Skip to content

Commit

Permalink
secrets manager support for additional file types
Browse files Browse the repository at this point in the history
  • Loading branch information
kendavis2 committed Jan 3, 2020
1 parent faf3538 commit 0627f7e
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 15 deletions.
19 changes: 6 additions & 13 deletions components/store/aws_secret_manager_store.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,8 +203,6 @@ func (s AWSSecretManagerStore) pushBlob(file *catalog.File, fileData []byte, KMS
}

fileData = result.Bytes()
default:
return fmt.Errorf("store does not support file type: %s", file.Type)
}

svc := secretsmanager.New(s.Session)
Expand Down Expand Up @@ -285,7 +283,7 @@ func (s AWSSecretManagerStore) Pull(file *catalog.File, version string) ([]byte,

return envFormat.Bytes(), contract.Attributes{}, err
default:
return []byte{}, contract.Attributes{}, fmt.Errorf("store does not support file type: %s", file.Type)
return []byte(*sv.SecretString), contract.Attributes{}, err
}
}

Expand All @@ -294,17 +292,12 @@ func (s AWSSecretManagerStore) Purge(file *catalog.File, version string) error {

svc := secretsmanager.New(s.Session)

switch file.Type {
case "env", "json":
key := fmt.Sprintf("%s/%s", s.clog.Context, file.Path)
key := fmt.Sprintf("%s/%s", s.clog.Context, file.Path)

if _, err := svc.DeleteSecret(&secretsmanager.DeleteSecretInput{
SecretId: aws.String(key),
}); err != nil {
return err
}
default:
return fmt.Errorf("store does not support file type: %s", file.Type)
if _, err := svc.DeleteSecret(&secretsmanager.DeleteSecretInput{
SecretId: aws.String(key),
}); err != nil {
return err
}

return nil
Expand Down
2 changes: 1 addition & 1 deletion docs/SECRETS_MANAGER.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ When storing configuration in Secrets Manager, two storate solutions are availab

| CLI Flag | CLI Key | Description | Supports | Secret Key |
|-|-|-|-|-|
| `-s` |`aws-secret`| All config values are stored in a single secret. | `.env`, `.json`|`/{config_context}/{FILE_PATH}` |
| `-s` |`aws-secret`| All config values are stored in a single secret. | * |`/{config_context}/{FILE_PATH}` |
| `-s` |`aws-secrets`| Each config value is stored in a separate secret. | `.env`, `.json` | `/{config_context}/{file_path}/{var}` |

### Authentication ###
Expand Down
2 changes: 1 addition & 1 deletion docs/STORES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ A comparison of supported storage solutions.
|-|-|-|-|-|
| CLI Flag | `-s` | `-s` | `-s` | `-s` | `-s` |
| CLI Key | `source-control` | `aws-s3` | `aws-parameter` | `aws-secret` `aws-secrets` |
| Supported File Types | `.env`, `.json` | * | `.env` | `.env`, `.json` |
| Supported File Types | `.env`, `.json` | * | `.env` | * |
| Default Secrets Vault | Secrets Manager | Secrets Manager | Secrets Manager | Secrets Manager |
| Config Update Strategy | Build Time | Deploy Time | Deploy Time | Deploy Time |
| Infrastructure | KMS Key | S3 Bucket, KMS Key | KMS Key | KMS Key |
Expand Down

0 comments on commit 0627f7e

Please sign in to comment.