Skip to content
Snippets Groups Projects
Select Git revision
  • 054e9431e3409ea2bab2382143890a9204cc9c50
  • main default protected
  • v1.298.0
  • v1.297.0
  • v1.296.0
  • v1.295.0
  • v1.294.0
  • v1.293.0
  • v1.292.0
  • v1.291.0
  • v1.290.0
  • v1.289.0
  • v1.288.0
  • v1.287.0
  • v1.286.0
  • v1.285.0
  • v1.284.0
  • v1.283.0
  • v1.282.0
  • v1.281.0
  • v1.280.0
  • v1.279.0
22 results

secrets_manager.go

Blame
  • secrets_manager.go 4.85 KiB
    package secrets_manager
    
    import (
    	"encoding/base64"
    	credentials2 "github.com/aws/aws-sdk-go/aws/credentials"
    	"os"
    
    	"gitlab.bob.co.za/bob-public-utils/bobgroup-go-utils/logs"
    	"gitlab.bob.co.za/bob-public-utils/bobgroup-go-utils/struct_utils"
    
    	"github.com/aws/aws-sdk-go/aws"
    	"github.com/aws/aws-sdk-go/aws/awserr"
    	"github.com/aws/aws-sdk-go/aws/session"
    	"github.com/aws/aws-sdk-go/service/secretsmanager"
    	"github.com/aws/aws-secretsmanager-caching-go/secretcache"
    )
    
    type DatabaseCredentials struct {
    	Username           string `json:"username"`
    	Password           string `json:"password"`
    	Engine             string `json:"engine"`
    	Host               string `json:"host"`
    	Port               int    `json:"port"`
    	InstanceIdentifier string `json:"dbInstanceIdentifier"`
    	ReadOnlyHost       string `json:"aurora_read_only_host"`
    }
    
    type S3UploadCredentials struct {
    	AccessKeyID     string `json:"accessKeyID"`
    	SecretAccessKey string `json:"secretAccessKey"`
    }
    
    var (
    	secretCache, _      = secretcache.New()
    	secretManagerRegion = "af-south-1"
    )
    
    func GetDatabaseCredentials(secretID string, isDebug bool) (DatabaseCredentials, error) {
    	secret, _ := GetSecret(secretID, isDebug)
    	var credentials DatabaseCredentials
    	err := struct_utils.UnmarshalJSON([]byte(secret), &credentials)
    	if err != nil {
    		return DatabaseCredentials{}, err
    	}
    	return credentials, nil
    }
    
    func GetS3UploadCredentials(secretID string, isDebug bool) (*credentials2.Credentials, error) {
    	secret, _ := GetSecret(secretID, isDebug)
    	var credentials S3UploadCredentials
    	err := struct_utils.UnmarshalJSON([]byte(secret), &credentials)
    	if err != nil {
    		return nil, err
    	}
    	return credentials2.NewStaticCredentials(credentials.AccessKeyID, credentials.SecretAccessKey, ""), nil
    }
    
    func GetSecret(secretID string, isDebug bool) (string, string) {
    	cachedSecret, err := secretCache.GetSecretString(secretID)
    	if err != nil {
    		logs.Info("Failed to get secret key from cache")
    	}
    	if cachedSecret != "" {
    		return cachedSecret, ""
    	}
    
    	awsSession := session.New()
    
    	// Get local config
    	if isDebug && os.Getenv("ENVIRONMENT") != "" {