1900 100644 --- a/docs/snippets/schemas/v3/gitlab.schema.mdx +++ b/docs/snippets/schemas/v3/gitlab.schema.mdx @@ -17,13 +17,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/docs/snippets/schemas/v3/index.schema.mdx b/docs/snippets/schemas/v3/index.schema.mdx index 38351682..2a9fe602 100644 --- a/docs/snippets/schemas/v3/index.schema.mdx +++ b/docs/snippets/schemas/v3/index.schema.mdx @@ -304,13 +304,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -499,13 +512,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -688,13 +714,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -942,13 +981,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1097,13 +1149,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1368,13 +1433,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1386,13 +1464,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1404,13 +1495,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1445,13 +1549,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1489,13 +1606,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -1522,13 +1652,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1570,13 +1713,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -1607,13 +1763,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1651,13 +1820,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -1684,13 +1866,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1728,13 +1923,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -1761,13 +1969,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1821,13 +2042,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1854,13 +2088,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1916,13 +2163,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1949,13 +2209,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1993,13 +2266,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -2026,13 +2312,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2076,13 +2375,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -2119,13 +2431,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2163,13 +2488,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -2199,13 +2537,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2230,13 +2581,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2285,13 +2649,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -2318,13 +2695,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2366,13 +2756,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -2399,13 +2802,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2446,13 +2862,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2464,13 +2893,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2482,13 +2924,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2523,13 +2978,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2567,13 +3035,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -2600,13 +3081,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2648,13 +3142,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -2685,13 +3192,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2729,13 +3249,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -2762,13 +3295,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2806,13 +3352,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -2839,13 +3398,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2899,13 +3471,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -2932,13 +3517,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2994,13 +3592,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -3027,13 +3638,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3071,13 +3695,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -3104,13 +3741,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3154,13 +3804,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -3197,13 +3860,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3241,13 +3917,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -3277,13 +3966,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3308,13 +4010,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3363,13 +4078,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -3396,13 +4124,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3444,13 +4185,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -3477,13 +4231,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3537,13 +4304,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "The private key of the GitHub App." @@ -3586,13 +4366,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "The private key of the GitHub App." diff --git a/docs/snippets/schemas/v3/languageModel.schema.mdx b/docs/snippets/schemas/v3/languageModel.schema.mdx index ebc1bc92..40758fdb 100644 --- a/docs/snippets/schemas/v3/languageModel.schema.mdx +++ b/docs/snippets/schemas/v3/languageModel.schema.mdx @@ -27,13 +27,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -45,13 +58,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -63,13 +89,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -104,13 +143,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -148,13 +200,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -181,13 +246,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -229,13 +307,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -266,13 +357,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -310,13 +414,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -343,13 +460,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -387,13 +517,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -420,13 +563,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -480,13 +636,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -513,13 +682,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -575,13 +757,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -608,13 +803,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -652,13 +860,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -685,13 +906,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -735,13 +969,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -778,13 +1025,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -822,13 +1082,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -858,13 +1131,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -889,13 +1175,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -944,13 +1243,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -977,13 +1289,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1025,13 +1350,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -1058,13 +1396,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1105,13 +1456,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1123,13 +1487,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1141,13 +1518,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1182,13 +1572,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1226,13 +1629,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -1259,13 +1675,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1307,13 +1736,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -1344,13 +1786,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1388,13 +1843,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -1421,13 +1889,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1465,13 +1946,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -1498,13 +1992,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1558,13 +2065,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1591,13 +2111,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1653,13 +2186,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1686,13 +2232,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1730,13 +2289,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -1763,13 +2335,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1813,13 +2398,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -1856,13 +2454,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1900,13 +2511,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -1936,13 +2560,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1967,13 +2604,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2022,13 +2672,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -2055,13 +2718,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2103,13 +2779,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -2136,13 +2825,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/docs/snippets/schemas/v3/shared.schema.mdx b/docs/snippets/schemas/v3/shared.schema.mdx index 4087a944..270d85b4 100644 --- a/docs/snippets/schemas/v3/shared.schema.mdx +++ b/docs/snippets/schemas/v3/shared.schema.mdx @@ -11,13 +11,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -78,13 +91,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -109,13 +135,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/packages/crypto/package.json b/packages/crypto/package.json index abccd406..d25e412f 100644 --- a/packages/crypto/package.json +++ b/packages/crypto/package.json @@ -8,6 +8,7 @@ "postinstall": "yarn build" }, "dependencies": { + "@google-cloud/secret-manager": "^6.1.1", "@sourcebot/db": "*", "@sourcebot/schemas": "*", "dotenv": "^16.4.5" diff --git a/packages/crypto/src/tokenUtils.ts b/packages/crypto/src/tokenUtils.ts index b474c0e0..abefa7ef 100644 --- a/packages/crypto/src/tokenUtils.ts +++ b/packages/crypto/src/tokenUtils.ts @@ -1,6 +1,7 @@ +import { SecretManagerServiceClient } from "@google-cloud/secret-manager"; import { Token } from "@sourcebot/schemas/v3/shared.type"; -export const getTokenFromConfig = async (token: Token) => { +export const getTokenFromConfig = async (token: Token): Promise => { if ('env' in token) { const envToken = process.env[token.env]; if (!envToken) { @@ -8,6 +9,21 @@ export const getTokenFromConfig = async (token: Token) => { } return envToken; + } else if ('googleCloudSecret' in token) { + try { + const client = new SecretManagerServiceClient(); + const [response] = await client.accessSecretVersion({ + name: token.googleCloudSecret, + }); + + if (!response.payload?.data) { + throw new Error(`Secret ${token.googleCloudSecret} not found.`); + } + + return response.payload.data.toString(); + } catch (error) { + throw new Error(`Failed to access Google Cloud secret ${token.googleCloudSecret}: ${error instanceof Error ? error.message : String(error)}`); + } } else { throw new Error('Invalid token configuration'); } diff --git a/packages/schemas/src/v3/app.schema.ts b/packages/schemas/src/v3/app.schema.ts index a6d1280c..0a37104a 100644 --- a/packages/schemas/src/v3/app.schema.ts +++ b/packages/schemas/src/v3/app.schema.ts @@ -32,13 +32,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -81,13 +94,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/packages/schemas/src/v3/app.type.ts b/packages/schemas/src/v3/app.type.ts index d0a4e34e..be5996ba 100644 --- a/packages/schemas/src/v3/app.type.ts +++ b/packages/schemas/src/v3/app.type.ts @@ -18,10 +18,17 @@ export interface GitHubAppConfig { /** * The private key of the GitHub App. */ - privateKey: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + privateKey: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; } diff --git a/packages/schemas/src/v3/azuredevops.schema.ts b/packages/schemas/src/v3/azuredevops.schema.ts index f0d56085..13ab3d8a 100644 --- a/packages/schemas/src/v3/azuredevops.schema.ts +++ b/packages/schemas/src/v3/azuredevops.schema.ts @@ -16,13 +16,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/azuredevops.type.ts b/packages/schemas/src/v3/azuredevops.type.ts index 9c6c96f1..d61b2f2e 100644 --- a/packages/schemas/src/v3/azuredevops.type.ts +++ b/packages/schemas/src/v3/azuredevops.type.ts @@ -8,12 +8,19 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ diff --git a/packages/schemas/src/v3/bitbucket.schema.ts b/packages/schemas/src/v3/bitbucket.schema.ts index a5de1b91..6a787442 100644 --- a/packages/schemas/src/v3/bitbucket.schema.ts +++ b/packages/schemas/src/v3/bitbucket.schema.ts @@ -20,13 +20,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/bitbucket.type.ts b/packages/schemas/src/v3/bitbucket.type.ts index cbd8d9d8..d03f8966 100644 --- a/packages/schemas/src/v3/bitbucket.type.ts +++ b/packages/schemas/src/v3/bitbucket.type.ts @@ -12,12 +12,19 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Bitbucket URL */ diff --git a/packages/schemas/src/v3/connection.schema.ts b/packages/schemas/src/v3/connection.schema.ts index 64872ab1..5cc22060 100644 --- a/packages/schemas/src/v3/connection.schema.ts +++ b/packages/schemas/src/v3/connection.schema.ts @@ -20,13 +20,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -215,13 +228,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -404,13 +430,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -658,13 +697,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -813,13 +865,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/connection.type.ts b/packages/schemas/src/v3/connection.type.ts index 0f62c980..3bd5feb4 100644 --- a/packages/schemas/src/v3/connection.type.ts +++ b/packages/schemas/src/v3/connection.type.ts @@ -17,12 +17,19 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -99,12 +106,19 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -163,12 +177,19 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -242,12 +263,19 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Bitbucket URL */ @@ -292,12 +320,19 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ diff --git a/packages/schemas/src/v3/gitea.schema.ts b/packages/schemas/src/v3/gitea.schema.ts index 2e15067e..f6caca8b 100644 --- a/packages/schemas/src/v3/gitea.schema.ts +++ b/packages/schemas/src/v3/gitea.schema.ts @@ -16,13 +16,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/gitea.type.ts b/packages/schemas/src/v3/gitea.type.ts index afbedaf3..1d235bcf 100644 --- a/packages/schemas/src/v3/gitea.type.ts +++ b/packages/schemas/src/v3/gitea.type.ts @@ -8,12 +8,19 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ diff --git a/packages/schemas/src/v3/github.schema.ts b/packages/schemas/src/v3/github.schema.ts index d32ff6fe..cdaf6885 100644 --- a/packages/schemas/src/v3/github.schema.ts +++ b/packages/schemas/src/v3/github.schema.ts @@ -16,13 +16,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/github.type.ts b/packages/schemas/src/v3/github.type.ts index 980f2f9f..29f14a0d 100644 --- a/packages/schemas/src/v3/github.type.ts +++ b/packages/schemas/src/v3/github.type.ts @@ -8,12 +8,19 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ diff --git a/packages/schemas/src/v3/gitlab.schema.ts b/packages/schemas/src/v3/gitlab.schema.ts index ee0cfd56..93e3a27e 100644 --- a/packages/schemas/src/v3/gitlab.schema.ts +++ b/packages/schemas/src/v3/gitlab.schema.ts @@ -16,13 +16,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/packages/schemas/src/v3/gitlab.type.ts b/packages/schemas/src/v3/gitlab.type.ts index 98a8d960..e9b7bb63 100644 --- a/packages/schemas/src/v3/gitlab.type.ts +++ b/packages/schemas/src/v3/gitlab.type.ts @@ -8,12 +8,19 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ diff --git a/packages/schemas/src/v3/index.schema.ts b/packages/schemas/src/v3/index.schema.ts index 90e7c0ae..897f6826 100644 --- a/packages/schemas/src/v3/index.schema.ts +++ b/packages/schemas/src/v3/index.schema.ts @@ -303,13 +303,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -498,13 +511,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -687,13 +713,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -941,13 +980,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1096,13 +1148,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1367,13 +1432,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1385,13 +1463,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1403,13 +1494,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1444,13 +1548,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1488,13 +1605,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -1521,13 +1651,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1569,13 +1712,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -1606,13 +1762,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1650,13 +1819,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -1683,13 +1865,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1727,13 +1922,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -1760,13 +1968,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1820,13 +2041,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1853,13 +2087,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1915,13 +2162,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1948,13 +2208,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1992,13 +2265,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -2025,13 +2311,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2075,13 +2374,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -2118,13 +2430,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2162,13 +2487,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -2198,13 +2536,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2229,13 +2580,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2284,13 +2648,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -2317,13 +2694,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2365,13 +2755,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -2398,13 +2801,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2445,13 +2861,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2463,13 +2892,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2481,13 +2923,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -2522,13 +2977,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2566,13 +3034,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -2599,13 +3080,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2647,13 +3141,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -2684,13 +3191,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2728,13 +3248,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -2761,13 +3294,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2805,13 +3351,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -2838,13 +3397,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2898,13 +3470,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -2931,13 +3516,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2993,13 +3591,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -3026,13 +3637,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3070,13 +3694,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -3103,13 +3740,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3153,13 +3803,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -3196,13 +3859,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3240,13 +3916,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -3276,13 +3965,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3307,13 +4009,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3362,13 +4077,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -3395,13 +4123,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3443,13 +4184,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -3476,13 +4230,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -3536,13 +4303,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "The private key of the GitHub App." @@ -3585,13 +4365,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "The private key of the GitHub App." diff --git a/packages/schemas/src/v3/index.type.ts b/packages/schemas/src/v3/index.type.ts index 75acc3d8..ddda62d7 100644 --- a/packages/schemas/src/v3/index.type.ts +++ b/packages/schemas/src/v3/index.type.ts @@ -155,12 +155,19 @@ export interface GithubConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -237,12 +244,19 @@ export interface GitlabConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -301,12 +315,19 @@ export interface GiteaConnectionConfig { /** * A Personal Access Token (PAT). */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -380,12 +401,19 @@ export interface BitbucketConnectionConfig { /** * An authentication token. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Bitbucket URL */ @@ -430,12 +458,19 @@ export interface AzureDevOpsConnectionConfig { /** * A Personal Access Token (PAT). */ - token: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The URL of the Azure DevOps host. For Azure DevOps Cloud, use https://dev.azure.com. For Azure DevOps Server, use your server URL. */ @@ -516,30 +551,51 @@ export interface AmazonBedrockLanguageModel { /** * Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable. */ - accessKeyId?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeyId?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable. */ - accessKeySecret?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeySecret?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable. */ - sessionToken?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + sessionToken?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The AWS region. Defaults to the `AWS_REGION` environment variable. */ @@ -560,12 +616,20 @@ export interface LanguageModelHeaders { */ [k: string]: | string - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + | ( + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + } + ); } export interface AnthropicLanguageModel { /** @@ -583,12 +647,19 @@ export interface AnthropicLanguageModel { /** * Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -615,12 +686,19 @@ export interface AzureLanguageModel { /** * Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Sets a custom api version. Defaults to `preview`. */ @@ -647,12 +725,19 @@ export interface DeepSeekLanguageModel { /** * Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -675,12 +760,19 @@ export interface GoogleGenerativeAILanguageModel { /** * Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -711,12 +803,19 @@ export interface GoogleVertexAnthropicLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -747,12 +846,19 @@ export interface GoogleVertexLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -775,12 +881,19 @@ export interface MistralLanguageModel { /** * Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -803,12 +916,19 @@ export interface OpenAILanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -835,12 +955,19 @@ export interface OpenAICompatibleLanguageModel { /** * Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer . */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Base URL of the OpenAI-compatible chat completions API endpoint. */ @@ -862,12 +989,20 @@ export interface LanguageModelQueryParams { */ [k: string]: | string - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + | ( + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + } + ); } export interface OpenRouterLanguageModel { /** @@ -885,12 +1020,19 @@ export interface OpenRouterLanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -913,12 +1055,19 @@ export interface XaiLanguageModel { /** * Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -941,10 +1090,17 @@ export interface GitHubAppConfig { /** * The private key of the GitHub App. */ - privateKey: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + privateKey: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; } diff --git a/packages/schemas/src/v3/languageModel.schema.ts b/packages/schemas/src/v3/languageModel.schema.ts index e3f72781..7e9e9c6b 100644 --- a/packages/schemas/src/v3/languageModel.schema.ts +++ b/packages/schemas/src/v3/languageModel.schema.ts @@ -26,13 +26,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -44,13 +57,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -62,13 +88,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -103,13 +142,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -147,13 +199,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -180,13 +245,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -228,13 +306,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -265,13 +356,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -309,13 +413,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -342,13 +459,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -386,13 +516,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -419,13 +562,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -479,13 +635,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -512,13 +681,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -574,13 +756,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -607,13 +802,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -651,13 +859,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -684,13 +905,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -734,13 +968,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -777,13 +1024,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -821,13 +1081,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -857,13 +1130,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -888,13 +1174,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -943,13 +1242,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -976,13 +1288,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1024,13 +1349,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -1057,13 +1395,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1104,13 +1455,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1122,13 +1486,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1140,13 +1517,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -1181,13 +1571,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1225,13 +1628,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable." @@ -1258,13 +1674,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1306,13 +1735,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable." @@ -1343,13 +1785,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1387,13 +1842,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable." @@ -1420,13 +1888,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1464,13 +1945,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable." @@ -1497,13 +1991,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1557,13 +2064,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1590,13 +2110,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1652,13 +2185,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials." @@ -1685,13 +2231,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1729,13 +2288,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable." @@ -1762,13 +2334,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1812,13 +2397,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable." @@ -1855,13 +2453,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1899,13 +2510,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer ." @@ -1935,13 +2559,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -1966,13 +2603,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2021,13 +2671,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable." @@ -2054,13 +2717,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -2102,13 +2778,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ], "description": "Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable." @@ -2135,13 +2824,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/packages/schemas/src/v3/languageModel.type.ts b/packages/schemas/src/v3/languageModel.type.ts index 48f5b83e..1bc86ec9 100644 --- a/packages/schemas/src/v3/languageModel.type.ts +++ b/packages/schemas/src/v3/languageModel.type.ts @@ -30,30 +30,51 @@ export interface AmazonBedrockLanguageModel { /** * Optional access key ID to use with the model. Defaults to the `AWS_ACCESS_KEY_ID` environment variable. */ - accessKeyId?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeyId?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional secret access key to use with the model. Defaults to the `AWS_SECRET_ACCESS_KEY` environment variable. */ - accessKeySecret?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + accessKeySecret?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional session token to use with the model. Defaults to the `AWS_SESSION_TOKEN` environment variable. */ - sessionToken?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + sessionToken?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * The AWS region. Defaults to the `AWS_REGION` environment variable. */ @@ -74,12 +95,20 @@ export interface LanguageModelHeaders { */ [k: string]: | string - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + | ( + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + } + ); } export interface AnthropicLanguageModel { /** @@ -97,12 +126,19 @@ export interface AnthropicLanguageModel { /** * Optional API key to use with the model. Defaults to the `ANTHROPIC_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -129,12 +165,19 @@ export interface AzureLanguageModel { /** * Optional API key to use with the model. Defaults to the `AZURE_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Sets a custom api version. Defaults to `preview`. */ @@ -161,12 +204,19 @@ export interface DeepSeekLanguageModel { /** * Optional API key to use with the model. Defaults to the `DEEPSEEK_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -189,12 +239,19 @@ export interface GoogleGenerativeAILanguageModel { /** * Optional API key to use with the model. Defaults to the `GOOGLE_GENERATIVE_AI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -225,12 +282,19 @@ export interface GoogleVertexAnthropicLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -261,12 +325,19 @@ export interface GoogleVertexLanguageModel { /** * Optional file path to service account credentials JSON. Defaults to the `GOOGLE_APPLICATION_CREDENTIALS` environment variable or application default credentials. */ - credentials?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + credentials?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -289,12 +360,19 @@ export interface MistralLanguageModel { /** * Optional API key to use with the model. Defaults to the `MISTRAL_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -317,12 +395,19 @@ export interface OpenAILanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENAI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -349,12 +434,19 @@ export interface OpenAICompatibleLanguageModel { /** * Optional API key. If specified, adds an `Authorization` header to request headers with the value Bearer . */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Base URL of the OpenAI-compatible chat completions API endpoint. */ @@ -376,12 +468,20 @@ export interface LanguageModelQueryParams { */ [k: string]: | string - | { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + | ( + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + } + ); } export interface OpenRouterLanguageModel { /** @@ -399,12 +499,19 @@ export interface OpenRouterLanguageModel { /** * Optional API key to use with the model. Defaults to the `OPENROUTER_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ @@ -427,12 +534,19 @@ export interface XaiLanguageModel { /** * Optional API key to use with the model. Defaults to the `XAI_API_KEY` environment variable. */ - token?: { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; - }; + token?: + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; /** * Optional base URL. */ diff --git a/packages/schemas/src/v3/shared.schema.ts b/packages/schemas/src/v3/shared.schema.ts index 44238cad..91a34529 100644 --- a/packages/schemas/src/v3/shared.schema.ts +++ b/packages/schemas/src/v3/shared.schema.ts @@ -10,13 +10,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, @@ -77,13 +90,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } @@ -108,13 +134,26 @@ const schema = { "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] } diff --git a/packages/schemas/src/v3/shared.type.ts b/packages/schemas/src/v3/shared.type.ts index 23113f50..043d1c80 100644 --- a/packages/schemas/src/v3/shared.type.ts +++ b/packages/schemas/src/v3/shared.type.ts @@ -4,12 +4,19 @@ * This interface was referenced by `Shared`'s JSON-Schema * via the `definition` "Token". */ -export type Token = { - /** - * The name of the environment variable that contains the token. Only supported in declarative connection configs. - */ - env: string; -}; +export type Token = + | { + /** + * The name of the environment variable that contains the token. + */ + env: string; + } + | { + /** + * The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets + */ + googleCloudSecret: string; + }; export interface Shared { [k: string]: unknown; diff --git a/packages/web/src/actions.ts b/packages/web/src/actions.ts index 895084e0..4ebfd552 100644 --- a/packages/web/src/actions.ts +++ b/packages/web/src/actions.ts @@ -4,12 +4,12 @@ import { getAuditService } from "@/ee/features/audit/factory"; import { env } from "@/env.mjs"; import { addUserToOrganization, orgHasAvailability } from "@/lib/authUtils"; import { ErrorCode } from "@/lib/errorCodes"; -import { notAuthenticated, notFound, orgNotFound, secretAlreadyExists, ServiceError, ServiceErrorException, unexpectedError } from "@/lib/serviceError"; +import { notAuthenticated, notFound, orgNotFound, ServiceError, ServiceErrorException, unexpectedError } from "@/lib/serviceError"; import { getOrgMetadata, isHttpError, isServiceError } from "@/lib/utils"; import { prisma } from "@/prisma"; import { render } from "@react-email/components"; import * as Sentry from '@sentry/nextjs'; -import { encrypt, generateApiKey, getTokenFromConfig, hashSecret } from "@sourcebot/crypto"; +import { generateApiKey, getTokenFromConfig, hashSecret } from "@sourcebot/crypto"; import { ApiKey, ConnectionSyncJobStatus, Org, OrgRole, Prisma, RepoIndexingJobStatus, RepoIndexingJobType, StripeSubscriptionStatus } from "@sourcebot/db"; import { createLogger } from "@sourcebot/logger"; import { GiteaConnectionConfig } from "@sourcebot/schemas/v3/gitea.type"; diff --git a/schemas/v3/shared.json b/schemas/v3/shared.json index a290edd1..c45c834f 100644 --- a/schemas/v3/shared.json +++ b/schemas/v3/shared.json @@ -9,13 +9,26 @@ "properties": { "env": { "type": "string", - "description": "The name of the environment variable that contains the token. Only supported in declarative connection configs." + "description": "The name of the environment variable that contains the token." } }, "required": [ "env" ], "additionalProperties": false + }, + { + "type": "object", + "properties": { + "googleCloudSecret": { + "type": "string", + "description": "The resource name of a Google Cloud secret. Must be in the format `projects//secrets//versions/`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets" + } + }, + "required": [ + "googleCloudSecret" + ], + "additionalProperties": false } ] }, diff --git a/yarn.lock b/yarn.lock index 402e6610..f6f9af62 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2319,6 +2319,39 @@ __metadata: languageName: node linkType: hard +"@google-cloud/secret-manager@npm:^6.1.1": + version: 6.1.1 + resolution: "@google-cloud/secret-manager@npm:6.1.1" + dependencies: + google-gax: "npm:^5.0.0" + checksum: 10c0/89554c2205106ad765db2fcfb4202c54b824fce74ccb237c9c38c2e431b20d7f04de09db00f92d68ae217b011667e9bcfa0824199103a4498251a1a4b16f9b9b + languageName: node + linkType: hard + +"@grpc/grpc-js@npm:^1.12.6": + version: 1.14.0 + resolution: "@grpc/grpc-js@npm:1.14.0" + dependencies: + "@grpc/proto-loader": "npm:^0.8.0" + "@js-sdsl/ordered-map": "npm:^4.4.2" + checksum: 10c0/51e0eb32f6dac68c49502b227e565c4244f53983d2efab8ef3fd2cc923999751c059f6c77fec4941a93c44eaa58cbc321ce1e9868e1ec226fba5a6c93722c3b1 + languageName: node + linkType: hard + +"@grpc/proto-loader@npm:^0.8.0": + version: 0.8.0 + resolution: "@grpc/proto-loader@npm:0.8.0" + dependencies: + lodash.camelcase: "npm:^4.3.0" + long: "npm:^5.0.0" + protobufjs: "npm:^7.5.3" + yargs: "npm:^17.7.2" + bin: + proto-loader-gen-types: build/bin/proto-loader-gen-types.js + checksum: 10c0/a27da3b85d5d17bab956d536786c717287eae46ca264ea9ec774db90ff571955bae2705809f431b4622fbf3be9951d7c7bbb1360b2015ee88abe1587cf3d6fe0 + languageName: node + linkType: hard + "@hookform/resolvers@npm:^3.9.0": version: 3.10.0 resolution: "@hookform/resolvers@npm:3.10.0" @@ -2831,6 +2864,13 @@ __metadata: languageName: node linkType: hard +"@js-sdsl/ordered-map@npm:^4.4.2": + version: 4.4.2 + resolution: "@js-sdsl/ordered-map@npm:4.4.2" + checksum: 10c0/cc7e15dc4acf6d9ef663757279600bab70533d847dcc1ab01332e9e680bd30b77cdf9ad885cc774276f51d98b05a013571c940e5b360985af5eb798dc1a2ee2b + languageName: node + linkType: hard + "@jsdevtools/ono@npm:^7.1.3": version: 7.1.3 resolution: "@jsdevtools/ono@npm:7.1.3" @@ -4588,6 +4628,79 @@ __metadata: languageName: node linkType: hard +"@protobufjs/aspromise@npm:^1.1.1, @protobufjs/aspromise@npm:^1.1.2": + version: 1.1.2 + resolution: "@protobufjs/aspromise@npm:1.1.2" + checksum: 10c0/a83343a468ff5b5ec6bff36fd788a64c839e48a07ff9f4f813564f58caf44d011cd6504ed2147bf34835bd7a7dd2107052af755961c6b098fd8902b4f6500d0f + languageName: node + linkType: hard + +"@protobufjs/base64@npm:^1.1.2": + version: 1.1.2 + resolution: "@protobufjs/base64@npm:1.1.2" + checksum: 10c0/eec925e681081af190b8ee231f9bad3101e189abbc182ff279da6b531e7dbd2a56f1f306f37a80b1be9e00aa2d271690d08dcc5f326f71c9eed8546675c8caf6 + languageName: node + linkType: hard + +"@protobufjs/codegen@npm:^2.0.4": + version: 2.0.4 + resolution: "@protobufjs/codegen@npm:2.0.4" + checksum: 10c0/26ae337c5659e41f091606d16465bbcc1df1f37cc1ed462438b1f67be0c1e28dfb2ca9f294f39100c52161aef82edf758c95d6d75650a1ddf31f7ddee1440b43 + languageName: node + linkType: hard + +"@protobufjs/eventemitter@npm:^1.1.0": + version: 1.1.0 + resolution: "@protobufjs/eventemitter@npm:1.1.0" + checksum: 10c0/1eb0a75180e5206d1033e4138212a8c7089a3d418c6dfa5a6ce42e593a4ae2e5892c4ef7421f38092badba4040ea6a45f0928869989411001d8c1018ea9a6e70 + languageName: node + linkType: hard + +"@protobufjs/fetch@npm:^1.1.0": + version: 1.1.0 + resolution: "@protobufjs/fetch@npm:1.1.0" + dependencies: + "@protobufjs/aspromise": "npm:^1.1.1" + "@protobufjs/inquire": "npm:^1.1.0" + checksum: 10c0/cda6a3dc2d50a182c5865b160f72077aac197046600091dbb005dd0a66db9cce3c5eaed6d470ac8ed49d7bcbeef6ee5f0bc288db5ff9a70cbd003e5909065233 + languageName: node + linkType: hard + +"@protobufjs/float@npm:^1.0.2": + version: 1.0.2 + resolution: "@protobufjs/float@npm:1.0.2" + checksum: 10c0/18f2bdede76ffcf0170708af15c9c9db6259b771e6b84c51b06df34a9c339dbbeec267d14ce0bddd20acc142b1d980d983d31434398df7f98eb0c94a0eb79069 + languageName: node + linkType: hard + +"@protobufjs/inquire@npm:^1.1.0": + version: 1.1.0 + resolution: "@protobufjs/inquire@npm:1.1.0" + checksum: 10c0/64372482efcba1fb4d166a2664a6395fa978b557803857c9c03500e0ac1013eb4b1aacc9ed851dd5fc22f81583670b4f4431bae186f3373fedcfde863ef5921a + languageName: node + linkType: hard + +"@protobufjs/path@npm:^1.1.2": + version: 1.1.2 + resolution: "@protobufjs/path@npm:1.1.2" + checksum: 10c0/cece0a938e7f5dfd2fa03f8c14f2f1cf8b0d6e13ac7326ff4c96ea311effd5fb7ae0bba754fbf505312af2e38500250c90e68506b97c02360a43793d88a0d8b4 + languageName: node + linkType: hard + +"@protobufjs/pool@npm:^1.1.0": + version: 1.1.0 + resolution: "@protobufjs/pool@npm:1.1.0" + checksum: 10c0/eda2718b7f222ac6e6ad36f758a92ef90d26526026a19f4f17f668f45e0306a5bd734def3f48f51f8134ae0978b6262a5c517c08b115a551756d1a3aadfcf038 + languageName: node + linkType: hard + +"@protobufjs/utf8@npm:^1.1.0": + version: 1.1.0 + resolution: "@protobufjs/utf8@npm:1.1.0" + checksum: 10c0/a3fe31fe3fa29aa3349e2e04ee13dc170cc6af7c23d92ad49e3eeaf79b9766264544d3da824dba93b7855bd6a2982fb40032ef40693da98a136d835752beb487 + languageName: node + linkType: hard + "@radix-ui/number@npm:1.1.0": version: 1.1.0 resolution: "@radix-ui/number@npm:1.1.0" @@ -7837,6 +7950,7 @@ __metadata: version: 0.0.0-use.local resolution: "@sourcebot/crypto@workspace:packages/crypto" dependencies: + "@google-cloud/secret-manager": "npm:^6.1.1" "@sourcebot/db": "npm:*" "@sourcebot/schemas": "npm:*" "@types/node": "npm:^22.7.5" @@ -8383,6 +8497,13 @@ __metadata: languageName: node linkType: hard +"@tootallnate/once@npm:2": + version: 2.0.0 + resolution: "@tootallnate/once@npm:2.0.0" + checksum: 10c0/073bfa548026b1ebaf1659eb8961e526be22fa77139b10d60e712f46d2f0f05f4e6c8bec62a087d41088ee9e29faa7f54838568e475ab2f776171003c3920858 + languageName: node + linkType: hard + "@tybys/wasm-util@npm:^0.9.0": version: 0.9.0 resolution: "@tybys/wasm-util@npm:0.9.0" @@ -8669,6 +8790,15 @@ __metadata: languageName: node linkType: hard +"@types/node@npm:>=13.7.0": + version: 24.9.2 + resolution: "@types/node@npm:24.9.2" + dependencies: + undici-types: "npm:~7.16.0" + checksum: 10c0/7905d43f65cee72ef475fe76316e10bbf6ac5d08a7f0f6c38f2b6285d7ca3009e8fcafc8f8a1d2bf3f55889c9c278dbb203a9081fd0cf2d6d62161703924c6fa + languageName: node + linkType: hard + "@types/node@npm:^18.11.18": version: 18.19.100 resolution: "@types/node@npm:18.19.100" @@ -11372,6 +11502,18 @@ __metadata: languageName: node linkType: hard +"duplexify@npm:^4.1.3": + version: 4.1.3 + resolution: "duplexify@npm:4.1.3" + dependencies: + end-of-stream: "npm:^1.4.1" + inherits: "npm:^2.0.3" + readable-stream: "npm:^3.1.1" + stream-shift: "npm:^1.0.2" + checksum: 10c0/8a7621ae95c89f3937f982fe36d72ea997836a708471a75bb2a0eecde3330311b1e128a6dad510e0fd64ace0c56bff3484ed2e82af0e465600c82117eadfbda5 + languageName: node + linkType: hard + "eastasianwidth@npm:^0.2.0": version: 0.2.0 resolution: "eastasianwidth@npm:0.2.0" @@ -11499,6 +11641,15 @@ __metadata: languageName: node linkType: hard +"end-of-stream@npm:^1.4.1": + version: 1.4.5 + resolution: "end-of-stream@npm:1.4.5" + dependencies: + once: "npm:^1.4.0" + checksum: 10c0/b0701c92a10b89afb1cb45bf54a5292c6f008d744eb4382fa559d54775ff31617d1d7bc3ef617575f552e24fad2c7c1a1835948c66b3f3a4be0a6c1f35c883d8 + languageName: node + linkType: hard + "engine.io-parser@npm:~5.2.1": version: 5.2.3 resolution: "engine.io-parser@npm:5.2.3" @@ -13241,6 +13392,25 @@ __metadata: languageName: node linkType: hard +"google-gax@npm:^5.0.0": + version: 5.0.5 + resolution: "google-gax@npm:5.0.5" + dependencies: + "@grpc/grpc-js": "npm:^1.12.6" + "@grpc/proto-loader": "npm:^0.8.0" + duplexify: "npm:^4.1.3" + google-auth-library: "npm:^10.1.0" + google-logging-utils: "npm:^1.1.1" + node-fetch: "npm:^3.3.2" + object-hash: "npm:^3.0.0" + proto3-json-serializer: "npm:^3.0.0" + protobufjs: "npm:^7.5.3" + retry-request: "npm:^8.0.0" + rimraf: "npm:^5.0.1" + checksum: 10c0/fccac5987bf4e7d6361564e14abddc7e51567f0af386bb34967369b2a27c281da2b0b891242de0670ae443ff328968499dd0ec0faee671ea0068f7b05aaa8d04 + languageName: node + linkType: hard + "google-logging-utils@npm:^0.0.2": version: 0.0.2 resolution: "google-logging-utils@npm:0.0.2" @@ -13255,6 +13425,13 @@ __metadata: languageName: node linkType: hard +"google-logging-utils@npm:^1.1.1": + version: 1.1.2 + resolution: "google-logging-utils@npm:1.1.2" + checksum: 10c0/c589d469045e49073913ae0e25c53058584e47298b6178910f2395cb2790f102681ba0e61be5ee6db7726b4745a57110b1d75441a225a7c58c3f1081101f2444 + languageName: node + linkType: hard + "gopd@npm:^1.0.1, gopd@npm:^1.2.0": version: 1.2.0 resolution: "gopd@npm:1.2.0" @@ -13613,6 +13790,17 @@ __metadata: languageName: node linkType: hard +"http-proxy-agent@npm:^5.0.0": + version: 5.0.0 + resolution: "http-proxy-agent@npm:5.0.0" + dependencies: + "@tootallnate/once": "npm:2" + agent-base: "npm:6" + debug: "npm:4" + checksum: 10c0/32a05e413430b2c1e542e5c74b38a9f14865301dd69dff2e53ddb684989440e3d2ce0c4b64d25eb63cf6283e6265ff979a61cf93e3ca3d23047ddfdc8df34a32 + languageName: node + linkType: hard + "http-proxy-agent@npm:^7.0.0, http-proxy-agent@npm:^7.0.2": version: 7.0.2 resolution: "http-proxy-agent@npm:7.0.2" @@ -14661,6 +14849,13 @@ __metadata: languageName: node linkType: hard +"lodash.camelcase@npm:^4.3.0": + version: 4.3.0 + resolution: "lodash.camelcase@npm:4.3.0" + checksum: 10c0/fcba15d21a458076dd309fce6b1b4bf611d84a0ec252cb92447c948c533ac250b95d2e00955801ebc367e5af5ed288b996d75d37d2035260a937008e14eaf432 + languageName: node + linkType: hard + "lodash.castarray@npm:^4.4.0": version: 4.4.0 resolution: "lodash.castarray@npm:4.4.0" @@ -14741,6 +14936,13 @@ __metadata: languageName: node linkType: hard +"long@npm:^5.0.0": + version: 5.3.2 + resolution: "long@npm:5.3.2" + checksum: 10c0/7130fe1cbce2dca06734b35b70d380ca3f70271c7f8852c922a7c62c86c4e35f0c39290565eca7133c625908d40e126ac57c02b1b1a4636b9457d77e1e60b981 + languageName: node + linkType: hard + "longest-streak@npm:^3.0.0": version: 3.1.0 resolution: "longest-streak@npm:3.1.0" @@ -17162,6 +17364,35 @@ __metadata: languageName: node linkType: hard +"proto3-json-serializer@npm:^3.0.0": + version: 3.0.4 + resolution: "proto3-json-serializer@npm:3.0.4" + dependencies: + protobufjs: "npm:^7.4.0" + checksum: 10c0/59150d5e6b396e00c0374e71eb4ebd6f33acd4212c0ad2acdda12181b08f923b733559d74ad78455085223efe24168d4d42887a8b8f15f7663f20debe5796081 + languageName: node + linkType: hard + +"protobufjs@npm:^7.4.0, protobufjs@npm:^7.5.3": + version: 7.5.4 + resolution: "protobufjs@npm:7.5.4" + dependencies: + "@protobufjs/aspromise": "npm:^1.1.2" + "@protobufjs/base64": "npm:^1.1.2" + "@protobufjs/codegen": "npm:^2.0.4" + "@protobufjs/eventemitter": "npm:^1.1.0" + "@protobufjs/fetch": "npm:^1.1.0" + "@protobufjs/float": "npm:^1.0.2" + "@protobufjs/inquire": "npm:^1.1.0" + "@protobufjs/path": "npm:^1.1.2" + "@protobufjs/pool": "npm:^1.1.0" + "@protobufjs/utf8": "npm:^1.1.0" + "@types/node": "npm:>=13.7.0" + long: "npm:^5.0.0" + checksum: 10c0/913b676109ffb3c05d3d31e03a684e569be91f3bba8613da4a683d69d9dba948daa2afd7d2e7944d1aa6c417890c35d9d9a8883c1160affafb0f9670d59ef722 + languageName: node + linkType: hard + "protocols@npm:^2.0.0, protocols@npm:^2.0.1": version: 2.0.2 resolution: "protocols@npm:2.0.2" @@ -17570,7 +17801,7 @@ __metadata: languageName: node linkType: hard -"readable-stream@npm:^3.4.0, readable-stream@npm:^3.6.2": +"readable-stream@npm:^3.1.1, readable-stream@npm:^3.4.0, readable-stream@npm:^3.6.2": version: 3.6.2 resolution: "readable-stream@npm:3.6.2" dependencies: @@ -17916,6 +18147,16 @@ __metadata: languageName: node linkType: hard +"retry-request@npm:^8.0.0": + version: 8.0.2 + resolution: "retry-request@npm:8.0.2" + dependencies: + extend: "npm:^3.0.2" + teeny-request: "npm:^10.0.0" + checksum: 10c0/e0b44950d69fe8f51d4e808650cd0d06383cd711adcc71e7764b28b2f10a9ac3b2209f0c9ac0547df0745031810a259730b9d13b0070d69df9806c37432456a9 + languageName: node + linkType: hard + "retry@npm:^0.12.0": version: 0.12.0 resolution: "retry@npm:0.12.0" @@ -17941,7 +18182,7 @@ __metadata: languageName: node linkType: hard -"rimraf@npm:^5.0.5": +"rimraf@npm:^5.0.1, rimraf@npm:^5.0.5": version: 5.0.10 resolution: "rimraf@npm:5.0.10" dependencies: @@ -19038,6 +19279,22 @@ __metadata: languageName: node linkType: hard +"stream-events@npm:^1.0.5": + version: 1.0.5 + resolution: "stream-events@npm:1.0.5" + dependencies: + stubs: "npm:^3.0.0" + checksum: 10c0/5d235a5799a483e94ea8829526fe9d95d76460032d5e78555fe4f801949ac6a27ea2212e4e0827c55f78726b3242701768adf2d33789465f51b31ed8ebd6b086 + languageName: node + linkType: hard + +"stream-shift@npm:^1.0.2": + version: 1.0.3 + resolution: "stream-shift@npm:1.0.3" + checksum: 10c0/939cd1051ca750d240a0625b106a2b988c45fb5a3be0cebe9a9858cb01bc1955e8c7b9fac17a9462976bea4a7b704e317c5c2200c70f0ca715a3363b9aa4fd3b + languageName: node + linkType: hard + "streamsearch@npm:^1.1.0": version: 1.1.0 resolution: "streamsearch@npm:1.1.0" @@ -19241,6 +19498,13 @@ __metadata: languageName: node linkType: hard +"stubs@npm:^3.0.0": + version: 3.0.0 + resolution: "stubs@npm:3.0.0" + checksum: 10c0/841a4ab8c76795d34aefe129185763b55fbf2e4693208215627caea4dd62e1299423dcd96f708d3128e3dfa0e669bae2cb912e6e906d7d81eaf6493196570923 + languageName: node + linkType: hard + "style-mod@npm:^4.0.0, style-mod@npm:^4.1.0": version: 4.1.2 resolution: "style-mod@npm:4.1.2" @@ -19448,6 +19712,18 @@ __metadata: languageName: node linkType: hard +"teeny-request@npm:^10.0.0": + version: 10.1.0 + resolution: "teeny-request@npm:10.1.0" + dependencies: + http-proxy-agent: "npm:^5.0.0" + https-proxy-agent: "npm:^5.0.0" + node-fetch: "npm:^3.3.2" + stream-events: "npm:^1.0.5" + checksum: 10c0/bbb95683c0a4ac5b0da5128f1d731f7b59d74910368b1ec12a435f39e37b37726e87d4a658f090308bb6adea935aec6e2dfc557a8510e89f2833b64d3adcfdfc + languageName: node + linkType: hard + "text-hex@npm:1.0.x": version: 1.0.0 resolution: "text-hex@npm:1.0.0" @@ -19994,6 +20270,13 @@ __metadata: languageName: node linkType: hard +"undici-types@npm:~7.16.0": + version: 7.16.0 + resolution: "undici-types@npm:7.16.0" + checksum: 10c0/3033e2f2b5c9f1504bdc5934646cb54e37ecaca0f9249c983f7b1fc2e87c6d18399ebb05dc7fd5419e02b2e915f734d872a65da2e3eeed1813951c427d33cc9a + languageName: node + linkType: hard + "unified@npm:^11.0.0": version: 11.0.5 resolution: "unified@npm:11.0.5" @@ -20824,7 +21107,7 @@ __metadata: languageName: node linkType: hard -"yargs@npm:17.7.2": +"yargs@npm:17.7.2, yargs@npm:^17.7.2": version: 17.7.2 resolution: "yargs@npm:17.7.2" dependencies: