Removes check for dummy key in secret store (#3519)

Signed-off-by: Elena Kolevska <[email protected]>
dapr · Aug 30, 2024 · dc8b482 · dc8b482
1 parent c48f904
commit dc8b482
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 43 deletions.
diff --git a/secretstores/aws/secretmanager/secretmanager.go b/secretstores/aws/secretmanager/secretmanager.go
@@ -16,19 +16,16 @@ package secretmanager
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"reflect"
 
 	"github.com/aws/aws-sdk-go/service/secretsmanager"
 	"github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface"
 
 	awsAuth "github.com/dapr/components-contrib/common/authentication/aws"
-	"github.com/dapr/components-contrib/common/utils"
 	"github.com/dapr/components-contrib/metadata"
 	"github.com/dapr/components-contrib/secretstores"
 	"github.com/dapr/kit/logger"
-	"github.com/dapr/kit/ptr"
 )
 
 const (
@@ -62,34 +59,14 @@ func (s *smSecretStore) Init(ctx context.Context, metadata secretstores.Metadata
 		return err
 	}
 
-	// This check is needed because d.client is set to a mock in tests
-	if s.client == nil {
-		s.client, err = s.getClient(meta)
-		if err != nil {
-			return err
-		}
-	}
+	s.client, err = s.getClient(meta)
 	if err != nil {
 		return err
 	}
 
-	var notFoundErr *secretsmanager.ResourceNotFoundException
-	if err := s.validateConnection(ctx); err != nil && !errors.As(err, &notFoundErr) {
-		return fmt.Errorf("error validating access to the aws.secretmanager secret store: %w", err)
-	}
 	return nil
 }
 
-// validateConnection runs a dummy GetSecretValueWithContext operation
-// to validate the connection credentials
-func (s *smSecretStore) validateConnection(ctx context.Context) error {
-	_, err := s.client.GetSecretValueWithContext(ctx, &secretsmanager.GetSecretValueInput{
-		SecretId: ptr.Of(utils.GetRandOrDefaultString("dapr-test-secret")),
-	})
-
-	return err
-}
-
 // GetSecret retrieves a secret using a key and returns a map of decrypted string/string values.
 func (s *smSecretStore) GetSecret(ctx context.Context, req secretstores.GetSecretRequest) (secretstores.GetSecretResponse, error) {
 	var versionID *string

diff --git a/secretstores/aws/secretmanager/secretmanager_test.go b/secretstores/aws/secretmanager/secretmanager_test.go
@@ -43,12 +43,6 @@ func (m *mockedSM) GetSecretValueWithContext(ctx context.Context, input *secrets
 func TestInit(t *testing.T) {
 	m := secretstores.Metadata{}
 	s := NewSecretManager(logger.NewLogger("test"))
-	s.(*smSecretStore).client = &mockedSM{
-		GetSecretValueFn: func(ctx context.Context, input *secretsmanager.GetSecretValueInput, option ...request.Option) (*secretsmanager.GetSecretValueOutput, error) {
-			// Simulate a non error response
-			return nil, nil
-		},
-	}
 
 	t.Run("Init with valid metadata", func(t *testing.T) {
 		m.Properties = map[string]string{
@@ -61,19 +55,6 @@ func TestInit(t *testing.T) {
 		err := s.Init(context.Background(), m)
 		require.NoError(t, err)
 	})
-
-	t.Run("Init with invalid connection details", func(t *testing.T) {
-		s.(*smSecretStore).client = &mockedSM{
-			GetSecretValueFn: func(ctx context.Context, input *secretsmanager.GetSecretValueInput, option ...request.Option) (*secretsmanager.GetSecretValueOutput, error) {
-				// Simulate a failure that resembles what AWS SM would return
-				return nil, fmt.Errorf("wrong-credentials")
-			},
-		}
-
-		err := s.Init(context.Background(), m)
-		require.Error(t, err)
-		require.EqualError(t, err, "error validating access to the aws.secretmanager secret store: wrong-credentials")
-	})
 }
 
 func TestGetSecret(t *testing.T) {