From a424e1bd675fba1b930fa06fedb318838a79e30f Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Tue, 24 Sep 2024 13:52:46 -0400 Subject: [PATCH 1/8] Added some openapi yml generated by llm --- doc/openapi/openapi.yml | 36 ++++++ doc/openapi/paths/certificates.yml | 119 ++++++++++++++++++++ doc/openapi/paths/secrets.yml | 169 +++++++++++++++++++++++++++++ 3 files changed, 324 insertions(+) create mode 100644 doc/openapi/openapi.yml create mode 100644 doc/openapi/paths/certificates.yml create mode 100644 doc/openapi/paths/secrets.yml diff --git a/doc/openapi/openapi.yml b/doc/openapi/openapi.yml new file mode 100644 index 0000000..3fd5518 --- /dev/null +++ b/doc/openapi/openapi.yml @@ -0,0 +1,36 @@ +openapi: 3.0.3 +info: + title: Astral + description: API documentation for the Astral application + version: 1.0.0 +servers: + - url: http://localhost:3000 + description: Local development server + +paths: + /up: + get: + summary: Health Check + description: Returns 200 if the app boots without exceptions, otherwise 500. + operationId: getHealthCheck + responses: + '200': + description: Application is up + '500': + description: Application failed to boot properly + + /: + get: + summary: Info + description: Basic info about the application + operationId: getRoot + responses: + '200': + description: Root path information retrieved successfully + + /certificates: + $ref: './paths/certificates.yaml#/certificates' + + /secrets: + $ref: './paths/secrets.yaml#/secrets' + diff --git a/doc/openapi/paths/certificates.yml b/doc/openapi/paths/certificates.yml new file mode 100644 index 0000000..04e4b42 --- /dev/null +++ b/doc/openapi/paths/certificates.yml @@ -0,0 +1,119 @@ +/certificates: + post: + summary: Create Certificate + description: Creates a new certificate. + operationId: createCertificate + requestBody: + description: Certificate creation data + required: true + content: + application/json: + schema: + type: object + properties: + common_name: + type: string + description: "Common name for the certificate" + example: "example.com" + alt_names: + type: string + description: "Alternative names for the certificate (comma-separated)" + example: "www.example.com,mail.example.com" + exclude_cn_from_sans: + type: boolean + description: "Exclude the common name from the subject alternative names (SAN)" + default: false + format: + type: string + description: "Format of the certificate" + enum: ["pem", "der", "pem_bundle"] + default: "pem" + not_after: + type: string + format: date-time + description: "Expiration date for the certificate" + other_sans: + type: string + description: "Other subject alternative names" + example: "DNS:example.org, DNS:example.net" + private_key_format: + type: string + description: "Format of the private key" + enum: ["pem", "der", "pkcs8"] + default: "pem" + remove_roots_from_chain: + type: boolean + description: "Whether to remove root certificates from the certificate chain" + default: false + ttl: + type: integer + description: "Time to live for the certificate (in seconds)" + example: 86400 + uri_sans: + type: string + description: "URI Subject Alternative Names" + example: "http://example.com" + ip_sans: + type: string + description: "IP Subject Alternative Names" + example: "192.168.1.1" + serial_number: + type: integer + description: "Serial number of the certificate" + client_flag: + type: boolean + description: "Indicates if the certificate is for a client" + default: true + code_signing_flag: + type: boolean + description: "Indicates if the certificate is used for code signing" + default: false + email_protection_flag: + type: boolean + description: "Indicates if the certificate provides email protection" + default: false + server_flag: + type: boolean + description: "Indicates if the certificate is for a server" + default: true + responses: + '201': + description: Certificate created successfully + content: + application/json: + schema: + type: object + properties: + ca_chain: + type: array + items: + type: string + description: "Certificate authority chain" + example: ["ca_cert_1", "ca_cert_2"] + certificate: + type: string + description: "Generated certificate" + example: "-----BEGIN CERTIFICATE-----\nMIID...==\n-----END CERTIFICATE-----" + expiration: + type: string + format: date-time + description: "Certificate expiration date" + example: "2024-09-30T00:00:00Z" + issuing_ca: + type: string + description: "Issuing certificate authority" + example: "-----BEGIN CERTIFICATE-----\nMIIC...==\n-----END CERTIFICATE-----" + private_key: + type: string + description: "Private key for the certificate" + example: "-----BEGIN PRIVATE KEY-----\nMIIE...==\n-----END PRIVATE KEY-----" + private_key_type: + type: string + description: "Private key format" + example: "pem" + serial_number: + type: string + description: "Certificate serial number" + example: "1234567890abcdef" + '400': + description: Validation error or bad request diff --git a/doc/openapi/paths/secrets.yml b/doc/openapi/paths/secrets.yml new file mode 100644 index 0000000..c12f3c5 --- /dev/null +++ b/doc/openapi/paths/secrets.yml @@ -0,0 +1,169 @@ +/secrets: + post: + summary: Create Secret + description: Creates a new secret. + operationId: createSecret + requestBody: + description: Secret creation data + required: true + content: + application/json: + schema: + type: object + properties: + path: + type: string + description: "Path where the secret is stored" + example: "secret/storage/path" + data: + type: object + description: "The secret data" + example: + key1: "value1" + key2: "value2" + responses: + '201': + description: Secret created successfully + content: + application/json: + schema: + type: object + properties: + request_id: + type: string + description: "Unique ID for the request" + example: "9000000d4-f0000-4c000-000000-800000000f" + lease_id: + type: string + description: "Lease ID" + example: "" + renewable: + type: boolean + description: "Indicates if the secret is renewable" + default: false + lease_duration: + type: integer + description: "Lease duration in seconds" + example: 0 + data: + type: object + properties: + created_time: + type: string + format: date-time + description: "The time the secret was created" + example: "2022-02-09T23:41:58.888138788Z" + deletion_time: + type: string + description: "The time the secret was deleted (if applicable)" + example: "" + destroyed: + type: boolean + description: "Indicates if the secret was destroyed" + default: false + version: + type: integer + description: "Version of the secret" + example: 2 + wrap_info: + type: object + nullable: true + description: "Wrap information (if applicable)" + warnings: + type: string + nullable: true + description: "Warnings (if any)" + auth: + type: object + nullable: true + description: "Authentication information (if applicable)" + '400': + description: Validation error or bad request + +/secrets/{path}: + get: + summary: Get Secret + description: Retrieves a secret by its path. + operationId: getSecret + parameters: + - name: path + in: path + required: true + schema: + type: string + description: Path to the secret + responses: + '200': + description: Secret retrieved successfully + content: + application/json: + schema: + type: object + properties: + request_id: + type: string + description: "Unique ID for the request" + example: "9000000d4-f0000-4c000-000000-800000000f" + lease_id: + type: string + description: "Lease ID" + example: "" + renewable: + type: boolean + description: "Indicates if the secret is renewable" + default: false + lease_duration: + type: integer + description: "Lease duration in seconds" + example: 0 + data: + type: object + properties: + created_time: + type: string + format: date-time + description: "The time the secret was created" + example: "2022-02-09T23:41:58.888138788Z" + deletion_time: + type: string + description: "The time the secret was deleted (if applicable)" + example: "" + destroyed: + type: boolean + description: "Indicates if the secret was destroyed" + default: false + version: + type: integer + description: "Version of the secret" + example: 2 + wrap_info: + type: object + nullable: true + description: "Wrap information (if applicable)" + warnings: + type: string + nullable: true + description: "Warnings (if any)" + auth: + type: object + nullable: true + description: "Authentication information (if applicable)" + '404': + description: Secret not found + + delete: + summary: Delete Secret + description: Deletes a secret by its path. + operationId: deleteSecret + parameters: + - name: path + in: path + required: true + schema: + type: string + description: Path to the secret + responses: + '204': + description: Secret deleted successfully + '404': + description: Secret not From 56a1e113b1805f1c85d173ebbd48d7a967f2c6e1 Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Tue, 24 Sep 2024 23:11:56 -0400 Subject: [PATCH 2/8] compose file for bundling up the openapi yaml --- .devcontainer/docker-compose.yml | 7 + doc/openapi/openapi-bundled.yml | 245 +++++++++++++++++++++++++++++ doc/openapi/openapi.yml | 4 +- doc/openapi/paths/certificates.yml | 2 +- doc/openapi/paths/secrets.yml | 2 +- doc/openapi/redoc.html | 15 ++ 6 files changed, 271 insertions(+), 4 deletions(-) create mode 100644 doc/openapi/openapi-bundled.yml create mode 100644 doc/openapi/redoc.html diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 86eb01a..5cf3501 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -39,3 +39,10 @@ services: command: > sh -c "npm install -g json-server@0.17.4 && json-server /data/app_reg_db.json --routes /data/app_reg_routes.json --port 8800 --host 0.0.0.0" + + redocly: + image: redocly/cli + volumes: + - ../doc/openapi:/data:cached + working_dir: /data + command: "bundle openapi.yml --output openapi-bundled.yml" diff --git a/doc/openapi/openapi-bundled.yml b/doc/openapi/openapi-bundled.yml new file mode 100644 index 0000000..8b06251 --- /dev/null +++ b/doc/openapi/openapi-bundled.yml @@ -0,0 +1,245 @@ +openapi: 3.0.3 +info: + title: Astral + description: API documentation for the Astral application + version: 1.0.0 +servers: + - url: http://localhost:3000 + description: Local development server +paths: + /up: + get: + summary: Health Check + description: Returns 200 if the app boots without exceptions, otherwise 500. + operationId: getHealthCheck + responses: + '200': + description: Application is up + '500': + description: Application failed to boot properly + /: + get: + summary: Info + description: Basic info about the application + operationId: getRoot + responses: + '200': + description: Root path information retrieved successfully + /certificates: + post: + summary: Create Certificate + description: Creates a new certificate. + operationId: createCertificate + requestBody: + description: Certificate creation data + required: true + content: + application/json: + schema: + type: object + properties: + common_name: + type: string + description: Common name for the certificate + example: example.com + alt_names: + type: string + description: Alternative names for the certificate (comma-separated) + example: www.example.com,mail.example.com + exclude_cn_from_sans: + type: boolean + description: Exclude the common name from the subject alternative names (SAN) + default: false + format: + type: string + description: Format of the certificate + enum: + - pem + - der + - pem_bundle + default: pem + not_after: + type: string + format: date-time + description: Expiration date for the certificate + other_sans: + type: string + description: Other subject alternative names + example: DNS:example.org, DNS:example.net + private_key_format: + type: string + description: Format of the private key + enum: + - pem + - der + - pkcs8 + default: pem + remove_roots_from_chain: + type: boolean + description: Whether to remove root certificates from the certificate chain + default: false + ttl: + type: integer + description: Time to live for the certificate (in seconds) + example: 86400 + uri_sans: + type: string + description: URI Subject Alternative Names + example: http://example.com + ip_sans: + type: string + description: IP Subject Alternative Names + example: 192.168.1.1 + serial_number: + type: integer + description: Serial number of the certificate + client_flag: + type: boolean + description: Indicates if the certificate is for a client + default: true + code_signing_flag: + type: boolean + description: Indicates if the certificate is used for code signing + default: false + email_protection_flag: + type: boolean + description: Indicates if the certificate provides email protection + default: false + server_flag: + type: boolean + description: Indicates if the certificate is for a server + default: true + responses: + '201': + description: Certificate created successfully + content: + application/json: + schema: + type: object + properties: + ca_chain: + type: array + items: + type: string + description: Certificate authority chain + example: + - ca_cert_1 + - ca_cert_2 + certificate: + type: string + description: Generated certificate + example: |- + -----BEGIN CERTIFICATE----- + MIID...== + -----END CERTIFICATE----- + expiration: + type: string + format: date-time + description: Certificate expiration date + example: '2024-09-30T00:00:00Z' + issuing_ca: + type: string + description: Issuing certificate authority + example: |- + -----BEGIN CERTIFICATE----- + MIIC...== + -----END CERTIFICATE----- + private_key: + type: string + description: Private key for the certificate + example: |- + -----BEGIN PRIVATE KEY----- + MIIE...== + -----END PRIVATE KEY----- + private_key_type: + type: string + description: Private key format + example: pem + serial_number: + type: string + description: Certificate serial number + example: 1234567890abcdef + '400': + description: Validation error or bad request + /secrets: + post: + summary: Create Secret + description: Creates a new secret. + operationId: createSecret + requestBody: + description: Secret creation data + required: true + content: + application/json: + schema: + type: object + properties: + path: + type: string + description: Path where the secret is stored + example: secret/storage/path + data: + type: object + description: The secret data + example: + key1: value1 + key2: value2 + responses: + '201': + description: Secret created successfully + content: + application/json: + schema: + type: object + properties: + request_id: + type: string + description: Unique ID for the request + example: 9000000d4-f0000-4c000-000000-800000000f + lease_id: + type: string + description: Lease ID + example: '' + renewable: + type: boolean + description: Indicates if the secret is renewable + default: false + lease_duration: + type: integer + description: Lease duration in seconds + example: 0 + data: + type: object + properties: + created_time: + type: string + format: date-time + description: The time the secret was created + example: '2022-02-09T23:41:58.888138788Z' + deletion_time: + type: string + description: The time the secret was deleted (if applicable) + example: '' + destroyed: + type: boolean + description: Indicates if the secret was destroyed + default: false + version: + type: integer + description: Version of the secret + example: 2 + wrap_info: + type: object + nullable: true + description: Wrap information (if applicable) + warnings: + type: string + nullable: true + description: Warnings (if any) + auth: + type: object + nullable: true + description: Authentication information (if applicable) + '400': + description: Validation error or bad request +components: {} diff --git a/doc/openapi/openapi.yml b/doc/openapi/openapi.yml index 3fd5518..a4e6d84 100644 --- a/doc/openapi/openapi.yml +++ b/doc/openapi/openapi.yml @@ -29,8 +29,8 @@ paths: description: Root path information retrieved successfully /certificates: - $ref: './paths/certificates.yaml#/certificates' + $ref: './paths/certificates.yml#/certificates' /secrets: - $ref: './paths/secrets.yaml#/secrets' + $ref: './paths/secrets.yml#/secrets' diff --git a/doc/openapi/paths/certificates.yml b/doc/openapi/paths/certificates.yml index 04e4b42..46a6d7c 100644 --- a/doc/openapi/paths/certificates.yml +++ b/doc/openapi/paths/certificates.yml @@ -1,4 +1,4 @@ -/certificates: +certificates: post: summary: Create Certificate description: Creates a new certificate. diff --git a/doc/openapi/paths/secrets.yml b/doc/openapi/paths/secrets.yml index c12f3c5..cf4d29a 100644 --- a/doc/openapi/paths/secrets.yml +++ b/doc/openapi/paths/secrets.yml @@ -1,4 +1,4 @@ -/secrets: +secrets: post: summary: Create Secret description: Creates a new secret. diff --git a/doc/openapi/redoc.html b/doc/openapi/redoc.html new file mode 100644 index 0000000..88efe20 --- /dev/null +++ b/doc/openapi/redoc.html @@ -0,0 +1,15 @@ + + + + API Documentation + + + + + + + + + From 629b503624d6258f6f033d36fdd4a8a9609b2b7e Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 10:47:58 -0400 Subject: [PATCH 3/8] use docker-in-docker and rake task to handle api publish --- .devcontainer/devcontainer.json | 8 ++++++- lib/tasks/redoc.rake | 21 +++++++++++++++++++ .../redoc.html => public/doc/index.html | 4 ++-- .../doc}/openapi-bundled.yml | 0 4 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 lib/tasks/redoc.rake rename doc/openapi/redoc.html => public/doc/index.html (70%) rename {doc/openapi => public/doc}/openapi-bundled.yml (100%) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 962012e..edddc2d 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -7,7 +7,13 @@ "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}", // Features to add to the dev container. More info: https://containers.dev/features. - // "features": {}, + "features": { + "docker-in-docker": { + "version": "latest", + "moby": true, + "dockerDashComposeVersion": "v1" + } + } // Use 'forwardPorts' to make a list of ports inside the container available locally. // This can be used to network with other containers or the host. diff --git a/lib/tasks/redoc.rake b/lib/tasks/redoc.rake new file mode 100644 index 0000000..6250a5f --- /dev/null +++ b/lib/tasks/redoc.rake @@ -0,0 +1,21 @@ +require "rake" + +# Define Rake tasks +namespace :redoc do + desc "Bundle the openapi.yml" + task :bundle do + %x( + docker run -v /workspaces/astral/doc/openapi:/data -w /data \ + redocly/cli bundle openapi.yml \ + --output openapi-bundled.yml + ) + puts "openapi.yml and references bundled to openapi-bundled.yml" + end + + desc "Move bundled api spec to public hosting location" + task :publish do + `mv doc/openapi/openapi-bundled.yml public/doc/` + puts "openapi-bundled.yml moved to public hosting location" + end + +end diff --git a/doc/openapi/redoc.html b/public/doc/index.html similarity index 70% rename from doc/openapi/redoc.html rename to public/doc/index.html index 88efe20..db250cc 100644 --- a/doc/openapi/redoc.html +++ b/public/doc/index.html @@ -7,9 +7,9 @@ - + diff --git a/doc/openapi/openapi-bundled.yml b/public/doc/openapi-bundled.yml similarity index 100% rename from doc/openapi/openapi-bundled.yml rename to public/doc/openapi-bundled.yml From dcf4253122f510838a971a864677d5e2e833b583 Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 11:16:12 -0400 Subject: [PATCH 4/8] Fix bundled yml ownership; link from index info --- app/views/info/index.json.jbuilder | 3 ++- lib/tasks/redoc.rake | 13 ++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/app/views/info/index.json.jbuilder b/app/views/info/index.json.jbuilder index 6d812c9..0b7da46 100644 --- a/app/views/info/index.json.jbuilder +++ b/app/views/info/index.json.jbuilder @@ -1,3 +1,4 @@ json.app "astral" -json.description "Astral provides a simplified API for PKI." +json.description "Astral provides a simplified API for PKI and secrets" +json.documentation "#{request.scheme}://#{request.host_with_port}/doc" json.version "0.0.1" diff --git a/lib/tasks/redoc.rake b/lib/tasks/redoc.rake index 6250a5f..d53d99d 100644 --- a/lib/tasks/redoc.rake +++ b/lib/tasks/redoc.rake @@ -1,20 +1,23 @@ require "rake" -# Define Rake tasks +# Rake tasks for openapi spec namespace :redoc do desc "Bundle the openapi.yml" task :bundle do %x( - docker run -v /workspaces/astral/doc/openapi:/data -w /data \ - redocly/cli bundle openapi.yml \ - --output openapi-bundled.yml + docker run -v /workspaces/astral/doc/openapi:/data -w /data \ + redocly/cli bundle openapi.yml \ + --output openapi-bundled.yml ) puts "openapi.yml and references bundled to openapi-bundled.yml" end desc "Move bundled api spec to public hosting location" task :publish do - `mv doc/openapi/openapi-bundled.yml public/doc/` + %x( + sudo chown vscode:vscode doc/openapi/openapi-bundled.yml + mv doc/openapi/openapi-bundled.yml public/doc/ + ) puts "openapi-bundled.yml moved to public hosting location" end From 02bf8922988d544b8afc0cce778b3619cc480b3e Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 13:03:12 -0400 Subject: [PATCH 5/8] Fix missing verbs GET and DELETE, improved descriptions --- doc/openapi/openapi.yml | 30 +++++++- doc/openapi/paths/certificates.yml | 6 +- doc/openapi/paths/secrets.yml | 14 ++-- public/doc/openapi-bundled.yml | 109 ++++++++++++++++++++++++++++- 4 files changed, 149 insertions(+), 10 deletions(-) diff --git a/doc/openapi/openapi.yml b/doc/openapi/openapi.yml index a4e6d84..50faf57 100644 --- a/doc/openapi/openapi.yml +++ b/doc/openapi/openapi.yml @@ -26,11 +26,35 @@ paths: operationId: getRoot responses: '200': - description: Root path information retrieved successfully + description: App info retrieved successfully + content: + application/json: + schema: + type: object + properties: + app: + type: string + description: The app name + example: astral + description: + type: string + description: The app description + example: Astral provides a simplified API for PKI and secrets + documentation: + type: string + description: The api docs location + example: http://localhost:3000/doc + version: + type: string + description: The app version + example: "0.0.1" /certificates: - $ref: './paths/certificates.yml#/certificates' + $ref: './paths/certificates.yml#/postCertificates' /secrets: - $ref: './paths/secrets.yml#/secrets' + $ref: './paths/secrets.yml#/postSecrets' + + /secrets/{path}: + $ref: './paths/secrets.yml#/getDeleteSecrets' diff --git a/doc/openapi/paths/certificates.yml b/doc/openapi/paths/certificates.yml index 46a6d7c..87bdea8 100644 --- a/doc/openapi/paths/certificates.yml +++ b/doc/openapi/paths/certificates.yml @@ -1,7 +1,7 @@ -certificates: +postCertificates: post: summary: Create Certificate - description: Creates a new certificate. + description: Issues a new certificate for the provided properties, using the Astral intermediate CA. operationId: createCertificate requestBody: description: Certificate creation data @@ -117,3 +117,5 @@ certificates: example: "1234567890abcdef" '400': description: Validation error or bad request + '401': + description: Unauthorized diff --git a/doc/openapi/paths/secrets.yml b/doc/openapi/paths/secrets.yml index cf4d29a..02ae979 100644 --- a/doc/openapi/paths/secrets.yml +++ b/doc/openapi/paths/secrets.yml @@ -1,7 +1,7 @@ -secrets: +postSecrets: post: summary: Create Secret - description: Creates a new secret. + description: Creates a new secret in the KV store at the provided path. operationId: createSecret requestBody: description: Secret creation data @@ -79,8 +79,10 @@ secrets: description: "Authentication information (if applicable)" '400': description: Validation error or bad request + '401': + description: Unauthorized -/secrets/{path}: +getDeleteSecrets: get: summary: Get Secret description: Retrieves a secret by its path. @@ -150,6 +152,8 @@ secrets: description: "Authentication information (if applicable)" '404': description: Secret not found + '401': + description: Unauthorized delete: summary: Delete Secret @@ -166,4 +170,6 @@ secrets: '204': description: Secret deleted successfully '404': - description: Secret not + description: Secret not found + '401': + description: Unauthorized diff --git a/public/doc/openapi-bundled.yml b/public/doc/openapi-bundled.yml index 8b06251..9540816 100644 --- a/public/doc/openapi-bundled.yml +++ b/public/doc/openapi-bundled.yml @@ -24,7 +24,28 @@ paths: operationId: getRoot responses: '200': - description: Root path information retrieved successfully + description: App info retrieved successfully + content: + application/json: + schema: + type: object + properties: + app: + type: string + description: The app name + example: astral + description: + type: string + description: The app description + example: Astral provides a simplified API for PKI and secrets + documentation: + type: string + description: The api docs location + example: http://localhost:3000/doc + version: + type: string + description: The app version + example: 0.0.1 /certificates: post: summary: Create Certificate @@ -242,4 +263,90 @@ paths: description: Authentication information (if applicable) '400': description: Validation error or bad request + /secrets/{path}: + get: + summary: Get Secret + description: Retrieves a secret by its path. + operationId: getSecret + parameters: + - name: path + in: path + required: true + schema: + type: string + description: Path to the secret + responses: + '200': + description: Secret retrieved successfully + content: + application/json: + schema: + type: object + properties: + request_id: + type: string + description: Unique ID for the request + example: 9000000d4-f0000-4c000-000000-800000000f + lease_id: + type: string + description: Lease ID + example: '' + renewable: + type: boolean + description: Indicates if the secret is renewable + default: false + lease_duration: + type: integer + description: Lease duration in seconds + example: 0 + data: + type: object + properties: + created_time: + type: string + format: date-time + description: The time the secret was created + example: '2022-02-09T23:41:58.888138788Z' + deletion_time: + type: string + description: The time the secret was deleted (if applicable) + example: '' + destroyed: + type: boolean + description: Indicates if the secret was destroyed + default: false + version: + type: integer + description: Version of the secret + example: 2 + wrap_info: + type: object + nullable: true + description: Wrap information (if applicable) + warnings: + type: string + nullable: true + description: Warnings (if any) + auth: + type: object + nullable: true + description: Authentication information (if applicable) + '404': + description: Secret not found + delete: + summary: Delete Secret + description: Deletes a secret by its path. + operationId: deleteSecret + parameters: + - name: path + in: path + required: true + schema: + type: string + description: Path to the secret + responses: + '204': + description: Secret deleted successfully + '404': + description: Secret not components: {} From 2eebcc342cb19282497f3601dae7afa00c5f940d Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 13:48:20 -0400 Subject: [PATCH 6/8] make chown dynamic for openapi-bundled; extra doc info --- lib/tasks/redoc.rake | 2 +- public/doc/openapi-bundled.yml | 14 +++++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/tasks/redoc.rake b/lib/tasks/redoc.rake index d53d99d..16f71b7 100644 --- a/lib/tasks/redoc.rake +++ b/lib/tasks/redoc.rake @@ -15,7 +15,7 @@ namespace :redoc do desc "Move bundled api spec to public hosting location" task :publish do %x( - sudo chown vscode:vscode doc/openapi/openapi-bundled.yml + sudo chown $(id -un):$(id -gn) doc/openapi/openapi-bundled.yml mv doc/openapi/openapi-bundled.yml public/doc/ ) puts "openapi-bundled.yml moved to public hosting location" diff --git a/public/doc/openapi-bundled.yml b/public/doc/openapi-bundled.yml index 9540816..12e9b15 100644 --- a/public/doc/openapi-bundled.yml +++ b/public/doc/openapi-bundled.yml @@ -49,7 +49,7 @@ paths: /certificates: post: summary: Create Certificate - description: Creates a new certificate. + description: Issues a new certificate for the provided properties, using the Astral intermediate CA. operationId: createCertificate requestBody: description: Certificate creation data @@ -182,10 +182,12 @@ paths: example: 1234567890abcdef '400': description: Validation error or bad request + '401': + description: Unauthorized /secrets: post: summary: Create Secret - description: Creates a new secret. + description: Creates a new secret in the KV store at the provided path. operationId: createSecret requestBody: description: Secret creation data @@ -263,6 +265,8 @@ paths: description: Authentication information (if applicable) '400': description: Validation error or bad request + '401': + description: Unauthorized /secrets/{path}: get: summary: Get Secret @@ -331,6 +335,8 @@ paths: type: object nullable: true description: Authentication information (if applicable) + '401': + description: Unauthorized '404': description: Secret not found delete: @@ -347,6 +353,8 @@ paths: responses: '204': description: Secret deleted successfully + '401': + description: Unauthorized '404': - description: Secret not + description: Secret not found components: {} From 427208aff5a9d0e29cb7553b462028d74387e374 Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 13:51:57 -0400 Subject: [PATCH 7/8] remove redocly from compose file --- .devcontainer/docker-compose.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 5cf3501..86eb01a 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -39,10 +39,3 @@ services: command: > sh -c "npm install -g json-server@0.17.4 && json-server /data/app_reg_db.json --routes /data/app_reg_routes.json --port 8800 --host 0.0.0.0" - - redocly: - image: redocly/cli - volumes: - - ../doc/openapi:/data:cached - working_dir: /data - command: "bundle openapi.yml --output openapi-bundled.yml" From a55f347f47f8fa6c0f83212b9ee72a92245952b2 Mon Sep 17 00:00:00 2001 From: Geoff Wilson Date: Wed, 25 Sep 2024 13:56:18 -0400 Subject: [PATCH 8/8] fix lint --- lib/tasks/redoc.rake | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/tasks/redoc.rake b/lib/tasks/redoc.rake index 16f71b7..8810fa6 100644 --- a/lib/tasks/redoc.rake +++ b/lib/tasks/redoc.rake @@ -20,5 +20,4 @@ namespace :redoc do ) puts "openapi-bundled.yml moved to public hosting location" end - end