From 8a5ba023edf8460338b85659d86c7423aa6b7956 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 4 Aug 2020 16:25:52 -0400 Subject: [PATCH 01/62] Initial resource implementation --- build.gradle | 1 + examples/secret/secret.gyro | 3 + .../java/gyro/aws/secrets/SecretFinder.java | 24 ++++ .../java/gyro/aws/secrets/SecretResource.java | 125 ++++++++++++++++++ 4 files changed, 153 insertions(+) create mode 100644 examples/secret/secret.gyro create mode 100644 src/main/java/gyro/aws/secrets/SecretFinder.java create mode 100644 src/main/java/gyro/aws/secrets/SecretResource.java diff --git a/build.gradle b/build.gradle index 742ec42fb..4ba94e73c 100644 --- a/build.gradle +++ b/build.gradle @@ -111,6 +111,7 @@ dependencies { implementation 'software.amazon.awssdk:acmpca' implementation 'software.amazon.awssdk:dynamodb' implementation 'software.amazon.awssdk:neptune' + implementation 'software.amazon.awssdk:secretsmanager' implementation 'org.json:json:20180813' gyroDoclet "gyro:gyro-doclet:0.99.0-SNAPSHOT" diff --git a/examples/secret/secret.gyro b/examples/secret/secret.gyro new file mode 100644 index 000000000..53fcf26bf --- /dev/null +++ b/examples/secret/secret.gyro @@ -0,0 +1,3 @@ +#aws::secret secret +#end +@print: $(external-query aws::secret {}) \ No newline at end of file diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java new file mode 100644 index 000000000..ec5d738d2 --- /dev/null +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -0,0 +1,24 @@ +package gyro.aws.secrets; + +import java.util.List; +import java.util.Map; + +import gyro.aws.AwsFinder; +import gyro.core.Type; +import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; +import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; + +@Type("secret") +public class SecretFinder extends AwsFinder { + + @Override + protected List findAllAws(SecretsManagerClient client) { + return client.listSecrets().secretList(); + } + + @Override + protected List findAws( + SecretsManagerClient client, Map filters) { + return null; + } +} diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java new file mode 100644 index 000000000..f5be94579 --- /dev/null +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -0,0 +1,125 @@ +package gyro.aws.secrets; + +import java.util.List; +import java.util.Set; + +import gyro.aws.AwsResource; +import gyro.aws.Copyable; +import gyro.core.GyroUI; +import gyro.core.Type; +import gyro.core.resource.Id; +import gyro.core.resource.Resource; +import gyro.core.scope.State; +import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; +import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; +import software.amazon.awssdk.services.secretsmanager.model.CreateSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; +import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretResponse; + +@Type("secret") +public class SecretResource extends AwsResource implements Copyable { + + private String arn; + private String description; + private String name; + private String id; + + @Id + public String getArn() { + return arn; + } + + public void setArn(String arn) { + this.arn = arn; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public String getId() { + return id; + } + + public void setId(String id) { + this.id = id; + } + + @Override + public boolean refresh() { + SecretsManagerClient client = createClient(SecretsManagerClient.class); + + DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getId())); + + if (response == null) { + return false; + } + + SecretListEntry entry = SecretListEntry.builder() + .arn(response.arn()) + .name(response.name()) + .description(response.description()) + .kmsKeyId(response.kmsKeyId()) + .tags(response.tags()) + .build(); + + copyFrom(entry); + + return true; + } + + @Override + public void create(GyroUI ui, State state) throws Exception { + SecretsManagerClient client = createClient(SecretsManagerClient.class); + + CreateSecretRequest request = CreateSecretRequest.builder() + .name(getName()) + .description(getDescription()) + .build(); + + CreateSecretResponse response = client.createSecret(request); + + setArn(response.arn()); + } + + @Override + public void update( + GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { + SecretsManagerClient client = createClient(SecretsManagerClient.class); + + UpdateSecretResponse response = client.updateSecret(r -> r.secretId(getId())); + + if (changedFieldNames.isEmpty() || changedFieldNames.contains("name")) { + + } + + } + + @Override + public void delete(GyroUI ui, State state) throws Exception { + SecretsManagerClient client = createClient(SecretsManagerClient.class); + + client.deleteSecret(r -> r.secretId(getId())); + } + + @Override + public void copyFrom(SecretListEntry model) { + setArn(model.arn()); + setName(model.name()); + setDescription(model.description()); + setId(getId()); + } +} From 5ffef90cb8b85f5a265d7f5264e249be6b606d16 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:40:47 -0400 Subject: [PATCH 02/62] Updated finder to convert SecretListEntry to DescribeSecretResponse list --- .../java/gyro/aws/secrets/SecretFinder.java | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java index ec5d738d2..42b09f9ae 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -1,23 +1,37 @@ package gyro.aws.secrets; +import java.util.ArrayList; import java.util.List; import java.util.Map; import gyro.aws.AwsFinder; import gyro.core.Type; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; +import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; @Type("secret") -public class SecretFinder extends AwsFinder { +public class SecretFinder extends AwsFinder { @Override - protected List findAllAws(SecretsManagerClient client) { - return client.listSecrets().secretList(); + protected List findAllAws(SecretsManagerClient client) { + List responseList = new ArrayList<>(); + + for (SecretListEntry entry : client.listSecrets().secretList()) { + DescribeSecretResponse response = DescribeSecretResponse.builder() + .arn(entry.arn()) + .name(entry.name()) + .description(entry.description()) + .build(); + + responseList.add(response); + } + + return responseList; } @Override - protected List findAws( + protected List findAws( SecretsManagerClient client, Map filters) { return null; } From 1f3f4423f50b8044b3fae71ae2986d5941f17cf1 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:42:10 -0400 Subject: [PATCH 03/62] Updated Copyable main model --- src/main/java/gyro/aws/secrets/SecretResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index f5be94579..33af93226 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -18,7 +18,7 @@ import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretResponse; @Type("secret") -public class SecretResource extends AwsResource implements Copyable { +public class SecretResource extends AwsResource implements Copyable { private String arn; private String description; From 01bcb16d153dda12da1fa046c3c98ff7c7089392 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:44:09 -0400 Subject: [PATCH 04/62] Added all relevant parameters with corresponding annotations --- .../java/gyro/aws/secrets/SecretResource.java | 179 +++++++++++++++++- 1 file changed, 172 insertions(+), 7 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 33af93226..d4cff8ccc 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -1,6 +1,8 @@ package gyro.aws.secrets; +import java.time.Instant; import java.util.List; +import java.util.Map; import java.util.Set; import gyro.aws.AwsResource; @@ -9,21 +11,43 @@ import gyro.core.Type; import gyro.core.resource.Id; import gyro.core.resource.Resource; +import gyro.core.resource.Updatable; import gyro.core.scope.State; +import software.amazon.awssdk.core.SdkBytes; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest; +import software.amazon.awssdk.services.secretsmanager.model.DeleteSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; -import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; -import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; +import software.amazon.awssdk.services.secretsmanager.model.Tag; +import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretRequest; @Type("secret") public class SecretResource extends AwsResource implements Copyable { private String arn; + private String clientRequestToken; + private Instant deletedDate; private String description; - private String name; + private Boolean forceDeleteWithoutRecovery; private String id; + private String kmsKeyId; + private Instant lastAccessedDate; + private Instant lastChangedDate; + private Instant lastRotatedDate; + private String name; + private String owningService; + private Long recoveryWindowInDays; + private Boolean rotationEnabled; + private String rotationLambdaARN; + private RotationRulesType rotationRules; + private SdkBytes secretBinary; + private String secretString; + private List tags; + private String versionId; + private Map> versionIdsToStages; @Id public String getArn() { @@ -34,14 +58,24 @@ public void setArn(String arn) { this.arn = arn; } - public String getName() { - return name; + @Updatable + public String getClientRequestToken() { + return clientRequestToken; } - public void setName(String name) { - this.name = name; + public void setClientRequestToken(String clientRequestToken) { + this.clientRequestToken = clientRequestToken; + } + + public Instant getDeletedDate() { + return deletedDate; + } + + public void setDeletedDate(Instant deletedDate) { + this.deletedDate = deletedDate; } + @Updatable public String getDescription() { return description; } @@ -50,6 +84,14 @@ public void setDescription(String description) { this.description = description; } + public Boolean getForceDeleteWithoutRecovery() { + return forceDeleteWithoutRecovery; + } + + public void setForceDeleteWithoutRecovery(Boolean forceDeleteWithoutRecovery) { + this.forceDeleteWithoutRecovery = forceDeleteWithoutRecovery; + } + public String getId() { return id; } @@ -58,6 +100,129 @@ public void setId(String id) { this.id = id; } + @Updatable + public String getKmsKeyId() { + return kmsKeyId; + } + + public void setKmsKeyId(String kmsKeyId) { + this.kmsKeyId = kmsKeyId; + } + + public Instant getLastAccessedDate() { + return lastAccessedDate; + } + + public void setLastAccessedDate(Instant lastAccessedDate) { + this.lastAccessedDate = lastAccessedDate; + } + + public Instant getLastChangedDate() { + return lastChangedDate; + } + + public void setLastChangedDate(Instant lastChangedDate) { + this.lastChangedDate = lastChangedDate; + } + + public Instant getLastRotatedDate() { + return lastRotatedDate; + } + + public void setLastRotatedDate(Instant lastRotatedDate) { + this.lastRotatedDate = lastRotatedDate; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public String getOwningService() { + return owningService; + } + + public void setOwningService(String owningService) { + this.owningService = owningService; + } + + public Long getRecoveryWindowInDays() { + return recoveryWindowInDays; + } + + public void setRecoveryWindowInDays(Long recoveryWindowInDays) { + this.recoveryWindowInDays = recoveryWindowInDays; + } + + public Boolean getRotationEnabled() { + return rotationEnabled; + } + + public void setRotationEnabled(Boolean rotationEnabled) { + this.rotationEnabled = rotationEnabled; + } + + public String getRotationLambdaARN() { + return rotationLambdaARN; + } + + public void setRotationLambdaARN(String rotationLambdaARN) { + this.rotationLambdaARN = rotationLambdaARN; + } + + public RotationRulesType getRotationRules() { + return rotationRules; + } + + public void setRotationRules(RotationRulesType rotationRules) { + this.rotationRules = rotationRules; + } + + @Updatable + public SdkBytes getSecretBinary() { + return secretBinary; + } + + public void setSecretBinary(SdkBytes secretBinary) { + this.secretBinary = secretBinary; + } + + @Updatable + public String getSecretString() { + return secretString; + } + + public void setSecretString(String secretString) { + this.secretString = secretString; + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } + + public String getVersionId() { + return versionId; + } + + public void setVersionId(String versionId) { + this.versionId = versionId; + } + + public Map> getVersionIdsToStages() { + return versionIdsToStages; + } + + public void setVersionIdsToStages(Map> versionIdsToStages) { + this.versionIdsToStages = versionIdsToStages; + } + @Override public boolean refresh() { SecretsManagerClient client = createClient(SecretsManagerClient.class); From df7120e5a3286c04a988f274f8f07064696bdb76 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:44:35 -0400 Subject: [PATCH 05/62] Updated create() --- src/main/java/gyro/aws/secrets/SecretResource.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index d4cff8ccc..5dc339ace 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -251,13 +251,21 @@ public void create(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); CreateSecretRequest request = CreateSecretRequest.builder() - .name(getName()) + .clientRequestToken(getClientRequestToken()) .description(getDescription()) + .kmsKeyId(getKmsKeyId()) + .name(getName()) + .secretBinary(getSecretBinary()) + .secretString(getSecretString()) + .tags(getTags()) .build(); CreateSecretResponse response = client.createSecret(request); setArn(response.arn()); + setName(response.name()); + setVersionId(response.versionId()); + } @Override From f613eb98b420ae65ccba24053abcb3bea085fec4 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:45:10 -0400 Subject: [PATCH 06/62] Updated refresh() --- .../java/gyro/aws/secrets/SecretResource.java | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 5dc339ace..e7d8dd7e7 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -227,21 +227,13 @@ public void setVersionIdsToStages(Map> versionIdsToStages) public boolean refresh() { SecretsManagerClient client = createClient(SecretsManagerClient.class); - DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getId())); + DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getArn())); if (response == null) { return false; } - SecretListEntry entry = SecretListEntry.builder() - .arn(response.arn()) - .name(response.name()) - .description(response.description()) - .kmsKeyId(response.kmsKeyId()) - .tags(response.tags()) - .build(); - - copyFrom(entry); + copyFrom(response); return true; } @@ -289,10 +281,21 @@ public void delete(GyroUI ui, State state) throws Exception { } @Override - public void copyFrom(SecretListEntry model) { + public void copyFrom(DescribeSecretResponse model) { setArn(model.arn()); - setName(model.name()); + setDeletedDate(model.deletedDate()); setDescription(model.description()); - setId(getId()); + setKmsKeyId(model.kmsKeyId()); + setLastAccessedDate(model.lastAccessedDate()); + setLastChangedDate(model.lastChangedDate()); + setLastRotatedDate(model.lastRotatedDate()); + setName(model.name()); + setOwningService(model.owningService()); + setRotationEnabled(model.rotationEnabled()); + setRotationLambdaARN(model.rotationLambdaARN()); + setRotationRules(model.rotationRules()); + setTags(model.tags()); + setVersionIdsToStages(model.versionIdsToStages()); + } } } From 012dd2c661259acd4c5b406d4e644b50d442e91c Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:45:29 -0400 Subject: [PATCH 07/62] Updated update() --- .../java/gyro/aws/secrets/SecretResource.java | 54 ++++++++++++++++--- 1 file changed, 48 insertions(+), 6 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index e7d8dd7e7..4ecb3987c 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -265,12 +265,7 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - UpdateSecretResponse response = client.updateSecret(r -> r.secretId(getId())); - - if (changedFieldNames.isEmpty() || changedFieldNames.contains("name")) { - - } - + modifySecret(client, changedFieldNames); } @Override @@ -297,5 +292,52 @@ public void copyFrom(DescribeSecretResponse model) { setTags(model.tags()); setVersionIdsToStages(model.versionIdsToStages()); } + + private void modifySecret(SecretsManagerClient client, Set changedFieldNames) { + if (changedFieldNames.isEmpty() || changedFieldNames.contains("clientRequestToken")) { + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .clientRequestToken(getClientRequestToken()) + .build(); + + client.updateSecret(request); + } + + if (changedFieldNames.isEmpty() || changedFieldNames.contains("description")) { + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .description(getDescription()) + .build(); + + client.updateSecret(request); + } + + if (changedFieldNames.isEmpty() || changedFieldNames.contains("kmsKeyId")) { + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .kmsKeyId(getKmsKeyId()) + .build(); + + client.updateSecret(request); + + } + + if (changedFieldNames.isEmpty() || changedFieldNames.contains("secretBinary")) { + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .secretBinary(getSecretBinary()) + .build(); + + client.updateSecret(request); + } + + if (changedFieldNames.isEmpty() || changedFieldNames.contains("secretString")) { + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .secretString(getSecretString()) + .build(); + + client.updateSecret(request); + } } } From ca10895b06f161f86435b38ef22585a8a0d2bf4e Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:45:37 -0400 Subject: [PATCH 08/62] Updated delete() --- src/main/java/gyro/aws/secrets/SecretResource.java | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 4ecb3987c..3dde232b7 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -272,7 +272,17 @@ public void update( public void delete(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - client.deleteSecret(r -> r.secretId(getId())); + DeleteSecretRequest request = DeleteSecretRequest.builder() + .secretId(getArn()) + .forceDeleteWithoutRecovery(getForceDeleteWithoutRecovery()) + .recoveryWindowInDays(getRecoveryWindowInDays()) + .build(); + + DeleteSecretResponse response = client.deleteSecret(request); + + setArn(response.arn()); + setDeletedDate(response.deletionDate()); + setName(response.name()); } @Override From 6bd7f6f029c22c34dc9ca61d075b3b846116f685 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 17:56:55 -0400 Subject: [PATCH 09/62] Updated findAllAws() to set proper parameters --- src/main/java/gyro/aws/secrets/SecretFinder.java | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java index 42b09f9ae..25994ae3e 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -20,8 +20,19 @@ protected List findAllAws(SecretsManagerClient client) { for (SecretListEntry entry : client.listSecrets().secretList()) { DescribeSecretResponse response = DescribeSecretResponse.builder() .arn(entry.arn()) - .name(entry.name()) + .deletedDate(entry.deletedDate()) .description(entry.description()) + .kmsKeyId(entry.kmsKeyId()) + .lastAccessedDate(entry.lastAccessedDate()) + .lastChangedDate(entry.lastChangedDate()) + .lastRotatedDate(entry.lastRotatedDate()) + .name(entry.name()) + .owningService(entry.owningService()) + .rotationEnabled(entry.rotationEnabled()) + .rotationLambdaARN(entry.rotationLambdaARN()) + .rotationRules(entry.rotationRules()) + .tags(entry.tags()) + .versionIdsToStages(entry.secretVersionsToStages()) .build(); responseList.add(response); From 3dc9598489c922e73ec670d0fb4c8148b0f3d031 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 18:22:18 -0400 Subject: [PATCH 10/62] Removed unnecessary id param --- src/main/java/gyro/aws/secrets/SecretResource.java | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 3dde232b7..2253009b3 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -32,7 +32,6 @@ public class SecretResource extends AwsResource implements Copyable Date: Wed, 5 Aug 2020 18:27:04 -0400 Subject: [PATCH 11/62] Updated findAllAws to use paginator and stream --- .../java/gyro/aws/secrets/SecretFinder.java | 46 ++++++++----------- 1 file changed, 20 insertions(+), 26 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java index 25994ae3e..38c3c84c9 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -1,44 +1,38 @@ package gyro.aws.secrets; -import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.stream.Collectors; import gyro.aws.AwsFinder; import gyro.core.Type; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; -import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; @Type("secret") public class SecretFinder extends AwsFinder { @Override protected List findAllAws(SecretsManagerClient client) { - List responseList = new ArrayList<>(); - - for (SecretListEntry entry : client.listSecrets().secretList()) { - DescribeSecretResponse response = DescribeSecretResponse.builder() - .arn(entry.arn()) - .deletedDate(entry.deletedDate()) - .description(entry.description()) - .kmsKeyId(entry.kmsKeyId()) - .lastAccessedDate(entry.lastAccessedDate()) - .lastChangedDate(entry.lastChangedDate()) - .lastRotatedDate(entry.lastRotatedDate()) - .name(entry.name()) - .owningService(entry.owningService()) - .rotationEnabled(entry.rotationEnabled()) - .rotationLambdaARN(entry.rotationLambdaARN()) - .rotationRules(entry.rotationRules()) - .tags(entry.tags()) - .versionIdsToStages(entry.secretVersionsToStages()) - .build(); - - responseList.add(response); - } - - return responseList; + return client.listSecretsPaginator().stream().flatMap(list -> + list.secretList().stream().map(entry -> { + return DescribeSecretResponse.builder() + .arn(entry.arn()) + .deletedDate(entry.deletedDate()) + .description(entry.description()) + .kmsKeyId(entry.kmsKeyId()) + .lastAccessedDate(entry.lastAccessedDate()) + .lastChangedDate(entry.lastChangedDate()) + .lastRotatedDate(entry.lastRotatedDate()) + .name(entry.name()) + .owningService(entry.owningService()) + .rotationEnabled(entry.rotationEnabled()) + .rotationLambdaARN(entry.rotationLambdaARN()) + .rotationRules(entry.rotationRules()) + .tags(entry.tags()) + .versionIdsToStages(entry.secretVersionsToStages()) + .build(); + })).collect(Collectors.toList()); } @Override From f84ebd8170b23d4302d25fdc5156670c3a3e8a1d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 5 Aug 2020 18:52:36 -0400 Subject: [PATCH 12/62] Added helper method to convert SecretListEntry to DescribeSecretResponse --- .../java/gyro/aws/secrets/SecretFinder.java | 38 ++++++++++--------- 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java index 38c3c84c9..8c34d781b 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -8,6 +8,7 @@ import gyro.core.Type; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; @Type("secret") public class SecretFinder extends AwsFinder { @@ -15,29 +16,30 @@ public class SecretFinder extends AwsFinder findAllAws(SecretsManagerClient client) { return client.listSecretsPaginator().stream().flatMap(list -> - list.secretList().stream().map(entry -> { - return DescribeSecretResponse.builder() - .arn(entry.arn()) - .deletedDate(entry.deletedDate()) - .description(entry.description()) - .kmsKeyId(entry.kmsKeyId()) - .lastAccessedDate(entry.lastAccessedDate()) - .lastChangedDate(entry.lastChangedDate()) - .lastRotatedDate(entry.lastRotatedDate()) - .name(entry.name()) - .owningService(entry.owningService()) - .rotationEnabled(entry.rotationEnabled()) - .rotationLambdaARN(entry.rotationLambdaARN()) - .rotationRules(entry.rotationRules()) - .tags(entry.tags()) - .versionIdsToStages(entry.secretVersionsToStages()) - .build(); - })).collect(Collectors.toList()); + list.secretList().stream().map(this::convertEntry)).collect(Collectors.toList()); } @Override protected List findAws( SecretsManagerClient client, Map filters) { return null; + + private DescribeSecretResponse convertEntry(SecretListEntry entry) { + return DescribeSecretResponse.builder() + .arn(entry.arn()) + .deletedDate(entry.deletedDate()) + .description(entry.description()) + .kmsKeyId(entry.kmsKeyId()) + .lastAccessedDate(entry.lastAccessedDate()) + .lastChangedDate(entry.lastChangedDate()) + .lastRotatedDate(entry.lastRotatedDate()) + .name(entry.name()) + .owningService(entry.owningService()) + .rotationEnabled(entry.rotationEnabled()) + .rotationLambdaARN(entry.rotationLambdaARN()) + .rotationRules(entry.rotationRules()) + .tags(entry.tags()) + .versionIdsToStages(entry.secretVersionsToStages()) + .build(); } } From bc0996c7978a83dc1e1ca74a8f2119c27f380183 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Thu, 6 Aug 2020 18:12:48 -0400 Subject: [PATCH 13/62] Updated secretBinary to String --- src/main/java/gyro/aws/secrets/SecretResource.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 2253009b3..01f115ecc 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -42,7 +42,7 @@ public class SecretResource extends AwsResource implements Copyable tags; private String versionId; @@ -173,11 +173,11 @@ public void setRotationRules(RotationRulesType rotationRules) { } @Updatable - public SdkBytes getSecretBinary() { + public String getSecretBinary() { return secretBinary; } - public void setSecretBinary(SdkBytes secretBinary) { + public void setSecretBinary(String secretBinary) { this.secretBinary = secretBinary; } @@ -238,7 +238,7 @@ public void create(GyroUI ui, State state) throws Exception { .description(getDescription()) .kmsKeyId(getKmsKeyId()) .name(getName()) - .secretBinary(getSecretBinary()) + .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) .tags(getTags()) .build(); From efaa56717684b3f8533217f5dd65e363f3b9307d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Thu, 6 Aug 2020 18:13:40 -0400 Subject: [PATCH 14/62] Removed unnecessary helper method for update() --- .../java/gyro/aws/secrets/SecretResource.java | 60 ++++--------------- 1 file changed, 10 insertions(+), 50 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 01f115ecc..e29d8758c 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -217,7 +217,6 @@ public void setVersionIdsToStages(Map> versionIdsToStages) @Override public boolean refresh() { SecretsManagerClient client = createClient(SecretsManagerClient.class); - DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getArn())); if (response == null) { @@ -256,7 +255,16 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - modifySecret(client, changedFieldNames); + UpdateSecretRequest request = UpdateSecretRequest.builder() + .secretId(getArn()) + .clientRequestToken(getClientRequestToken()) + .description(getDescription()) + .kmsKeyId(getKmsKeyId()) + .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) + .secretString(getSecretString()) + .build(); + + client.updateSecret(request); } @Override @@ -293,52 +301,4 @@ public void copyFrom(DescribeSecretResponse model) { setTags(model.tags()); setVersionIdsToStages(model.versionIdsToStages()); } - - private void modifySecret(SecretsManagerClient client, Set changedFieldNames) { - if (changedFieldNames.isEmpty() || changedFieldNames.contains("clientRequestToken")) { - UpdateSecretRequest request = UpdateSecretRequest.builder() - .secretId(getArn()) - .clientRequestToken(getClientRequestToken()) - .build(); - - client.updateSecret(request); - } - - if (changedFieldNames.isEmpty() || changedFieldNames.contains("description")) { - UpdateSecretRequest request = UpdateSecretRequest.builder() - .secretId(getArn()) - .description(getDescription()) - .build(); - - client.updateSecret(request); - } - - if (changedFieldNames.isEmpty() || changedFieldNames.contains("kmsKeyId")) { - UpdateSecretRequest request = UpdateSecretRequest.builder() - .secretId(getArn()) - .kmsKeyId(getKmsKeyId()) - .build(); - - client.updateSecret(request); - - } - - if (changedFieldNames.isEmpty() || changedFieldNames.contains("secretBinary")) { - UpdateSecretRequest request = UpdateSecretRequest.builder() - .secretId(getArn()) - .secretBinary(getSecretBinary()) - .build(); - - client.updateSecret(request); - } - - if (changedFieldNames.isEmpty() || changedFieldNames.contains("secretString")) { - UpdateSecretRequest request = UpdateSecretRequest.builder() - .secretId(getArn()) - .secretString(getSecretString()) - .build(); - - client.updateSecret(request); - } - } } From d99128d07f95fbfa9ef80474d56438b1fe0f0cc8 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Thu, 6 Aug 2020 18:16:36 -0400 Subject: [PATCH 15/62] Updated findAws() to properly return filtered result --- src/main/java/gyro/aws/secrets/SecretFinder.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secrets/SecretFinder.java index 8c34d781b..4bcb1d2a7 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secrets/SecretFinder.java @@ -1,5 +1,6 @@ package gyro.aws.secrets; +import java.util.ArrayList; import java.util.List; import java.util.Map; import java.util.stream.Collectors; @@ -22,7 +23,11 @@ protected List findAllAws(SecretsManagerClient client) { @Override protected List findAws( SecretsManagerClient client, Map filters) { - return null; + List list = new ArrayList<>(); + list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); + + return list; + } private DescribeSecretResponse convertEntry(SecretListEntry entry) { return DescribeSecretResponse.builder() From 9a848182e8fce3449631fe37de836d8cafc20d00 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 10 Aug 2020 17:53:10 -0400 Subject: [PATCH 16/62] Updated tags to create and update properly --- .../java/gyro/aws/secrets/SecretResource.java | 31 +++++++++++++------ 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index e29d8758c..35894e877 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -4,6 +4,7 @@ import java.util.List; import java.util.Map; import java.util.Set; +import java.util.stream.Collectors; import gyro.aws.AwsResource; import gyro.aws.Copyable; @@ -22,6 +23,7 @@ import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; import software.amazon.awssdk.services.secretsmanager.model.Tag; +import software.amazon.awssdk.services.secretsmanager.model.TagResourceRequest; import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretRequest; @Type("secret") @@ -44,7 +46,7 @@ public class SecretResource extends AwsResource implements Copyable tags; + private Map tags; private String versionId; private Map> versionIdsToStages; @@ -190,11 +192,12 @@ public void setSecretString(String secretString) { this.secretString = secretString; } - public List getTags() { + @Updatable + public Map getTags() { return tags; } - public void setTags(List tags) { + public void setTags(Map tags) { this.tags = tags; } @@ -224,7 +227,6 @@ public boolean refresh() { } copyFrom(response); - return true; } @@ -239,7 +241,7 @@ public void create(GyroUI ui, State state) throws Exception { .name(getName()) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) - .tags(getTags()) + .tags(convertTags(getTags())) .build(); CreateSecretResponse response = client.createSecret(request); @@ -247,7 +249,6 @@ public void create(GyroUI ui, State state) throws Exception { setArn(response.arn()); setName(response.name()); setVersionId(response.versionId()); - } @Override @@ -255,7 +256,7 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - UpdateSecretRequest request = UpdateSecretRequest.builder() + UpdateSecretRequest updateRequest = UpdateSecretRequest.builder() .secretId(getArn()) .clientRequestToken(getClientRequestToken()) .description(getDescription()) @@ -264,7 +265,13 @@ public void update( .secretString(getSecretString()) .build(); - client.updateSecret(request); + TagResourceRequest tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + + client.updateSecret(updateRequest); + client.tagResource(tagRequest); } @Override @@ -298,7 +305,13 @@ public void copyFrom(DescribeSecretResponse model) { setRotationEnabled(model.rotationEnabled()); setRotationLambdaARN(model.rotationLambdaARN()); setRotationRules(model.rotationRules()); - setTags(model.tags()); + setTags(model.tags().stream().collect(Collectors.toMap(Tag::key, Tag::value))); setVersionIdsToStages(model.versionIdsToStages()); } + + private List convertTags(Map tags) { + return tags.entrySet().stream() + .map(e -> Tag.builder().key(e.getKey()).value(e.getValue()).build()) + .collect(Collectors.toList()); + } } From 7ceb3187861c8712692798383541f45b9680b3df Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 10 Aug 2020 20:10:13 -0400 Subject: [PATCH 17/62] Changed all Instant types to String --- .../java/gyro/aws/secrets/SecretResource.java | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 35894e877..764670427 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -1,11 +1,12 @@ package gyro.aws.secrets; -import java.time.Instant; import java.util.List; import java.util.Map; import java.util.Set; import java.util.stream.Collectors; +import com.google.common.collect.MapDifference; +import com.google.common.collect.Maps; import gyro.aws.AwsResource; import gyro.aws.Copyable; import gyro.core.GyroUI; @@ -18,12 +19,11 @@ import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretResponse; -import software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest; -import software.amazon.awssdk.services.secretsmanager.model.DeleteSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; import software.amazon.awssdk.services.secretsmanager.model.Tag; import software.amazon.awssdk.services.secretsmanager.model.TagResourceRequest; +import software.amazon.awssdk.services.secretsmanager.model.UntagResourceRequest; import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretRequest; @Type("secret") @@ -31,13 +31,13 @@ public class SecretResource extends AwsResource implements Copyable Date: Mon, 10 Aug 2020 20:10:33 -0400 Subject: [PATCH 18/62] Updated delete logic --- src/main/java/gyro/aws/secrets/SecretResource.java | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 764670427..18039e91d 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -278,17 +278,9 @@ public void update( public void delete(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - DeleteSecretRequest request = DeleteSecretRequest.builder() - .secretId(getArn()) + client.deleteSecret(r -> r.secretId(getArn()) .forceDeleteWithoutRecovery(getForceDeleteWithoutRecovery()) - .recoveryWindowInDays(getRecoveryWindowInDays()) - .build(); - - DeleteSecretResponse response = client.deleteSecret(request); - - setArn(response.arn()); - setDeletedDate(response.deletionDate()); - setName(response.name()); + .recoveryWindowInDays(getRecoveryWindowInDays())); } @Override From 563ea4c9eba45f2664d08b7038896a1470be8f0d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 10 Aug 2020 20:11:23 -0400 Subject: [PATCH 19/62] Updated tag logic to correctly edit tags --- .../java/gyro/aws/secrets/SecretResource.java | 50 ++++++++++++++++--- 1 file changed, 44 insertions(+), 6 deletions(-) diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secrets/SecretResource.java index 18039e91d..f684c664e 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secrets/SecretResource.java @@ -265,13 +265,12 @@ public void update( .secretString(getSecretString()) .build(); - TagResourceRequest tagRequest = TagResourceRequest.builder() - .secretId(getArn()) - .tags(convertTags(getTags())) - .build(); + if (changedFieldNames.contains("tags")) { + SecretResource oldResource = (SecretResource) current; + saveTags(client, oldResource.getTags()); + } client.updateSecret(updateRequest); - client.tagResource(tagRequest); } @Override @@ -306,4 +305,43 @@ private List convertTags(Map tags) { .map(e -> Tag.builder().key(e.getKey()).value(e.getValue()).build()) .collect(Collectors.toList()); } -} + + private void saveTags(SecretsManagerClient client, Map oldTags) { + if (!oldTags.isEmpty() || !getTags().isEmpty()) { + MapDifference diff = Maps.difference(oldTags, getTags()); + + TagResourceRequest tagRequest = null; + UntagResourceRequest untagRequest = null; + + if (getTags().isEmpty()) { + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } else if (diff.entriesOnlyOnLeft().isEmpty()) { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + } else { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } + + if (tagRequest != null) { + client.tagResource(tagRequest); + } + + if (untagRequest != null) { + client.untagResource(untagRequest); + } + } + } +} \ No newline at end of file From 42a14067b47af7a49a0fa5b90d49d1ef1c1d0668 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 11 Aug 2020 18:02:13 -0400 Subject: [PATCH 20/62] Added documentation and comments --- .../SecretFinder.java | 11 +- .../SecretResource.java | 216 +++++++++++++----- .../gyro/aws/secretsmanager/package-info.java | 21 ++ 3 files changed, 188 insertions(+), 60 deletions(-) rename src/main/java/gyro/aws/{secrets => secretsmanager}/SecretFinder.java (88%) rename src/main/java/gyro/aws/{secrets => secretsmanager}/SecretResource.java (73%) create mode 100644 src/main/java/gyro/aws/secretsmanager/package-info.java diff --git a/src/main/java/gyro/aws/secrets/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java similarity index 88% rename from src/main/java/gyro/aws/secrets/SecretFinder.java rename to src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 4bcb1d2a7..a04e8e0d0 100644 --- a/src/main/java/gyro/aws/secrets/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -1,4 +1,4 @@ -package gyro.aws.secrets; +package gyro.aws.secretsmanager; import java.util.ArrayList; import java.util.List; @@ -11,6 +11,15 @@ import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; +/** + * Query secrets manager. + * + * Example ------- + * + * .. code-block:: gyro + * + * secrets: $(external-query aws::secret {"arn":"arn:aws:secretsmanager:Region:User-ARN:secret:'Secret-example-for-arn'"}) + */ @Type("secret") public class SecretFinder extends AwsFinder { diff --git a/src/main/java/gyro/aws/secrets/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java similarity index 73% rename from src/main/java/gyro/aws/secrets/SecretResource.java rename to src/main/java/gyro/aws/secretsmanager/SecretResource.java index f684c664e..f3cee6487 100644 --- a/src/main/java/gyro/aws/secrets/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -1,4 +1,4 @@ -package gyro.aws.secrets; +package gyro.aws.secretsmanager; import java.util.List; import java.util.Map; @@ -12,9 +12,11 @@ import gyro.core.GyroUI; import gyro.core.Type; import gyro.core.resource.Id; +import gyro.core.resource.Output; import gyro.core.resource.Resource; import gyro.core.resource.Updatable; import gyro.core.scope.State; +import gyro.core.validation.ConflictsWith; import software.amazon.awssdk.core.SdkBytes; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; @@ -26,15 +28,30 @@ import software.amazon.awssdk.services.secretsmanager.model.UntagResourceRequest; import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretRequest; +/** + * Creates a Secret with the Name, Description, and Tags. + * + * Example ------- + * + * .. code-block:: gyro + * + * aws::secret secret name: 'secret-example' description: 'secret-example-description' tags: { "secret-example-tag" : + * "secret-example-tag-value" } end + */ @Type("secret") public class SecretResource extends AwsResource implements Copyable { - private String arn; private String clientRequestToken; - private String deletedDate; private String description; - private Boolean forceDeleteWithoutRecovery; private String kmsKeyId; + private String secretBinary; + private String secretString; + private Map tags; + + // Read-only + private String arn; + private String deletedDate; + private Boolean forceDeleteWithoutRecovery; private String lastAccessedDate; private String lastChangedDate; private String lastRotatedDate; @@ -44,21 +61,13 @@ public class SecretResource extends AwsResource implements Copyable tags; private String versionId; private Map> versionIdsToStages; - @Id - public String getArn() { - return arn; - } - - public void setArn(String arn) { - this.arn = arn; - } - + /** + * Specifies a unique identifier for the new version that helps ensure idempotency. See `Client Request Token Info + * `_. + */ @Updatable public String getClientRequestToken() { return clientRequestToken; @@ -68,14 +77,10 @@ public void setClientRequestToken(String clientRequestToken) { this.clientRequestToken = clientRequestToken; } - public String getDeletedDate() { - return deletedDate; - } - - public void setDeletedDate(String deletedDate) { - this.deletedDate = deletedDate; - } - + /** + * Specifies an updated user-provided description of the secret. See `Description Info + * `_. + */ @Updatable public String getDescription() { return description; @@ -85,14 +90,11 @@ public void setDescription(String description) { this.description = description; } - public Boolean getForceDeleteWithoutRecovery() { - return forceDeleteWithoutRecovery; - } - - public void setForceDeleteWithoutRecovery(Boolean forceDeleteWithoutRecovery) { - this.forceDeleteWithoutRecovery = forceDeleteWithoutRecovery; - } - + /** + * Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected + * text in new versions of this secret. See `Kms Key Id Info `_. + */ @Updatable public String getKmsKeyId() { return kmsKeyId; @@ -102,6 +104,86 @@ public void setKmsKeyId(String kmsKeyId) { this.kmsKeyId = kmsKeyId; } + /** + * Specifies updated binary data that you want to encrypt and store in the new version of the secret. See `Secret + * Binary Info `_. + */ + @Updatable + public String getSecretBinary() { + return secretBinary; + } + + public void setSecretBinary(String secretBinary) { + this.secretBinary = secretBinary; + } + + /** + * Specifies updated text data that you want to encrypt and store in this new version of the secret. See `Secret + * String Info `_. + */ + @Updatable + public String getSecretString() { + return secretString; + } + + public void setSecretString(String secretString) { + this.secretString = secretString; + } + + /** + * Specifies a list of user-defined tags that are attached to the secret + */ + @Updatable + public Map getTags() { + return tags; + } + + public void setTags(Map tags) { + this.tags = tags; + } + + /** + * The Amazon Resource Name (ARN) of the secret. This is unique. + */ + @Id + @Output + public String getArn() { + return arn; + } + + public void setArn(String arn) { + this.arn = arn; + } + + /** + * This value exists if the secret is scheduled for deletion and specifies the date. + */ + @Output + public String getDeletedDate() { + return deletedDate; + } + + public void setDeletedDate(String deletedDate) { + this.deletedDate = deletedDate; + } + + /** + * Specifies that the secret is to be deleted without any recovery window. + */ + @ConflictsWith("recovery-window-in-days") + @Output + public Boolean getForceDeleteWithoutRecovery() { + return forceDeleteWithoutRecovery; + } + + public void setForceDeleteWithoutRecovery(Boolean forceDeleteWithoutRecovery) { + this.forceDeleteWithoutRecovery = forceDeleteWithoutRecovery; + } + + /** + * The last date that this secret was accessed. + */ + @Output public String getLastAccessedDate() { return lastAccessedDate; } @@ -110,6 +192,10 @@ public void setLastAccessedDate(String lastAccessedDate) { this.lastAccessedDate = lastAccessedDate; } + /** + * The last date and time that this secret was modified in any way. + */ + @Output public String getLastChangedDate() { return lastChangedDate; } @@ -118,6 +204,11 @@ public void setLastChangedDate(String lastChangedDate) { this.lastChangedDate = lastChangedDate; } + /** + * The most recent date and time that the Secrets Manager rotation process was successfully completed. This value is + * null if the secret has never rotated. + */ + @Output public String getLastRotatedDate() { return lastRotatedDate; } @@ -126,6 +217,9 @@ public void setLastRotatedDate(String lastRotatedDate) { this.lastRotatedDate = lastRotatedDate; } + /** + * The user-provided friendly name of the secret. (Required during create) + */ public String getName() { return name; } @@ -134,6 +228,10 @@ public void setName(String name) { this.name = name; } + /** + * Returns the name of the service that created this secret. + */ + @Output public String getOwningService() { return owningService; } @@ -142,6 +240,11 @@ public void setOwningService(String owningService) { this.owningService = owningService; } + /** + * Specifies the number of days that Secrets Manager waits before it can delete the secret. + */ + @ConflictsWith("force-delete-without-recovery") + @Output public Long getRecoveryWindowInDays() { return recoveryWindowInDays; } @@ -150,6 +253,10 @@ public void setRecoveryWindowInDays(Long recoveryWindowInDays) { this.recoveryWindowInDays = recoveryWindowInDays; } + /** + * Specifies whether automatic rotation is enabled for this secret. + */ + @Output public Boolean getRotationEnabled() { return rotationEnabled; } @@ -158,6 +265,11 @@ public void setRotationEnabled(Boolean rotationEnabled) { this.rotationEnabled = rotationEnabled; } + /** + * Specifies the ARN of a Lambda function that's invoked by Secrets Manager to rotate the secret either + * automatically per the schedule or manually by a call to RotateSecret. + */ + @Output public String getRotationLambdaARN() { return rotationLambdaARN; } @@ -166,6 +278,10 @@ public void setRotationLambdaARN(String rotationLambdaARN) { this.rotationLambdaARN = rotationLambdaARN; } + /** + * Specifies a structure that contains the rotation configuration for this secret. + */ + @Output public RotationRulesType getRotationRules() { return rotationRules; } @@ -174,33 +290,10 @@ public void setRotationRules(RotationRulesType rotationRules) { this.rotationRules = rotationRules; } - @Updatable - public String getSecretBinary() { - return secretBinary; - } - - public void setSecretBinary(String secretBinary) { - this.secretBinary = secretBinary; - } - - @Updatable - public String getSecretString() { - return secretString; - } - - public void setSecretString(String secretString) { - this.secretString = secretString; - } - - @Updatable - public Map getTags() { - return tags; - } - - public void setTags(Map tags) { - this.tags = tags; - } - + /** + * The unique identifier associated with the version of the generated secret. + */ + @Output public String getVersionId() { return versionId; } @@ -209,6 +302,11 @@ public void setVersionId(String versionId) { this.versionId = versionId; } + /** + * A list of all of the currently assigned VersionStage staging labels and the VersionId that each is attached to. + * Staging labels are used to keep track of the different versions during the rotation process. + */ + @Output public Map> getVersionIdsToStages() { return versionIdsToStages; } diff --git a/src/main/java/gyro/aws/secretsmanager/package-info.java b/src/main/java/gyro/aws/secretsmanager/package-info.java new file mode 100644 index 000000000..617ce2cfd --- /dev/null +++ b/src/main/java/gyro/aws/secretsmanager/package-info.java @@ -0,0 +1,21 @@ +/* + * Copyright 2020, Brightspot, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@DocGroup("Secrets Manager") + +package gyro.aws.secretsmanager; + +import gyro.core.resource.DocGroup; \ No newline at end of file From a5ea2f8732e3ab18407e3b0e6b1c0a1b76d0e6aa Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 11 Aug 2020 18:02:40 -0400 Subject: [PATCH 21/62] Added secret.gyro example --- examples/secret/secret.gyro | 3 --- examples/secretsmanager/secret.gyro | 8 ++++++++ 2 files changed, 8 insertions(+), 3 deletions(-) delete mode 100644 examples/secret/secret.gyro create mode 100644 examples/secretsmanager/secret.gyro diff --git a/examples/secret/secret.gyro b/examples/secret/secret.gyro deleted file mode 100644 index 53fcf26bf..000000000 --- a/examples/secret/secret.gyro +++ /dev/null @@ -1,3 +0,0 @@ -#aws::secret secret -#end -@print: $(external-query aws::secret {}) \ No newline at end of file diff --git a/examples/secretsmanager/secret.gyro b/examples/secretsmanager/secret.gyro new file mode 100644 index 000000000..4f1caf7af --- /dev/null +++ b/examples/secretsmanager/secret.gyro @@ -0,0 +1,8 @@ +aws::secret secret + name: 'secret-example' + description: 'secret-example-description' + tags: { + "secret-example-tag" : "secret-example-tag-value" + } +end +#@print: $(external-query aws::secret {"arn":"arn:aws:secretsmanager:us-east-2:242040583208:secret:secretname-gnLG7r"}) \ No newline at end of file From 5a022804d29c43bbb775d1ff3371f850963978ad Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 11 Aug 2020 18:20:49 -0400 Subject: [PATCH 22/62] Updated licenses --- .../gyro/aws/secretsmanager/SecretFinder.java | 16 ++++++++++++++++ .../gyro/aws/secretsmanager/SecretResource.java | 16 ++++++++++++++++ .../gyro/aws/secretsmanager/package-info.java | 2 +- 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index a04e8e0d0..2061bff8d 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -1,3 +1,19 @@ +/* + * Copyright 2020, Perfect Sense, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package gyro.aws.secretsmanager; import java.util.ArrayList; diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index f3cee6487..4ff4e39ab 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -1,3 +1,19 @@ +/* + * Copyright 2020, Perfect Sense, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package gyro.aws.secretsmanager; import java.util.List; diff --git a/src/main/java/gyro/aws/secretsmanager/package-info.java b/src/main/java/gyro/aws/secretsmanager/package-info.java index 617ce2cfd..9cbd01c94 100644 --- a/src/main/java/gyro/aws/secretsmanager/package-info.java +++ b/src/main/java/gyro/aws/secretsmanager/package-info.java @@ -1,5 +1,5 @@ /* - * Copyright 2020, Brightspot, Inc. + * Copyright 2020, Perfect Sense, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. From 83b9fbf4d1a4c2de8018fca35119fd99923ada0d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 11 Aug 2020 18:21:02 -0400 Subject: [PATCH 23/62] Added Required annotation to Name --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 4ff4e39ab..b86ef14fd 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -33,6 +33,7 @@ import gyro.core.resource.Updatable; import gyro.core.scope.State; import gyro.core.validation.ConflictsWith; +import gyro.core.validation.Required; import software.amazon.awssdk.core.SdkBytes; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; @@ -234,8 +235,9 @@ public void setLastRotatedDate(String lastRotatedDate) { } /** - * The user-provided friendly name of the secret. (Required during create) + * The user-provided friendly name of the secret. (Required) */ + @Required public String getName() { return name; } From 30e0e9a6e59753db1b982c0dbef5396fee684f09 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 11 Aug 2020 18:56:43 -0400 Subject: [PATCH 24/62] Added try/catch clause for secrets not found --- .../java/gyro/aws/secretsmanager/SecretFinder.java | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 2061bff8d..3b2879625 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -17,6 +17,7 @@ package gyro.aws.secretsmanager; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.Map; import java.util.stream.Collectors; @@ -25,6 +26,7 @@ import gyro.core.Type; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException; import software.amazon.awssdk.services.secretsmanager.model.SecretListEntry; /** @@ -48,10 +50,13 @@ protected List findAllAws(SecretsManagerClient client) { @Override protected List findAws( SecretsManagerClient client, Map filters) { - List list = new ArrayList<>(); - list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); - - return list; + try { + List list = new ArrayList<>(); + list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); + return list; + } catch (ResourceNotFoundException ex) { + return Collections.emptyList(); + } } private DescribeSecretResponse convertEntry(SecretListEntry entry) { From 3119bd6e961d30ee7eb4985906275b68a083aadb Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 12 Aug 2020 14:11:26 -0400 Subject: [PATCH 25/62] Updated example comments --- .../java/gyro/aws/secretsmanager/SecretFinder.java | 5 +++-- .../java/gyro/aws/secretsmanager/SecretResource.java | 12 +++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 3b2879625..aad122dd9 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -32,11 +32,12 @@ /** * Query secrets manager. * - * Example ------- + * Example + * ------- * * .. code-block:: gyro * - * secrets: $(external-query aws::secret {"arn":"arn:aws:secretsmanager:Region:User-ARN:secret:'Secret-example-for-arn'"}) + * secrets: $(external-query aws::secret {}) */ @Type("secret") public class SecretFinder extends AwsFinder { diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index b86ef14fd..91413db52 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -48,12 +48,18 @@ /** * Creates a Secret with the Name, Description, and Tags. * - * Example ------- + * Example + * ------- * * .. code-block:: gyro * - * aws::secret secret name: 'secret-example' description: 'secret-example-description' tags: { "secret-example-tag" : - * "secret-example-tag-value" } end + * aws::secret secret + * name: 'secret-example' + * description: 'secret-example-description' + * tags: { + * "secret-example-tag" : "secret-example-tag-value" + * } + * end */ @Type("secret") public class SecretResource extends AwsResource implements Copyable { From 786f48503bbaece7ff18137b5591f2aeefcc7dd8 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 12 Aug 2020 19:02:42 -0400 Subject: [PATCH 26/62] Updated docs and annotations --- .../aws/secretsmanager/SecretResource.java | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 91413db52..8a782ef09 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -101,7 +101,7 @@ public void setClientRequestToken(String clientRequestToken) { } /** - * Specifies an updated user-provided description of the secret. See `Description Info + * The description of the secret. See `Description Info * `_. */ @Updatable @@ -154,7 +154,7 @@ public void setSecretString(String secretString) { } /** - * Specifies a list of user-defined tags that are attached to the secret + * Specifies a list of tags that are attached to the secret */ @Updatable public Map getTags() { @@ -191,10 +191,11 @@ public void setDeletedDate(String deletedDate) { } /** - * Specifies that the secret is to be deleted without any recovery window. + * Specifies that the secret is to be deleted without any recovery window. Cannot use both this parameter and the + * RecoveryWindowInDays parameter in the same API call. See `Force Delete Without Recovery Info + * `_. */ @ConflictsWith("recovery-window-in-days") - @Output public Boolean getForceDeleteWithoutRecovery() { return forceDeleteWithoutRecovery; } @@ -228,8 +229,7 @@ public void setLastChangedDate(String lastChangedDate) { } /** - * The most recent date and time that the Secrets Manager rotation process was successfully completed. This value is - * null if the secret has never rotated. + * The most recent date and time that the Secrets Manager rotation process was successfully completed. */ @Output public String getLastRotatedDate() { @@ -241,7 +241,7 @@ public void setLastRotatedDate(String lastRotatedDate) { } /** - * The user-provided friendly name of the secret. (Required) + * The name of the secret. (Required) */ @Required public String getName() { @@ -253,7 +253,7 @@ public void setName(String name) { } /** - * Returns the name of the service that created this secret. + * The name of the owning service. */ @Output public String getOwningService() { @@ -265,10 +265,10 @@ public void setOwningService(String owningService) { } /** - * Specifies the number of days that Secrets Manager waits before it can delete the secret. + * Specifies the number of days that Secrets Manager waits before it can delete the secret. Cannot use both this + * parameter and the ForceDeleteWithoutRecovery parameter in the same API call. */ @ConflictsWith("force-delete-without-recovery") - @Output public Long getRecoveryWindowInDays() { return recoveryWindowInDays; } From 386e4ac4b100a475d719b108b314b1598dffb85e Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 12 Aug 2020 19:04:40 -0400 Subject: [PATCH 27/62] Added try/catch clause for not found resource --- .../gyro/aws/secretsmanager/SecretResource.java | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 8a782ef09..898f1b08c 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -39,6 +39,7 @@ import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; +import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException; import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; import software.amazon.awssdk.services.secretsmanager.model.Tag; import software.amazon.awssdk.services.secretsmanager.model.TagResourceRequest; @@ -342,13 +343,20 @@ public void setVersionIdsToStages(Map> versionIdsToStages) @Override public boolean refresh() { SecretsManagerClient client = createClient(SecretsManagerClient.class); - DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getArn())); - if (response == null) { + try { + DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getArn())); + + if (response == null) { + return false; + } + + copyFrom(response); + } catch (ResourceNotFoundException ex) { + // No Resource found return false; } - copyFrom(response); return true; } From eb784a08e7c44e8646d2a976e87927e1c1f219bb Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 12 Aug 2020 19:05:06 -0400 Subject: [PATCH 28/62] Set all output fields of newly created secret --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 898f1b08c..aa47671d0 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -376,9 +376,8 @@ public void create(GyroUI ui, State state) throws Exception { CreateSecretResponse response = client.createSecret(request); - setArn(response.arn()); - setName(response.name()); setVersionId(response.versionId()); + copyFrom(client.describeSecret(r -> r.secretId(response.arn()))); } @Override From 8084ad14a7c61b6c65e242045f181fdcb4ef9909 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 12 Aug 2020 19:05:28 -0400 Subject: [PATCH 29/62] Consolidate helper method logic --- .../aws/secretsmanager/SecretResource.java | 79 +++++++++---------- 1 file changed, 38 insertions(+), 41 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index aa47671d0..ea563d1df 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -396,9 +396,45 @@ public void update( if (changedFieldNames.contains("tags")) { SecretResource oldResource = (SecretResource) current; - saveTags(client, oldResource.getTags()); + Map oldTags = oldResource.getTags(); + + if (!oldTags.isEmpty() || !getTags().isEmpty()) { + MapDifference diff = Maps.difference(oldTags, getTags()); + + TagResourceRequest tagRequest = null; + UntagResourceRequest untagRequest = null; + + if (getTags().isEmpty()) { + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } else if (diff.entriesOnlyOnLeft().isEmpty()) { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + } else { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } + + if (tagRequest != null) { + client.tagResource(tagRequest); + } + + if (untagRequest != null) { + client.untagResource(untagRequest); + } + } } - client.updateSecret(updateRequest); } @@ -434,43 +470,4 @@ private List convertTags(Map tags) { .map(e -> Tag.builder().key(e.getKey()).value(e.getValue()).build()) .collect(Collectors.toList()); } - - private void saveTags(SecretsManagerClient client, Map oldTags) { - if (!oldTags.isEmpty() || !getTags().isEmpty()) { - MapDifference diff = Maps.difference(oldTags, getTags()); - - TagResourceRequest tagRequest = null; - UntagResourceRequest untagRequest = null; - - if (getTags().isEmpty()) { - untagRequest = UntagResourceRequest.builder() - .secretId(getArn()) - .tagKeys(diff.entriesOnlyOnLeft().keySet()) - .build(); - } else if (diff.entriesOnlyOnLeft().isEmpty()) { - tagRequest = TagResourceRequest.builder() - .secretId(getArn()) - .tags(convertTags(getTags())) - .build(); - } else { - tagRequest = TagResourceRequest.builder() - .secretId(getArn()) - .tags(convertTags(getTags())) - .build(); - - untagRequest = UntagResourceRequest.builder() - .secretId(getArn()) - .tagKeys(diff.entriesOnlyOnLeft().keySet()) - .build(); - } - - if (tagRequest != null) { - client.tagResource(tagRequest); - } - - if (untagRequest != null) { - client.untagResource(untagRequest); - } - } - } } \ No newline at end of file From 19cef3933542e448312b16bf08164870665024d5 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Thu, 13 Aug 2020 14:50:18 -0400 Subject: [PATCH 30/62] Added empty list default return if no resource is found --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index aad122dd9..77410169a 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -16,7 +16,6 @@ package gyro.aws.secretsmanager; -import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; @@ -51,13 +50,13 @@ protected List findAllAws(SecretsManagerClient client) { @Override protected List findAws( SecretsManagerClient client, Map filters) { + List list = Collections.emptyList(); try { - List list = new ArrayList<>(); list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); - return list; } catch (ResourceNotFoundException ex) { - return Collections.emptyList(); + // No resource found } + return list; } private DescribeSecretResponse convertEntry(SecretListEntry entry) { From 241a3fccf1b8172807eb520f9bb7ce32f0c6dad0 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Thu, 13 Aug 2020 16:28:15 -0400 Subject: [PATCH 31/62] Updated kmsKey type to use Resource --- .../gyro/aws/secretsmanager/SecretResource.java | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index ea563d1df..b483b2c1d 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -25,6 +25,7 @@ import com.google.common.collect.Maps; import gyro.aws.AwsResource; import gyro.aws.Copyable; +import gyro.aws.kms.KmsKeyResource; import gyro.core.GyroUI; import gyro.core.Type; import gyro.core.resource.Id; @@ -67,7 +68,7 @@ public class SecretResource extends AwsResource implements Copyable tags; @@ -120,12 +121,12 @@ public void setDescription(String description) { * customer master key (CMK) to be used to encrypt the protected text in new versions of this secret./>`_. */ @Updatable - public String getKmsKeyId() { - return kmsKeyId; + public KmsKeyResource getKmsKey() { + return kmsKey; } - public void setKmsKeyId(String kmsKeyId) { - this.kmsKeyId = kmsKeyId; + public void setKmsKey(KmsKeyResource kmsKey) { + this.kmsKey = kmsKey; } /** @@ -367,7 +368,7 @@ public void create(GyroUI ui, State state) throws Exception { CreateSecretRequest request = CreateSecretRequest.builder() .clientRequestToken(getClientRequestToken()) .description(getDescription()) - .kmsKeyId(getKmsKeyId()) + .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) .name(getName()) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) @@ -389,7 +390,7 @@ public void update( .secretId(getArn()) .clientRequestToken(getClientRequestToken()) .description(getDescription()) - .kmsKeyId(getKmsKeyId()) + .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) .build(); @@ -452,7 +453,7 @@ public void copyFrom(DescribeSecretResponse model) { setArn(model.arn()); setDeletedDate(model.deletedDate() != null ? model.deletedDate().toString() : null); setDescription(model.description()); - setKmsKeyId(model.kmsKeyId()); + setKmsKey(findById(KmsKeyResource.class, model.kmsKeyId())); setLastAccessedDate(model.lastAccessedDate() != null ? model.lastAccessedDate().toString() : null); setLastChangedDate(model.lastAccessedDate() != null ? model.lastChangedDate().toString() : null); setLastRotatedDate(model.lastRotatedDate() != null ? model.lastRotatedDate().toString() : null); From 7d1b4497f206737db85464595bdab52841833983 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 11:47:24 -0400 Subject: [PATCH 32/62] Remove commented line --- examples/secretsmanager/secret.gyro | 1 - 1 file changed, 1 deletion(-) diff --git a/examples/secretsmanager/secret.gyro b/examples/secretsmanager/secret.gyro index 4f1caf7af..49d43dd54 100644 --- a/examples/secretsmanager/secret.gyro +++ b/examples/secretsmanager/secret.gyro @@ -5,4 +5,3 @@ aws::secret secret "secret-example-tag" : "secret-example-tag-value" } end -#@print: $(external-query aws::secret {"arn":"arn:aws:secretsmanager:us-east-2:242040583208:secret:secretname-gnLG7r"}) \ No newline at end of file From 542d092bb8661db0ed06f565b199b7f40074cc2d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 11:48:50 -0400 Subject: [PATCH 33/62] Added new lines --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 77410169a..1d219e456 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -52,10 +52,12 @@ protected List findAws( SecretsManagerClient client, Map filters) { List list = Collections.emptyList(); try { + list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); } catch (ResourceNotFoundException ex) { // No resource found } + return list; } From cee4b7dfb2ffc32d17952f937abe241a5b9e444d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 11:50:46 -0400 Subject: [PATCH 34/62] Move variables from read-only --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index b483b2c1d..2b104ecda 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -68,7 +68,9 @@ public class SecretResource extends AwsResource implements Copyable tags; @@ -76,13 +78,11 @@ public class SecretResource extends AwsResource implements Copyable Date: Fri, 14 Aug 2020 11:55:13 -0400 Subject: [PATCH 35/62] Updated docs and added new line at EOF --- .../java/gyro/aws/secretsmanager/SecretResource.java | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 2b104ecda..d00877e61 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -116,9 +116,7 @@ public void setDescription(String description) { } /** - * Specifies an updated ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the protected - * text in new versions of this secret. See `Kms Key Id Info `_. + * The KMS master key to be used to encrypt the protected text in new versions of this secret */ @Updatable public KmsKeyResource getKmsKey() { @@ -267,8 +265,7 @@ public void setOwningService(String owningService) { } /** - * Specifies the number of days that Secrets Manager waits before it can delete the secret. Cannot use both this - * parameter and the ForceDeleteWithoutRecovery parameter in the same API call. + * Specifies the number of days that Secrets Manager waits before it can delete the secret. */ @ConflictsWith("force-delete-without-recovery") public Long getRecoveryWindowInDays() { @@ -471,4 +468,4 @@ private List convertTags(Map tags) { .map(e -> Tag.builder().key(e.getKey()).value(e.getValue()).build()) .collect(Collectors.toList()); } -} \ No newline at end of file +} From f513bc20d7c6e276d9bfbde53fc3afa495322e71 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 11:57:16 -0400 Subject: [PATCH 36/62] Remove redundant check --- .../aws/secretsmanager/SecretResource.java | 67 +++++++++---------- 1 file changed, 32 insertions(+), 35 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index d00877e61..9018566cc 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -395,42 +395,39 @@ public void update( if (changedFieldNames.contains("tags")) { SecretResource oldResource = (SecretResource) current; Map oldTags = oldResource.getTags(); + MapDifference diff = Maps.difference(oldTags, getTags()); + + TagResourceRequest tagRequest = null; + UntagResourceRequest untagRequest = null; + + if (getTags().isEmpty()) { + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } else if (diff.entriesOnlyOnLeft().isEmpty()) { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + } else { + tagRequest = TagResourceRequest.builder() + .secretId(getArn()) + .tags(convertTags(getTags())) + .build(); + + untagRequest = UntagResourceRequest.builder() + .secretId(getArn()) + .tagKeys(diff.entriesOnlyOnLeft().keySet()) + .build(); + } + + if (tagRequest != null) { + client.tagResource(tagRequest); + } - if (!oldTags.isEmpty() || !getTags().isEmpty()) { - MapDifference diff = Maps.difference(oldTags, getTags()); - - TagResourceRequest tagRequest = null; - UntagResourceRequest untagRequest = null; - - if (getTags().isEmpty()) { - untagRequest = UntagResourceRequest.builder() - .secretId(getArn()) - .tagKeys(diff.entriesOnlyOnLeft().keySet()) - .build(); - } else if (diff.entriesOnlyOnLeft().isEmpty()) { - tagRequest = TagResourceRequest.builder() - .secretId(getArn()) - .tags(convertTags(getTags())) - .build(); - } else { - tagRequest = TagResourceRequest.builder() - .secretId(getArn()) - .tags(convertTags(getTags())) - .build(); - - untagRequest = UntagResourceRequest.builder() - .secretId(getArn()) - .tagKeys(diff.entriesOnlyOnLeft().keySet()) - .build(); - } - - if (tagRequest != null) { - client.tagResource(tagRequest); - } - - if (untagRequest != null) { - client.untagResource(untagRequest); - } + if (untagRequest != null) { + client.untagResource(untagRequest); } } client.updateSecret(updateRequest); From fbdf4ef6ec48e1c07e5bbfeba2e84d24c7f5fd44 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 12:02:15 -0400 Subject: [PATCH 37/62] Consolidate builder into lambda expression --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 9018566cc..c3d09fbb9 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -45,7 +45,6 @@ import software.amazon.awssdk.services.secretsmanager.model.Tag; import software.amazon.awssdk.services.secretsmanager.model.TagResourceRequest; import software.amazon.awssdk.services.secretsmanager.model.UntagResourceRequest; -import software.amazon.awssdk.services.secretsmanager.model.UpdateSecretRequest; /** * Creates a Secret with the Name, Description, and Tags. @@ -383,14 +382,13 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - UpdateSecretRequest updateRequest = UpdateSecretRequest.builder() - .secretId(getArn()) + client.updateSecret(r -> r.secretId(getArn()) .clientRequestToken(getClientRequestToken()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) - .build(); + .build()); if (changedFieldNames.contains("tags")) { SecretResource oldResource = (SecretResource) current; @@ -430,7 +428,6 @@ public void update( client.untagResource(untagRequest); } } - client.updateSecret(updateRequest); } @Override From d4b80d1adcccb760d79bbc12ced98f8cdf02d779 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 12:26:16 -0400 Subject: [PATCH 38/62] Refactored fetching secrt model --- .../java/gyro/aws/secretsmanager/SecretResource.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index c3d09fbb9..d3b01dded 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -372,9 +372,14 @@ public void create(GyroUI ui, State state) throws Exception { .build(); CreateSecretResponse response = client.createSecret(request); + DescribeSecretResponse secret = null; - setVersionId(response.versionId()); - copyFrom(client.describeSecret(r -> r.secretId(response.arn()))); + try { + secret = client.describeSecret(r -> r.secretId(response.arn())); + } catch (ResourceNotFoundException ex) { + // No Resource found + } + copyFrom(secret); } @Override From da6d5063524da82f7a653ba629c94f30525584df Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 18:08:09 -0400 Subject: [PATCH 39/62] Removed Client Request Token --- .../gyro/aws/secretsmanager/SecretResource.java | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index d3b01dded..92d79987d 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -65,7 +65,6 @@ @Type("secret") public class SecretResource extends AwsResource implements Copyable { - private String clientRequestToken; private String description; private Boolean forceDeleteWithoutRecovery; private KmsKeyResource kmsKey; @@ -89,17 +88,6 @@ public class SecretResource extends AwsResource implements Copyable> versionIdsToStages; /** - * Specifies a unique identifier for the new version that helps ensure idempotency. See `Client Request Token Info - * `_. - */ - @Updatable - public String getClientRequestToken() { - return clientRequestToken; - } - - public void setClientRequestToken(String clientRequestToken) { - this.clientRequestToken = clientRequestToken; - } /** * The description of the secret. See `Description Info @@ -362,7 +350,6 @@ public void create(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); CreateSecretRequest request = CreateSecretRequest.builder() - .clientRequestToken(getClientRequestToken()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) .name(getName()) @@ -388,7 +375,6 @@ public void update( SecretsManagerClient client = createClient(SecretsManagerClient.class); client.updateSecret(r -> r.secretId(getArn()) - .clientRequestToken(getClientRequestToken()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) From d03470be6b3a94764dc4ef3d29598b0c98dd6e33 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 18:08:22 -0400 Subject: [PATCH 40/62] Updated Kms Key logic --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 92d79987d..62299bb7b 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -351,7 +351,7 @@ public void create(GyroUI ui, State state) throws Exception { CreateSecretRequest request = CreateSecretRequest.builder() .description(getDescription()) - .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) + .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) .name(getName()) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) @@ -376,7 +376,7 @@ public void update( client.updateSecret(r -> r.secretId(getArn()) .description(getDescription()) - .kmsKeyId(getKmsKey() != null ? getKmsKey().getId() : null) + .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) .build()); From 8d75de9f5b9f636791f67d36f1aca010557e2f8d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 18:26:55 -0400 Subject: [PATCH 41/62] Updated docs --- .../aws/secretsmanager/SecretResource.java | 57 ++++++++++--------- 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 62299bb7b..f232d8295 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -47,7 +47,7 @@ import software.amazon.awssdk.services.secretsmanager.model.UntagResourceRequest; /** - * Creates a Secret with the Name, Description, and Tags. + * Creates a Secret with the specified Name, Description, Kms Key, Secret String and Tags. * * Example * ------- @@ -55,12 +55,20 @@ * .. code-block:: gyro * * aws::secret secret - * name: 'secret-example' - * description: 'secret-example-description' + * name: "secret-example" + * description: secret-example-description-updated" + * force-delete-without-recovery: true + * kms-key: $(aws::kms-key secret-kms-key-example) + * secret-string: "secret-string-example" * tags: { * "secret-example-tag" : "secret-example-tag-value" * } * end + * + * aws::kms-key secret-kms-key-example + * aliases: ["alias/secret1", "alias/secret2"] + * description: "secret kms key example description" + * end */ @Type("secret") public class SecretResource extends AwsResource implements Copyable { @@ -88,10 +96,7 @@ public class SecretResource extends AwsResource implements Copyable> versionIdsToStages; /** - - /** - * The description of the secret. See `Description Info - * `_. + * The description of the secret. See `Description Info `_. */ @Updatable public String getDescription() { @@ -103,7 +108,7 @@ public void setDescription(String description) { } /** - * The KMS master key to be used to encrypt the protected text in new versions of this secret + * The KMS master key to be used to encrypt the protected text in new versions of the secret. */ @Updatable public KmsKeyResource getKmsKey() { @@ -115,8 +120,8 @@ public void setKmsKey(KmsKeyResource kmsKey) { } /** - * Specifies updated binary data that you want to encrypt and store in the new version of the secret. See `Secret - * Binary Info `_. + * The binary data that you want to encrypt and store in the new version of the secret. See `Secret Binary Info + * `_. */ @Updatable public String getSecretBinary() { @@ -128,8 +133,8 @@ public void setSecretBinary(String secretBinary) { } /** - * Specifies updated text data that you want to encrypt and store in this new version of the secret. See `Secret - * String Info `_. + * The updated text data that you want to encrypt and store in this new version of the secret. See `Secret String + * Info `_. */ @Updatable public String getSecretString() { @@ -141,7 +146,7 @@ public void setSecretString(String secretString) { } /** - * Specifies a list of tags that are attached to the secret + * Specifies a list of tags that are attached to the secret. */ @Updatable public Map getTags() { @@ -166,7 +171,7 @@ public void setArn(String arn) { } /** - * This value exists if the secret is scheduled for deletion and specifies the date. + * The date that the secret is scheduled for deletion and specifies the date. */ @Output public String getDeletedDate() { @@ -178,9 +183,7 @@ public void setDeletedDate(String deletedDate) { } /** - * Specifies that the secret is to be deleted without any recovery window. Cannot use both this parameter and the - * RecoveryWindowInDays parameter in the same API call. See `Force Delete Without Recovery Info - * `_. + * Enable the secret to be deleted without any recovery window. */ @ConflictsWith("recovery-window-in-days") public Boolean getForceDeleteWithoutRecovery() { @@ -192,7 +195,7 @@ public void setForceDeleteWithoutRecovery(Boolean forceDeleteWithoutRecovery) { } /** - * The last date that this secret was accessed. + * The most recent date that this secret was accessed. */ @Output public String getLastAccessedDate() { @@ -204,7 +207,7 @@ public void setLastAccessedDate(String lastAccessedDate) { } /** - * The last date and time that this secret was modified in any way. + * The most recent date and time that this secret was modified in any way. */ @Output public String getLastChangedDate() { @@ -252,7 +255,7 @@ public void setOwningService(String owningService) { } /** - * Specifies the number of days that Secrets Manager waits before it can delete the secret. + * The number of days that Secrets Manager waits before it can delete the secret. */ @ConflictsWith("force-delete-without-recovery") public Long getRecoveryWindowInDays() { @@ -264,7 +267,7 @@ public void setRecoveryWindowInDays(Long recoveryWindowInDays) { } /** - * Specifies whether automatic rotation is enabled for this secret. + * Enable automatic rotation for the secret. */ @Output public Boolean getRotationEnabled() { @@ -276,8 +279,8 @@ public void setRotationEnabled(Boolean rotationEnabled) { } /** - * Specifies the ARN of a Lambda function that's invoked by Secrets Manager to rotate the secret either - * automatically per the schedule or manually by a call to RotateSecret. + * The unique ARN of a Lambda function that's invoked by Secrets Manager to rotate the secret either automatically + * per the schedule or manually by a call to RotateSecret. */ @Output public String getRotationLambdaARN() { @@ -289,7 +292,7 @@ public void setRotationLambdaARN(String rotationLambdaARN) { } /** - * Specifies a structure that contains the rotation configuration for this secret. + * The structure that contains the rotation configuration for the secret. */ @Output public RotationRulesType getRotationRules() { @@ -301,7 +304,7 @@ public void setRotationRules(RotationRulesType rotationRules) { } /** - * The unique identifier associated with the version of the generated secret. + * The unique identifier associated with the version of the secret. */ @Output public String getVersionId() { @@ -313,8 +316,8 @@ public void setVersionId(String versionId) { } /** - * A list of all of the currently assigned VersionStage staging labels and the VersionId that each is attached to. - * Staging labels are used to keep track of the different versions during the rotation process. + * The list of all of the currently assigned VersionStage staging labels and the VersionId that each is attached + * to. */ @Output public Map> getVersionIdsToStages() { From 37bbb9ae586bd72ebbd058d396bc727470dfd4f6 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 14 Aug 2020 18:27:13 -0400 Subject: [PATCH 42/62] Updated secret example script --- examples/secretsmanager/secret.gyro | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/examples/secretsmanager/secret.gyro b/examples/secretsmanager/secret.gyro index 49d43dd54..8e7a33f9e 100644 --- a/examples/secretsmanager/secret.gyro +++ b/examples/secretsmanager/secret.gyro @@ -1,7 +1,15 @@ aws::secret secret - name: 'secret-example' - description: 'secret-example-description' + name: "secret-example" + description: secret-example-description-updated" + force-delete-without-recovery: true + kms-key: $(aws::kms-key secret-kms-key-example) + secret-string: "secret-string-example" tags: { "secret-example-tag" : "secret-example-tag-value" } end + +aws::kms-key secret-kms-key-example + aliases: ["alias/secret1", "alias/secret2"] + description: "secret kms key example description" +end From 3b2292711769aae148698da388f2c574ff81cf6b Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:30:36 -0400 Subject: [PATCH 43/62] Consolidate Create Secret request into lambda --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index f232d8295..1864658c0 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -352,16 +352,15 @@ public boolean refresh() { public void create(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - CreateSecretRequest request = CreateSecretRequest.builder() - .description(getDescription()) + CreateSecretResponse response = client.createSecret(r -> + r.description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) .name(getName()) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) .secretString(getSecretString()) .tags(convertTags(getTags())) - .build(); + ); - CreateSecretResponse response = client.createSecret(request); DescribeSecretResponse secret = null; try { From 1a5c005ee98191de271fbb99f275c275014d060b Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:31:08 -0400 Subject: [PATCH 44/62] Refactored refresh logic into method --- .../gyro/aws/secretsmanager/SecretResource.java | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 1864658c0..4944bdcf9 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -331,20 +331,19 @@ public void setVersionIdsToStages(Map> versionIdsToStages) @Override public boolean refresh() { SecretsManagerClient client = createClient(SecretsManagerClient.class); + DescribeSecretResponse response = null; try { - DescribeSecretResponse response = client.describeSecret(r -> r.secretId(getArn())); - - if (response == null) { - return false; - } - - copyFrom(response); + response = client.describeSecret(r -> r.secretId(getArn())); } catch (ResourceNotFoundException ex) { // No Resource found + } + + if (response == null) { return false; } + copyFrom(response); return true; } From 26ab2a1edbbf049f39518a25e2a709bf2081503f Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:47:02 -0400 Subject: [PATCH 45/62] Added complex type handling for RotationRulesType --- .../aws/secretsmanager/SecretResource.java | 22 ++++++++----- .../SecretRotationRulesType.java | 33 +++++++++++++++++++ 2 files changed, 47 insertions(+), 8 deletions(-) create mode 100644 src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 4944bdcf9..12e202052 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -37,11 +37,9 @@ import gyro.core.validation.Required; import software.amazon.awssdk.core.SdkBytes; import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient; -import software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest; import software.amazon.awssdk.services.secretsmanager.model.CreateSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.DescribeSecretResponse; import software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException; -import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; import software.amazon.awssdk.services.secretsmanager.model.Tag; import software.amazon.awssdk.services.secretsmanager.model.TagResourceRequest; import software.amazon.awssdk.services.secretsmanager.model.UntagResourceRequest; @@ -91,7 +89,7 @@ public class SecretResource extends AwsResource implements Copyable> versionIdsToStages; @@ -295,12 +293,12 @@ public void setRotationLambdaARN(String rotationLambdaARN) { * The structure that contains the rotation configuration for the secret. */ @Output - public RotationRulesType getRotationRules() { - return rotationRules; + public SecretRotationRulesType getSecretRotationRulesType() { + return secretRotationRulesType; } - public void setRotationRules(RotationRulesType rotationRules) { - this.rotationRules = rotationRules; + public void setSecretRotationRulesType(SecretRotationRulesType secretRotationRulesType) { + this.secretRotationRulesType = secretRotationRulesType; } /** @@ -444,7 +442,15 @@ public void copyFrom(DescribeSecretResponse model) { setOwningService(model.owningService()); setRotationEnabled(model.rotationEnabled()); setRotationLambdaARN(model.rotationLambdaARN()); - setRotationRules(model.rotationRules()); + + if (model.rotationRules() != null) { + SecretRotationRulesType secretRotationRulesType = newSubresource(SecretRotationRulesType.class); + secretRotationRulesType.copyFrom(model.rotationRules()); + setSecretRotationRulesType(secretRotationRulesType); + } else { + setSecretRotationRulesType(null); + } + setTags(model.tags().stream().collect(Collectors.toMap(Tag::key, Tag::value))); setVersionIdsToStages(model.versionIdsToStages()); } diff --git a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java new file mode 100644 index 000000000..b521d3d8f --- /dev/null +++ b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java @@ -0,0 +1,33 @@ +package gyro.aws.secretsmanager; + +import gyro.aws.Copyable; +import gyro.core.resource.Diffable; +import gyro.core.resource.Output; +import software.amazon.awssdk.services.secretsmanager.model.RotationRulesType; + +public class SecretRotationRulesType extends Diffable implements Copyable { + + private Long automaticallyAfterDays; + + /** + * The number of days between automatic scheduled rotations of the secret. + */ + @Output + public Long getAutomaticallyAfterDays() { + return automaticallyAfterDays; + } + + public void setAutomaticallyAfterDays(Long automaticallyAfterDays) { + this.automaticallyAfterDays = automaticallyAfterDays; + } + + @Override + public void copyFrom(RotationRulesType model) { + setAutomaticallyAfterDays(model.automaticallyAfterDays()); + } + + @Override + public String primaryKey() { + return "rotation rules type"; + } +} From 211689ecf781a4def65f08b6ec108a7f1cffd656 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:51:35 -0400 Subject: [PATCH 46/62] Updated docs and styling --- .../gyro/aws/secretsmanager/SecretFinder.java | 2 +- .../aws/secretsmanager/SecretResource.java | 37 ++++++++----------- .../gyro/aws/secretsmanager/package-info.java | 2 +- 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 1d219e456..14b5e1b1b 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -36,7 +36,7 @@ * * .. code-block:: gyro * - * secrets: $(external-query aws::secret {}) + * secrets: $(external-query aws::secret {}) */ @Type("secret") public class SecretFinder extends AwsFinder { diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 12e202052..585209dc8 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -52,21 +52,16 @@ * * .. code-block:: gyro * - * aws::secret secret - * name: "secret-example" - * description: secret-example-description-updated" - * force-delete-without-recovery: true - * kms-key: $(aws::kms-key secret-kms-key-example) - * secret-string: "secret-string-example" - * tags: { - * "secret-example-tag" : "secret-example-tag-value" - * } - * end - * - * aws::kms-key secret-kms-key-example - * aliases: ["alias/secret1", "alias/secret2"] - * description: "secret kms key example description" - * end + * aws::secret secret + * name: "secret-example" + * description: secret-example-description-updated" + * force-delete-without-recovery: true + * kms-key: $(aws::kms-key secret-kms-key-example) + * secret-string: "secret-string-example" + * tags: { + * "secret-example-tag" : "secret-example-tag-value" + * } + * end */ @Type("secret") public class SecretResource extends AwsResource implements Copyable { @@ -118,8 +113,7 @@ public void setKmsKey(KmsKeyResource kmsKey) { } /** - * The binary data that you want to encrypt and store in the new version of the secret. See `Secret Binary Info - * `_. + * The data that you want to encrypt and store in the new version of the secret. */ @Updatable public String getSecretBinary() { @@ -131,8 +125,7 @@ public void setSecretBinary(String secretBinary) { } /** - * The updated text data that you want to encrypt and store in this new version of the secret. See `Secret String - * Info `_. + * The updated text data that you want to encrypt and store in this new version of the secret. */ @Updatable public String getSecretString() { @@ -169,7 +162,7 @@ public void setArn(String arn) { } /** - * The date that the secret is scheduled for deletion and specifies the date. + * The deletion date of the secret. */ @Output public String getDeletedDate() { @@ -181,7 +174,7 @@ public void setDeletedDate(String deletedDate) { } /** - * Enable the secret to be deleted without any recovery window. + * When enabled, lets the secret be deleted without any recovery window. */ @ConflictsWith("recovery-window-in-days") public Boolean getForceDeleteWithoutRecovery() { @@ -193,7 +186,7 @@ public void setForceDeleteWithoutRecovery(Boolean forceDeleteWithoutRecovery) { } /** - * The most recent date that this secret was accessed. + * The most recent date and time that this secret was accessed. */ @Output public String getLastAccessedDate() { diff --git a/src/main/java/gyro/aws/secretsmanager/package-info.java b/src/main/java/gyro/aws/secretsmanager/package-info.java index 9cbd01c94..85410e0a8 100644 --- a/src/main/java/gyro/aws/secretsmanager/package-info.java +++ b/src/main/java/gyro/aws/secretsmanager/package-info.java @@ -18,4 +18,4 @@ package gyro.aws.secretsmanager; -import gyro.core.resource.DocGroup; \ No newline at end of file +import gyro.core.resource.DocGroup; From 047be7da5b3aff606c4ba73a2e700a077c9b244b Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:51:57 -0400 Subject: [PATCH 47/62] Updated ARN doc --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 585209dc8..95e1a3ca8 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -149,7 +149,7 @@ public void setTags(Map tags) { } /** - * The Amazon Resource Name (ARN) of the secret. This is unique. + * The Amazon Resource Name (ARN) of the secret. */ @Id @Output From b8a06656ba3b6f21c555c51f22688b683c7dd8f3 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 15:53:59 -0400 Subject: [PATCH 48/62] Fixed typo in example --- examples/secretsmanager/secret.gyro | 2 +- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/secretsmanager/secret.gyro b/examples/secretsmanager/secret.gyro index 8e7a33f9e..b648e48b2 100644 --- a/examples/secretsmanager/secret.gyro +++ b/examples/secretsmanager/secret.gyro @@ -1,6 +1,6 @@ aws::secret secret name: "secret-example" - description: secret-example-description-updated" + description: "secret-example-description-updated" force-delete-without-recovery: true kms-key: $(aws::kms-key secret-kms-key-example) secret-string: "secret-string-example" diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 95e1a3ca8..7bc758880 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -54,7 +54,7 @@ * * aws::secret secret * name: "secret-example" - * description: secret-example-description-updated" + * description: "secret-example-description-updated" * force-delete-without-recovery: true * kms-key: $(aws::kms-key secret-kms-key-example) * secret-string: "secret-string-example" From 93fa5985107b068b8d36580e8f0eec83c8ab638f Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 19 Aug 2020 16:54:29 -0400 Subject: [PATCH 49/62] Added license onto SecretRotationRulesType --- .../secretsmanager/SecretRotationRulesType.java | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java index b521d3d8f..79eb0a0b9 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java @@ -1,3 +1,19 @@ +/* + * Copyright 2020, Perfect Sense, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package gyro.aws.secretsmanager; import gyro.aws.Copyable; From 8d4f12e5ae89453786379fd88c5d0dd1b4d216c3 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:54:52 -0400 Subject: [PATCH 50/62] Updated ArrayList type --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 14b5e1b1b..d530a2753 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -16,7 +16,7 @@ package gyro.aws.secretsmanager; -import java.util.Collections; +import java.util.ArrayList; import java.util.List; import java.util.Map; import java.util.stream.Collectors; @@ -50,7 +50,7 @@ protected List findAllAws(SecretsManagerClient client) { @Override protected List findAws( SecretsManagerClient client, Map filters) { - List list = Collections.emptyList(); + List list = new ArrayList<>(); try { list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); From 399bb1050d52e93721be5f87137fc11e971e4a2d Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:55:02 -0400 Subject: [PATCH 51/62] Updated docs --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 2 +- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index d530a2753..234d38fe8 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -36,7 +36,7 @@ * * .. code-block:: gyro * - * secrets: $(external-query aws::secret {}) + * secrets: $(external-query aws::secret { arn: 'secret-arn-example'}) */ @Type("secret") public class SecretFinder extends AwsFinder { diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 7bc758880..c303d16b6 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -174,7 +174,7 @@ public void setDeletedDate(String deletedDate) { } /** - * When enabled, lets the secret be deleted without any recovery window. + * When enabled, lets the secret be deleted without any recovery window. */ @ConflictsWith("recovery-window-in-days") public Boolean getForceDeleteWithoutRecovery() { @@ -284,6 +284,8 @@ public void setRotationLambdaARN(String rotationLambdaARN) { /** * The structure that contains the rotation configuration for the secret. + * + * @subresource gyro.aws.secretsmanager.SecretRotationRulesType */ @Output public SecretRotationRulesType getSecretRotationRulesType() { From d4c2f2df5c4b68d4c6c3b9b70f02d3f03301aa0c Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:56:48 -0400 Subject: [PATCH 52/62] Remove duplicate code --- .../gyro/aws/secretsmanager/SecretResource.java | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index c303d16b6..ccd9d0c50 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -344,8 +344,8 @@ public boolean refresh() { public void create(GyroUI ui, State state) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - CreateSecretResponse response = client.createSecret(r -> - r.description(getDescription()) + CreateSecretResponse response = client.createSecret(r -> r + .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) .name(getName()) .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) @@ -353,14 +353,8 @@ public void create(GyroUI ui, State state) throws Exception { .tags(convertTags(getTags())) ); - DescribeSecretResponse secret = null; - - try { - secret = client.describeSecret(r -> r.secretId(response.arn())); - } catch (ResourceNotFoundException ex) { - // No Resource found - } - copyFrom(secret); + setArn(response.arn()); + refresh(); } @Override @@ -430,6 +424,7 @@ public void copyFrom(DescribeSecretResponse model) { setDeletedDate(model.deletedDate() != null ? model.deletedDate().toString() : null); setDescription(model.description()); setKmsKey(findById(KmsKeyResource.class, model.kmsKeyId())); + : null); setLastAccessedDate(model.lastAccessedDate() != null ? model.lastAccessedDate().toString() : null); setLastChangedDate(model.lastAccessedDate() != null ? model.lastChangedDate().toString() : null); setLastRotatedDate(model.lastRotatedDate() != null ? model.lastRotatedDate().toString() : null); From 0d9ccef933c93d3fc4a23c1ee2db68dd8dc5c55e Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:57:07 -0400 Subject: [PATCH 53/62] NPE check --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index ccd9d0c50..8d990f1e4 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -423,7 +423,8 @@ public void copyFrom(DescribeSecretResponse model) { setArn(model.arn()); setDeletedDate(model.deletedDate() != null ? model.deletedDate().toString() : null); setDescription(model.description()); - setKmsKey(findById(KmsKeyResource.class, model.kmsKeyId())); + setKmsKey(findById(KmsKeyResource.class, model.kmsKeyId()) != null + ? findById(KmsKeyResource.class, model.kmsKeyId()) : null); setLastAccessedDate(model.lastAccessedDate() != null ? model.lastAccessedDate().toString() : null); setLastChangedDate(model.lastAccessedDate() != null ? model.lastChangedDate().toString() : null); From aaabaf4afcd1af7cfdc80004fa519688ab11b440 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:57:30 -0400 Subject: [PATCH 54/62] Add condition for updating secret based on number of changed fields --- .../gyro/aws/secretsmanager/SecretResource.java | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 8d990f1e4..e4111cda1 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -362,12 +362,14 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - client.updateSecret(r -> r.secretId(getArn()) - .description(getDescription()) - .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) - .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) - .secretString(getSecretString()) - .build()); + if (changedFieldNames.size() >= 2) { + client.updateSecret(r -> r.secretId(getArn()) + .description(getDescription()) + .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) + .secretBinary(getSecretBinary() != null ? SdkBytes.fromUtf8String(getSecretBinary()) : null) + .secretString(getSecretString()) + .build()); + } if (changedFieldNames.contains("tags")) { SecretResource oldResource = (SecretResource) current; From 910c97af74bc59400fc82c0012bfb18accecfea9 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Fri, 21 Aug 2020 15:58:47 -0400 Subject: [PATCH 55/62] Remove unnecessary primary key --- .../java/gyro/aws/secretsmanager/SecretRotationRulesType.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java index 79eb0a0b9..b28ac1de7 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java @@ -44,6 +44,6 @@ public void copyFrom(RotationRulesType model) { @Override public String primaryKey() { - return "rotation rules type"; + return ""; } } From 4428a80b59fc557ec76ad58b1243ee943dea522e Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 24 Aug 2020 14:04:07 -0400 Subject: [PATCH 56/62] Updated finder docs and added 'arn' field --- .../gyro/aws/secretsmanager/SecretFinder.java | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 234d38fe8..67a0b9105 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -36,11 +36,25 @@ * * .. code-block:: gyro * - * secrets: $(external-query aws::secret { arn: 'secret-arn-example'}) + * secrets: $(external-query aws::secret { arn: 'secret-arn-example'}) */ @Type("secret") public class SecretFinder extends AwsFinder { + private String arn; + + + /** + * The Amazon Resource Name (ARN) of the secret. + */ + public String getArn() { + return arn; + } + + public void setArn(String arn) { + this.arn = arn; + } + @Override protected List findAllAws(SecretsManagerClient client) { return client.listSecretsPaginator().stream().flatMap(list -> From 3620b4ceaff8f2174a7fabc42624f891feb43ab3 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 24 Aug 2020 14:04:33 -0400 Subject: [PATCH 57/62] Added condition for update for non-tag fields changed --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index e4111cda1..27b276838 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -362,7 +362,7 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - if (changedFieldNames.size() >= 2) { + if (changedFieldNames.size() >= 1 || !changedFieldNames.contains("tags")) { client.updateSecret(r -> r.secretId(getArn()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) From f15c95c44a28ed57c663160d27d5c155921790b8 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 24 Aug 2020 14:52:17 -0400 Subject: [PATCH 58/62] Updated update conditions --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 27b276838..a144149e1 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -362,7 +362,7 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - if (changedFieldNames.size() >= 1 || !changedFieldNames.contains("tags")) { + if (changedFieldNames.size() == 1 && !changedFieldNames.contains("tags") || ((changedFieldNames.size() > 1))) { client.updateSecret(r -> r.secretId(getArn()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) From fbb6116d1339b1b29788a33fb378e433e1d0a0a4 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Mon, 24 Aug 2020 15:21:29 -0400 Subject: [PATCH 59/62] Reduced number of conditions --- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index a144149e1..9eaadfd44 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -362,7 +362,7 @@ public void update( GyroUI ui, State state, Resource current, Set changedFieldNames) throws Exception { SecretsManagerClient client = createClient(SecretsManagerClient.class); - if (changedFieldNames.size() == 1 && !changedFieldNames.contains("tags") || ((changedFieldNames.size() > 1))) { + if (changedFieldNames.size() > 1 || !changedFieldNames.contains("tags")) { client.updateSecret(r -> r.secretId(getArn()) .description(getDescription()) .kmsKeyId(getKmsKey() != null ? getKmsKey().getArn() : null) From 7f8e1410fff5a77bc3cc5b051d7d9d33401004ff Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 1 Sep 2020 14:57:21 -0400 Subject: [PATCH 60/62] Remove lines --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 67a0b9105..38c131f13 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -43,7 +43,6 @@ public class SecretFinder extends AwsFinder findAws( SecretsManagerClient client, Map filters) { List list = new ArrayList<>(); try { - list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); } catch (ResourceNotFoundException ex) { // No resource found From 6a85ed04c7ed73969ce0b9c603340bd3b0dcafe8 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Tue, 1 Sep 2020 16:34:57 -0400 Subject: [PATCH 61/62] Updated variable name --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 38c131f13..0ebdefe72 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -63,14 +63,14 @@ protected List findAllAws(SecretsManagerClient client) { @Override protected List findAws( SecretsManagerClient client, Map filters) { - List list = new ArrayList<>(); + List secretList = new ArrayList<>(); try { - list.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); + secretList.add(client.describeSecret(r -> r.secretId(filters.get("arn")))); } catch (ResourceNotFoundException ex) { // No resource found } - return list; + return secretList; } private DescribeSecretResponse convertEntry(SecretListEntry entry) { From 2a0f7a2bf3d2f2cf85c9ef053ffb589eaedf5956 Mon Sep 17 00:00:00 2001 From: iHaoo Date: Wed, 30 Sep 2020 19:07:30 -0400 Subject: [PATCH 62/62] Updated copyright info --- src/main/java/gyro/aws/secretsmanager/SecretFinder.java | 2 +- src/main/java/gyro/aws/secretsmanager/SecretResource.java | 2 +- .../java/gyro/aws/secretsmanager/SecretRotationRulesType.java | 2 +- src/main/java/gyro/aws/secretsmanager/package-info.java | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java index 0ebdefe72..88b44e8f2 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretFinder.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretFinder.java @@ -1,5 +1,5 @@ /* - * Copyright 2020, Perfect Sense, Inc. + * Copyright 2020, Brightspot. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/gyro/aws/secretsmanager/SecretResource.java b/src/main/java/gyro/aws/secretsmanager/SecretResource.java index 9eaadfd44..380befa90 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretResource.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2020, Perfect Sense, Inc. + * Copyright 2020, Brightspot. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java index b28ac1de7..39ecc0643 100644 --- a/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java +++ b/src/main/java/gyro/aws/secretsmanager/SecretRotationRulesType.java @@ -1,5 +1,5 @@ /* - * Copyright 2020, Perfect Sense, Inc. + * Copyright 2020, Brightspot. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/gyro/aws/secretsmanager/package-info.java b/src/main/java/gyro/aws/secretsmanager/package-info.java index 85410e0a8..29f2a7185 100644 --- a/src/main/java/gyro/aws/secretsmanager/package-info.java +++ b/src/main/java/gyro/aws/secretsmanager/package-info.java @@ -1,5 +1,5 @@ /* - * Copyright 2020, Perfect Sense, Inc. + * Copyright 2020, Brightspot. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.