From 0ee083a323de8dcc4525901a0eb9151ed9cb4b84 Mon Sep 17 00:00:00 2001
From: Rohan <rohan.chaturvedi@protonmail.com>
Date: Tue, 10 Dec 2024 11:40:29 +0530
Subject: [PATCH] feat: defer secret history fetch and decrypt till dialog is
 open

---
 backend/backend/schema.py                     |  10 +-
 frontend/apollo/gql.ts                        |   9 +-
 frontend/apollo/graphql.ts                    |  15 +-
 frontend/apollo/schema.graphql                |   2 +-
 .../environments/secrets/HistoryDialog.tsx    | 220 ++++++++++++------
 .../queries/secrets/getSecretHistory.gql      |  42 ++++
 .../graphql/queries/secrets/getSecrets.gql    |  31 ---
 7 files changed, 226 insertions(+), 103 deletions(-)
 create mode 100644 frontend/graphql/queries/secrets/getSecretHistory.gql

diff --git a/backend/backend/schema.py b/backend/backend/schema.py
index cdb31474..b3dcf033 100644
--- a/backend/backend/schema.py
+++ b/backend/backend/schema.py
@@ -250,8 +250,12 @@ class Query(graphene.ObjectType):
     app_service_accounts = graphene.List(ServiceAccountType, app_id=graphene.ID())
 
     secrets = graphene.List(
-        SecretType, env_id=graphene.ID(), path=graphene.String(required=False)
+        SecretType,
+        env_id=graphene.ID(),
+        path=graphene.String(required=False),
+        id=graphene.ID(required=False),
     )
+
     folders = graphene.List(
         SecretFolderType, env_id=graphene.ID(), path=graphene.String(required=False)
     )
@@ -509,7 +513,7 @@ def resolve_app_users(root, info, app_id):
 
     resolve_app_service_accounts = resolve_app_service_accounts
 
-    def resolve_secrets(root, info, env_id, path=None):
+    def resolve_secrets(root, info, env_id, path=None, id=None):
 
         org = Environment.objects.get(id=env_id).app.organisation
         if not user_has_permission(
@@ -524,6 +528,8 @@ def resolve_secrets(root, info, env_id, path=None):
 
         filter = {"environment_id": env_id, "deleted_at": None}
 
+        if id:
+            filter["id"] = id
         if path:
             filter["path"] = path
 
diff --git a/frontend/apollo/gql.ts b/frontend/apollo/gql.ts
index f37105ee..b77505a8 100644
--- a/frontend/apollo/gql.ts
+++ b/frontend/apollo/gql.ts
@@ -103,9 +103,10 @@ const documents = {
     "query GetEnvironmentKey($envId: ID!, $appId: ID!) {\n  environmentKeys(environmentId: $envId, appId: $appId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n}": types.GetEnvironmentKeyDocument,
     "query GetEnvironmentTokens($envId: ID!) {\n  environmentTokens(environmentId: $envId) {\n    id\n    name\n    wrappedKeyShare\n    createdAt\n  }\n}": types.GetEnvironmentTokensDocument,
     "query GetFolders($envId: ID!, $path: String) {\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n}": types.GetFoldersDocument,
+    "query GetSecretHistory($appId: ID!, $envId: ID!, $id: ID!) {\n  secrets(envId: $envId, id: $id) {\n    id\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n}": types.GetSecretHistoryDocument,
     "query GetEnvSecretsKV($envId: ID!) {\n  folders(envId: $envId, path: \"/\") {\n    id\n    name\n  }\n  secrets(envId: $envId, path: \"/\") {\n    id\n    key\n    value\n    path\n  }\n  environmentKeys(environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n}": types.GetEnvSecretsKvDocument,
     "query GetSecretTags($orgId: ID!) {\n  secretTags(orgId: $orgId) {\n    id\n    name\n    color\n  }\n}": types.GetSecretTagsDocument,
-    "query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}": types.GetSecretsDocument,
+    "query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}": types.GetSecretsDocument,
     "query GetServiceTokens($appId: ID!) {\n  serviceTokens(appId: $appId) {\n    id\n    name\n    createdAt\n    createdBy {\n      fullName\n      avatarUrl\n      self\n    }\n    expiresAt\n    keys {\n      id\n      identityKey\n    }\n  }\n}": types.GetServiceTokensDocument,
     "query GetServiceAccountHandlers($orgId: ID!) {\n  serviceAccountHandlers(orgId: $orgId) {\n    id\n    email\n    role {\n      name\n      permissions\n    }\n    identityKey\n    self\n  }\n}": types.GetServiceAccountHandlersDocument,
     "query GetServiceAccounts($orgId: ID!, $id: ID) {\n  serviceAccounts(orgId: $orgId, serviceAccountId: $id) {\n    id\n    name\n    identityKey\n    role {\n      id\n      name\n      description\n      color\n      permissions\n    }\n    createdAt\n    handlers {\n      id\n      wrappedKeyring\n      wrappedRecovery\n      user {\n        self\n      }\n    }\n    tokens {\n      id\n      name\n      createdAt\n      expiresAt\n      createdBy {\n        fullName\n        avatarUrl\n        self\n      }\n      lastUsed\n    }\n    appMemberships {\n      id\n      name\n      environments {\n        id\n        name\n      }\n    }\n  }\n}": types.GetServiceAccountsDocument,
@@ -500,6 +501,10 @@ export function graphql(source: "query GetEnvironmentTokens($envId: ID!) {\n  en
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
 export function graphql(source: "query GetFolders($envId: ID!, $path: String) {\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n}"): (typeof documents)["query GetFolders($envId: ID!, $path: String) {\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n}"];
+/**
+ * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
+ */
+export function graphql(source: "query GetSecretHistory($appId: ID!, $envId: ID!, $id: ID!) {\n  secrets(envId: $envId, id: $id) {\n    id\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n}"): (typeof documents)["query GetSecretHistory($appId: ID!, $envId: ID!, $id: ID!) {\n  secrets(envId: $envId, id: $id) {\n    id\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n}"];
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
@@ -511,7 +516,7 @@ export function graphql(source: "query GetSecretTags($orgId: ID!) {\n  secretTag
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
-export function graphql(source: "query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}"): (typeof documents)["query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    history {\n      id\n      key\n      value\n      path\n      tags {\n        id\n        name\n        color\n      }\n      version\n      comment\n      timestamp\n      ipAddress\n      userAgent\n      user {\n        email\n        username\n        fullName\n        avatarUrl\n      }\n      serviceToken {\n        id\n        name\n      }\n      serviceAccount {\n        id\n        name\n      }\n      eventType\n    }\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}"];
+export function graphql(source: "query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}"): (typeof documents)["query GetSecrets($appId: ID!, $envId: ID!, $path: String) {\n  secrets(envId: $envId, path: $path) {\n    id\n    key\n    value\n    path\n    tags {\n      id\n      name\n      color\n    }\n    comment\n    createdAt\n    updatedAt\n    override {\n      value\n      isActive\n    }\n    environment {\n      id\n      app {\n        id\n      }\n    }\n  }\n  folders(envId: $envId, path: $path) {\n    id\n    name\n    path\n    createdAt\n    folderCount\n    secretCount\n  }\n  appEnvironments(appId: $appId, environmentId: $envId) {\n    id\n    name\n    envType\n    identityKey\n    app {\n      name\n    }\n  }\n  environmentKeys(appId: $appId, environmentId: $envId) {\n    id\n    identityKey\n    wrappedSeed\n    wrappedSalt\n  }\n  envSyncs(envId: $envId) {\n    id\n    environment {\n      id\n      name\n      envType\n    }\n    serviceInfo {\n      id\n      name\n    }\n    options\n    isActive\n    status\n    lastSync\n    createdAt\n  }\n}"];
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
diff --git a/frontend/apollo/graphql.ts b/frontend/apollo/graphql.ts
index 941f9fcc..ed34e327 100644
--- a/frontend/apollo/graphql.ts
+++ b/frontend/apollo/graphql.ts
@@ -1482,6 +1482,7 @@ export type QuerySecretTagsArgs = {
 
 export type QuerySecretsArgs = {
   envId?: InputMaybe<Scalars['ID']['input']>;
+  id?: InputMaybe<Scalars['ID']['input']>;
   path?: InputMaybe<Scalars['String']['input']>;
 };
 
@@ -2676,6 +2677,15 @@ export type GetFoldersQueryVariables = Exact<{
 
 export type GetFoldersQuery = { __typename?: 'Query', folders?: Array<{ __typename?: 'SecretFolderType', id: string, name: string, path: string, createdAt?: any | null, folderCount?: number | null, secretCount?: number | null } | null> | null };
 
+export type GetSecretHistoryQueryVariables = Exact<{
+  appId: Scalars['ID']['input'];
+  envId: Scalars['ID']['input'];
+  id: Scalars['ID']['input'];
+}>;
+
+
+export type GetSecretHistoryQuery = { __typename?: 'Query', secrets?: Array<{ __typename?: 'SecretType', id: string, history?: Array<{ __typename?: 'SecretEventType', id: string, key: string, value: string, path: string, version: number, comment: string, timestamp: any, ipAddress?: string | null, userAgent?: string | null, eventType: ApiSecretEventEventTypeChoices, tags: Array<{ __typename?: 'SecretTagType', id: string, name: string, color: string }>, user?: { __typename?: 'OrganisationMemberType', email?: string | null, username?: string | null, fullName?: string | null, avatarUrl?: string | null } | null, serviceToken?: { __typename?: 'ServiceTokenType', id: string, name: string } | null, serviceAccount?: { __typename?: 'ServiceAccountType', id: string, name: string } | null } | null> | null } | null> | null, environmentKeys?: Array<{ __typename?: 'EnvironmentKeyType', id: string, identityKey: string, wrappedSeed: string, wrappedSalt: string } | null> | null };
+
 export type GetEnvSecretsKvQueryVariables = Exact<{
   envId: Scalars['ID']['input'];
 }>;
@@ -2697,7 +2707,7 @@ export type GetSecretsQueryVariables = Exact<{
 }>;
 
 
-export type GetSecretsQuery = { __typename?: 'Query', secrets?: Array<{ __typename?: 'SecretType', id: string, key: string, value: string, path: string, comment: string, createdAt?: any | null, updatedAt: any, tags: Array<{ __typename?: 'SecretTagType', id: string, name: string, color: string }>, history?: Array<{ __typename?: 'SecretEventType', id: string, key: string, value: string, path: string, version: number, comment: string, timestamp: any, ipAddress?: string | null, userAgent?: string | null, eventType: ApiSecretEventEventTypeChoices, tags: Array<{ __typename?: 'SecretTagType', id: string, name: string, color: string }>, user?: { __typename?: 'OrganisationMemberType', email?: string | null, username?: string | null, fullName?: string | null, avatarUrl?: string | null } | null, serviceToken?: { __typename?: 'ServiceTokenType', id: string, name: string } | null, serviceAccount?: { __typename?: 'ServiceAccountType', id: string, name: string } | null } | null> | null, override?: { __typename?: 'PersonalSecretType', value?: string | null, isActive: boolean } | null, environment: { __typename?: 'EnvironmentType', id: string, app: { __typename?: 'AppType', id: string } } } | null> | null, folders?: Array<{ __typename?: 'SecretFolderType', id: string, name: string, path: string, createdAt?: any | null, folderCount?: number | null, secretCount?: number | null } | null> | null, appEnvironments?: Array<{ __typename?: 'EnvironmentType', id: string, name: string, envType: ApiEnvironmentEnvTypeChoices, identityKey: string, app: { __typename?: 'AppType', name: string } } | null> | null, environmentKeys?: Array<{ __typename?: 'EnvironmentKeyType', id: string, identityKey: string, wrappedSeed: string, wrappedSalt: string } | null> | null, envSyncs?: Array<{ __typename?: 'EnvironmentSyncType', id: string, options: any, isActive: boolean, status: ApiEnvironmentSyncStatusChoices, lastSync?: any | null, createdAt?: any | null, environment: { __typename?: 'EnvironmentType', id: string, name: string, envType: ApiEnvironmentEnvTypeChoices }, serviceInfo?: { __typename?: 'ServiceType', id?: string | null, name?: string | null } | null } | null> | null };
+export type GetSecretsQuery = { __typename?: 'Query', secrets?: Array<{ __typename?: 'SecretType', id: string, key: string, value: string, path: string, comment: string, createdAt?: any | null, updatedAt: any, tags: Array<{ __typename?: 'SecretTagType', id: string, name: string, color: string }>, override?: { __typename?: 'PersonalSecretType', value?: string | null, isActive: boolean } | null, environment: { __typename?: 'EnvironmentType', id: string, app: { __typename?: 'AppType', id: string } } } | null> | null, folders?: Array<{ __typename?: 'SecretFolderType', id: string, name: string, path: string, createdAt?: any | null, folderCount?: number | null, secretCount?: number | null } | null> | null, appEnvironments?: Array<{ __typename?: 'EnvironmentType', id: string, name: string, envType: ApiEnvironmentEnvTypeChoices, identityKey: string, app: { __typename?: 'AppType', name: string } } | null> | null, environmentKeys?: Array<{ __typename?: 'EnvironmentKeyType', id: string, identityKey: string, wrappedSeed: string, wrappedSalt: string } | null> | null, envSyncs?: Array<{ __typename?: 'EnvironmentSyncType', id: string, options: any, isActive: boolean, status: ApiEnvironmentSyncStatusChoices, lastSync?: any | null, createdAt?: any | null, environment: { __typename?: 'EnvironmentType', id: string, name: string, envType: ApiEnvironmentEnvTypeChoices }, serviceInfo?: { __typename?: 'ServiceType', id?: string | null, name?: string | null } | null } | null> | null };
 
 export type GetServiceTokensQueryVariables = Exact<{
   appId: Scalars['ID']['input'];
@@ -2911,9 +2921,10 @@ export const GetAppSecretsLogsDocument = {"kind":"Document","definitions":[{"kin
 export const GetEnvironmentKeyDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetEnvironmentKey"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"appId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"environmentKeys"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSeed"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSalt"}}]}}]}}]} as unknown as DocumentNode<GetEnvironmentKeyQuery, GetEnvironmentKeyQueryVariables>;
 export const GetEnvironmentTokensDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetEnvironmentTokens"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"environmentTokens"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedKeyShare"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}}]}}]}}]} as unknown as DocumentNode<GetEnvironmentTokensQuery, GetEnvironmentTokensQueryVariables>;
 export const GetFoldersDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetFolders"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"path"}},"type":{"kind":"NamedType","name":{"kind":"Name","value":"String"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"folders"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"Variable","name":{"kind":"Name","value":"path"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"folderCount"}},{"kind":"Field","name":{"kind":"Name","value":"secretCount"}}]}}]}}]} as unknown as DocumentNode<GetFoldersQuery, GetFoldersQueryVariables>;
+export const GetSecretHistoryDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetSecretHistory"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"appId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"id"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"secrets"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"id"},"value":{"kind":"Variable","name":{"kind":"Name","value":"id"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"history"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"key"}},{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"tags"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"color"}}]}},{"kind":"Field","name":{"kind":"Name","value":"version"}},{"kind":"Field","name":{"kind":"Name","value":"comment"}},{"kind":"Field","name":{"kind":"Name","value":"timestamp"}},{"kind":"Field","name":{"kind":"Name","value":"ipAddress"}},{"kind":"Field","name":{"kind":"Name","value":"userAgent"}},{"kind":"Field","name":{"kind":"Name","value":"user"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"email"}},{"kind":"Field","name":{"kind":"Name","value":"username"}},{"kind":"Field","name":{"kind":"Name","value":"fullName"}},{"kind":"Field","name":{"kind":"Name","value":"avatarUrl"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceToken"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceAccount"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"eventType"}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"environmentKeys"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}},{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSeed"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSalt"}}]}}]}}]} as unknown as DocumentNode<GetSecretHistoryQuery, GetSecretHistoryQueryVariables>;
 export const GetEnvSecretsKvDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetEnvSecretsKV"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"folders"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"StringValue","value":"/","block":false}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"secrets"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"StringValue","value":"/","block":false}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"key"}},{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"path"}}]}},{"kind":"Field","name":{"kind":"Name","value":"environmentKeys"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSeed"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSalt"}}]}}]}}]} as unknown as DocumentNode<GetEnvSecretsKvQuery, GetEnvSecretsKvQueryVariables>;
 export const GetSecretTagsDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetSecretTags"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"secretTags"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"orgId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"color"}}]}}]}}]} as unknown as DocumentNode<GetSecretTagsQuery, GetSecretTagsQueryVariables>;
-export const GetSecretsDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetSecrets"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"appId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"path"}},"type":{"kind":"NamedType","name":{"kind":"Name","value":"String"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"secrets"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"Variable","name":{"kind":"Name","value":"path"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"key"}},{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"tags"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"color"}}]}},{"kind":"Field","name":{"kind":"Name","value":"comment"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"updatedAt"}},{"kind":"Field","name":{"kind":"Name","value":"history"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"key"}},{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"tags"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"color"}}]}},{"kind":"Field","name":{"kind":"Name","value":"version"}},{"kind":"Field","name":{"kind":"Name","value":"comment"}},{"kind":"Field","name":{"kind":"Name","value":"timestamp"}},{"kind":"Field","name":{"kind":"Name","value":"ipAddress"}},{"kind":"Field","name":{"kind":"Name","value":"userAgent"}},{"kind":"Field","name":{"kind":"Name","value":"user"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"email"}},{"kind":"Field","name":{"kind":"Name","value":"username"}},{"kind":"Field","name":{"kind":"Name","value":"fullName"}},{"kind":"Field","name":{"kind":"Name","value":"avatarUrl"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceToken"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceAccount"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"eventType"}}]}},{"kind":"Field","name":{"kind":"Name","value":"override"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"isActive"}}]}},{"kind":"Field","name":{"kind":"Name","value":"environment"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"app"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}}]}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"folders"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"Variable","name":{"kind":"Name","value":"path"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"folderCount"}},{"kind":"Field","name":{"kind":"Name","value":"secretCount"}}]}},{"kind":"Field","name":{"kind":"Name","value":"appEnvironments"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}},{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"envType"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"app"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"name"}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"environmentKeys"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}},{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSeed"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSalt"}}]}},{"kind":"Field","name":{"kind":"Name","value":"envSyncs"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"environment"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"envType"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceInfo"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"options"}},{"kind":"Field","name":{"kind":"Name","value":"isActive"}},{"kind":"Field","name":{"kind":"Name","value":"status"}},{"kind":"Field","name":{"kind":"Name","value":"lastSync"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}}]}}]}}]} as unknown as DocumentNode<GetSecretsQuery, GetSecretsQueryVariables>;
+export const GetSecretsDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetSecrets"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"appId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"envId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"path"}},"type":{"kind":"NamedType","name":{"kind":"Name","value":"String"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"secrets"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"Variable","name":{"kind":"Name","value":"path"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"key"}},{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"tags"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"color"}}]}},{"kind":"Field","name":{"kind":"Name","value":"comment"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"updatedAt"}},{"kind":"Field","name":{"kind":"Name","value":"override"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"value"}},{"kind":"Field","name":{"kind":"Name","value":"isActive"}}]}},{"kind":"Field","name":{"kind":"Name","value":"environment"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"app"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}}]}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"folders"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}},{"kind":"Argument","name":{"kind":"Name","value":"path"},"value":{"kind":"Variable","name":{"kind":"Name","value":"path"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"path"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"folderCount"}},{"kind":"Field","name":{"kind":"Name","value":"secretCount"}}]}},{"kind":"Field","name":{"kind":"Name","value":"appEnvironments"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}},{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"envType"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"app"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"name"}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"environmentKeys"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}},{"kind":"Argument","name":{"kind":"Name","value":"environmentId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSeed"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedSalt"}}]}},{"kind":"Field","name":{"kind":"Name","value":"envSyncs"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"envId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"envId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"environment"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"envType"}}]}},{"kind":"Field","name":{"kind":"Name","value":"serviceInfo"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}},{"kind":"Field","name":{"kind":"Name","value":"options"}},{"kind":"Field","name":{"kind":"Name","value":"isActive"}},{"kind":"Field","name":{"kind":"Name","value":"status"}},{"kind":"Field","name":{"kind":"Name","value":"lastSync"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}}]}}]}}]} as unknown as DocumentNode<GetSecretsQuery, GetSecretsQueryVariables>;
 export const GetServiceTokensDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetServiceTokens"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"appId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"serviceTokens"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"appId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"appId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"createdBy"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"fullName"}},{"kind":"Field","name":{"kind":"Name","value":"avatarUrl"}},{"kind":"Field","name":{"kind":"Name","value":"self"}}]}},{"kind":"Field","name":{"kind":"Name","value":"expiresAt"}},{"kind":"Field","name":{"kind":"Name","value":"keys"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}}]}}]}}]}}]} as unknown as DocumentNode<GetServiceTokensQuery, GetServiceTokensQueryVariables>;
 export const GetServiceAccountHandlersDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetServiceAccountHandlers"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"serviceAccountHandlers"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"orgId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"email"}},{"kind":"Field","name":{"kind":"Name","value":"role"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"permissions"}}]}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"self"}}]}}]}}]} as unknown as DocumentNode<GetServiceAccountHandlersQuery, GetServiceAccountHandlersQueryVariables>;
 export const GetServiceAccountsDocument = {"kind":"Document","definitions":[{"kind":"OperationDefinition","operation":"query","name":{"kind":"Name","value":"GetServiceAccounts"},"variableDefinitions":[{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}},"type":{"kind":"NonNullType","type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}},{"kind":"VariableDefinition","variable":{"kind":"Variable","name":{"kind":"Name","value":"id"}},"type":{"kind":"NamedType","name":{"kind":"Name","value":"ID"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"serviceAccounts"},"arguments":[{"kind":"Argument","name":{"kind":"Name","value":"orgId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"orgId"}}},{"kind":"Argument","name":{"kind":"Name","value":"serviceAccountId"},"value":{"kind":"Variable","name":{"kind":"Name","value":"id"}}}],"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"identityKey"}},{"kind":"Field","name":{"kind":"Name","value":"role"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"description"}},{"kind":"Field","name":{"kind":"Name","value":"color"}},{"kind":"Field","name":{"kind":"Name","value":"permissions"}}]}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"handlers"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedKeyring"}},{"kind":"Field","name":{"kind":"Name","value":"wrappedRecovery"}},{"kind":"Field","name":{"kind":"Name","value":"user"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"self"}}]}}]}},{"kind":"Field","name":{"kind":"Name","value":"tokens"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"createdAt"}},{"kind":"Field","name":{"kind":"Name","value":"expiresAt"}},{"kind":"Field","name":{"kind":"Name","value":"createdBy"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"fullName"}},{"kind":"Field","name":{"kind":"Name","value":"avatarUrl"}},{"kind":"Field","name":{"kind":"Name","value":"self"}}]}},{"kind":"Field","name":{"kind":"Name","value":"lastUsed"}}]}},{"kind":"Field","name":{"kind":"Name","value":"appMemberships"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}},{"kind":"Field","name":{"kind":"Name","value":"environments"},"selectionSet":{"kind":"SelectionSet","selections":[{"kind":"Field","name":{"kind":"Name","value":"id"}},{"kind":"Field","name":{"kind":"Name","value":"name"}}]}}]}}]}}]}}]} as unknown as DocumentNode<GetServiceAccountsQuery, GetServiceAccountsQueryVariables>;
diff --git a/frontend/apollo/schema.graphql b/frontend/apollo/schema.graphql
index 1c2ce15f..bb944b1e 100644
--- a/frontend/apollo/schema.graphql
+++ b/frontend/apollo/schema.graphql
@@ -17,7 +17,7 @@ type Query {
   appEnvironments(appId: ID, environmentId: ID, memberId: ID, memberType: MemberType): [EnvironmentType]
   appUsers(appId: ID): [OrganisationMemberType]
   appServiceAccounts(appId: ID): [ServiceAccountType]
-  secrets(envId: ID, path: String): [SecretType]
+  secrets(envId: ID, path: String, id: ID): [SecretType]
   folders(envId: ID, path: String): [SecretFolderType]
   secretHistory(secretId: ID): [SecretEventType]
   secretTags(orgId: ID): [SecretTagType]
diff --git a/frontend/components/environments/secrets/HistoryDialog.tsx b/frontend/components/environments/secrets/HistoryDialog.tsx
index 107a86cd..b665ffcd 100644
--- a/frontend/components/environments/secrets/HistoryDialog.tsx
+++ b/frontend/components/environments/secrets/HistoryDialog.tsx
@@ -1,27 +1,110 @@
-import { SecretType, ApiSecretEventEventTypeChoices } from '@/apollo/graphql'
+import { SecretType, SecretEventType, ApiSecretEventEventTypeChoices } from '@/apollo/graphql'
 import { relativeTimeFromDates } from '@/utils/time'
 import clsx from 'clsx'
-
-import { useState, Fragment } from 'react'
+import { GetSecretHistory } from '@/graphql/queries/secrets/getSecretHistory.gql'
+import { useState, Fragment, useEffect, useContext } from 'react'
 import { FaHistory, FaTimes, FaKey } from 'react-icons/fa'
 import { SecretPropertyDiffs } from './SecretPropertyDiffs'
 import { Button } from '../../common/Button'
 import { Dialog, Transition } from '@headlessui/react'
 import { Avatar } from '../../common/Avatar'
+import { useLazyQuery } from '@apollo/client'
+import {
+  EnvKeyring,
+  getUserKxPublicKey,
+  getUserKxPrivateKey,
+  decryptAsymmetric,
+  envKeyring,
+} from '@/utils/crypto'
+import { KeyringContext } from '@/contexts/keyringContext'
+import Spinner from '@/components/common/Spinner'
+
+export const HistoryDialog = ({
+  secret,
+  handlePropertyChange,
+}: {
+  secret: SecretType
+  handlePropertyChange: Function
+}) => {
+  const { keyring } = useContext(KeyringContext)
+  const [getHistory, { loading }] = useLazyQuery(GetSecretHistory, {
+    fetchPolicy: 'cache-and-network',
+  })
+  const [isOpen, setIsOpen] = useState(false)
+  const [clientSecret, setClientSecret] = useState<SecretType | null>(null)
+
+  const closeModal = () => setIsOpen(false)
+  const openModal = () => setIsOpen(true)
 
-export const HistoryDialog = (props: { secret: SecretType; handlePropertyChange: Function }) => {
-  const { secret, handlePropertyChange } = props
+  const decryptHistoryEvent = async (event: SecretEventType, envKeyring: EnvKeyring) => {
+    const decryptedEvent = { ...event }
+    const { publicKey, privateKey } = envKeyring
 
-  const [isOpen, setIsOpen] = useState<boolean>(false)
+    decryptedEvent.key = await decryptAsymmetric(event.key, privateKey, publicKey)
+    decryptedEvent.value = await decryptAsymmetric(event.value, privateKey, publicKey)
 
-  const closeModal = () => {
-    setIsOpen(false)
+    if (decryptedEvent.comment) {
+      decryptedEvent.comment = await decryptAsymmetric(event.comment, privateKey, publicKey)
+    }
+
+    return decryptedEvent
   }
 
-  const openModal = () => {
-    setIsOpen(true)
+  const decryptSecretHistory = async (secret: SecretType, envKeyring: EnvKeyring) => {
+    if (!secret.history || secret.history.length === 0) return secret
+
+    const decryptedHistory = await Promise.all(
+      secret.history.map((event) => decryptHistoryEvent(event!, envKeyring))
+    )
+
+    return { ...secret, history: decryptedHistory }
   }
 
+  useEffect(() => {
+    const fetchAndDecryptHistory = async () => {
+      try {
+        const { data } = await getHistory({
+          variables: {
+            appId: secret.environment.app.id,
+            envId: secret.environment.id,
+            id: secret.id,
+          },
+        })
+
+        if (data && keyring) {
+          const wrappedSeed = data.environmentKeys[0].wrappedSeed
+
+          const userKxKeys = {
+            publicKey: await getUserKxPublicKey(keyring.publicKey),
+            privateKey: await getUserKxPrivateKey(keyring.privateKey),
+          }
+          const seed = await decryptAsymmetric(
+            wrappedSeed,
+            userKxKeys.privateKey,
+            userKxKeys.publicKey
+          )
+
+          const { publicKey, privateKey } = await envKeyring(seed)
+
+          console.log('decrupting', data.secrets[0].id)
+
+          const decryptedSecret = await decryptSecretHistory(data.secrets[0], {
+            privateKey,
+            publicKey,
+            salt: '',
+          })
+
+          setClientSecret(decryptedSecret)
+          console.log('Decrypted secret:', decryptedSecret)
+        }
+      } catch (error) {
+        console.error('Error fetching or decrypting secret history:', error)
+      }
+    }
+
+    if (keyring && isOpen) fetchAndDecryptHistory()
+  }, [keyring, isOpen, secret, getHistory])
+
   const getEventTypeColor = (eventType: ApiSecretEventEventTypeChoices) => {
     if (eventType === ApiSecretEventEventTypeChoices.C) return 'bg-emerald-500'
     if (eventType === ApiSecretEventEventTypeChoices.U) return 'bg-yellow-500'
@@ -36,7 +119,7 @@ export const HistoryDialog = (props: { secret: SecretType; handlePropertyChange:
     if (eventType === ApiSecretEventEventTypeChoices.D) return 'Deleted'
   }
 
-  const secretHistory = secret.history
+  const secretHistory = clientSecret?.history
 
   return (
     <>
@@ -71,66 +154,73 @@ export const HistoryDialog = (props: { secret: SecretType; handlePropertyChange:
                 leaveFrom="opacity-100 scale-100"
                 leaveTo="opacity-0 scale-95"
               >
-                <Dialog.Panel className="w-full max-w-2xl transform overflow-hidden rounded-2xl bg-neutral-100 dark:bg-neutral-900 p-6 text-left align-middle shadow-xl transition-all">
-                  <Dialog.Title as="div" className="flex w-full justify-between items-start">
-                    <div>
-                      <h3 className="text-lg font-medium leading-6 text-black dark:text-white ">
-                        <span className="text-zinc-700 dark:text-zinc-200 font-mono ph-no-capture">
-                          {secret.key}
-                        </span>{' '}
-                        history
-                      </h3>
-                      <div className="text-neutral-500 text-sm">
-                        View the chronological history of changes made to this secret.
+                {loading || !secretHistory ? (
+                  <div>
+                    <Spinner size="sm" />
+                  </div>
+                ) : (
+                  <Dialog.Panel className="w-full max-w-2xl transform overflow-hidden rounded-2xl bg-neutral-100 dark:bg-neutral-900 p-6 text-left align-middle shadow-xl transition-all">
+                    <Dialog.Title as="div" className="flex w-full justify-between items-start">
+                      <div>
+                        <h3 className="text-lg font-medium leading-6 text-black dark:text-white ">
+                          <span className="text-zinc-700 dark:text-zinc-200 font-mono ph-no-capture">
+                            {secret.key}
+                          </span>{' '}
+                          history
+                        </h3>
+                        <div className="text-neutral-500 text-sm">
+                          View the chronological history of changes made to this secret.
+                        </div>
                       </div>
-                    </div>
 
-                    <Button variant="text" onClick={closeModal}>
-                      <FaTimes className="text-zinc-900 dark:text-zinc-400 hover:text-zinc-700 dark:hover:text-zinc-300" />
-                    </Button>
-                  </Dialog.Title>
-
-                  <div className="space-y-8 py-4">
-                    <div className="max-h-[800px] overflow-y-auto px-2">
-                      <div className="space-y-4 pb-4 border-l border-zinc-300 dark:border-zinc-700">
-                        {secretHistory?.map((historyItem, index) => (
-                          <div key={historyItem!.timestamp} className="pb-8 space-y-2">
-                            <div className="flex flex-row items-center gap-2 -ml-1">
-                              <span
-                                className={clsx(
-                                  'h-2 w-2 rounded-full',
-                                  getEventTypeColor(historyItem!.eventType)
-                                )}
-                              ></span>
-                              <div className="text-zinc-800 dark:text-zinc-200 font-semibold">
-                                {getEventTypeText(historyItem!.eventType)}
-                              </div>
-                              <div className="text-neutral-500 text-sm">
-                                {relativeTimeFromDates(new Date(historyItem!.timestamp))}
-                              </div>{' '}
-                              <div className="text-sm flex items-center gap-2 text-neutral-500">
-                                {historyItem!.user && (
-                                  <div className="flex items-center gap-1 text-sm">
-                                    by <Avatar imagePath={historyItem!.user.avatarUrl!} size="sm" />
-                                    {historyItem?.user.fullName || historyItem?.user.email}
-                                  </div>
-                                )}
+                      <Button variant="text" onClick={closeModal}>
+                        <FaTimes className="text-zinc-900 dark:text-zinc-400 hover:text-zinc-700 dark:hover:text-zinc-300" />
+                      </Button>
+                    </Dialog.Title>
+
+                    <div className="space-y-8 py-4">
+                      <div className="max-h-[800px] overflow-y-auto px-2">
+                        <div className="space-y-4 pb-4 border-l border-zinc-300 dark:border-zinc-700">
+                          {secretHistory?.map((historyItem, index) => (
+                            <div key={historyItem!.timestamp} className="pb-8 space-y-2">
+                              <div className="flex flex-row items-center gap-2 -ml-1">
+                                <span
+                                  className={clsx(
+                                    'h-2 w-2 rounded-full',
+                                    getEventTypeColor(historyItem!.eventType)
+                                  )}
+                                ></span>
+                                <div className="text-zinc-800 dark:text-zinc-200 font-semibold">
+                                  {getEventTypeText(historyItem!.eventType)}
+                                </div>
+                                <div className="text-neutral-500 text-sm">
+                                  {relativeTimeFromDates(new Date(historyItem!.timestamp))}
+                                </div>{' '}
+                                <div className="text-sm flex items-center gap-2 text-neutral-500">
+                                  {historyItem!.user && (
+                                    <div className="flex items-center gap-1 text-sm">
+                                      by{' '}
+                                      <Avatar imagePath={historyItem!.user.avatarUrl!} size="sm" />
+                                      {historyItem?.user.fullName || historyItem?.user.email}
+                                    </div>
+                                  )}
+                                </div>
                               </div>
+                              {index > 0 && (
+                                <SecretPropertyDiffs
+                                  secret={clientSecret}
+                                  historyItem={historyItem!}
+                                  index={index}
+                                  handlePropertyChange={handlePropertyChange}
+                                />
+                              )}
                             </div>
-                            {index > 0 && (
-                              <SecretPropertyDiffs
-                                secret={secret}
-                                historyItem={historyItem!}
-                                index={index}
-                                handlePropertyChange={handlePropertyChange}
-                              />
-                            )}
-                          </div>
-                        ))}
+                          ))}
+                        </div>
                       </div>
                     </div>
-                  </div>
-                </Dialog.Panel>
+                  </Dialog.Panel>
+                )}
               </Transition.Child>
             </div>
           </div>
diff --git a/frontend/graphql/queries/secrets/getSecretHistory.gql b/frontend/graphql/queries/secrets/getSecretHistory.gql
new file mode 100644
index 00000000..1488263c
--- /dev/null
+++ b/frontend/graphql/queries/secrets/getSecretHistory.gql
@@ -0,0 +1,42 @@
+query GetSecretHistory($appId: ID!, $envId: ID!, $id: ID!) {
+  secrets(envId: $envId, id: $id) {
+    id
+    history {
+      id
+      key
+      value
+      path
+      tags {
+        id
+        name
+        color
+      }
+      version
+      comment
+      timestamp
+      ipAddress
+      userAgent
+      user {
+        email
+        username
+        fullName
+        avatarUrl
+      }
+      serviceToken {
+        id
+        name
+      }
+      serviceAccount {
+        id
+        name
+      }
+      eventType
+    }
+  }
+  environmentKeys(appId: $appId, environmentId: $envId) {
+    id
+    identityKey
+    wrappedSeed
+    wrappedSalt
+  }
+}
diff --git a/frontend/graphql/queries/secrets/getSecrets.gql b/frontend/graphql/queries/secrets/getSecrets.gql
index d06f3a4c..800a6c0a 100644
--- a/frontend/graphql/queries/secrets/getSecrets.gql
+++ b/frontend/graphql/queries/secrets/getSecrets.gql
@@ -12,37 +12,6 @@ query GetSecrets($appId: ID!, $envId: ID!, $path: String) {
     comment
     createdAt
     updatedAt
-    history {
-      id
-      key
-      value
-      path
-      tags {
-        id
-        name
-        color
-      }
-      version
-      comment
-      timestamp
-      ipAddress
-      userAgent
-      user {
-        email
-        username
-        fullName
-        avatarUrl
-      }
-      serviceToken {
-        id
-        name
-      }
-      serviceAccount {
-        id
-        name
-      }
-      eventType
-    }
     override {
       value
       isActive