Aws secretsmanager additions #6381
Conversation
Signed-off-by: Nick Richardson <[email protected]>
Signed-off-by: Nick Richardson <[email protected]>
Signed-off-by: Nick Richardson <[email protected]>
Signed-off-by: Nick Richardson <[email protected]>
Signed-off-by: Nick Richardson <[email protected]>
Signed-off-by: Nick Richardson <[email protected]>
mpechner-akasa
force-pushed
the
aws-secretsmanager-additions
branch
from
a4701ef to
23175d8
Compare
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Doc for issue: kedacore/keda#5940 PR: kedacore/keda#6381 Signed-off-by: michael pechner <[email protected]>
|
docs. kedacore/keda-docs#1508 |
tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go
Outdated
Show resolved
Hide resolved
tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go
Outdated
Show resolved
Hide resolved
tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go
Outdated
Show resolved
Hide resolved
mpechner-akasa
force-pushed
the
aws-secretsmanager-additions
branch
2 times, most recently
from
36f2dcc to
a6b4067
Compare
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
…-akasa/keda into aws-secretsmanager-additions
…ect. Will remove REMOVETestAwsSecretManagerJSONFormat and change aws_secret_manager_pod_identity.go once I have changed this file as expected. Signed-off-by: michael pechner <[email protected]>
// Local imports . "github.com/kedacore/keda/v2/tests/helper" Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
AwsSecretManager() does not return anything, so fixed the calling test Signed-off-by: michael pechner <[email protected]>
added test code back and making AwsSecretmanager() return nil Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
|
/run-e2e aws |
Will work on this next weekend 1/11-1/12 |
…rue and false Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
igoland linter keeps removng it. Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
|
/run-e2e aws |
|
e2e tests are failing because the secret has the same name in both cases. This makes that one case passes and the other one fails because the e2e test is trying to create a secret with the same name and the secret is in deletion process You can't create this secret because a secret with this name is already scheduled for deletionYou need to update the value of |
…e the secret. Instead of tryinfg to further randomize the secretname, just let the code do what it should. Added a poll to wait on the secret to be removed. Hoping 2 minniutes is more than enough. Signed-off-by: michael pechner <[email protected]>
…e the secret. Instead of trying to further randomize the secretname, just let the code do what it should. Added a poll to wait on the secret to be removed. Should happen within a few seconds. But we are talking AWS. 5 minutes really should be more then enough. Signed-off-by: michael pechner <[email protected]>
…-akasa/keda into aws-secretsmanager-additions
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
Signed-off-by: michael pechner <[email protected]>
| err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { | ||
| _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ | ||
| SecretId: &secretManagerSecretName, | ||
| }) | ||
| if err != nil { | ||
| var notFoundErr *types.ResourceNotFoundException | ||
| if errors.As(err, ¬FoundErr) { | ||
| // Secret successfully deleted | ||
| return true, nil | ||
| } | ||
| // Unexpected error | ||
| return false, err | ||
| } | ||
| // If the secret still exists | ||
| return false, nil | ||
| }) |
There was a problem hiding this comment.
I think that just using another secret name will be better as the test doesn't need to wait until the secret is deleted (not slowing the test execution). My suggestion was just appending the test case suffix to the secretManagerSecretName in the beginning of the test. I mean, currently the value of secretManagerSecretName is generated for both test in the startup of the file -> https://github.com/nrichardson-akasa/keda/blob/aws-secretsmanager-additions/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go#L62, the suggestion that I'm giving is overriding that variable during each case:
func TestAwsSecretManager(t *testing.T) {
// Run the test twice with two different flag values
flags := []bool{true, false}
for _, useJSONSecretFormat := range flags {
// THIS ASSIGNMENT SOLVES THE ISSUE
secretManagerSecretName = fmt.Sprintf("connectionString-%d", GetRandomNumber())
// Define a subtest for each flag value
t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) {
err := AwsSecretManager(t, useJSONSecretFormat)
if err != nil {
t.Errorf("AwsSecretManager(%v) failed: %v", getTestNameForFlag(useJSONSecretFormat), err)
}
})
}
}Just adding the line secretManagerSecretName = fmt.Sprintf("connectionString-%d", GetRandomNumber()) will use different secret names and you won't have to check if it has been deleted or not before creating it again
This adds the ability to specify a secretKey in the awsSecretManager TriggerAuthentication. This will allow parsing of secrets that contain Key/Value pairs (returned in JSON format).
Resubmission of #6031
Provide a description of what has been changed
Checklist
Fixes #5940
Relates to #