Add HIDE_API_TOKENS config and pass apiTokenConfig to ApiTokenServiceImpl to make token visibility configurable

Author: prakash100198

api/apiToken/wire_apiToken.go

@@ -26,6 +26,7 @@ var ApiTokenWireSet = wire.NewSet(
 	wire.Bind(new(apiToken.ApiTokenRepository), new(*apiToken.ApiTokenRepositoryImpl)),
 	apiToken.NewApiTokenServiceImpl,
 	wire.Bind(new(apiToken.ApiTokenService), new(*apiToken.ApiTokenServiceImpl)),
+	apiToken.GetApiTokenConfig,
 	NewApiTokenRestHandlerImpl,
 	wire.Bind(new(ApiTokenRestHandler), new(*ApiTokenRestHandlerImpl)),
 	NewApiTokenRouterImpl,

cmd/external-app/wire_gen.go

@@ -200,6 +200,7 @@
  | GRAFANA_PORT | string |8090 | Port for grafana micro-service |  | false |
  | GRAFANA_URL | string | | Host URL for the grafana dashboard |  | false |
  | GRAFANA_USERNAME | string |admin | Username for grafana  |  | false |
+ | HIDE_API_TOKENS | bool |false | Boolean flag for should the api tokens generated be hidden from the UI |  | false |
  | HIDE_IMAGE_TAGGING_HARD_DELETE | bool |false | Flag to hide the hard delete option in the image tagging service |  | false |
  | IGNORE_AUTOCOMPLETE_AUTH_CHECK | bool |false | flag for ignoring auth check in autocomplete apis. |  | false |
  | INSTALLED_MODULES |  | | List of installed modules given in helm values/yaml are written in cm and used by devtron to know which modules are given | security.trivy,security.clair | false |

env_gen.json

@@ -19,6 +19,7 @@ package apiToken
 import (
 	"errors"
 	"fmt"
+	"github.com/caarlos0/env"
 	userBean "github.com/devtron-labs/devtron/pkg/auth/user/bean"
 	"regexp"
 	"strconv"
@@ -48,19 +49,36 @@ type ApiTokenServiceImpl struct {
 	userService           user2.UserService
 	userAuditService      user2.UserAuditService
 	apiTokenRepository    ApiTokenRepository
+	apiTokenConfig        *ApiTokenConfig
 }
 
-func NewApiTokenServiceImpl(logger *zap.SugaredLogger, apiTokenSecretService ApiTokenSecretService, userService user2.UserService, userAuditService user2.UserAuditService,
-	apiTokenRepository ApiTokenRepository) *ApiTokenServiceImpl {
+func NewApiTokenServiceImpl(logger *zap.SugaredLogger,
+	apiTokenSecretService ApiTokenSecretService,
+	userService user2.UserService,
+	userAuditService user2.UserAuditService,
+	apiTokenRepository ApiTokenRepository,
+	apiTokenConfig *ApiTokenConfig,
+) *ApiTokenServiceImpl {
 	return &ApiTokenServiceImpl{
 		logger:                logger,
 		apiTokenSecretService: apiTokenSecretService,
 		userService:           userService,
 		userAuditService:      userAuditService,
 		apiTokenRepository:    apiTokenRepository,
+		apiTokenConfig:        apiTokenConfig,
 	}
 }
 
+type ApiTokenConfig struct {
+	HideApiTokens bool `env:"HIDE_API_TOKENS" envDefault:"false" description:"Boolean flag for should the api tokens generated be hidden from the UI"`
+}
+
+func GetApiTokenConfig() (*ApiTokenConfig, error) {
+	cfg := &ApiTokenConfig{}
+	err := env.Parse(cfg)
+	return cfg, err
+}
+
 var invalidCharsInApiTokenName = regexp.MustCompile("[,\\s]")
 
 const (
@@ -104,9 +122,11 @@ func (impl ApiTokenServiceImpl) GetAllApiTokensForWebhook(projectName string, en
 				Name:           &apiTokenFromDb.Name,
 				Description:    &apiTokenFromDb.Description,
 				ExpireAtInMs:   &apiTokenFromDb.ExpireAtInMs,
-				Token:          &apiTokenFromDb.Token,
 				UpdatedAt:      &updatedAtStr,
 			}
+			if !impl.apiTokenConfig.HideApiTokens {
+				apiToken.Token = &apiTokenFromDb.Token
+			}
 			apiTokens = append(apiTokens, apiToken)
 		}
 	}
@@ -140,9 +160,11 @@ func (impl ApiTokenServiceImpl) GetAllActiveApiTokens() ([]*openapi.ApiToken, er
 			Name:           &apiTokenFromDb.Name,
 			Description:    &apiTokenFromDb.Description,
 			ExpireAtInMs:   &apiTokenFromDb.ExpireAtInMs,
-			Token:          &apiTokenFromDb.Token,
 			UpdatedAt:      &updatedAtStr,
 		}
+		if !impl.apiTokenConfig.HideApiTokens {
+			apiToken.Token = &apiTokenFromDb.Token
+		}
 		if latestAuditLog != nil {
 			lastUsedAtStr := latestAuditLog.CreatedOn.String()
 			apiToken.LastUsedAt = &lastUsedAtStr