github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-14 03:26:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(core): extract shared dedup helpers

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-07 10:40:49 +00:00
parent 14c61bb33f
commit 3c71e2bd48
114 changed files with 3400 additions and 2040 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
src/secrets/resolve.ts
View File

@@ -127,6 +127,33 @@ function refResolutionError(params: {
return new SecretRefResolutionError(params);
}
function throwUnknownProviderResolutionError(params: {
source: SecretRefSource;
provider: string;
err: unknown;
}): never {
if (isSecretResolutionError(params.err)) {
throw params.err;
}
throw providerResolutionError({
source: params.source,
provider: params.provider,
message: describeUnknownError(params.err),
cause: params.err,
});
}
async function readFileStatOrThrow(pathname: string, label: string) {
const stat = await safeStat(pathname);
if (!stat.ok) {
throw new Error(`${label} is not readable: ${pathname}`);
}
if (stat.isDir) {
throw new Error(`${label} must be a file: ${pathname}`);
}
return stat;
}
function isAbsolutePathname(value: string): boolean {
return (
path.isAbsolute(value) ||
@@ -189,13 +216,7 @@ async function assertSecurePath(params: {
}
let effectivePath = params.targetPath;
let stat = await safeStat(effectivePath);
if (!stat.ok) {
throw new Error(`${params.label} is not readable: ${effectivePath}`);
}
if (stat.isDir) {
throw new Error(`${params.label} must be a file: ${effectivePath}`);
}
let stat = await readFileStatOrThrow(effectivePath, params.label);
if (stat.isSymlink) {
if (!params.allowSymlinkPath) {
throw new Error(`${params.label} must not be a symlink: ${effectivePath}`);
@@ -208,13 +229,7 @@ async function assertSecurePath(params: {
if (!isAbsolutePathname(effectivePath)) {
throw new Error(`${params.label} resolved symlink target must be an absolute path.`);
}
stat = await safeStat(effectivePath);
if (!stat.ok) {
throw new Error(`${params.label} is not readable: ${effectivePath}`);
}
if (stat.isDir) {
throw new Error(`${params.label} must be a file: ${effectivePath}`);
}
stat = await readFileStatOrThrow(effectivePath, params.label);
if (stat.isSymlink) {
throw new Error(`${params.label} symlink target must not be a symlink: ${effectivePath}`);
}
@@ -372,14 +387,10 @@ async function resolveFileRefs(params: {
cache: params.cache,
});
} catch (err) {
if (isSecretResolutionError(err)) {
throw err;
}
throw providerResolutionError({
throwUnknownProviderResolutionError({
source: "file",
provider: params.providerName,
message: describeUnknownError(err),
cause: err,
err,
});
}
const mode = params.providerConfig.mode ?? "json";
@@ -664,14 +675,10 @@ async function resolveExecRefs(params: {
allowSymlinkPath: params.providerConfig.allowSymlinkCommand,
});
} catch (err) {
if (isSecretResolutionError(err)) {
throw err;
}
throw providerResolutionError({
throwUnknownProviderResolutionError({
source: "exec",
provider: params.providerName,
message: describeUnknownError(err),
cause: err,
err,
});
}
@@ -724,14 +731,10 @@ async function resolveExecRefs(params: {
maxOutputBytes,
});
} catch (err) {
if (isSecretResolutionError(err)) {
throw err;
}
throw providerResolutionError({
throwUnknownProviderResolutionError({
source: "exec",
provider: params.providerName,
message: describeUnknownError(err),
cause: err,
err,
});
}
if (result.termination === "timeout") {
@@ -765,14 +768,10 @@ async function resolveExecRefs(params: {
jsonOnly,
});
} catch (err) {
if (isSecretResolutionError(err)) {
throw err;
}
throw providerResolutionError({
throwUnknownProviderResolutionError({
source: "exec",
provider: params.providerName,
message: describeUnknownError(err),
cause: err,
err,
});
}
const resolved = new Map<string, unknown>();
@@ -822,14 +821,10 @@ async function resolveProviderRefs(params: {
message: `Unsupported secret provider source "${String((params.providerConfig as { source?: unknown }).source)}".`,
});
} catch (err) {
if (isSecretResolutionError(err)) {
throw err;
}
throw providerResolutionError({
throwUnknownProviderResolutionError({
source: params.source,
provider: params.providerName,
message: describeUnknownError(err),
cause: err,
err,
});
}
}