Feature: start the phase out for Native Integrations

.env.example

@@ -31,25 +31,14 @@ SMTP_FROM_NAME=
 SMTP_USERNAME=
 SMTP_PASSWORD=
 
-# Integration
-# Optional only if integration is used
-CLIENT_ID_HEROKU=
-CLIENT_ID_VERCEL=
-CLIENT_ID_NETLIFY=
+# CICD Integration
 CLIENT_ID_GITHUB=
 CLIENT_ID_GITHUB_APP=
 CLIENT_SLUG_GITHUB_APP=
-CLIENT_ID_GITLAB=
-CLIENT_ID_BITBUCKET=
-CLIENT_SECRET_HEROKU=
-CLIENT_SECRET_VERCEL=
-CLIENT_SECRET_NETLIFY=
 CLIENT_SECRET_GITHUB=
 CLIENT_SECRET_GITHUB_APP=
+CLIENT_ID_GITLAB=
 CLIENT_SECRET_GITLAB=
-CLIENT_SECRET_BITBUCKET=
-CLIENT_SLUG_VERCEL=
-
 CLIENT_PRIVATE_KEY_GITHUB_APP=
 CLIENT_APP_ID_GITHUB_APP=
 

backend/src/server/routes/v1/integration-auth-router.ts

@@ -2,6 +2,7 @@
 
 import { EventType } from "@app/ee/services/audit-log/audit-log-types";
 import { ApiDocsTags, INTEGRATION_AUTH } from "@app/lib/api-docs";
+import { ForbiddenRequestError } from "@app/lib/errors";
 import { readLimit, writeLimit } from "@app/server/config/rateLimiter";
 import { verifyAuth } from "@app/server/plugins/auth/verify-auth";
 import { AuthMode } from "@app/services/auth/auth-type";
@@ -10,6 +11,9 @@
 
 import { integrationAuthPubSchema } from "../sanitizedSchemas";
 
+const NATIVE_INTEGRATION_DEPRECATION_MESSAGE =
+  "We're moving Native Integrations to Secret Syncs. Check the documentation at https://infisical.com/docs/integrations/secret-syncs/overview. If the integration you need isn't available in the Secret Syncs, please get in touch with us at [email protected].";
+
 export const registerIntegrationAuthRouter = async (server: FastifyZodProvider) => {
   server.route({
     method: "GET",
@@ -333,27 +337,33 @@
         })
       }
     },
-    handler: async (req) => {
-      const integrationAuth = await server.services.integrationAuth.saveIntegrationToken({
-        actorId: req.permission.id,
-        actor: req.permission.type,
-        actorAuthMethod: req.permission.authMethod,
-        actorOrgId: req.permission.orgId,
-        projectId: req.body.workspaceId,
-        ...req.body
+    handler: async (_) => {
+      throw new ForbiddenRequestError({
+        message: NATIVE_INTEGRATION_DEPRECATION_MESSAGE
       });
 
-      await server.services.auditLog.createAuditLog({
-        ...req.auditLogInfo,
-        projectId: req.body.workspaceId,
-        event: {
-          type: EventType.AUTHORIZE_INTEGRATION,
-          metadata: {
-            integration: integrationAuth.integration
-          }
-        }
-      });
-      return { integrationAuth };
+      // We are keeping the old response commented out for an easy revert on the API if we need to before the full phase out.
+
+      // const integrationAuth = await server.services.integrationAuth.saveIntegrationToken({
+      //   actorId: req.permission.id,
+      //   actor: req.permission.type,
+      //   actorAuthMethod: req.permission.authMethod,
+      //   actorOrgId: req.permission.orgId,
+      //   projectId: req.body.workspaceId,
+      //   ...req.body
+      // });
+
+      // await server.services.auditLog.createAuditLog({
+      //   ...req.auditLogInfo,
+      //   projectId: req.body.workspaceId,
+      //   event: {
+      //     type: EventType.AUTHORIZE_INTEGRATION,
+      //     metadata: {
+      //       integration: integrationAuth.integration
+      //     }
+      //   }
+      // });
+      // return { integrationAuth };
     }
   });
 

backend/src/server/routes/v1/integration-router.ts

@@ -3,17 +3,19 @@
 import { IntegrationsSchema } from "@app/db/schemas";
 import { EventType } from "@app/ee/services/audit-log/audit-log-types";
 import { ApiDocsTags, INTEGRATION } from "@app/lib/api-docs";
+import { ForbiddenRequestError } from "@app/lib/errors";
 import { removeTrailingSlash, shake } from "@app/lib/fn";
 import { readLimit, writeLimit } from "@app/server/config/rateLimiter";
-import { getTelemetryDistinctId } from "@app/server/lib/telemetry";
 import { verifyAuth } from "@app/server/plugins/auth/verify-auth";
 import { AuthMode } from "@app/services/auth/auth-type";
 import { IntegrationMetadataSchema } from "@app/services/integration/integration-schema";
 import { Integrations } from "@app/services/integration-auth/integration-list";
-import { PostHogEventTypes, TIntegrationCreatedEvent } from "@app/services/telemetry/telemetry-types";
 
 import {} from "../sanitizedSchemas";
 
+const NATIVE_INTEGRATION_DEPRECATION_MESSAGE =
+  "We're moving Native Integrations to Secret Syncs. Check the documentation at https://infisical.com/docs/integrations/secret-syncs/overview. If the integration you need isn't available in the Secret Syncs, please get in touch with us at [email protected].";
+
 export const registerIntegrationRouter = async (server: FastifyZodProvider) => {
   server.route({
     method: "POST",
@@ -66,52 +68,58 @@
       }
     },
     onRequest: verifyAuth([AuthMode.JWT, AuthMode.IDENTITY_ACCESS_TOKEN]),
-    handler: async (req) => {
-      const { integration, integrationAuth } = await server.services.integration.createIntegration({
-        actorId: req.permission.id,
-        actor: req.permission.type,
-        actorAuthMethod: req.permission.authMethod,
-        actorOrgId: req.permission.orgId,
-        ...req.body
+    handler: async (_) => {
+      throw new ForbiddenRequestError({
+        message: NATIVE_INTEGRATION_DEPRECATION_MESSAGE
       });
 
-      const createIntegrationEventProperty = shake({
-        integrationId: integration.id.toString(),
-        integration: integration.integration,
-        environment: req.body.sourceEnvironment,
-        secretPath: req.body.secretPath,
-        url: integration.url,
-        app: integration.app,
-        appId: integration.appId,
-        targetEnvironment: integration.targetEnvironment,
-        targetEnvironmentId: integration.targetEnvironmentId,
-        targetService: integration.targetService,
-        targetServiceId: integration.targetServiceId,
-        path: integration.path,
-        region: integration.region
-      }) as TIntegrationCreatedEvent["properties"];
+      // We are keeping the old response commented out for an easy revert on the API if we need to before the full phase out.
 
-      await server.services.auditLog.createAuditLog({
-        ...req.auditLogInfo,
-        projectId: integrationAuth.projectId,
-        event: {
-          type: EventType.CREATE_INTEGRATION,
-          // eslint-disable-next-line
-          metadata: createIntegrationEventProperty
-        }
-      });
+      // const { integration, integrationAuth } = await server.services.integration.createIntegration({
+      //   actorId: req.permission.id,
+      //   actor: req.permission.type,
+      //   actorAuthMethod: req.permission.authMethod,
+      //   actorOrgId: req.permission.orgId,
+      //   ...req.body
+      // });
 
-      await server.services.telemetry.sendPostHogEvents({
-        event: PostHogEventTypes.IntegrationCreated,
-        organizationId: req.permission.orgId,
-        distinctId: getTelemetryDistinctId(req),
-        properties: {
-          ...createIntegrationEventProperty,
-          projectId: integrationAuth.projectId,
-          ...req.auditLogInfo
-        }
-      });
-      return { integration };
+      // const createIntegrationEventProperty = shake({
+      //   integrationId: integration.id.toString(),
+      //   integration: integration.integration,
+      //   environment: req.body.sourceEnvironment,
+      //   secretPath: req.body.secretPath,
+      //   url: integration.url,
+      //   app: integration.app,
+      //   appId: integration.appId,
+      //   targetEnvironment: integration.targetEnvironment,
+      //   targetEnvironmentId: integration.targetEnvironmentId,
+      //   targetService: integration.targetService,
+      //   targetServiceId: integration.targetServiceId,
+      //   path: integration.path,
+      //   region: integration.region
+      // }) as TIntegrationCreatedEvent["properties"];
+
+      // await server.services.auditLog.createAuditLog({
+      //   ...req.auditLogInfo,
+      //   projectId: integrationAuth.projectId,
+      //   event: {
+      //     type: EventType.CREATE_INTEGRATION,
+      //     // eslint-disable-next-line
+      //     metadata: createIntegrationEventProperty
+      //   }
+      // });
+
+      // await server.services.telemetry.sendPostHogEvents({
+      //   event: PostHogEventTypes.IntegrationCreated,
+      //   organizationId: req.permission.orgId,
+      //   distinctId: getTelemetryDistinctId(req),
+      //   properties: {
+      //     ...createIntegrationEventProperty,
+      //     projectId: integrationAuth.projectId,
+      //     ...req.auditLogInfo
+      //   }
+      // });
+      // return { integration };
     }
   });
 

company/documentation/getting-started/introduction.mdx

@@ -95,12 +95,4 @@ Depending on your use case, it might be helpful to look into some of the resourc
   >
     Fetch secrets via HTTP request.
   </Card>
-  <Card
-    href="/integrations/overview"
-    title="Native Integrations"
-    icon="clouds"
-    color="#000000"
-  >
-    Explore integrations for GitHub, Vercel, AWS, and more.
-  </Card>
 </CardGroup>

docker-swarm/.env-example

@@ -25,22 +25,6 @@ SMTP_FROM_NAME=
 SMTP_USERNAME=
 SMTP_PASSWORD=
 
-# Integration
-# Optional only if integration is used
-CLIENT_ID_HEROKU=
-CLIENT_ID_VERCEL=
-CLIENT_ID_NETLIFY=
-CLIENT_ID_GITHUB=
-CLIENT_ID_GITLAB=
-CLIENT_ID_BITBUCKET=
-CLIENT_SECRET_HEROKU=
-CLIENT_SECRET_VERCEL=
-CLIENT_SECRET_NETLIFY=
-CLIENT_SECRET_GITHUB=
-CLIENT_SECRET_GITLAB=
-CLIENT_SECRET_BITBUCKET=
-CLIENT_SLUG_VERCEL=
-
 # Sentry (optional) for monitoring errors
 SENTRY_DSN=