Skip to content

feat(iam): access key operations #56

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
designcode merged 2 commits into from
Jan 23, 2026
Merged

feat(iam): access key operations #56

designcode merged 2 commits into from
Jan 23, 2026
+756 −921

Conversation

@designcode
Copy link
Collaborator

@designcode designcode commented Jan 22, 2026
edited by cursor bot
Loading

Note

Introduces access key management to the IAM SDK and updates release/CI.

  • IAM SDK: Adds listAccessKeys, createAccessKey, getAccessKey, removeAccessKey, assignBucketRoles, revokeAllBucketRoles and exports them from index.ts
  • HTTP client: Handles URLSearchParams bodies for signing and request payloads to support IAM form-encoded endpoints
  • Release/CI: Replaces multi-repo release with per-package configs (release.config.base.cjs, per-package release.config.cjs) and a new scripts/release.sh to publish in dependency order; updates GitHub Actions (renamed PR checks, add integration tests, release job runs the script); bumps semantic-release plugins
  • Lint: Ignores *.cjs in ESLint

Written by Cursor Bugbot for commit 384b04b. This will update automatically on new commits. Configure here.

@greptile-apps
Copy link

greptile-apps bot commented Jan 22, 2026

Greptile Overview

Greptile Summary

This PR refactors the CI release process by removing multi-semantic-release in favor of a custom bash script that releases packages sequentially in dependency order.

Major Issues:

  • PR title "feat(iam): access key operations" doesn't match actual changes (commit: "chore(ci): remove multi-semantic-release package")
  • NPM_TOKEN environment variable removed from workflow but @semantic-release/npm plugin still needs it for publishing
  • Hardcoded branch iam/access-keys in release config should be removed before merging to main

Changes:

  • Replaced multi-semantic-release with custom shell script for sequential package releases
  • Created shared release.config.base.cjs and individual package configs
  • Updated semantic-release plugin versions
  • Added *.cjs to ESLint ignore patterns

Confidence Score: 1/5

  • This PR will break NPM publishing in CI and contains configuration issues
  • Two critical issues will prevent successful releases: missing NPM_TOKEN environment variable breaks package publishing, and hardcoded 'iam/access-keys' branch reference is inappropriate for main branch. Additionally, PR title completely misrepresents the changes.
  • Pay close attention to .github/workflows/release.yaml (missing NPM authentication) and release.config.base.cjs (hardcoded branch reference)

Important Files Changed

Filename Overview
.github/workflows/release.yaml Removed NPM_TOKEN environment variable from release workflow, which may break NPM publishing
release.config.base.cjs Added base semantic-release config with hardcoded 'iam/access-keys' branch that should be removed before merging to main

greptile-apps[bot]
greptile-apps bot reviewed Jan 22, 2026
View reviewed changes
Copy link

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 files reviewed, 2 comments

Edit Code Review Agent Settings | Greptile

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

@designcode designcode force-pushed the iam/access-keys branch 2 times, most recently from a6202de to 821a2b7 Compare January 23, 2026 08:42
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]
cursor bot reviewed Jan 23, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

packages/iam/src/lib/access-key/assign.ts
error: new Error(
'Invalid request, cannot assign wildcard bucket role to multiple buckets'
),
};
Copy link

@cursor cursor bot Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Misleading error message for wildcard role validation

Low Severity

The error message "cannot assign wildcard bucket role to multiple buckets" is shown for two different validation failures: attempting to assign a wildcard with multiple buckets, and attempting to assign a wildcard with a non-NamespaceAdmin role. The message is misleading for the second case where the issue is the role type, not multiple buckets.

Fix in Cursor Fix in Web

@designcode designcode merged commit b1326cd into main Jan 23, 2026
2 checks passed
@designcode designcode deleted the iam/access-keys branch January 23, 2026 11:59
@github-actions
Copy link

github-actions bot commented Jan 23, 2026

🎉 This PR is included in version 2.12.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions
Copy link

github-actions bot commented Jan 23, 2026

🎉 This PR is included in version 1.1.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions
Copy link

github-actions bot commented Jan 23, 2026

🎉 This PR is included in version 1.1.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@MantasMiksys MantasMiksys MantasMiksys approved these changes

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@designcode @MantasMiksys