From dc8b4822d88e38c612b28d900c9b13f5cafbb5e2 Mon Sep 17 00:00:00 2001 From: Elena Kolevska Date: Fri, 30 Aug 2024 18:20:31 +0100 Subject: [PATCH] Removes check for dummy key in secret store (#3519) Signed-off-by: Elena Kolevska --- .../aws/secretmanager/secretmanager.go | 25 +------------------ .../aws/secretmanager/secretmanager_test.go | 19 -------------- 2 files changed, 1 insertion(+), 43 deletions(-) diff --git a/secretstores/aws/secretmanager/secretmanager.go b/secretstores/aws/secretmanager/secretmanager.go index a60163c591..b5c4f89f8a 100644 --- a/secretstores/aws/secretmanager/secretmanager.go +++ b/secretstores/aws/secretmanager/secretmanager.go @@ -16,7 +16,6 @@ package secretmanager import ( "context" "encoding/json" - "errors" "fmt" "reflect" @@ -24,11 +23,9 @@ import ( "github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface" awsAuth "github.com/dapr/components-contrib/common/authentication/aws" - "github.com/dapr/components-contrib/common/utils" "github.com/dapr/components-contrib/metadata" "github.com/dapr/components-contrib/secretstores" "github.com/dapr/kit/logger" - "github.com/dapr/kit/ptr" ) const ( @@ -62,34 +59,14 @@ func (s *smSecretStore) Init(ctx context.Context, metadata secretstores.Metadata return err } - // This check is needed because d.client is set to a mock in tests - if s.client == nil { - s.client, err = s.getClient(meta) - if err != nil { - return err - } - } + s.client, err = s.getClient(meta) if err != nil { return err } - var notFoundErr *secretsmanager.ResourceNotFoundException - if err := s.validateConnection(ctx); err != nil && !errors.As(err, ¬FoundErr) { - return fmt.Errorf("error validating access to the aws.secretmanager secret store: %w", err) - } return nil } -// validateConnection runs a dummy GetSecretValueWithContext operation -// to validate the connection credentials -func (s *smSecretStore) validateConnection(ctx context.Context) error { - _, err := s.client.GetSecretValueWithContext(ctx, &secretsmanager.GetSecretValueInput{ - SecretId: ptr.Of(utils.GetRandOrDefaultString("dapr-test-secret")), - }) - - return err -} - // GetSecret retrieves a secret using a key and returns a map of decrypted string/string values. func (s *smSecretStore) GetSecret(ctx context.Context, req secretstores.GetSecretRequest) (secretstores.GetSecretResponse, error) { var versionID *string diff --git a/secretstores/aws/secretmanager/secretmanager_test.go b/secretstores/aws/secretmanager/secretmanager_test.go index a062516c95..1a38452d94 100644 --- a/secretstores/aws/secretmanager/secretmanager_test.go +++ b/secretstores/aws/secretmanager/secretmanager_test.go @@ -43,12 +43,6 @@ func (m *mockedSM) GetSecretValueWithContext(ctx context.Context, input *secrets func TestInit(t *testing.T) { m := secretstores.Metadata{} s := NewSecretManager(logger.NewLogger("test")) - s.(*smSecretStore).client = &mockedSM{ - GetSecretValueFn: func(ctx context.Context, input *secretsmanager.GetSecretValueInput, option ...request.Option) (*secretsmanager.GetSecretValueOutput, error) { - // Simulate a non error response - return nil, nil - }, - } t.Run("Init with valid metadata", func(t *testing.T) { m.Properties = map[string]string{ @@ -61,19 +55,6 @@ func TestInit(t *testing.T) { err := s.Init(context.Background(), m) require.NoError(t, err) }) - - t.Run("Init with invalid connection details", func(t *testing.T) { - s.(*smSecretStore).client = &mockedSM{ - GetSecretValueFn: func(ctx context.Context, input *secretsmanager.GetSecretValueInput, option ...request.Option) (*secretsmanager.GetSecretValueOutput, error) { - // Simulate a failure that resembles what AWS SM would return - return nil, fmt.Errorf("wrong-credentials") - }, - } - - err := s.Init(context.Background(), m) - require.Error(t, err) - require.EqualError(t, err, "error validating access to the aws.secretmanager secret store: wrong-credentials") - }) } func TestGetSecret(t *testing.T) {