go-get-secrets.go

package secrets

import (
	"context"
	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
	"github.com/propertybrands/btt-cloud-deployment-manager/internal/app"
)

var secretsManagerConnection *secretsmanager.Client

// getClient Manager access to the secrets manager client connection.
func getClient() *secretsmanager.Client {
	if secretsManagerConnection != nil {
		return secretsManagerConnection
	}
	secretsManagerConnection = secretsmanager.NewFromConfig(app.Env.AwsConfig)
	return secretsManagerConnection
}

// getSecret Retrieve a secret string from a secret name.
func getSecret(name string) (string, error) {
	conn := getClient()
	result, err := conn.GetSecretValue(context.TODO(), &secretsmanager.GetSecretValueInput{
		SecretId: aws.String(name),
	})

	if err != nil {
		return "", err
	}

	return *result.SecretString, err
}

// createSecret Create a secret in AWS SecretsManager.
func createSecret(name string, value string) (string, error) {
	conn := getClient()
	result, err := conn.CreateSecret(context.TODO(), &secretsmanager.CreateSecretInput{
		Name:         aws.String(name),
		SecretString: aws.String(value),
	})

	if err != nil {
		return "", err
	}

	return *result.ARN, err
}

// setSecret Set a secret value by its name.
func setSecret(name string, value string) (string, error) {
	conn := getClient()
	result, err := conn.PutSecretValue(context.TODO(), &secretsmanager.PutSecretValueInput{
		SecretId:     aws.String(name),
		SecretString: aws.String(value),
	})

	if err != nil {
		return "", err
	}

	return *result.ARN, err
}