Skip to content

Aws secretsmanager additions#6381

Merged
JorTurFer merged 56 commits intokedacore:mainfrom
nrichardson-akasa:aws-secretsmanager-additions
Feb 6, 2025
Merged

Aws secretsmanager additions#6381
JorTurFer merged 56 commits intokedacore:mainfrom
nrichardson-akasa:aws-secretsmanager-additions

Conversation

@mpechner-akasa
Copy link
Contributor

@mpechner-akasa mpechner-akasa commented Nov 29, 2024
edited by JorTurFer
Loading

This adds the ability to specify a secretKey in the awsSecretManager TriggerAuthentication. This will allow parsing of secrets that contain Key/Value pairs (returned in JSON format).

Resubmission of #6031

Provide a description of what has been changed

Checklist

Fixes #5940

Relates to #

nrichardson-akasa and others added 8 commits August 2, 2024 12:52
@nrichardson-akasa
Add SecretKey to AWS SecretsManager TriggerAuthentication spec
655471b 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Update CHANGELOG
8025fd3 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Fix linting issue
fd88dd7 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Update E2E tests
124e48a 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Update E2E tests
b9951d1 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Merge branch 'main' into aws-secretsmanager-additions
b1421f3
@nrichardson-akasa
Update E2E tests
dabf94c 
Signed-off-by: Nick Richardson <nicholas.richardson@akasa.com>
@nrichardson-akasa
Merge branch 'main' into aws-secretsmanager-additions
23175d8
@mpechner-akasa mpechner-akasa requested a review from a team as a code owner November 29, 2024 18:28
@mpechner-akasa mpechner-akasa force-pushed the aws-secretsmanager-additions branch from a4701ef to 23175d8 Compare November 29, 2024 20:09
zroubalik
zroubalik reviewed Dec 4, 2024
View reviewed changes
Copy link
Member

@zroubalik zroubalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good, thanks. We should also update docs

mpechner-akasa added a commit to mpechner-akasa/keda-docs that referenced this pull request Dec 5, 2024
@mpechner-akasa
Documented adding secretKey parameter to access aws secret manager
2c33b1b 
Doc for issue: kedacore/keda#5940
PR: kedacore/keda#6381

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa mpechner-akasa mentioned this pull request Dec 5, 2024
Merged
1 task
@mpechner-akasa
Copy link
Contributor Author

mpechner-akasa commented Dec 5, 2024

#5940

docs. kedacore/keda-docs#1508

JorTurFer
JorTurFer reviewed Dec 15, 2024
View reviewed changes
Copy link
Member

@JorTurFer JorTurFer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really nice job! some comments inline

@mpechner-akasa mpechner-akasa force-pushed the aws-secretsmanager-additions branch 2 times, most recently from 36f2dcc to a6b4067 Compare December 16, 2024 22:38
@mpechner-akasa
remoace tab with spaces
1f34e8f 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Merge branch 'main' into aws-secretsmanager-additions
decfda0
@mpechner-akasa
Needed the hlper added in here
3e92f5c 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Merge branch 'aws-secretsmanager-additions' of github.com:nrichardson…
45e365c 
…-akasa/keda into aws-secretsmanager-additions
@mpechner-akasa
only changed awssecreetmanager_test.go to see if my approach is corr…
e6ec7c4 
…ect.

Will remove  REMOVETestAwsSecretManagerJSONFormat and change aws_secret_manager_pod_identity.go once I have changed this file as expected.

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
nd keeps removing
a0a839a 
// Local imports
	. "github.com/kedacore/keda/v2/tests/helper"

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Not sure what the correct way to import the local helper is.
f294e18 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@JorTurFer
Copy link
Member

JorTurFer commented Jan 17, 2025
edited
Loading

e2e tests are failing because the secret has the same name in both cases. This makes that one case passes and the other one fails because the e2e test is trying to create a secret with the same name and the secret is in deletion process

You can't create this secret because a secret with this name is already scheduled for deletion

You need to update the value of AwsCredentialsSecretName to include a different value per test case (as well as the random number to not conflict between tests). e.g: You can move the value calculation to the function getTemplateData and append a suffix with the test case

@mpechner-akasa
In both tests deleteAWSSecret() is already coded to immediately delet…
bdcace4 
…e the secret.

Instead of tryinfg to further randomize the secretname, just let the code do what it should.
Added a poll to wait on the secret to be removed.  Hoping 2 minniutes is more than enough.

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
In both tests deleteAWSSecret() is already coded to immediately delet…
c045b80 
…e the secret.

Instead of trying to further randomize the secretname, just let the code do what it should.
Added a poll to wait on the secret to be removed.

Should happen within a few seconds.  But we are talking AWS.  5 minutes really should be more then enough.

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Merge branch 'aws-secretsmanager-additions' of github.com:nrichardson…
210fe63 
…-akasa/keda into aws-secretsmanager-additions
@mpechner-akasa
forgot the import
5d0cf03 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
format
982c17f 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Sorry. did not realize the needed imcludes for the wait code.
1b9c9d9 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
compiles clean. found types.ResourceNotFoundException
f78158e 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
swapped wait.PollImmediate for wait.PollUntilContextTimeout
ff4e466 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
forgot to fmt 1
89335bb 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
as requested. removed wait on secret delete.
f069c35 
made sure we set a new secret name for each run

Signed-off-by: michael pechner <mike.pechner@akasa.com>
@mpechner-akasa
Merge branch 'main' into aws-secretsmanager-additions
b35c611 
Signed-off-by: Michael D Pechner - Akasa <mike.pechner@akasa.com>
JorTurFer
JorTurFer reviewed Feb 3, 2025
View reviewed changes
Copy link
Member

@JorTurFer JorTurFer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really great job! 2 small comments inline and we are almost there!

@JorTurFer
Copy link
Member

JorTurFer commented Feb 3, 2025
edited by github-actions bot
Loading

/run-e2e aws
Update: You can check the progress here

@mpechner-akasa
removed useJSONSecretFormat from test struct.
3f8b6a1 
Signed-off-by: michael pechner <mike.pechner@akasa.com>
@JorTurFer
Copy link
Member

JorTurFer commented Feb 3, 2025
edited by github-actions bot
Loading

/run-e2e aws
Update: You can check the progress here

JorTurFer
JorTurFer reviewed Feb 3, 2025
View reviewed changes
@JorTurFer
Copy link
Member

JorTurFer commented Feb 4, 2025
edited by github-actions bot
Loading

/run-e2e aws
Update: You can check the progress here

@JorTurFer JorTurFer mentioned this pull request Feb 3, 2025
Closed
40 tasks
@zroubalik
Copy link
Member

zroubalik commented Feb 6, 2025
edited by github-actions bot
Loading

/run-e2e aws
Update: You can check the progress here

@zroubalik
Copy link
Member

zroubalik commented Feb 6, 2025
edited by github-actions bot
Loading

/run-e2e aws
Update: You can check the progress here

@JorTurFer JorTurFer merged commit ca83efd into kedacore:main Feb 6, 2025
17 checks passed
JorTurFer pushed a commit to kedacore/keda-docs that referenced this pull request Feb 6, 2025
@mpechner-akasa
Documented adding secretKey parameter to access aws secret manager (#…
6986fe5 
…1508)

* Documented adding secretKey parameter to access aws secret manager

Doc for issue: kedacore/keda#5940
PR: kedacore/keda#6381

Signed-off-by: michael pechner <mike.pechner@akasa.com>

* Added a note to the description for the secretKey parameter and entry to the example for the parameter.

Signed-off-by: michael pechner <mike.pechner@akasa.com>

---------

Signed-off-by: michael pechner <mike.pechner@akasa.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JorTurFer JorTurFer JorTurFer approved these changes

@zroubalik zroubalik zroubalik approved these changes

+1 more reviewer

@mpechner mpechner mpechner left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

TriggerAuthentication : AWS Secret Manager should allow to pass "Secret key" as one of the parameter under secrets

5 participants

@mpechner-akasa @zroubalik @JorTurFer @mpechner @nrichardson-akasa