[Importance: Serious] get_all_secrets call failing to respect `path=` settings to return data

[teward]

Consider this set of Infisical secrets with the following layout (where directories are defined as 'headings' here, and key-value pairs represent secrets stored in the system), and using only one environment (the "Development" / "dev" environment) for a secrets 'keyring', and querying with the client using a corresponding access token that is for this project and environment:

/:
TEST1="Test1"
TEST2="Test2"
TEST3="0123456789ABCDEF"

/redis:
SERVER="localhost"

/redis/auth:
PASSWORD="ThisIsntARealCode"

When attempting to use get_all_secrets on any path, the system only returns all secrets in the root path, and does NOT respect any provided path.

When calling the client.get_all_secrets(environment="dev") we get the first set of secrets as SecretsBundle objects, as expected. It only returns however the data in / and not subfolders.

However, when we amend this request to try and pull a specific path, this does not happen. Instead, only root path items are returned, in violation of the documentation provided.

So, instead of getting something like this for the client.get_all_secrets(environment="dev", path="/redis/auth") request (command line representation of the result used here):

[SecretBundle(secret_name='PASSWORD', secret_value='ThisIsntARealCode', version=1, workspace='RandomHexValue', environment='dev', type='shared', created_at=None, updated_at=None, is_fallback=False, last_fetched_at=datetime.datetime(2023, 8, 26, 21, 22, 23, 855329))]

... we instead only get the output of the base directory at / which looks more like this:

[SecretBundle(secret_name='TEST1', secret_value='Test1', version=1, workspace='RandomHexValue', environment='dev', type='shared', created_at=None, updated_at=None, is_fallback=False, last_fetched_at=datetime.datetime(2023, 8, 26, 21, 21, 25, 490966)), SecretBundle(secret_name='TEST2', secret_value='Test2', version=1, workspace='RandomHexValue', environment='dev', type='shared', created_at=None, updated_at=None, is_fallback=False, last_fetched_at=datetime.datetime(2023, 8, 26, 21, 21, 25, 491557)), SecretBundle(secret_name='TEST3', secret_value='0123456789ABCDEF', version=1, workspace='RandomHexValue', environment='dev', type='shared', created_at=None, updated_at=None, is_fallback=False, last_fetched_at=datetime.datetime(2023, 8, 26, 21, 21, 25, 492098))]

... which is NOT the proper data to be displayed for that directory path.

Therefore, based on this text, the latest version of infisical-python on PyPI, and the Infisical Cloud instance I am using at the Free tier (this is NOT self-hosted), there is a major bug in the infisical-python code that prevents an advertised function and functionality from properly functioning as advertised.

[vmatsiiako]

Hi @teward! Thank you so much for writing this issue. We are looking into this

cc @dangtony98

[dangtony98]

Hey @teward,

Thanks for flagging this issue; it looks like the path parameter was indeed not included in the call to fetch secrets from Infisical.

I've since patched this issue and the behavior should work as expected in the Python SDK version 1.4.2:

infisical_client.get_all_secrets(path="/foo")