From 2ff7818e086222b5ba93c4b2a1e325baa10b87be Mon Sep 17 00:00:00 2001 From: Conor Campbell <41545625+gnusey@users.noreply.github.com> Date: Thu, 30 Nov 2023 21:52:07 +0000 Subject: [PATCH 1/2] events: add Secrets Manager rotation event (#291) (#530) resolves #291 Co-authored-by: Bryan Moffatt --- ...ADME_SecretsManager_SecretRotationEvent.md | 38 +++++++++++++++++++ events/secretsmanager.go | 11 ++++++ events/secretsmanager_test.go | 30 +++++++++++++++ .../secretsmanager-secret-rotation-event.json | 5 +++ 4 files changed, 84 insertions(+) create mode 100644 events/README_SecretsManager_SecretRotationEvent.md create mode 100644 events/secretsmanager.go create mode 100644 events/secretsmanager_test.go create mode 100644 events/testdata/secretsmanager-secret-rotation-event.json diff --git a/events/README_SecretsManager_SecretRotationEvent.md b/events/README_SecretsManager_SecretRotationEvent.md new file mode 100644 index 00000000..1b572cf6 --- /dev/null +++ b/events/README_SecretsManager_SecretRotationEvent.md @@ -0,0 +1,38 @@ +# Sample Function + +The following is a sample Lambda function that handles a SecretsManager secret rotation event. + +```go +package main + +import ( + "fmt" + "context" + + "github.com/aws/aws-lambda-go/lambda" + "github.com/aws/aws-lambda-go/events" +) + +func handler(ctx context.Context, event SecretsManagerSecretRotationEvent) error { + fmt.Printf("rotating secret %s with token %s\n", + event.SecretID, event.ClientRequestToken) + + switch event.Step { + case "createSecret": + // create + case "setSecret": + // set + case "finishSecret": + // finish + case "testSecret": + // test + } + + return nil +} + + +func main() { + lambda.Start(handler) +} +``` \ No newline at end of file diff --git a/events/secretsmanager.go b/events/secretsmanager.go new file mode 100644 index 00000000..fd2bea10 --- /dev/null +++ b/events/secretsmanager.go @@ -0,0 +1,11 @@ +package events + +// SecretsManagerSecretRotationEvent is the event passed to a Lambda function to handle +// automatic secret rotation. +// +// https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html#rotate-secrets_how +type SecretsManagerSecretRotationEvent struct { + Step string `json:"Step"` + SecretID string `json:"SecretId"` + ClientRequestToken string `json:"ClientRequestToken"` +} diff --git a/events/secretsmanager_test.go b/events/secretsmanager_test.go new file mode 100644 index 00000000..0333bb83 --- /dev/null +++ b/events/secretsmanager_test.go @@ -0,0 +1,30 @@ +package events + +import ( + "encoding/json" + "testing" + + "github.com/aws/aws-lambda-go/events/test" + "github.com/stretchr/testify/assert" +) + +func TestSecretsManagerSecretRotationEventMarshaling(t *testing.T) { + + // 1. read JSON from file + inputJSON := test.ReadJSONFromFile(t, "./testdata/secretsmanager-secret-rotation-event.json") + + // 2. de-serialize into Go object + var inputEvent SecretsManagerSecretRotationEvent + if err := json.Unmarshal(inputJSON, &inputEvent); err != nil { + t.Errorf("could not unmarshal event. details: %v", err) + } + + // 3. serialize to JSON + outputJSON, err := json.Marshal(inputEvent) + if err != nil { + t.Errorf("could not marshal event. details: %v", err) + } + + // 4. check result + assert.JSONEq(t, string(inputJSON), string(outputJSON)) +} diff --git a/events/testdata/secretsmanager-secret-rotation-event.json b/events/testdata/secretsmanager-secret-rotation-event.json new file mode 100644 index 00000000..5f444cd0 --- /dev/null +++ b/events/testdata/secretsmanager-secret-rotation-event.json @@ -0,0 +1,5 @@ +{ + "Step": "createSecret", + "SecretId": "arn:aws:secretsmanager:us-east-1:111122223333:secret:id-ABCD1E", + "ClientRequestToken": "1ab23456-cde7-8912-34fg-h56i78j9k12l" +} \ No newline at end of file From 0ad0619ae4891c6eb78c369aad2ee28c6004da24 Mon Sep 17 00:00:00 2001 From: Praveen Kamath <38579818+praveenk007@users.noreply.github.com> Date: Fri, 1 Dec 2023 03:42:21 +0530 Subject: [PATCH 2/2] Added Deleted field to support codecommit ref delete events (#531) * added support for Deleted field for codecommit ref delete events * added test cases * fixed indentation issue * fixed indentation issue * deleted .idea folder --------- Co-authored-by: Bryan Moffatt --- events/code_commit.go | 3 ++- events/code_commit_test.go | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/events/code_commit.go b/events/code_commit.go index 8bb6d880..9d5e071c 100644 --- a/events/code_commit.go +++ b/events/code_commit.go @@ -91,11 +91,12 @@ type CodeCommitReference struct { Commit string `json:"commit"` Ref string `json:"ref"` Created bool `json:"created,omitempty"` + Deleted bool `json:"deleted,omitempty"` } // String returns a string representation of this object. // Useful for testing and debugging. func (r CodeCommitReference) String() string { return fmt.Sprintf( - "{commit: %v, ref: %v, created: %v}", r.Commit, r.Ref, r.Created) + "{commit: %v, ref: %v, created: %v, deleted: %v}", r.Commit, r.Ref, r.Created, r.Deleted) } diff --git a/events/code_commit_test.go b/events/code_commit_test.go index 493971df..32c163a3 100644 --- a/events/code_commit_test.go +++ b/events/code_commit_test.go @@ -28,6 +28,16 @@ func TestCodeCommitReference(t *testing.T) { "ref": "refs/heads/master", "created": true } + `), + }, + { + Name: "Deleted CodeCommitReference", + Input: []byte(` + { + "commit": "5c4ef1049f1d27deadbeeff313e0730018be182b", + "ref": "refs/heads/master", + "deleted": true + } `), }, } @@ -62,6 +72,11 @@ func TestCodeCommitCodeCommit(t *testing.T) { "commit": "5c4ef1049f1d27deadbeeff313e0730018be182b", "ref": "refs/heads/master", "created": true + }, + { + "commit": "5c4ef1049f1d27deadbeeff313e0730018be182b", + "ref": "refs/heads/master", + "deleted": true } ] }