• Home
• com.gu.play-secret-rotation
• aws-parameterstore-secret-supplier-base_3
• 8.0.0-PREVIEW.fix-forgotten-CSRFTokenSigner.2024-04-03T1117.eca69ca4
• source code

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

ecret-rotation.aws-parameterstore-secret-supplier-base_3.8.0.0-PREVIEW.fix-forgotten-CSRFTokenSigner.2024-04-03T1117.eca69ca4.source-code.SecretSupplier.scala Maven / Gradle / Ivy

package com.gu.play.secretrotation.aws.parameterstore

import com.gu.play.secretrotation.DualSecretTransition.{InitialSecret, TransitioningSecret}
import com.gu.play.secretrotation.{CachingSnapshotProvider, SnapshotProvider, TransitionTiming}

/**
  * @param ssmClient use the implementation of this compiled against AWS SDK v1 or v2
  *                  as required.
  */
class SecretSupplier(
  val transitionTiming: TransitionTiming,
  parameterName: String,
  ssmClient: MinimalAwsSdkWrapper
) extends CachingSnapshotProvider {

  val InitialVersion = 1

  def loadState(): SnapshotProvider = {
    val latestValue = ssmClient.fetchValues(Seq(parameterName)).head
    val latestVersion = latestValue.metadata.version

    val state = latestVersion match {
      case InitialVersion => InitialSecret(latestValue.value)
      case _ =>
        val previousVersion = latestVersion - 1
        val previousValue = ssmClient.fetchValues(Seq(s"$parameterName:$previousVersion")).head
        TransitioningSecret(
          oldSecret = previousValue.value,
          newSecret = latestValue.value,
          overlapInterval =
            transitionTiming.overlapIntervalForSecretPublishedAt(latestValue.metadata.lastModified)
        )
    }
    logger.info(s"Fetched Secret state: ${state.snapshot().description}")
    state
  }
}