Merge branch 'develop' of github.com:ansible-semaphore/semaphore into develop

Author: fiftin

api-docs.yml

@@ -1753,70 +1753,70 @@ paths:
           description: User updated
 
   # Invite management
-  /project/{project_id}/invites:
-    parameters:
-      - $ref: "#/parameters/project_id"
-    get:
-      tags:
-        - project
-      summary: Get invitations for project
-      parameters:
-        - name: sort
-          in: query
-          required: false
-          type: string
-          enum: [created, status, role]
-          description: sorting field
-          x-example: created
-        - name: order
-          in: query
-          required: false
-          type: string
-          enum: [asc, desc]
-          description: ordering manner
-          x-example: desc
-      responses:
-        200:
-          description: Project invitations
-          schema:
-            type: array
-            items:
-              $ref: "#/definitions/ProjectInvite"
-    post:
-      tags:
-        - project
-      summary: Create project invitation
-      parameters:
-        - name: Invite
-          in: body
-          required: true
-          schema:
-            $ref: "#/definitions/ProjectInviteRequest"
-      responses:
-        201:
-          description: Invitation created
-          schema:
-            $ref: "#/definitions/ProjectInvite"
-        400:
-          description: Bad request (invalid role, missing user_id/email, or both provided)
-        409:
-          description: User already a member or invitation already exists
-
-  /project/{project_id}/invites/{invite_id}:
-    parameters:
-      - $ref: "#/parameters/project_id"
-      - $ref: "#/parameters/invite_id"
-    get:
-      tags:
-        - project
-      summary: Get specific project invitation
-      responses:
-        200:
-          description: Project invitation
-          schema:
-            $ref: "#/definitions/ProjectInvite"
-        404:
-          description: Invitation not found
+#  /project/{project_id}/invites:
+#    parameters:
+#      - $ref: "#/parameters/project_id"
+#    get:
+#      tags:
+#        - project
+#      summary: Get invitations for project
+#      parameters:
+#        - name: sort
+#          in: query
+#          required: false
+#          type: string
+#          enum: [created, status, role]
+#          description: sorting field
+#          x-example: created
+#        - name: order
+#          in: query
+#          required: false
+#          type: string
+#          enum: [asc, desc]
+#          description: ordering manner
+#          x-example: desc
+#      responses:
+#        200:
+#          description: Project invitations
+#          schema:
+#            type: array
+#            items:
+#              $ref: "#/definitions/ProjectInvite"
+#    post:
+#      tags:
+#        - project
+#      summary: Create project invitation
+#      parameters:
+#        - name: Invite
+#          in: body
+#          required: true
+#          schema:
+#            $ref: "#/definitions/ProjectInviteRequest"
+#      responses:
+#        201:
+#          description: Invitation created
+#          schema:
+#            $ref: "#/definitions/ProjectInvite"
+#        400:
+#          description: Bad request (invalid role, missing user_id/email, or both provided)
+#        409:
+#          description: User already a member or invitation already exists
+#
+#  /project/{project_id}/invites/{invite_id}:
+#    parameters:
+#      - $ref: "#/parameters/project_id"
+#      - $ref: "#/parameters/invite_id"
+#    get:
+#      tags:
+#        - project
+#      summary: Get specific project invitation
+#      responses:
+#        200:
+#          description: Project invitation
+#          schema:
+#            $ref: "#/definitions/ProjectInvite"
+#        404:
+#          description: Invitation not found
 #    put:
 #      tags:
 #        - project

api/projects/keys.go

@@ -3,9 +3,10 @@ package projects
 import (
 	"errors"
 	"fmt"
-	"github.com/semaphoreui/semaphore/services/server"
 	"net/http"
 
+	"github.com/semaphoreui/semaphore/services/server"
+
 	"github.com/semaphoreui/semaphore/api/helpers"
 	"github.com/semaphoreui/semaphore/db"
 )
@@ -91,12 +92,12 @@ func (c *KeyController) AddKey(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := key.Validate(true); err != nil {
-		helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{
-			"error": err.Error(),
-		})
-		return
-	}
+	//if err := key.Validate(true); err != nil {
+	//	helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{
+	//		"error": err.Error(),
+	//	})
+	//	return
+	//}
 
 	newKey, err := c.accessKeyService.Create(key)
 

api/projects/secret_storages.go

@@ -2,10 +2,11 @@ package projects
 
 import (
 	"fmt"
+	"net/http"
+
 	"github.com/semaphoreui/semaphore/api/helpers"
 	"github.com/semaphoreui/semaphore/db"
 	"github.com/semaphoreui/semaphore/services/server"
-	"net/http"
 )
 
 type SecretStorageController struct {
@@ -21,14 +22,33 @@ func SecretStorageMiddleware(next http.Handler) http.Handler {
 			return
 		}
 
-		key, err := helpers.Store(r).GetSecretStorage(project.ID, storageID)
+		storage, err := helpers.Store(r).GetSecretStorage(project.ID, storageID)
+
+		if err != nil {
+			helpers.WriteError(w, err)
+			return
+		}
+
+		keys, err := helpers.Store(r).GetAccessKeys(project.ID, db.GetAccessKeyOptions{
+			Owner:     db.AccessKeySecretStorage,
+			StorageID: &storage.ID,
+		}, db.RetrieveQueryParams{})
 
 		if err != nil {
 			helpers.WriteError(w, err)
 			return
 		}
 
-		r = helpers.SetContextValue(r, "secretStorage", key)
+		if len(keys) == 0 {
+			helpers.WriteErrorStatus(w, "Access key not found", http.StatusNotFound)
+			return
+		}
+
+		if keys[0].SourceStorageKey != nil {
+			storage.SecretEnvironmentVariable = *keys[0].SourceStorageKey
+		}
+
+		r = helpers.SetContextValue(r, "secretStorage", storage)
 		next.ServeHTTP(w, r)
 	})
 }
@@ -157,5 +177,5 @@ func (c *SecretStorageController) Remove(w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	helpers.WriteJSON(w, http.StatusNoContent, nil)
+	w.WriteHeader(http.StatusNoContent)
 }

db/AccessKey.go

@@ -2,10 +2,6 @@ package db
 
 import (
 	"fmt"
-	//"github.com/semaphoreui/semaphore/pkg/ssh"
-	//"github.com/semaphoreui/semaphore/pkg/random"
-	//"github.com/semaphoreui/semaphore/pkg/ssh"
-	//"path"
 )
 
 type AccessKeyType string
@@ -18,10 +14,10 @@ const (
 	AccessKeyString        AccessKeyType = "string"
 )
 const (
-	AccessKeyEnvironment AccessKeyOwner = "environment"
-	AccessKeyVariable    AccessKeyOwner = "variable"
-	AccessKeyVault       AccessKeyOwner = "vault"
-	AccessKeyShared      AccessKeyOwner = ""
+	AccessKeyEnvironment   AccessKeyOwner = "environment"
+	AccessKeyVariable      AccessKeyOwner = "variable"
+	AccessKeySecretStorage AccessKeyOwner = "vault"
+	AccessKeyShared        AccessKeyOwner = ""
 )
 
 // AccessKey represents a key used to access a machine with ansible from semaphore
@@ -106,3 +102,7 @@ func (key *AccessKey) Validate(validateSecretFields bool) error {
 
 	return nil
 }
+
+func (key *AccessKey) IsEnvironmentVariable() bool {
+	return key.SourceStorageID == nil && key.SourceStorageKey != nil
+}

db/SecretStorage.go

@@ -16,5 +16,6 @@ type SecretStorage struct {
 	Params    MapStringAnyField `db:"params" json:"params"`
 	ReadOnly  bool              `db:"readonly" json:"readonly"`
 
-	Secret string `db:"-" json:"secret,omitempty" backup:"-"`
+	Secret                    string `db:"-" json:"secret,omitempty" backup:"-"`
+	SecretEnvironmentVariable string `db:"-" json:"secret_environment_variable,omitempty" backup:"-"`
 }

db/sql/access_key.go

@@ -2,6 +2,7 @@ package sql
 
 import (
 	"database/sql"
+
 	"github.com/Masterminds/squirrel"
 	"github.com/semaphoreui/semaphore/db"
 )
@@ -30,7 +31,7 @@ func (d *SqlDb) GetAccessKeys(projectID int, options db.GetAccessKeyOptions, par
 		switch options.Owner {
 		case db.AccessKeyVariable, db.AccessKeyEnvironment:
 			q = q.Where(squirrel.Eq{"pe.environment_id": *options.EnvironmentID})
-		case db.AccessKeyVault:
+		case db.AccessKeySecretStorage:
 			q = q.Where(squirrel.Eq{"pe.storage_id": options.StorageID})
 		}
 	}
@@ -59,12 +60,6 @@ func (d *SqlDb) UpdateAccessKey(key db.AccessKey) error {
 		return err
 	}
 
-	//err = key.SerializeSecret()
-	//
-	//if err != nil {
-	//	return err
-	//}
-
 	var res sql.Result
 
 	var args []any