ba1966f17c
* feat: add encrypted account-level secrets with UI for adding API keys Adds AccountSecret model with AES-256-GCM encryption, API routes for CRUD, "Add secret" button in model costs section, and injects decrypted secrets into action env (YAML secrets take precedence). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * feat: repo secrets, sidebar icons, lazy learnings history - add repo-level secrets with inheritance from org secrets - add icons to console sidebar sections - fix learnings history modal: lazy fetch with hover prefetch, strip content from list response, load content per-expansion Made-with: Cursor * add input validation bounds for secrets and fix client-side name filter Made-with: Cursor * refactor: migrate all client-side data fetching to TanStack Query Replace manual useState/useEffect/fetch patterns and the custom usePolling hook with useQuery, useInfiniteQuery, and useMutation across the entire frontend for consistent caching, background refetching, and reactive invalidation. - ActiveWorkflowRunsSection: useQuery + refetchInterval - WorkflowRunHistory: useInfiniteQuery + polling query - LearningsSection: useQuery per revision (lazy) - FlagsSettings: self-contained useQuery + useMutation - SecretsCard: useMutation for delete - AddWorkflowButton, VerifyWorkflowButton: useMutation - EmailSignupForm, email-waitlist: useMutation - providers.tsx: enable refetchOnWindowFocus - Delete usePolling.ts (no remaining consumers) Made-with: Cursor * address PR review: squash migrations, rename accountSecrets → dbSecrets Squash the two separate secrets migrations into a single migration. Rename the wire format field from accountSecrets to dbSecrets since it now carries merged account + repo secrets. Made-with: Cursor * fix: update proxyKeys.ts imports after cache.ts -> yes package migration Made-with: Cursor --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
53 lines
1.5 KiB
TypeScript
53 lines
1.5 KiB
TypeScript
import type { Octokit } from "@octokit/rest";
|
|
import packageJson from "../package.json" with { type: "json" };
|
|
import { log } from "./cli.ts";
|
|
import { type OctokitWithPlugins, parseRepoContext } from "./github.ts";
|
|
import { fetchRunContext, type RepoSettings } from "./runContext.ts";
|
|
|
|
export interface RunContextData {
|
|
repo: {
|
|
owner: string;
|
|
name: string;
|
|
data: Awaited<ReturnType<Octokit["repos"]["get"]>>["data"];
|
|
};
|
|
repoSettings: RepoSettings;
|
|
apiToken: string;
|
|
oss: boolean;
|
|
proxyModel?: string | undefined;
|
|
dbSecrets?: Record<string, string> | undefined;
|
|
}
|
|
|
|
interface ResolveRunContextDataParams {
|
|
octokit: OctokitWithPlugins;
|
|
token: string;
|
|
}
|
|
|
|
/**
|
|
* initialize run context data: parse context, fetch repo info and settings
|
|
*/
|
|
export async function resolveRunContextData(
|
|
params: ResolveRunContextDataParams
|
|
): Promise<RunContextData> {
|
|
log.info(`» running Pullfrog v${packageJson.version}...`);
|
|
|
|
const repoContext = parseRepoContext();
|
|
|
|
const [repoResponse, runContext] = await Promise.all([
|
|
params.octokit.repos.get({ owner: repoContext.owner, repo: repoContext.name }),
|
|
fetchRunContext({ token: params.token, repoContext }),
|
|
]);
|
|
|
|
return {
|
|
repo: {
|
|
owner: repoContext.owner,
|
|
name: repoContext.name,
|
|
data: repoResponse.data,
|
|
},
|
|
repoSettings: runContext.settings,
|
|
apiToken: runContext.apiToken,
|
|
oss: runContext.oss,
|
|
proxyModel: runContext.proxyModel,
|
|
dbSecrets: runContext.dbSecrets,
|
|
};
|
|
}
|