chore: updated compositional types to tagged types

aryanjassal · aryanjassal · commit 720eff93b369 · 2025-01-31T10:40:44.000+11:00
chore: streaming secret to file

deps: updated polykey to 1.17.4

fix: cleaned up secrets edit command

chore: enforced runtime type safety for some secrets commands
diff --git a/npmDepsHash b/npmDepsHash
@@ -1 +1 @@
-sha256-lBwUiaE6pz8zn71siGtYVRIc0rKrNQn2nzE8Z2aLN+U=
+sha256-+smJJF/RKH+OHQmb2BPqXlbHxmf5DNCOhl3Q7xQqT/U=
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -153,7 +153,7 @@
     "nexpect": "^0.6.0",
     "node-gyp-build": "^4.4.0",
     "nodemon": "^3.0.1",
-    "polykey": "^1.17.3",
+    "polykey": "^1.17.4",
     "prettier": "^3.0.0",
     "shelljs": "^0.8.5",
     "shx": "^0.3.4",
diff --git a/src/secrets/CommandCat.ts b/src/secrets/CommandCat.ts
@@ -27,6 +27,7 @@ class CommandGet extends CommandPolykey {
       const { default: PolykeyClient } = await import(
         'polykey/dist/PolykeyClient'
       );
+      const { never } = await import('polykey/dist/utils');
       const clientOptions = await binProcessors.processClientOptions(
         options.nodePath,
         options.nodeId,
@@ -95,27 +96,35 @@ class CommandGet extends CommandPolykey {
           // Print out incoming data to standard out
           let hasErrored = false;
           for await (const result of response.readable) {
-            if (result.type === 'error') {
-              hasErrored = true;
-              switch (result.code) {
-                case 'ENOENT':
-                  // Attempt to cat a non-existent file
-                  process.stderr.write(
-                    `cat: ${result.reason}: No such file or directory\n`,
-                  );
-                  break;
-                case 'EISDIR':
-                  // Attempt to cat a directory
-                  process.stderr.write(
-                    `cat: ${result.reason}: Is a directory\n`,
-                  );
-                  break;
-                default:
-                  // No other code should be thrown
-                  throw result;
-              }
-            } else {
-              process.stdout.write(result.secretContent);
+            const type = result.type;
+            switch (type) {
+              case 'ErrorMessage':
+                hasErrored = true;
+                switch (result.code) {
+                  case 'ENOENT':
+                    // Attempt to cat a non-existent file
+                    process.stderr.write(
+                      `cat: ${result.reason}: No such file or directory\n`,
+                    );
+                    break;
+                  case 'EISDIR':
+                    // Attempt to cat a directory
+                    process.stderr.write(
+                      `cat: ${result.reason}: Is a directory\n`,
+                    );
+                    break;
+                  default:
+                    // No other code should be thrown
+                    throw result;
+                }
+                break;
+              case 'SuccessMessage':
+                process.stdout.write(result.secretContent);
+                break;
+              default:
+                never(
+                  `Expected "SuccessMessage" or "ContentMessage", got ${type}`,
+                );
             }
           }
           return hasErrored;
diff --git a/src/secrets/CommandEdit.ts b/src/secrets/CommandEdit.ts
@@ -27,10 +27,10 @@ class CommandEdit extends CommandPolykey {
       const secretPath = fullSecretPath[1] ?? '/';
       const os = await import('os');
       const { spawn } = await import('child_process');
-      const vaultsErrors = await import('polykey/dist/vaults/errors');
       const { default: PolykeyClient } = await import(
         'polykey/dist/PolykeyClient'
       );
+      const { never } = await import('polykey/dist/utils');
       const clientOptions = await binProcessors.processClientOptions(
         options.nodePath,
         options.nodeId,
@@ -65,40 +65,58 @@ class CommandEdit extends CommandPolykey {
         const tmpFile = path.join(tmpDir, path.basename(secretPath));
         const secretExists = await binUtils.retryAuthentication(
           async (auth) => {
-            let exists = true;
-            const response = await pkClient.rpcClient.methods.vaultsSecretsGet({
+            let exists = false;
+            const response =
+              await pkClient.rpcClient.methods.vaultsSecretsCat();
+            const writer = response.writable.getWriter();
+            await writer.write({
               nameOrId: vaultName,
               secretName: secretPath,
               metadata: auth,
             });
+            await writer.close();
+            const fd = await fs.promises.open(tmpFile, 'a');
             try {
-              let rawSecretContent: string = '';
-              for await (const chunk of response) {
-                rawSecretContent += chunk.secretContent;
-              }
-              const secretContent = Buffer.from(rawSecretContent, 'binary');
-              await this.fs.promises.writeFile(tmpFile, secretContent);
-            } catch (e) {
-              const [cause, _] = binUtils.remoteErrorCause(e);
-              if (cause instanceof vaultsErrors.ErrorSecretsSecretUndefined) {
-                exists = false;
-              } else if (
-                cause instanceof vaultsErrors.ErrorSecretsIsDirectory
-              ) {
-                // First, write the inline error to standard error like other
-                // secrets commands do.
-                process.stderr.write(
-                  `edit: ${secretPath}: No such file or directory\n`,
-                );
-                // Then, throw an error to get the non-zero exit code. As this
-                // command is Polykey-specific, the code doesn't really matter
-                // that much.
-                throw new errors.ErrorPolykeyCLIEditSecret(
-                  'Failed to edit secret',
-                );
-              } else {
-                throw e;
+              for await (const chunk of response.readable) {
+                const type = chunk.type;
+                switch (type) {
+                  case 'SuccessMessage':
+                    exists = true;
+                    await fd.write(Buffer.from(chunk.secretContent, 'binary'));
+                    break;
+                  case 'ErrorMessage':
+                    switch (chunk.code) {
+                      case 'ENOENT':
+                        // Do nothing if we get ENOENT. We need a case to avoid
+                        // this value hitting the default case.
+                        break;
+                      case 'EISDIR':
+                        // First, write the inline error to standard error like
+                        // other secrets commands do.
+                        process.stderr.write(
+                          `edit: ${secretPath}: No such file or directory\n`,
+                        );
+                        // Then, throw an error to get the non-zero exit code.
+                        // As this command is Polykey-specific, the code doesn't
+                        // really matter that much.
+                        throw new errors.ErrorPolykeyCLIEditSecret(
+                          'The specified secret cannot be edited',
+                        );
+                      default:
+                        throw new errors.ErrorPolykeyCLIEditSecret(
+                          `Unexpected error value returned: ${chunk.code}`,
+                        );
+                    }
+                    break;
+                  default:
+                    never(
+                      `Expected "SuccessMessage" or "ContentMessage", got ${type}`,
+                    );
+                }
               }
+            } finally {
+              await fd.close();
+              if (!exists) await fs.promises.rm(tmpFile);
             }
             return exists;
           },
diff --git a/src/secrets/CommandMkdir.ts b/src/secrets/CommandMkdir.ts
@@ -72,13 +72,10 @@ class CommandMkdir extends CommandPolykey {
             first = false;
           }
           await writer.close();
-          // Print out incoming data to standard out, or incoming errors to
-          // standard error.
+          // Print out incoming errors to standard error.
           let hasErrored = false;
-          // TypeScript cannot properly perform type narrowing on this type, so
-          // the `as` keyword is used to help it out.
           for await (const result of response.readable) {
-            if (result.type === 'error') {
+            if (result.type === 'ErrorMessage') {
               hasErrored = true;
               switch (result.code) {
                 case 'ENOENT':
@@ -98,6 +95,8 @@ class CommandMkdir extends CommandPolykey {
                   throw result;
               }
             }
+            // No additional processing needs to be done if directory creation
+            // was successful.
           }
           return hasErrored;
         }, meta);
diff --git a/src/secrets/CommandRemove.ts b/src/secrets/CommandRemove.ts
@@ -79,7 +79,7 @@ class CommandRemove extends CommandPolykey {
           // Check if any errors were raised
           let hasErrored = false;
           for await (const result of response.readable) {
-            if (result.type === 'error') {
+            if (result.type === 'ErrorMessage') {
               hasErrored = true;
               switch (result.code) {
                 case 'ENOTEMPTY':
@@ -105,6 +105,8 @@ class CommandRemove extends CommandPolykey {
                   throw result;
               }
             }
+            // No additional processing needs to be done if file removal was
+            // successful.
           }
           return hasErrored;
         }, meta);
diff --git a/tests/utils/utils.ts b/tests/utils/utils.ts
@@ -88,43 +88,10 @@ async function nodesConnect(localNode: PolykeyAgent, remoteNode: PolykeyAgent) {
   );
 }
 
-// This regex defines a vault secret path that always includes the secret path
-const secretPathRegex = /^([\w-]+)(?::)([^\0\\=]+)$/;
-const secretPathWithoutEnvArb = fc.stringMatching(secretPathRegex).noShrink();
-const environmentVariableAre = fc
-  .stringMatching(binParsers.environmentVariableRegex)
-  .filter((v) => v.length > 0)
-  .noShrink();
-const secretPathWithEnvArb = fc
-  .tuple(secretPathWithoutEnvArb, environmentVariableAre)
-  .map((v) => v.join('='));
-const secretPathEnvArb = fc.oneof(
-  secretPathWithoutEnvArb,
-  secretPathWithEnvArb,
-);
-
-const secretPathEnvArrayArb = fc
-  .array(secretPathEnvArb, { minLength: 1, size: 'small' })
-  .noShrink();
-const cmdArgsArrayArb = fc
-  .array(fc.oneof(fc.string(), secretPathEnvArb, fc.constant('--')), {
-    size: 'small',
-  })
-  .noShrink();
-
 const vaultNameArb = fc
   .string({ minLength: 1, maxLength: 100 })
   .filter((str) => binParsers.vaultNameRegex.test(str))
   .filter((str) => !str.startsWith('-'))
   .noShrink();
 
-export {
-  testIf,
-  describeIf,
-  trackTimers,
-  nodesConnect,
-  secretPathEnvArb,
-  secretPathEnvArrayArb,
-  cmdArgsArrayArb,
-  vaultNameArb,
-};
+export { testIf, describeIf, trackTimers, nodesConnect, vaultNameArb };

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-sha256-lBwUiaE6pz8zn71siGtYVRIc0rKrNQn2nzE8Z2aLN+U=`
	`1`	`+sha256-+smJJF/RKH+OHQmb2BPqXlbHxmf5DNCOhl3Q7xQqT/U=`
Original file line number	Diff line number	Diff line change
`@@ -72,13 +72,10 @@ class CommandMkdir extends CommandPolykey {`
`72`	`72`	`first = false;`
`73`	`73`	`}`
`74`	`74`	`await writer.close();`
`75`		`- // Print out incoming data to standard out, or incoming errors to`
`76`		`- // standard error.`
	`75`	`+ // Print out incoming errors to standard error.`
`77`	`76`	`let hasErrored = false;`
`78`		`- // TypeScript cannot properly perform type narrowing on this type, so`
`79`		- // the `as` keyword is used to help it out.
`80`	`77`	`for await (const result of response.readable) {`
`81`		`- if (result.type === 'error') {`
	`78`	`+ if (result.type === 'ErrorMessage') {`
`82`	`79`	`hasErrored = true;`
`83`	`80`	`switch (result.code) {`
`84`	`81`	`case 'ENOENT':`
`@@ -98,6 +95,8 @@ class CommandMkdir extends CommandPolykey {`
`98`	`95`	`throw result;`
`99`	`96`	`}`
`100`	`97`	`}`
	`98`	`+ // No additional processing needs to be done if directory creation`
	`99`	`+ // was successful.`
`101`	`100`	`}`
`102`	`101`	`return hasErrored;`
`103`	`102`	`}, meta);`
Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ class CommandRemove extends CommandPolykey {`
`79`	`79`	`// Check if any errors were raised`
`80`	`80`	`let hasErrored = false;`
`81`	`81`	`for await (const result of response.readable) {`
`82`		`- if (result.type === 'error') {`
	`82`	`+ if (result.type === 'ErrorMessage') {`
`83`	`83`	`hasErrored = true;`
`84`	`84`	`switch (result.code) {`
`85`	`85`	`case 'ENOTEMPTY':`
`@@ -105,6 +105,8 @@ class CommandRemove extends CommandPolykey {`
`105`	`105`	`throw result;`
`106`	`106`	`}`
`107`	`107`	`}`
	`108`	`+ // No additional processing needs to be done if file removal was`
	`109`	`+ // successful.`
`108`	`110`	`}`
`109`	`111`	`return hasErrored;`
`110`	`112`	`}, meta);`