Skip to content

Commit

Permalink
Add support for listing secrets in ASM
Browse files Browse the repository at this point in the history
  • Loading branch information
gjoranv committed Dec 6, 2024
1 parent 825dcf2 commit 23ee3b1
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 10 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,11 @@ private String awsSecretId(String tenant, Key key) {
}

public static String getAwsSecretId(String system, String tenant, Key key) {
return "%s.%s.%s.%s/%s".formatted(AthenzUtil.PREFIX, system, tenant,
key.vaultName().value(), key.secretName().value());
return "%s/%s".formatted(awsVaultPrefix(system, tenant, key.vaultName()), key.secretName().value());
}

public static String awsVaultPrefix(String system, String tenant, VaultName vault) {
return "%s.%s.%s.%s".formatted(AthenzUtil.PREFIX, system, tenant, vault.value());
}

record Vault(VaultId vaultId, VaultName vaultName, ExternalId externalId) {}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,19 @@
import ai.vespa.secret.aws.AwsRolePath;
import ai.vespa.secret.model.Key;
import ai.vespa.secret.model.SecretVersionState;
import software.amazon.awssdk.awscore.exception.AwsServiceException;
import software.amazon.awssdk.core.exception.SdkClientException;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.InternalServiceErrorException;
import software.amazon.awssdk.services.secretsmanager.model.InvalidNextTokenException;
import software.amazon.awssdk.services.secretsmanager.model.InvalidParameterException;
import software.amazon.awssdk.services.secretsmanager.model.ListSecretVersionIdsRequest;
import software.amazon.awssdk.services.secretsmanager.model.ListSecretVersionIdsResponse;
import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException;
import software.amazon.awssdk.services.secretsmanager.model.ListSecretsRequest;
import software.amazon.awssdk.services.secretsmanager.model.ListSecretsResponse;
import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry;
import software.amazon.awssdk.services.secretsmanager.model.SecretVersionsListEntry;
import software.amazon.awssdk.services.secretsmanager.model.SecretsManagerException;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;
import java.util.function.Function;

/**
Expand Down Expand Up @@ -66,9 +63,18 @@ protected MockSecretsManagerClient(AwsRolePath awsRole) {
clients.add(this);
}

@Override
public ListSecretsResponse listSecrets(Consumer<ListSecretsRequest.Builder> listSecretsRequest) {
return ListSecretsResponse.builder()
.secretList(secrets.keySet().stream()
.map(name -> SecretListEntry.builder().name(name).build())
.toList())
.build();
}

// Used by both reader and writer testers
@Override
public ListSecretVersionIdsResponse listSecretVersionIds(ListSecretVersionIdsRequest request) throws InvalidNextTokenException, ResourceNotFoundException, InternalServiceErrorException, InvalidParameterException, AwsServiceException, SdkClientException, SecretsManagerException {
public ListSecretVersionIdsResponse listSecretVersionIds(ListSecretVersionIdsRequest request) {
return ListSecretVersionIdsResponse.builder()
.name(request.secretId())
.versions(secrets.getOrDefault(request.secretId(), List.of()).stream()
Expand Down

0 comments on commit 23ee3b1

Please sign in to comment.