Merge pull request #5 from Infisical/daniel/system-properties

feat(secrets): add secrets to system properties

Author: varonix0

.DS_Store

@@ -38,7 +38,7 @@ jobs:
 
             - name: Upload Test Results
               if: always()
-              uses: actions/upload-artifact@v3
+              uses: actions/upload-artifact@v4
               with:
                   name: test-results
                   path: target/surefire-reports/

.github/workflows/test.yml

@@ -1,3 +1,4 @@
 /scripts/node_modules
 /target
-.idea
+.idea
+.DS_Store

.gitignore

@@ -114,7 +114,8 @@ public List<Secret> ListSecrets(
     String secretPath,
     Boolean expandSecretReferences,
     Boolean recursive,
-    Boolean includeImports
+    Boolean includeImports,
+    Boolean setSecretsOnSystemProperties
 )
 
 throws InfisicalException
@@ -128,6 +129,7 @@ List<Secret> secrets = await sdk.Secrets().ListSecrets(
   false, // Should expand secret references
   false, // Should get secrets recursively from sub folders
   false, // Should include imports
+  false // Should set the fetched secrets as key/value pairs on the system properties. Makes the secrets accessible as System.getProperty("<secret-key>")
 );
 ```
 
@@ -138,6 +140,7 @@ List<Secret> secrets = await sdk.Secrets().ListSecrets(
 - `expandSecretReferences` (boolean): Whether to expand secret references.
 - `recursive` (boolean): Whether to list secrets recursively.
 - `includeImports` (boolean): Whether to include imported secrets.
+- `setSecretsOnSystemProperties` (boolean): Set the retrieved secrets as key/value pairs on the system properties, making them accessible through `System.getProperty("<secret-key>")`
 
 **Returns:**
 - `List<Secret>`: The response containing the list of secrets.

README.md

@@ -1,104 +1,128 @@
 package com.infisical.sdk.resources;
 
-import com.infisical.sdk.api.QueryBuilder;
-import com.infisical.sdk.models.*;
-
-import com.infisical.sdk.util.Helper;
+import java.util.List;
 
 import com.infisical.sdk.api.ApiClient;
+import com.infisical.sdk.api.QueryBuilder;
+import com.infisical.sdk.models.CreateSecretInput;
+import com.infisical.sdk.models.DeleteSecretInput;
+import com.infisical.sdk.models.ListSecretsResponse;
+import com.infisical.sdk.models.Secret;
+import com.infisical.sdk.models.SingleSecretResponse;
+import com.infisical.sdk.models.UpdateSecretInput;
+import com.infisical.sdk.util.Helper;
 import com.infisical.sdk.util.InfisicalException;
-import java.util.List;
 
 public class SecretsClient {
-    private final ApiClient httpClient;
-
-    public SecretsClient(ApiClient apiClient) {
-        this.httpClient = apiClient;
-    }
-
-    public List<Secret> ListSecrets(String projectId, String environmentSlug, String secretPath, Boolean expandSecretReferences, Boolean recursive, Boolean includeImports) throws InfisicalException {
-        var url = String.format("%s%s", this.httpClient.GetBaseUrl(), "/api/v3/secrets/raw");
-
-        var queryParameters = new QueryBuilder()
-            .add("workspaceId", projectId)
-            .add("environment", environmentSlug)
-            .add("secretPath", secretPath)
-            .add("expandSecretReferences", Helper.booleanToString(expandSecretReferences))
-            .add("recursive", Helper.booleanToString(recursive))
-            .add("includeImports", Helper.booleanToString(includeImports))
-            .build();
-
-        var listSecrets = this.httpClient.get(url, queryParameters, ListSecretsResponse.class);
-
-        return listSecrets.getSecrets();
+  private final ApiClient httpClient;
+
+  public SecretsClient(ApiClient apiClient) {
+    this.httpClient = apiClient;
+  }
+
+  // Overload to avoid breaking changes for new setSecretsOnSystemProperties
+  // parameter
+  public List<Secret> ListSecrets(String projectId, String environmentSlug, String secretPath,
+      Boolean expandSecretReferences, Boolean recursive, Boolean includeImports) throws InfisicalException {
+    return ListSecrets(projectId, environmentSlug, secretPath, expandSecretReferences, recursive, includeImports,
+        false);
+  }
+
+  public List<Secret> ListSecrets(String projectId, String environmentSlug, String secretPath,
+      Boolean expandSecretReferences, Boolean recursive, Boolean includeImports, Boolean setSecretsOnSystemProperties)
+      throws InfisicalException {
+    var url = String.format("%s%s", this.httpClient.GetBaseUrl(), "/api/v3/secrets/raw");
+
+    var queryParameters = new QueryBuilder()
+        .add("workspaceId", projectId)
+        .add("environment", environmentSlug)
+        .add("secretPath", secretPath)
+        .add("expandSecretReferences", Helper.booleanToString(expandSecretReferences))
+        .add("recursive", Helper.booleanToString(recursive))
+        .add("includeImports", Helper.booleanToString(includeImports))
+        .build();
+
+    var listSecrets = this.httpClient.get(url, queryParameters, ListSecretsResponse.class);
+
+    if (setSecretsOnSystemProperties) {
+      for (Secret secret : listSecrets.getSecrets()) {
+        System.setProperty(secret.getSecretKey(), secret.getSecretValue());
+      }
     }
 
-    public Secret GetSecret(String secretName, String projectId, String environmentSlug, String secretPath, Boolean expandSecretReferences, Boolean includeImports, String secretType) throws InfisicalException {
-        var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
+    return listSecrets.getSecrets();
+  }
 
-        var queryParameters = new QueryBuilder()
-            .add("workspaceId", projectId)
-            .add("environment", environmentSlug)
-            .add("secretPath", secretPath)
-            .add("expandSecretReferences", Helper.booleanToString(expandSecretReferences))
-            .add("includeImports", Helper.booleanToString(includeImports))
-            .add("type", secretType)
-            .build();
+  public Secret GetSecret(String secretName, String projectId, String environmentSlug, String secretPath,
+      Boolean expandSecretReferences, Boolean includeImports, String secretType) throws InfisicalException {
+    var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
 
-        var result = this.httpClient.get(url, queryParameters, SingleSecretResponse.class);
+    var queryParameters = new QueryBuilder()
+        .add("workspaceId", projectId)
+        .add("environment", environmentSlug)
+        .add("secretPath", secretPath)
+        .add("expandSecretReferences", Helper.booleanToString(expandSecretReferences))
+        .add("includeImports", Helper.booleanToString(includeImports))
+        .add("type", secretType)
+        .build();
 
-        return result.getSecret();
-    }
+    var result = this.httpClient.get(url, queryParameters, SingleSecretResponse.class);
 
-    public Secret UpdateSecret(String secretName, String projectId, String environmentSlug, String secretPath, String newSecretValue, String newSecretName) throws InfisicalException {
-        var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
+    return result.getSecret();
+  }
 
-        var inputBuilder = UpdateSecretInput.builder()
-                .secretPath(secretPath)
-                .projectId(projectId)
-                .environmentSlug(environmentSlug)
-                .newSecretName(newSecretName)
-                .secretValue(newSecretValue);
+  public Secret UpdateSecret(String secretName, String projectId, String environmentSlug, String secretPath,
+      String newSecretValue, String newSecretName) throws InfisicalException {
+    var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
 
-        if (newSecretName != null) inputBuilder.newSecretName(newSecretName);
-        if (newSecretName != null) inputBuilder.secretValue(newSecretValue);
+    var inputBuilder = UpdateSecretInput.builder()
+        .secretPath(secretPath)
+        .projectId(projectId)
+        .environmentSlug(environmentSlug)
+        .newSecretName(newSecretName)
+        .secretValue(newSecretValue);
 
-        var requestInput = inputBuilder.build();
+    if (newSecretName != null)
+      inputBuilder.newSecretName(newSecretName);
+    if (newSecretName != null)
+      inputBuilder.secretValue(newSecretValue);
 
+    var requestInput = inputBuilder.build();
 
-        var result = this.httpClient.patch(url, requestInput, SingleSecretResponse.class);
-
-        return result.getSecret();
-    }
+    var result = this.httpClient.patch(url, requestInput, SingleSecretResponse.class);
 
+    return result.getSecret();
+  }
 
-    public Secret CreateSecret(String secretName, String secretValue, String projectId, String environmentSlug, String secretPath) throws InfisicalException {
-        var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
+  public Secret CreateSecret(String secretName, String secretValue, String projectId, String environmentSlug,
+      String secretPath) throws InfisicalException {
+    var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
 
-        var createSecretInput = CreateSecretInput.builder()
-            .secretPath(secretPath)
-            .projectId(projectId)
-            .environmentSlug(environmentSlug)
-            .secretValue(secretValue)
-            .build();
+    var createSecretInput = CreateSecretInput.builder()
+        .secretPath(secretPath)
+        .projectId(projectId)
+        .environmentSlug(environmentSlug)
+        .secretValue(secretValue)
+        .build();
 
-        createSecretInput.setSecretValue(!secretValue.isEmpty() ? secretValue : "");
+    createSecretInput.setSecretValue(!secretValue.isEmpty() ? secretValue : "");
 
-        var result = this.httpClient.post(url, createSecretInput, SingleSecretResponse.class);
+    var result = this.httpClient.post(url, createSecretInput, SingleSecretResponse.class);
 
-        return result.getSecret();
-    }
+    return result.getSecret();
+  }
 
-    public Secret DeleteSecret(String secretName, String projectId, String environmentSlug, String secretPath) throws InfisicalException {
-        var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
+  public Secret DeleteSecret(String secretName, String projectId, String environmentSlug, String secretPath)
+      throws InfisicalException {
+    var url = String.format("%s%s", this.httpClient.GetBaseUrl(), String.format("/api/v3/secrets/raw/%s", secretName));
 
-        var deleteSecretInput = DeleteSecretInput.builder()
-            .secretPath(secretPath)
-            .projectId(projectId)
-            .environmentSlug(environmentSlug)
-            .build();
+    var deleteSecretInput = DeleteSecretInput.builder()
+        .secretPath(secretPath)
+        .projectId(projectId)
+        .environmentSlug(environmentSlug)
+        .build();
 
-        var result = this.httpClient.delete(url, deleteSecretInput, SingleSecretResponse.class);
-        return result.getSecret();
-    }
+    var result = this.httpClient.delete(url, deleteSecretInput, SingleSecretResponse.class);
+    return result.getSecret();
+  }
 }

src/main/java/com/infisical/sdk/resources/SecretsClient.java

@@ -1,17 +1,15 @@
 package com.infisical.sdk;
 
-import com.infisical.sdk.util.EnvironmentVariables;
-import com.infisical.sdk.util.InfisicalException;
-
-import com.infisical.sdk.util.RandomUtil;
-import org.junit.jupiter.api.*;
-import com.infisical.sdk.config.SdkConfig;
-
 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
-
+import org.junit.jupiter.api.Test;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.infisical.sdk.config.SdkConfig;
+import com.infisical.sdk.util.EnvironmentVariables;
+import com.infisical.sdk.util.InfisicalException;
+import com.infisical.sdk.util.RandomUtil;
+
 
 public class InfisicalSdkTest {
     private static final Logger logger = LoggerFactory.getLogger(InfisicalSdkTest.class);
@@ -33,7 +31,7 @@ public void TestListSecrets() {
         });
 
         try {
-            var secrets = sdk.Secrets().ListSecrets(envVars.getProjectId(), "dev", "/", false, false, false);
+            var secrets = sdk.Secrets().ListSecrets(envVars.getProjectId(), "dev", "/", false, false, false, false);
             logger.info("Secrets length {}", secrets.size());
 
         } catch (InfisicalException e) {