fix: add an FTL tag and filter ASM secrets #1888
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Open
safeer
force-pushed
the
saf/tag-asm-secrets
branch
from
15ba666 to
20c9f9e
Compare
safeer
force-pushed
the
saf/tag-asm-secrets
branch
from
23da737 to
b170a92
Compare
|
LGTM 👍 |
matt2e
approved these changes
Jun 27, 2024
alecthomas
approved these changes
Jun 27, 2024
common/configuration/asm_leader.go
Outdated
| @@ -149,6 +155,9 @@ func (l *asmLeader) store(ctx context.Context, ref Ref, value []byte) (*url.URL, | |||
| _, err := l.client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ | |||
| Name: aws.String(ref.String()), | |||
| SecretString: aws.String(string(value)), | |||
| Tags: []types.Tag{ | |||
| {Key: aws.String("_ftl"), Value: aws.String(ref.Module.Default("_"))}, | |||
common/configuration/asm_leader.go
Outdated
| @@ -54,6 +54,9 @@ func (l *asmLeader) sync(ctx context.Context, secrets *xsync.MapOf[Ref, cachedSe | |||
| out, err := l.client.ListSecrets(ctx, &secretsmanager.ListSecretsInput{ | |||
| MaxResults: aws.Int32(100), | |||
| NextToken: nextToken.Ptr(), | |||
| Filters: []types.Filter{ | |||
| {Key: types.FilterNameStringTypeTagKey, Values: []string{"_ftl"}}, | |||
There was a problem hiding this comment.
Let's pull the tag value out into a constant.
alecthomas
reviewed
Jun 27, 2024
common/configuration/asm_leader.go
Outdated
| @@ -149,6 +155,9 @@ func (l *asmLeader) store(ctx context.Context, ref Ref, value []byte) (*url.URL, | |||
| _, err := l.client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ | |||
| Name: aws.String(ref.String()), | |||
| SecretString: aws.String(string(value)), | |||
| Tags: []types.Tag{ | |||
| {Key: aws.String("ftl"), Value: aws.String(ref.Module.Default("_"))}, | |||
There was a problem hiding this comment.
Can the value not be empty? _ is actually a valid module name, so if it can't be empty it should at least be - which is not a valid identifier.
There was a problem hiding this comment.
It can be empty, pushing a fix
safeer
force-pushed
the
saf/tag-asm-secrets
branch
from
9c4190c to
2930b2c
Compare
|
nice! and much needed. Most AWS accounts will have many secrets in many formats |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1876