From 040dd2d5273887591c10e6607fbe54395dadca70 Mon Sep 17 00:00:00 2001 From: logikonline Date: Tue, 20 Jan 2026 01:04:05 -0500 Subject: [PATCH] feat(vault): add configuration status warnings for admins Displays a warning message to admins when vault master key is not configured. Adds ConfigurablePlugin interface for plugins to report configuration status, and implements IsConfigured() and GetConfigurationError() service methods. Warning appears on vault pages with instructions to add MASTER_KEY to app.ini. --- options/locale/locale_cs-CZ.json | 3 ++ options/locale/locale_de-DE.json | 3 ++ options/locale/locale_el-GR.json | 3 ++ options/locale/locale_en-US.json | 5 ++- options/locale/locale_es-ES.json | 5 ++- options/locale/locale_fa-IR.json | 3 ++ options/locale/locale_fi-FI.json | 3 ++ options/locale/locale_fr-FR.json | 3 ++ options/locale/locale_ga-IE.json | 3 ++ options/locale/locale_hi-IN.json | 3 ++ options/locale/locale_hu-HU.json | 3 ++ options/locale/locale_id-ID.json | 3 ++ options/locale/locale_is-IS.json | 3 ++ options/locale/locale_it-IT.json | 3 ++ options/locale/locale_ja-JP.json | 3 ++ options/locale/locale_ko-KR.json | 3 ++ options/locale/locale_lv-LV.json | 3 ++ options/locale/locale_nl-NL.json | 3 ++ options/locale/locale_pl-PL.json | 3 ++ options/locale/locale_pt-BR.json | 3 ++ options/locale/locale_pt-PT.json | 3 ++ options/locale/locale_ru-RU.json | 3 ++ options/locale/locale_si-LK.json | 3 ++ options/locale/locale_sk-SK.json | 3 ++ options/locale/locale_sv-SE.json | 3 ++ options/locale/locale_tr-TR.json | 3 ++ options/locale/locale_uk-UA.json | 3 ++ options/locale/locale_zh-CN.json | 3 ++ options/locale/locale_zh-TW.json | 3 ++ routers/web/repo/vault/vault.go | 4 ++ services/vault/vault.go | 64 +++++++++++++++++++++++++------- templates/repo/vault/list.tmpl | 10 +++++ 32 files changed, 154 insertions(+), 15 deletions(-) diff --git a/options/locale/locale_cs-CZ.json b/options/locale/locale_cs-CZ.json index b73547461a..457960af8a 100644 --- a/options/locale/locale_cs-CZ.json +++ b/options/locale/locale_cs-CZ.json @@ -3385,6 +3385,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Trezor není nakonfigurován", + "vault.config_error_message": "Šifrovací klíč trezoru není nakonfigurován. Tajné údaje nelze vytvářet ani k nim přistupovat, dokud nebude tento problém vyřešen.", + "vault.config_error_fix": "Pro opravu přidejte MASTER_KEY do sekce [vault] v konfiguračním souboru app.ini.", "repo.ai.features": "Funkce AI", "repo.ai.request_code_review": "AI Kontrola kódu", "repo.ai.code_review_description": "Získejte zpětnou vazbu poháněnou AI pro tento pull request", diff --git a/options/locale/locale_de-DE.json b/options/locale/locale_de-DE.json index 104352e6cb..b68c42b1fc 100644 --- a/options/locale/locale_de-DE.json +++ b/options/locale/locale_de-DE.json @@ -4255,6 +4255,9 @@ "vault.max_versions": "Max. Versionen", "vault.audit_retention": "Audit-Aufbewahrung", "vault.unlimited": "Unbegrenzt", + "vault.config_error_title": "Vault nicht konfiguriert", + "vault.config_error_message": "Der Vault-Verschlüsselungsschlüssel ist nicht konfiguriert. Geheimnisse können nicht erstellt oder abgerufen werden, bis dies behoben ist.", + "vault.config_error_fix": "Um dies zu beheben, fügen Sie einen MASTER_KEY zum Abschnitt [vault] in Ihrer app.ini-Konfigurationsdatei hinzu.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_el-GR.json b/options/locale/locale_el-GR.json index 47a489f52a..1652af8772 100644 --- a/options/locale/locale_el-GR.json +++ b/options/locale/locale_el-GR.json @@ -3079,6 +3079,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Το Vault δεν έχει ρυθμιστεί", + "vault.config_error_message": "Το κλειδί κρυπτογράφησης του vault δεν έχει ρυθμιστεί. Τα μυστικά δεν μπορούν να δημιουργηθούν ή να προσπελαστούν μέχρι να επιλυθεί αυτό.", + "vault.config_error_fix": "Για να το διορθώσετε, προσθέστε ένα MASTER_KEY στην ενότητα [vault] στο αρχείο ρυθμίσεων app.ini.", "repo.ai.features": "Λειτουργίες AI", "repo.ai.request_code_review": "Έλεγχος Κώδικα AI", "repo.ai.code_review_description": "Λάβετε ανατροφοδότηση με τεχνητή νοημοσύνη για αυτό το pull request", diff --git a/options/locale/locale_en-US.json b/options/locale/locale_en-US.json index 9ad60d7724..538e594d9c 100644 --- a/options/locale/locale_en-US.json +++ b/options/locale/locale_en-US.json @@ -4316,5 +4316,8 @@ "vault.max_secrets": "Max Secrets", "vault.max_versions": "Max Versions", "vault.audit_retention": "Audit Retention", - "vault.unlimited": "Unlimited" + "vault.unlimited": "Unlimited", + "vault.config_error_title": "Vault Not Configured", + "vault.config_error_message": "The vault encryption key is not configured. Secrets cannot be created or accessed until this is resolved.", + "vault.config_error_fix": "To fix this, add a MASTER_KEY to the [vault] section in your app.ini configuration file." } \ No newline at end of file diff --git a/options/locale/locale_es-ES.json b/options/locale/locale_es-ES.json index fd8b6d666a..1df2aef027 100644 --- a/options/locale/locale_es-ES.json +++ b/options/locale/locale_es-ES.json @@ -3887,5 +3887,8 @@ "repo.settings.gallery_caption_placeholder": "Añadir descripción...", "repo.settings.gallery_error": "Error al procesar la imagen de la galería.", "repo.settings.gallery_size_error": "La imagen debe ser menor a 5MB.", - "repo.settings.gallery_delete_confirm": "¿Estás seguro de que deseas eliminar esta imagen?" + "repo.settings.gallery_delete_confirm": "¿Estás seguro de que deseas eliminar esta imagen?", + "vault.config_error_title": "Bóveda No Configurada", + "vault.config_error_message": "La clave de cifrado de la bóveda no está configurada. Los secretos no pueden ser creados ni accedidos hasta que esto se resuelva.", + "vault.config_error_fix": "Para solucionar esto, agregue una MASTER_KEY a la sección [vault] en su archivo de configuración app.ini." } \ No newline at end of file diff --git a/options/locale/locale_fa-IR.json b/options/locale/locale_fa-IR.json index ae32570201..b4e55cf8dd 100644 --- a/options/locale/locale_fa-IR.json +++ b/options/locale/locale_fa-IR.json @@ -2307,6 +2307,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "صندوق پیکربندی نشده است", + "vault.config_error_message": "کلید رمزنگاری صندوق پیکربندی نشده است. تا زمان رفع این مشکل، امکان ایجاد یا دسترسی به اسرار وجود ندارد.", + "vault.config_error_fix": "برای رفع این مشکل، یک MASTER_KEY به بخش [vault] در فایل پیکربندی app.ini خود اضافه کنید.", "repo.ai.features": "ویژگی‌های هوش مصنوعی", "repo.ai.request_code_review": "بررسی کد هوش مصنوعی", "repo.ai.code_review_description": "بازخورد مبتنی بر هوش مصنوعی برای این درخواست ادغام دریافت کنید", diff --git a/options/locale/locale_fi-FI.json b/options/locale/locale_fi-FI.json index 2f9eccce7b..073472a383 100644 --- a/options/locale/locale_fi-FI.json +++ b/options/locale/locale_fi-FI.json @@ -1553,6 +1553,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Holvia ei ole määritetty", + "vault.config_error_message": "Holvin salausavainta ei ole määritetty. Salaisuuksia ei voi luoda tai käyttää ennen kuin tämä on ratkaistu.", + "vault.config_error_fix": "Korjaa tämä lisäämällä MASTER_KEY [vault]-osioon app.ini-asetustiedostossa.", "repo.ai.features": "Tekoälyominaisuudet", "repo.ai.request_code_review": "Tekoälyn koodikatselmus", "repo.ai.code_review_description": "Hanki tekoälyllä tehostettu palaute tähän pull requestiin", diff --git a/options/locale/locale_fr-FR.json b/options/locale/locale_fr-FR.json index 4c77c06a3f..288bca5cf1 100644 --- a/options/locale/locale_fr-FR.json +++ b/options/locale/locale_fr-FR.json @@ -4193,6 +4193,9 @@ "vault.max_versions": "Max. versions", "vault.audit_retention": "Rétention d'audit", "vault.unlimited": "Illimité", + "vault.config_error_title": "Coffre-fort non configuré", + "vault.config_error_message": "La clé de chiffrement du coffre-fort n'est pas configurée. Les secrets ne peuvent pas être créés ou consultés tant que ce problème n'est pas résolu.", + "vault.config_error_fix": "Pour résoudre ce problème, ajoutez une MASTER_KEY à la section [vault] de votre fichier de configuration app.ini.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_ga-IE.json b/options/locale/locale_ga-IE.json index 767a4453c5..e27a8e4457 100644 --- a/options/locale/locale_ga-IE.json +++ b/options/locale/locale_ga-IE.json @@ -3776,6 +3776,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Strus Gan Cumraíocht", + "vault.config_error_message": "Níl an eochair criptithe struis cumraithe. Ní féidir rúin a chruthú nó rochtain a fháil orthu go dtí go réitítear é seo.", + "vault.config_error_fix": "Chun é seo a réiteach, cuir MASTER_KEY leis an roinn [vault] i do chomhad cumraíochta app.ini.", "repo.ai.features": "Gnéithe AI", "repo.ai.request_code_review": "Athbhreithniú Cód AI", "repo.ai.code_review_description": "Faigh aiseolas cumhachtaithe ag AI ar an iarratas tarraingte seo", diff --git a/options/locale/locale_hi-IN.json b/options/locale/locale_hi-IN.json index 84aa6f7da7..85575c5c4d 100644 --- a/options/locale/locale_hi-IN.json +++ b/options/locale/locale_hi-IN.json @@ -4254,6 +4254,9 @@ "vault.max_versions": "Max Versions", "vault.audit_retention": "Audit Retention", "vault.unlimited": "Unlimited", + "vault.config_error_title": "वॉल्ट कॉन्फ़िगर नहीं है", + "vault.config_error_message": "वॉल्ट एन्क्रिप्शन कुंजी कॉन्फ़िगर नहीं है। इसे हल किए जाने तक सीक्रेट्स बनाए या एक्सेस नहीं किए जा सकते।", + "vault.config_error_fix": "इसे ठीक करने के लिए, अपनी app.ini कॉन्फ़िगरेशन फ़ाइल में [vault] अनुभाग में एक MASTER_KEY जोड़ें।", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_hu-HU.json b/options/locale/locale_hu-HU.json index 193c45765c..c18c342939 100644 --- a/options/locale/locale_hu-HU.json +++ b/options/locale/locale_hu-HU.json @@ -1462,6 +1462,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "A trezor nincs konfigurálva", + "vault.config_error_message": "A trezor titkosítási kulcsa nincs beállítva. A titkok nem hozhatók létre és nem érhetők el, amíg ez nem kerül megoldásra.", + "vault.config_error_fix": "A javításhoz adjon hozzá egy MASTER_KEY-t az app.ini konfigurációs fájl [vault] szakaszához.", "repo.ai.features": "AI funkciók", "repo.ai.request_code_review": "AI kódellenőrzés", "repo.ai.code_review_description": "AI-alapú visszajelzés kérése ehhez a pull requesthez", diff --git a/options/locale/locale_id-ID.json b/options/locale/locale_id-ID.json index 1427f85b3f..bcfbf47f6e 100644 --- a/options/locale/locale_id-ID.json +++ b/options/locale/locale_id-ID.json @@ -1277,6 +1277,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Vault Tidak Dikonfigurasi", + "vault.config_error_message": "Kunci enkripsi vault tidak dikonfigurasi. Rahasia tidak dapat dibuat atau diakses sampai masalah ini diselesaikan.", + "vault.config_error_fix": "Untuk memperbaiki ini, tambahkan MASTER_KEY ke bagian [vault] di file konfigurasi app.ini Anda.", "repo.ai.features": "Fitur AI", "repo.ai.request_code_review": "Tinjauan Kode AI", "repo.ai.code_review_description": "Dapatkan umpan balik bertenaga AI untuk pull request ini", diff --git a/options/locale/locale_is-IS.json b/options/locale/locale_is-IS.json index b450ebe30f..78b9ef1a4f 100644 --- a/options/locale/locale_is-IS.json +++ b/options/locale/locale_is-IS.json @@ -1194,6 +1194,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Hólf ekki stillt", + "vault.config_error_message": "Dulkóðunarlykill hólfsins er ekki stilltur. Ekki er hægt að búa til eða nálgast leyndarmál fyrr en þetta er leyst.", + "vault.config_error_fix": "Til að laga þetta, bættu við MASTER_KEY í [vault] hlutann í app.ini stillingaskránni.", "repo.ai.features": "Gervigreindareiginleikar", "repo.ai.request_code_review": "Gervigreind kóðayfirferð", "repo.ai.code_review_description": "Fáðu endurgjöf knúna af gervigreind á þessa pull request", diff --git a/options/locale/locale_it-IT.json b/options/locale/locale_it-IT.json index 03194aafa1..c9749f2a37 100644 --- a/options/locale/locale_it-IT.json +++ b/options/locale/locale_it-IT.json @@ -3293,6 +3293,9 @@ "vault.max_versions": "Max. versioni", "vault.audit_retention": "Conservazione audit", "vault.unlimited": "Illimitato", + "vault.config_error_title": "Vault Non Configurato", + "vault.config_error_message": "La chiave di crittografia del vault non e configurata. I segreti non possono essere creati o accessibili finche questo problema non viene risolto.", + "vault.config_error_fix": "Per risolvere, aggiungi una MASTER_KEY alla sezione [vault] nel file di configurazione app.ini.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_ja-JP.json b/options/locale/locale_ja-JP.json index 7e7c2b638f..8932b639d7 100644 --- a/options/locale/locale_ja-JP.json +++ b/options/locale/locale_ja-JP.json @@ -4237,6 +4237,9 @@ "vault.max_versions": "最大バージョン数", "vault.audit_retention": "監査保持期間", "vault.unlimited": "無制限", + "vault.config_error_title": "Vaultが設定されていません", + "vault.config_error_message": "Vault暗号化キーが設定されていません。この問題が解決されるまで、シークレットの作成やアクセスはできません。", + "vault.config_error_fix": "この問題を解決するには、app.ini設定ファイルの[vault]セクションにMASTER_KEYを追加してください。", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_ko-KR.json b/options/locale/locale_ko-KR.json index 8de5424cd3..1041ace068 100644 --- a/options/locale/locale_ko-KR.json +++ b/options/locale/locale_ko-KR.json @@ -2252,6 +2252,9 @@ "vault.max_versions": "최대 버전", "vault.audit_retention": "감사 보존", "vault.unlimited": "무제한", + "vault.config_error_title": "Vault 구성되지 않음", + "vault.config_error_message": "Vault 암호화 키가 구성되지 않았습니다. 이 문제가 해결될 때까지 시크릿을 생성하거나 접근할 수 없습니다.", + "vault.config_error_fix": "이 문제를 해결하려면 app.ini 구성 파일의 [vault] 섹션에 MASTER_KEY를 추가하세요.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_lv-LV.json b/options/locale/locale_lv-LV.json index dab17d7f70..293af7e400 100644 --- a/options/locale/locale_lv-LV.json +++ b/options/locale/locale_lv-LV.json @@ -3121,6 +3121,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Seifs nav konfigurēts", + "vault.config_error_message": "Seifa šifrēšanas atslēga nav konfigurēta. Noslēpumus nevar izveidot vai piekļūt tiem, kamēr tas nav atrisināts.", + "vault.config_error_fix": "Lai to novērstu, pievienojiet MASTER_KEY sadaļai [vault] savā app.ini konfigurācijas failā.", "repo.ai.features": "AI funkcijas", "repo.ai.request_code_review": "AI koda pārskats", "repo.ai.code_review_description": "Saņemiet AI atbalstītu atgriezenisko saiti par šo pull request", diff --git a/options/locale/locale_nl-NL.json b/options/locale/locale_nl-NL.json index fcde6ba4dc..8124cc5c4b 100644 --- a/options/locale/locale_nl-NL.json +++ b/options/locale/locale_nl-NL.json @@ -2178,6 +2178,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Kluis niet geconfigureerd", + "vault.config_error_message": "De versleutelingssleutel van de kluis is niet geconfigureerd. Geheimen kunnen niet worden aangemaakt of geopend totdat dit is opgelost.", + "vault.config_error_fix": "Om dit op te lossen, voeg een MASTER_KEY toe aan de [vault] sectie in uw app.ini configuratiebestand.", "repo.ai.features": "AI-functies", "repo.ai.request_code_review": "AI Code Review", "repo.ai.code_review_description": "Ontvang AI-aangedreven feedback op deze pull request", diff --git a/options/locale/locale_pl-PL.json b/options/locale/locale_pl-PL.json index 571580f042..28e573ac6d 100644 --- a/options/locale/locale_pl-PL.json +++ b/options/locale/locale_pl-PL.json @@ -2193,6 +2193,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Sejf nie jest skonfigurowany", + "vault.config_error_message": "Klucz szyfrowania sejfu nie jest skonfigurowany. Sekrety nie mogą być tworzone ani dostępne, dopóki to nie zostanie rozwiązane.", + "vault.config_error_fix": "Aby to naprawić, dodaj MASTER_KEY do sekcji [vault] w pliku konfiguracyjnym app.ini.", "repo.ai.features": "Funkcje AI", "repo.ai.request_code_review": "Przegląd kodu AI", "repo.ai.code_review_description": "Uzyskaj informacje zwrotne od AI dla tego pull requesta", diff --git a/options/locale/locale_pt-BR.json b/options/locale/locale_pt-BR.json index 75860c02f8..51fc0833fa 100644 --- a/options/locale/locale_pt-BR.json +++ b/options/locale/locale_pt-BR.json @@ -4035,6 +4035,9 @@ "vault.max_versions": "Máx. versões", "vault.audit_retention": "Retenção de auditoria", "vault.unlimited": "Ilimitado", + "vault.config_error_title": "Vault Não Configurado", + "vault.config_error_message": "A chave de criptografia do vault não está configurada. Os segredos não podem ser criados ou acessados até que isso seja resolvido.", + "vault.config_error_fix": "Para corrigir isso, adicione uma MASTER_KEY na seção [vault] do seu arquivo de configuração app.ini.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_pt-PT.json b/options/locale/locale_pt-PT.json index b6c1442688..c44922fde2 100644 --- a/options/locale/locale_pt-PT.json +++ b/options/locale/locale_pt-PT.json @@ -3805,6 +3805,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Cofre Não Configurado", + "vault.config_error_message": "A chave de encriptação do cofre não está configurada. Os segredos não podem ser criados ou acedidos até que isto seja resolvido.", + "vault.config_error_fix": "Para resolver isto, adicione uma MASTER_KEY à secção [vault] no seu ficheiro de configuração app.ini.", "repo.ai.features": "Funcionalidades de IA", "repo.ai.request_code_review": "Revisão de código com IA", "repo.ai.code_review_description": "Obtenha feedback baseado em IA sobre alterações de código, incluindo sugestões de segurança e estilo.", diff --git a/options/locale/locale_ru-RU.json b/options/locale/locale_ru-RU.json index 63f27327c6..989f8658e4 100644 --- a/options/locale/locale_ru-RU.json +++ b/options/locale/locale_ru-RU.json @@ -3856,6 +3856,9 @@ "vault.max_versions": "Макс. версий", "vault.audit_retention": "Хранение аудита", "vault.unlimited": "Неограниченно", + "vault.config_error_title": "Хранилище не настроено", + "vault.config_error_message": "Ключ шифрования хранилища не настроен. Секреты не могут быть созданы или доступны, пока это не будет исправлено.", + "vault.config_error_fix": "Чтобы исправить это, добавьте MASTER_KEY в раздел [vault] в конфигурационном файле app.ini.", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_si-LK.json b/options/locale/locale_si-LK.json index 9d20943895..a2735345de 100644 --- a/options/locale/locale_si-LK.json +++ b/options/locale/locale_si-LK.json @@ -2268,6 +2268,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Vault වින්‍යාස කර නැත", + "vault.config_error_message": "Vault සංකේතන යතුර වින්‍යාස කර නැත. මෙය විසඳන තුරු රහස් සෑදීම හෝ ප්‍රවේශ වීම කළ නොහැක.", + "vault.config_error_fix": "මෙය නිවැරදි කිරීමට, ඔබගේ app.ini වින්‍යාස ගොනුවේ [vault] කොටසට MASTER_KEY එකතු කරන්න.", "repo.ai.features": "AI විශේෂාංග", "repo.ai.request_code_review": "AI කේත සමාලෝචනය", "repo.ai.code_review_description": "මෙම pull request සඳහා AI බලගැන්වූ ප්‍රතිපෝෂණ ලබා ගන්න", diff --git a/options/locale/locale_sk-SK.json b/options/locale/locale_sk-SK.json index ea2c3fb069..a0aacfd974 100644 --- a/options/locale/locale_sk-SK.json +++ b/options/locale/locale_sk-SK.json @@ -1239,6 +1239,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Trezor nie je nakonfigurovaný", + "vault.config_error_message": "Šifrovací kľúč trezoru nie je nakonfigurovaný. Tajomstvá nie je možné vytvárať ani pristupovať k nim, kým sa to nevyrieši.", + "vault.config_error_fix": "Ak to chcete opraviť, pridajte MASTER_KEY do sekcie [vault] vo vašom konfiguračnom súbore app.ini.", "repo.ai.features": "Funkcie AI", "repo.ai.request_code_review": "AI kontrola kódu", "repo.ai.code_review_description": "Získajte spätnú väzbu poháňanú AI pre tento pull request", diff --git a/options/locale/locale_sv-SE.json b/options/locale/locale_sv-SE.json index 06d73a1671..598a24005b 100644 --- a/options/locale/locale_sv-SE.json +++ b/options/locale/locale_sv-SE.json @@ -1812,6 +1812,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Valvet Inte Konfigurerat", + "vault.config_error_message": "Valvets krypteringsnyckel är inte konfigurerad. Hemligheter kan inte skapas eller nås förrän detta är löst.", + "vault.config_error_fix": "För att åtgärda detta, lägg till en MASTER_KEY i [vault]-sektionen i din app.ini-konfigurationsfil.", "repo.ai.features": "AI-funktioner", "repo.ai.request_code_review": "AI-kodgranskning", "repo.ai.code_review_description": "Få AI-driven feedback på denna pull request", diff --git a/options/locale/locale_tr-TR.json b/options/locale/locale_tr-TR.json index 0ff731cb5a..2eb9bacc70 100644 --- a/options/locale/locale_tr-TR.json +++ b/options/locale/locale_tr-TR.json @@ -3742,6 +3742,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Kasa Yapılandırılmadı", + "vault.config_error_message": "Kasa şifreleme anahtarı yapılandırılmamış. Bu sorun çözülene kadar gizli anahtarlar oluşturulamaz veya erişilemez.", + "vault.config_error_fix": "Bunu düzeltmek için app.ini yapılandırma dosyanızdaki [vault] bölümüne bir MASTER_KEY ekleyin.", "repo.ai.features": "Yapay Zeka Özellikleri", "repo.ai.request_code_review": "Yapay Zeka Kod İncelemesi", "repo.ai.code_review_description": "Bu pull request için yapay zeka destekli geri bildirim alın", diff --git a/options/locale/locale_uk-UA.json b/options/locale/locale_uk-UA.json index ec7631ae51..0d415ce2b9 100644 --- a/options/locale/locale_uk-UA.json +++ b/options/locale/locale_uk-UA.json @@ -3276,6 +3276,9 @@ "repo.vault.version_limit_info": "Solo tier keeps the last %d versions. Upgrade to Pro for unlimited version history.", "repo.vault.token_limit_info": "Solo tier allows %d active token(s) with %dh max TTL (read-only). Upgrade to Pro for unlimited tokens.", "repo.vault.unlimited": "Unlimited", + "vault.config_error_title": "Сховище Не Налаштовано", + "vault.config_error_message": "Ключ шифрування сховища не налаштовано. Секрети не можуть бути створені або доступні, поки це не буде вирішено.", + "vault.config_error_fix": "Щоб виправити це, додайте MASTER_KEY до розділу [vault] у вашому файлі конфігурації app.ini.", "repo.ai.features": "Функції ШІ", "repo.ai.request_code_review": "ШІ Огляд Коду", "repo.ai.code_review_description": "Отримати відгук на цей pull request за допомогою ШІ", diff --git a/options/locale/locale_zh-CN.json b/options/locale/locale_zh-CN.json index 0e34d6803e..fd4e04d4fd 100644 --- a/options/locale/locale_zh-CN.json +++ b/options/locale/locale_zh-CN.json @@ -4255,6 +4255,9 @@ "vault.max_versions": "最大版本数", "vault.audit_retention": "审计保留", "vault.unlimited": "无限制", + "vault.config_error_title": "Vault 未配置", + "vault.config_error_message": "Vault 加密密钥未配置。在此问题解决之前,无法创建或访问密钥。", + "vault.config_error_fix": "要解决此问题,请在 app.ini 配置文件的 [vault] 部分添加 MASTER_KEY。", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/options/locale/locale_zh-TW.json b/options/locale/locale_zh-TW.json index bfe2e38ac8..eb5abe0700 100644 --- a/options/locale/locale_zh-TW.json +++ b/options/locale/locale_zh-TW.json @@ -4163,6 +4163,9 @@ "vault.max_versions": "最大版本數", "vault.audit_retention": "稽核保留", "vault.unlimited": "無限制", + "vault.config_error_title": "Vault 未設定", + "vault.config_error_message": "Vault 加密金鑰未設定。在此問題解決之前,無法建立或存取機密資訊。", + "vault.config_error_fix": "若要修正此問題,請在您的 app.ini 設定檔的 [vault] 區段中新增 MASTER_KEY。", "org.settings.license": "License", "org.settings.license_type": "Organization License", "org.settings.license_help": "Set a license for your organization. This will be stored in your .profile repository.", diff --git a/routers/web/repo/vault/vault.go b/routers/web/repo/vault/vault.go index 2044c2585d..7293f9be9a 100644 --- a/routers/web/repo/vault/vault.go +++ b/routers/web/repo/vault/vault.go @@ -69,6 +69,10 @@ func setVaultLicenseData(ctx *context.Context) { ctx.Data["HasUnlimitedTokens"] = vault_service.HasUnlimitedTokens() ctx.Data["MaxTokenTTLHours"] = vault_service.GetMaxTokenTTLHours() ctx.Data["TokensReadOnly"] = vault_service.AreTokensReadOnly() + + // Configuration status (for admin warnings) + ctx.Data["VaultConfigured"] = vault_service.IsConfigured() + ctx.Data["VaultConfigError"] = vault_service.GetConfigurationError() } // List displays the vault secrets list diff --git a/services/vault/vault.go b/services/vault/vault.go index 13c38918c4..0469425a93 100644 --- a/services/vault/vault.go +++ b/services/vault/vault.go @@ -11,19 +11,20 @@ import ( ) var ( - ErrVaultNotAvailable = errors.New("vault plugin not available") - ErrVaultNotLicensed = errors.New("vault plugin not licensed") - ErrSecretNotFound = errors.New("secret not found") - ErrSecretExists = errors.New("secret already exists") - ErrSecretLimitReached = errors.New("secret limit reached for current license tier") - ErrFeatureNotInTier = errors.New("feature not available in current license tier") - ErrTokenNotFound = errors.New("token not found") - ErrTokenExpired = errors.New("token expired") - ErrTokenLimitReached = errors.New("token limit reached for current license tier") - ErrTokenTTLExceeded = errors.New("token TTL exceeds maximum for current license tier") - ErrInvalidToken = errors.New("invalid token") - ErrInvalidScope = errors.New("invalid token scope") - ErrAccessDenied = errors.New("access denied") + ErrVaultNotAvailable = errors.New("vault plugin not available") + ErrVaultNotLicensed = errors.New("vault plugin not licensed") + ErrVaultNotConfigured = errors.New("vault master key not configured") + ErrSecretNotFound = errors.New("secret not found") + ErrSecretExists = errors.New("secret already exists") + ErrSecretLimitReached = errors.New("secret limit reached for current license tier") + ErrFeatureNotInTier = errors.New("feature not available in current license tier") + ErrTokenNotFound = errors.New("token not found") + ErrTokenExpired = errors.New("token expired") + ErrTokenLimitReached = errors.New("token limit reached for current license tier") + ErrTokenTTLExceeded = errors.New("token TTL exceeds maximum for current license tier") + ErrInvalidToken = errors.New("invalid token") + ErrInvalidScope = errors.New("invalid token scope") + ErrAccessDenied = errors.New("access denied") ) // Plugin defines the interface that vault plugins must implement @@ -54,6 +55,15 @@ type Plugin interface { ListAuditEntries(ctx context.Context, repoID int64, page, pageSize int) ([]AuditEntry, int64, error) } +// ConfigurablePlugin is an optional interface that vault plugins can implement +// to report their configuration status +type ConfigurablePlugin interface { + // IsConfigured returns true if the plugin is properly configured (e.g., has master key) + IsConfigured() bool + // ConfigurationError returns the configuration error message, if any + ConfigurationError() string +} + // Secret represents a vault secret type Secret struct { ID int64 @@ -154,6 +164,34 @@ func IsLicensed() bool { return plugins.IsLicensed("vault") } +// IsConfigured returns true if the vault plugin is properly configured +// (e.g., has a master key set). Returns true if plugin doesn't implement +// ConfigurablePlugin interface (assumes configured). +func IsConfigured() bool { + vp := GetPlugin() + if vp == nil { + return false + } + if cp, ok := vp.(ConfigurablePlugin); ok { + return cp.IsConfigured() + } + return true // Assume configured if plugin doesn't implement interface +} + +// GetConfigurationError returns the configuration error message if the +// vault plugin is not properly configured. Returns empty string if configured +// or if the plugin doesn't implement ConfigurablePlugin interface. +func GetConfigurationError() string { + vp := GetPlugin() + if vp == nil { + return "vault plugin not available" + } + if cp, ok := vp.(ConfigurablePlugin); ok { + return cp.ConfigurationError() + } + return "" +} + // GetLicenseInfo returns the license info for the vault plugin // Returns default Solo license if no license file is present func GetLicenseInfo() *plugins.LicenseInfo { diff --git a/templates/repo/vault/list.tmpl b/templates/repo/vault/list.tmpl index 56f850c9ea..b7c585ce04 100644 --- a/templates/repo/vault/list.tmpl +++ b/templates/repo/vault/list.tmpl @@ -1,4 +1,14 @@ {{template "repo/vault/layout_head" (dict "ctxData" . "pageClass" "repository vault secrets")}} + {{if and .SignedUser.IsAdmin (not .VaultConfigured)}} +
+
{{svg "octicon-alert" 16}} {{ctx.Locale.Tr "vault.config_error_title"}}
+

{{ctx.Locale.Tr "vault.config_error_message"}}

+ {{if .VaultConfigError}} +

{{.VaultConfigError}}

+ {{end}} +

{{ctx.Locale.Tr "vault.config_error_fix"}}

+
+ {{end}}