1package data 2 3import ( 4 "fmt" 5 "net/url" 6 "path" 7 "strings" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/secretsmanager" 11 "github.com/pkg/errors" 12 13 gaws "github.com/hairyhenderson/gomplate/v3/aws" 14) 15 16// awsSecretsManagerGetter - A subset of Secrets Manager API for use in unit testing 17type awsSecretsManagerGetter interface { 18 GetSecretValue(input *secretsmanager.GetSecretValueInput) (*secretsmanager.GetSecretValueOutput, error) 19} 20 21func parseDatasourceURLArgs(sourceURL *url.URL, args ...string) (params map[string]interface{}, p string, err error) { 22 if len(args) >= 2 { 23 err = fmt.Errorf("maximum two arguments to %s datasource: alias, extraPath (found %d)", 24 sourceURL.Scheme, len(args)) 25 return nil, "", err 26 } 27 28 p = sourceURL.Path 29 params = make(map[string]interface{}) 30 for key, val := range sourceURL.Query() { 31 params[key] = strings.Join(val, " ") 32 } 33 34 if p == "" && sourceURL.Opaque != "" { 35 p = sourceURL.Opaque 36 } 37 38 if len(args) == 1 { 39 parsed, err := url.Parse(args[0]) 40 if err != nil { 41 return nil, "", err 42 } 43 44 if parsed.Path != "" { 45 p = path.Join(p, parsed.Path) 46 if strings.HasSuffix(parsed.Path, "/") { 47 p += "/" 48 } 49 } 50 51 for key, val := range parsed.Query() { 52 params[key] = strings.Join(val, " ") 53 } 54 } 55 return params, p, nil 56} 57 58func readAWSSecretsManager(source *Source, args ...string) (output []byte, err error) { 59 if source.awsSecretsManager == nil { 60 source.awsSecretsManager = secretsmanager.New(gaws.SDKSession()) 61 } 62 63 _, paramPath, err := parseDatasourceURLArgs(source.URL, args...) 64 if err != nil { 65 return nil, err 66 } 67 68 return readAWSSecretsManagerParam(source, paramPath) 69} 70 71func readAWSSecretsManagerParam(source *Source, paramPath string) ([]byte, error) { 72 input := &secretsmanager.GetSecretValueInput{ 73 SecretId: aws.String(paramPath), 74 } 75 76 response, err := source.awsSecretsManager.GetSecretValue(input) 77 if err != nil { 78 return nil, errors.Wrapf(err, "Error reading aws+sm from AWS using GetSecretValue with input %v", input) 79 } 80 81 return []byte(*response.SecretString), nil 82} 83