fix: issue warning when default aws region is used (#155)

argoproj-labs · Jun 24, 2021 · a68c9a3 · a68c9a3
1 parent 51f53f5
commit a68c9a3
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 1 deletion.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
+	"log"
 	"os"
 	"strconv"
 	"strings"
@@ -36,7 +37,6 @@ func New(v *viper.Viper, co *Options) (*Config, error) {
 
 	// Set Defaults
 	v.SetDefault(types.EnvAvpKvVersion, "2")
-	v.SetDefault("AWS_REGION", "us-east-2")
 
 	// Read in config file or kubernetes secret and set as env vars
 	err := readConfigOrSecret(co.SecretName, co.ConfigPath, v)
@@ -109,6 +109,11 @@ func New(v *viper.Viper, co *Options) (*Config, error) {
 		}
 	case types.AWSSecretsManagerbackend:
 		{
+			if !v.IsSet(types.EnvAWSRegion) { // issue warning when using default region
+				log.Printf("Warning: %s env var not set, using AWS region %s.\n", types.EnvAWSRegion, types.AwsDefaultRegion)
+				v.Set(types.EnvAWSRegion, types.AwsDefaultRegion)
+			}
+
 			s, err := session.NewSession(&aws.Config{
 				Region: aws.String(v.GetString(types.EnvAWSRegion)),
 			})

diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -1,8 +1,10 @@
 package config_test
 
 import (
+	"bytes"
 	"fmt"
 	"io/ioutil"
+	"log"
 	"os"
 	"testing"
 
@@ -70,6 +72,7 @@ func TestNewConfig(t *testing.T) {
 		{
 			map[string]interface{}{
 				"AVP_TYPE":              "awssecretsmanager",
+				"AWS_REGION":            "us-west-1",
 				"AWS_ACCESS_KEY_ID":     "id",
 				"AWS_SECRET_ACCESS_KEY": "key",
 			},
@@ -127,6 +130,74 @@ func TestNewConfigNoAuthType(t *testing.T) {
 	os.Unsetenv("AVP_TYPE")
 }
 
+// Helper function that captures log output from a function call into a string
+// Adapted from https://stackoverflow.com/a/26806093/170154
+func captureOutput(f func()) string {
+	var buf bytes.Buffer
+	flags := log.Flags()
+	log.SetOutput(&buf)
+	log.SetFlags(0) // don't include any date or time in the logging messages
+	f()
+	log.SetOutput(os.Stderr)
+	log.SetFlags(flags)
+	return buf.String()
+}
+
+func TestNewConfigAwsRegionWarning(t *testing.T) {
+	testCases := []struct {
+		environment  map[string]interface{}
+		expectedType string
+		expectedLog  string
+	}{
+		{ // this test issues a warning for missing AWS_REGION env var
+			map[string]interface{}{
+				"AVP_TYPE":              "awssecretsmanager",
+				"AWS_ACCESS_KEY_ID":     "id",
+				"AWS_SECRET_ACCESS_KEY": "key",
+			},
+			"*backends.AWSSecretsManager",
+			"Warning: AWS_REGION env var not set, using AWS region us-east-2.\n",
+		},
+		{ // no warning is issued
+			map[string]interface{}{
+				"AVP_TYPE":              "awssecretsmanager",
+				"AWS_REGION":            "us-west-1",
+				"AWS_ACCESS_KEY_ID":     "id",
+				"AWS_SECRET_ACCESS_KEY": "key",
+			},
+			"*backends.AWSSecretsManager",
+			"",
+		},
+	}
+
+	for _, tc := range testCases {
+		for k, v := range tc.environment {
+			os.Setenv(k, v.(string))
+		}
+		viper := viper.New()
+
+		output := captureOutput(func() {
+			config, err := config.New(viper, &config.Options{})
+			if err != nil {
+				t.Error(err)
+				t.FailNow()
+			}
+			xType := fmt.Sprintf("%T", config.Backend)
+			if xType != tc.expectedType {
+				t.Errorf("expected: %s, got: %s.", tc.expectedType, xType)
+			}
+		})
+
+		if output != tc.expectedLog {
+			t.Errorf("Unexpected warning issued. Expected: %s, actual: %s", tc.expectedLog, output)
+		}
+
+		for k := range tc.environment {
+			os.Unsetenv(k)
+		}
+	}
+}
+
 func TestNewConfigMissingParameter(t *testing.T) {
 	testCases := []struct {
 		environment  map[string]interface{}

diff --git a/pkg/types/constants.go b/pkg/types/constants.go
@@ -23,6 +23,7 @@ const (
 	ApproleAuth              = "approle"
 	GithubAuth               = "github"
 	IAMAuth                  = "iam"
+	AwsDefaultRegion         = "us-east-2"
 
 	AVPPathAnnotation        = "avp.kubernetes.io/path"
 	AVPIgnoreAnnotation      = "avp.kubernetes.io/ignore"