github.com/sharovik/devbot@v1.0.1-0.20240308094637-4a0387c40516/internal/config/secrets.go (about) 1 package config 2 3 // Use this code snippet in your app. 4 // If you need more information about configurations or implementing the sample code, visit the AWS docs: 5 // https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/setting-up.html 6 import ( 7 "encoding/json" 8 "fmt" 9 10 "github.com/aws/aws-sdk-go/aws" 11 "github.com/aws/aws-sdk-go/aws/awserr" 12 "github.com/aws/aws-sdk-go/aws/session" 13 "github.com/aws/aws-sdk-go/service/secretsmanager" 14 ) 15 16 // SecretConfigValues the secret values object 17 type SecretConfigValues struct { 18 //MessagesAPIOAuthToken slack oauth token 19 MessagesAPIOAuthToken string `json:"MESSAGES_API_OAUTH_TOKEN"` 20 21 //MessagesAPIWebAPIOAuthToken slack web-oauth token 22 MessagesAPIWebAPIOAuthToken string `json:"MESSAGES_API_WEB_API_OAUTH_TOKEN"` 23 24 //BitBucketClientID the client id for bitbucket api 25 BitBucketClientID string `json:"BITBUCKET_CLIENT_ID"` 26 27 //BitBucketClientID the client id for bitbucket api 28 BitBucketClientSecret string `json:"BITBUCKET_CLIENT_SECRET"` 29 30 //GoogleClientID the client id for a Google oauth2 31 GoogleClientID string `json:"DEVBOT_GOOGLE_CLIENT_ID"` 32 33 //GoogleClientSecret the client secret for Google oauth2 34 GoogleClientSecret string `json:"DEVBOT_GOOGLE_CLIENT_SECRET"` 35 } 36 37 // GetSecret method retrieves the secrets from the vault 38 func GetSecret(secretName string, region string) (secrets SecretConfigValues, err error) { 39 awsSession, err := session.NewSession(&aws.Config{ 40 Region: aws.String(region), 41 }) 42 43 if err != nil { 44 return SecretConfigValues{}, err 45 } 46 47 //Create a Secrets Manager client 48 svc := secretsmanager.New(awsSession, aws.NewConfig().WithRegion(region)) 49 input := &secretsmanager.GetSecretValueInput{ 50 SecretId: aws.String(secretName), 51 VersionStage: aws.String("AWSCURRENT"), // VersionStage defaults to AWSCURRENT if unspecified 52 } 53 // In this sample we only handle the specific exceptions for the 'GetSecretValue' API. 54 // See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html 55 result, err := svc.GetSecretValue(input) 56 if err != nil { 57 if aerr, ok := err.(awserr.Error); ok { 58 switch aerr.Code() { 59 case secretsmanager.ErrCodeDecryptionFailure: 60 // Secrets Manager can't decrypt the protected secret text using the provided KMS key. 61 fmt.Println(secretsmanager.ErrCodeDecryptionFailure, aerr.Error()) 62 case secretsmanager.ErrCodeInternalServiceError: 63 // An error occurred on the server side. 64 fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) 65 case secretsmanager.ErrCodeInvalidParameterException: 66 // You provided an invalid value for a parameter. 67 fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) 68 case secretsmanager.ErrCodeInvalidRequestException: 69 // You provided a parameter value that is not valid for the current state of the resource. 70 fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) 71 case secretsmanager.ErrCodeResourceNotFoundException: 72 // We can't find the resource that you asked for. 73 fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) 74 } 75 } else { 76 // Print the error, cast err to awserr.Error to get the Code and 77 // Message from an error. 78 fmt.Println(err.Error()) 79 } 80 return 81 } 82 // Decrypts secret using the associated KMS CMK. 83 // Depending on whether the secret is a string or binary, one of these fields will be populated. 84 if result.SecretString == nil { 85 fmt.Println("The secrets string is empty") 86 return 87 } 88 89 if err = json.Unmarshal([]byte(*result.SecretString), &secrets); err != nil { 90 fmt.Println("Failed to unmarshal the secrets values string") 91 return 92 } 93 94 return secrets, err 95 }