From e0581ce6cd27a9c881596a7cbdc97792fb078094 Mon Sep 17 00:00:00 2001 From: Michael Zuberbuehler Date: Thu, 21 Sep 2023 10:43:23 +0200 Subject: [PATCH 1/2] PLATFORM-3053 Get scanii secrets from AWS SM --- lib/config.js | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/lib/config.js b/lib/config.js index 403a50a..f9900fe 100644 --- a/lib/config.js +++ b/lib/config.js @@ -5,6 +5,19 @@ if (process.env.AWS_SAM_LOCAL !== undefined) { console.log(process.env); } +const headers = {"X-Aws-Parameters-Secrets-Token": process.env.AWS_SESSION_TOKEN} +const scaniiAPISecrets = process.env.SCANII_API_SECRETS_NAME; + +async function getScaniiAPISecrets () { + let response = await fetch(`http://localhost:2773/secretsmanager/get?secretId=${scaniiAPISecrets}`, { + method: 'GET', + headers: headers + }); + let data = await response.json(); + + return data.SecretString; +} + function defaults() { CONFIG.KEY = null; CONFIG.SECRET = null; @@ -15,13 +28,17 @@ function defaults() { CONFIG.MAX_ATTEMPTS = 10; CONFIG.MAX_ATTEMPT_DELAY_MSEC = 30_000; + const SCANII_API_SECRETS = getScaniiAPISecrets(); + CONFIG.KEY = SCANII_API_SECRETS['API_KEY']; + CONFIG.SECRET = SCANII_API_SECRETS['API_SECRET']; + // extracting config overwrites from the environment: - if (process.env.API_KEY) { - CONFIG.KEY = process.env.API_KEY; - } - if (process.env.API_SECRET) { - CONFIG.SECRET = process.env.API_SECRET; - } + // if (process.env.API_KEY) { + // CONFIG.KEY = process.env.API_KEY; + // } + // if (process.env.API_SECRET) { + // CONFIG.SECRET = process.env.API_SECRET; + // } if (process.env.API_ENDPOINT) { CONFIG.API_ENDPOINT = process.env.API_ENDPOINT; From 92f0915f6fe272d242c130b6409987b638b1fab8 Mon Sep 17 00:00:00 2001 From: Michael Zuberbuehler Date: Fri, 22 Sep 2023 10:26:16 +0200 Subject: [PATCH 2/2] PLATFORM-3053 Get secrets from SM --- lib/config.js | 46 ++++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/lib/config.js b/lib/config.js index f9900fe..586208d 100644 --- a/lib/config.js +++ b/lib/config.js @@ -5,17 +5,22 @@ if (process.env.AWS_SAM_LOCAL !== undefined) { console.log(process.env); } -const headers = {"X-Aws-Parameters-Secrets-Token": process.env.AWS_SESSION_TOKEN} -const scaniiAPISecrets = process.env.SCANII_API_SECRETS_NAME; - -async function getScaniiAPISecrets () { - let response = await fetch(`http://localhost:2773/secretsmanager/get?secretId=${scaniiAPISecrets}`, { - method: 'GET', - headers: headers - }); - let data = await response.json(); - - return data.SecretString; +function getScaniiAPISecrets() { + const headers = {"X-Aws-Parameters-Secrets-Token": process.env.AWS_SESSION_TOKEN} + const scaniiAPISecrets = process.env.SCANII_API_SECRETS_NAME; + return fetch(`http://localhost:2773/secretsmanager/get?secretId=${scaniiAPISecrets}`, { + method: 'GET', + headers: headers, + }) + .then(function (response) { + if (!response.ok) { + throw new Error('API request failed with status: ' + response.status); + } + return response.json(); + }) + .then(function (data) { + return data.SecretString; + }) } function defaults() { @@ -28,18 +33,7 @@ function defaults() { CONFIG.MAX_ATTEMPTS = 10; CONFIG.MAX_ATTEMPT_DELAY_MSEC = 30_000; - const SCANII_API_SECRETS = getScaniiAPISecrets(); - CONFIG.KEY = SCANII_API_SECRETS['API_KEY']; - CONFIG.SECRET = SCANII_API_SECRETS['API_SECRET']; - // extracting config overwrites from the environment: - // if (process.env.API_KEY) { - // CONFIG.KEY = process.env.API_KEY; - // } - // if (process.env.API_SECRET) { - // CONFIG.SECRET = process.env.API_SECRET; - // } - if (process.env.API_ENDPOINT) { CONFIG.API_ENDPOINT = process.env.API_ENDPOINT; } @@ -67,5 +61,13 @@ function defaults() { } defaults(); + +var secrets = getScaniiAPISecrets() + .then(function (secretString) { + secrets = JSON.parse(secretString) + CONFIG.KEY = secrets['API_KEY']; + CONFIG.SECRET = secrets['API_SECRET']; + }); + exports.defaults = defaults; exports.CONFIG = CONFIG;