Skip to content
Snippets Groups Projects

ADHOC - Expand secrets manager to support create and delete

Merged Billy Griffiths requested to merge adhoc_expand_secrets_manager into main
1 unresolved thread

Files

+ 21
13
@@ -36,6 +36,8 @@ var (
secretManagerRegion = "af-south-1"
)
var secretManagerSession *secretsmanager.SecretsManager
func GetDatabaseCredentials(secretID string, isDebug bool) (DatabaseCredentials, error) {
secret, _ := GetSecret(secretID, isDebug)
var credentials DatabaseCredentials
@@ -56,11 +58,17 @@ func GetS3UploadCredentials(secretID string, isDebug bool) (*credentials2.Creden
return credentials2.NewStaticCredentials(credentials.AccessKeyID, credentials.SecretKey, ""), nil
}
// createClient Instantiates a new Secrets Manager client
func createClient(isDebug bool) (svc *secretsmanager.SecretsManager, err error) {
// getSecretManagerSession Instantiates a new Secrets Manager client session
func getSecretManagerSession(isDebug bool) (err error) {
// If a session already exists, use it
if secretManagerSession != nil {
return nil
}
logs.Info("Creating a new Secrets Manager session")
awsSession, err := session.NewSession()
if err != nil {
return svc, err
return err
}
// Get local config
@@ -76,14 +84,14 @@ func createClient(isDebug bool) (svc *secretsmanager.SecretsManager, err error)
},
})
if err != nil {
return svc, err
return err
}
}
// Create a Secrets Manager client
svc = secretsmanager.New(awsSession, aws.NewConfig().WithRegion(secretManagerRegion))
// Create a Secrets Manager client session
secretManagerSession = secretsmanager.New(awsSession, aws.NewConfig().WithRegion(secretManagerRegion))
return svc, nil
return nil
}
// logError Logs any errors returned by the Secrets Manager client
@@ -108,7 +116,7 @@ func GetSecret(secretID string, isDebug bool) (string, string) {
}
// Create a Secrets Manager client
svc, err := createClient(isDebug)
err = getSecretManagerSession(isDebug)
if err != nil {
logs.Info("Could not create client: %+v", err)
return "", ""
@@ -120,7 +128,7 @@ func GetSecret(secretID string, isDebug bool) (string, string) {
VersionStage: aws.String("AWSCURRENT"), // VersionStage defaults to AWSCURRENT if unspecified
}
result, err := svc.GetSecretValue(input)
result, err := secretManagerSession.GetSecretValue(input)
if err != nil {
logError(err)
return "", ""
@@ -147,7 +155,7 @@ func GetSecret(secretID string, isDebug bool) (string, string) {
// CreateSecret Creates a JSON marshaled "string secret" (can be expanded to cater for binary secrets should the need arise)
func CreateSecret(secretID string, secret any, isDebug bool) (awsSecretID string, err error) {
// Create a Secrets Manager client
svc, err := createClient(isDebug)
err = getSecretManagerSession(isDebug)
if err != nil {
logs.Info("Could not create client: %+v", err)
return "", err
@@ -164,7 +172,7 @@ func CreateSecret(secretID string, secret any, isDebug bool) (awsSecretID string
SecretString: aws.String(string(secretStr)),
}
result, err := svc.CreateSecret(input)
result, err := secretManagerSession.CreateSecret(input)
if err != nil {
logError(err)
return "", err
@@ -175,7 +183,7 @@ func CreateSecret(secretID string, secret any, isDebug bool) (awsSecretID string
func DeleteSecret(secretID string, forceWithoutRecovery bool, isDebug bool) error {
// Create a Secrets Manager client
svc, err := createClient(isDebug)
err := getSecretManagerSession(isDebug)
if err != nil {
logs.Info("Could not create client: %+v", err)
return err
@@ -187,7 +195,7 @@ func DeleteSecret(secretID string, forceWithoutRecovery bool, isDebug bool) erro
ForceDeleteWithoutRecovery: aws.Bool(forceWithoutRecovery),
}
_, err = svc.DeleteSecret(input)
_, err = secretManagerSession.DeleteSecret(input)
if err != nil {
logError(err)
return err
Loading