Merge pull request #33033 from vespa-engine/emulate-aws-behaviour

Emulate aws behaviour
vespa-engine · Dec 13, 2024 · 661cdd5 · 661cdd5
2 parents 9228c9e + 04cfd16
commit 661cdd5
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/jdisc-cloud-aws/src/main/java/ai/vespa/secret/aws/AsmSecretReader.java b/jdisc-cloud-aws/src/main/java/ai/vespa/secret/aws/AsmSecretReader.java
@@ -18,7 +18,7 @@
 import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
 import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
 import software.amazon.awssdk.services.secretsmanager.model.ListSecretVersionIdsRequest;
-import software.amazon.awssdk.services.secretsmanager.model.ListSecretVersionIdsResponse;
+import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException;
 
 import javax.net.ssl.SSLContext;
 import java.net.URI;
@@ -163,19 +163,19 @@ public Secret getSecret(Key key) {
     @Override
     public List<Secret> listSecretVersions(Key key) {
         var client = getClient(key.vaultName());
-
         try {
-            ListSecretVersionIdsResponse response = client.listSecretVersionIds(
-                    ListSecretVersionIdsRequest.builder()
-                            .secretId(awsSecretId(key)).build());
-
+            var response = client.listSecretVersionIds(ListSecretVersionIdsRequest.builder()
+                                                               .secretId(awsSecretId(key))
+                                                               .build());
             var secretVersions = response.versions().stream()
                     .map(version -> getSecret(key, SecretVersionId.of(version.versionId())))
                     .sorted().toList();
 
             secretVersions.forEach(secret -> cache.put(new VersionKey(key, secret.version()), secret));
 
             return secretVersions;
+        } catch (ResourceNotFoundException e) {
+            return List.of();
         } catch (Exception e) {
             throw new IllegalArgumentException("Failed to list secret versions for %s:\n%s".formatted(key, e.getMessage()));
         }

diff --git a/jdisc-cloud-aws/src/main/java/ai/vespa/secret/aws/testutil/AsmSecretTesterBase.java b/jdisc-cloud-aws/src/main/java/ai/vespa/secret/aws/testutil/AsmSecretTesterBase.java
@@ -13,6 +13,7 @@
 import software.amazon.awssdk.services.secretsmanager.model.ListSecretVersionIdsResponse;
 import software.amazon.awssdk.services.secretsmanager.model.ListSecretsRequest;
 import software.amazon.awssdk.services.secretsmanager.model.ListSecretsResponse;
+import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException;
 import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry;
 import software.amazon.awssdk.services.secretsmanager.model.SecretVersionsListEntry;
 
@@ -75,9 +76,13 @@ public ListSecretsResponse listSecrets(Consumer<ListSecretsRequest.Builder> list
         // Used by both reader and writer testers
         @Override
         public ListSecretVersionIdsResponse listSecretVersionIds(ListSecretVersionIdsRequest request) {
+            if (! secrets.containsKey(request.secretId())) {
+                // Emulate AWS behavior
+                throw ResourceNotFoundException.builder().message("Secret not found: " + request.secretId()).build();
+            }
             return ListSecretVersionIdsResponse.builder()
                     .name(request.secretId())
-                    .versions(secrets.getOrDefault(request.secretId(), List.of()).stream()
+                    .versions(secrets.get(request.secretId()).stream()
                                       .map(version -> SecretVersionsListEntry.builder()
                                               .versionId(version.version())
                                               .versionStages(toAwsStages(version.state()))