File size: 945 Bytes
fc93158 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | import type { OpenSkynetConfig } from "../config/config.js";
import type { SecretRef } from "../config/types.secrets.js";
export function selectRefsForExecPolicy(params: { refs: SecretRef[]; allowExec: boolean }): {
refsToResolve: SecretRef[];
skippedExecRefs: SecretRef[];
} {
const refsToResolve: SecretRef[] = [];
const skippedExecRefs: SecretRef[] = [];
for (const ref of params.refs) {
if (ref.source === "exec" && !params.allowExec) {
skippedExecRefs.push(ref);
continue;
}
refsToResolve.push(ref);
}
return { refsToResolve, skippedExecRefs };
}
export function getSkippedExecRefStaticError(params: {
ref: SecretRef;
config: OpenSkynetConfig;
}): string | null {
void params.config;
if (params.ref.source !== "exec") {
return null;
}
return `Exec SecretRef ${params.ref.provider}/${params.ref.id} was skipped because exec-backed secret resolution is disabled for this audit run.`;
}
|