[FLOW-10732] Secrets API #8
Conversation
|
@sayanb06 tagged you for review to make sure everything is correct since you wrote the API! |
openapi.yaml
Outdated
| - NONE | ||
| allowed_workspaces: | ||
| type: array | ||
| description: Which workspaces are allowed if only SOME workspaces are allowed. |
There was a problem hiding this comment.
Can we edit this to be something like:
"If allowed_workspaces_type is SOME, then specify which workspaces in particular. The language is a bit off but it makes it clear that allowed_workspaces_type == SOME
There was a problem hiding this comment.
It seems this is also specified in the example so feel free to ignore if not necessary.
openapi.yaml
Outdated
| alias: | ||
| type: string | ||
| description: Name of the secret. | ||
| description: |
There was a problem hiding this comment.
There's a list of required props below, I assume this gets integrated into the description in an automated way
There was a problem hiding this comment.
Yeah, any parameters not listed as “required” in the special “required” section are listed as “optional” in the parameter descriptions.
openapi.yaml
Outdated
| -H "Authorization: Bearer ${API_TOKEN}" \ | ||
| -H "IB-Context: ${IB_CONTEXT}"\ | ||
| -F alias="my_secret" \ | ||
| -F description="Sample secret" \ |
openapi.yaml
Outdated
|
|
||
| result = client.secrets.create( | ||
| alias="my_secret", | ||
| description="Sample secret", |
openapi.yaml
Outdated
| description: | ||
| type: string | ||
| description: New description of the secret. | ||
| value: | ||
| type: string | ||
| description: New content of the secret. | ||
| allowed_workspaces_type: | ||
| type: string | ||
| description: New designation of which workspaces in this organization are allowed to use this secret in custom functions. | ||
| enum: | ||
| - ALL | ||
| - SOME | ||
| - NONE | ||
| allowed_workspaces: | ||
| type: array | ||
| description: New designation of which workspaces are allowed if only SOME workspaces are allowed. | ||
| items: | ||
| type: string | ||
| required: | ||
| - alias |
There was a problem hiding this comment.
We should say that this is as needed. If not specified, then the value will stay the same.
openapi.yaml
Outdated
| description: The user ID of the user who last edited the secret. | ||
|
|
||
| /v2/secrets: | ||
| post: |
There was a problem hiding this comment.
Do we need to include the GET API? The one above just seems to indicate what the object type returned is. In addition, same question for getting deployed solutions affected by secret.
There was a problem hiding this comment.
Ahh crap I must have accidentally deleted it 😢
There was a problem hiding this comment.
I was intending on not adding the affected deployments endpoint though
openapi.yaml
Outdated
| description: | | ||
| List all secrets available to the organizaiton, in a given workspace, and with a given alias | ||
|
|
||
| <Note>Only organization admins can list all secrets in the organization.</Note> |
There was a problem hiding this comment.
Can we also add that nonadmins must specify workspace?
openapi.yaml
Outdated
| - secrets | ||
| summary: List secrets | ||
| description: | | ||
| List all secrets available to the organizaiton, in a given workspace, and with a given alias |
There was a problem hiding this comment.
| List all secrets available to the organizaiton, in a given workspace, and with a given alias | |
| List secrets available to the organization, secrets in a given workspace, or secrets with a given alias. |
There was a problem hiding this comment.
Can you have the same alias defined in two different workspaces, corresponding to different secrets?
If not, maybe use this instead? List secrets available to the organization, secrets available in a given workspace, or the secret with a given alias.
openapi.yaml
Outdated
| description: | | ||
| List all secrets available to the organizaiton, in a given workspace, and with a given alias | ||
|
|
||
| <Note>Only organization admins can list all secrets in the organization.</Note> |
There was a problem hiding this comment.
| <Note>Only organization admins can list all secrets in the organization.</Note> | |
| <Note>Only organization admins can list all secrets in the organization. Non-admins must specify a workspace.</Note> |
openapi.yaml
Outdated
| schema: | ||
| type: string | ||
| description: | | ||
| Filter to secrets in the specified workspace. |
There was a problem hiding this comment.
| Filter to secrets in the specified workspace. | |
| Show secrets defined in the specified workspace. |
openapi.yaml
Outdated
| description: | | ||
| Filter to secrets in the specified workspace. | ||
|
|
||
| <Info>In order to get the secrets for a given workspace, the user must be a member of that workspace.</Info> |
There was a problem hiding this comment.
| <Info>In order to get the secrets for a given workspace, the user must be a member of that workspace.</Info> | |
| <Info>Only members of a workspace can get secrets defined in that workspace.</Info> |
openapi.yaml
Outdated
| schema: | ||
| type: string | ||
| description: | | ||
| Get only the secret with the specified alias. |
There was a problem hiding this comment.
| Get only the secret with the specified alias. | |
| Get the secret with the specified alias. |
openapi.yaml
Outdated
| properties: | ||
| alias: | ||
| type: string | ||
| description: Name of the secret to be edited. |
There was a problem hiding this comment.
| description: Name of the secret to be edited. | |
| description: Name of the secret to update. |
openapi.yaml
Outdated
| - secrets | ||
| summary: Update secret | ||
| description: | | ||
| Update the value, description, or allowed workspaces for a secret. |
There was a problem hiding this comment.
| Update the value, description, or allowed workspaces for a secret. | |
| Update the description, value, or allowed workspaces for a secret. |
To preserve the same order as the parameters are listed below.
openapi.yaml
Outdated
| - NONE | ||
| allowed_workspaces: | ||
| type: array | ||
| description: New designation of which workspaces are allowed if only SOME workspaces are allowed. |
There was a problem hiding this comment.
| description: New designation of which workspaces are allowed if only SOME workspaces are allowed. | |
| description: New designation of which workspaces are allowed to use this secret, if only some are. |
openapi.yaml
Outdated
| properties: | ||
| alias: | ||
| type: string | ||
| description: Name of the secret to be deleted. |
There was a problem hiding this comment.
| description: Name of the secret to be deleted. | |
| description: Name of the secret to delete. |
openapi.yaml
Outdated
| alias: | ||
| type: string | ||
| description: Name of the secret. | ||
| description: |
There was a problem hiding this comment.
Yeah, any parameters not listed as “required” in the special “required” section are listed as “optional” in the parameter descriptions.
| - secrets | ||
| summary: Update secret | ||
| description: | | ||
| Update the description, value, or allowed workspaces for a secret. If a value for a parameter is not specified, it will remain the same. |
There was a problem hiding this comment.
@cwcowell what do you think of this second sentence I added here?
|
We should merge both the main repo PR and this at the same time. |
|
@anilshanbhag I do not yet, trying to get that done today - I might have to backport it. I'll wait to merge this until that's done. |
|
Checking status on this, so we can merge https://github.com/instabase/instabase-fern/pull/181 at the same time and make sure we put release notes for this change under the correct AI Hub version. @jessmand are we waiting on the corresponding SDK & tests PR, or is this ready to merge? |
| - code-samples: | ||
| - sdk: curl | ||
| code: | | ||
| curl -X PATCH "${API_ROOT}/v2/secrets" \ |
There was a problem hiding this comment.
Wow I’ve never seen PATCH used as an HTTP verb literally ever in my career. 🎉
Co-authored-by: Chris Cowell <43705622+cwcowell@users.noreply.github.com>
Corresponds with https://github.com/instabase/instabase-fern/pull/181