Move secrets out

Author: scottgerring

examples/powertools-examples-parameters/pom.xml

@@ -24,6 +24,12 @@
             <artifactId>powertools-parameters-ssm</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>software.amazon.lambda</groupId>
+            <artifactId>powertools-parameters-secrets</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
         <dependency>
             <groupId>com.amazonaws</groupId>
             <artifactId>aws-lambda-java-core</artifactId>

examples/powertools-examples-parameters/src/main/java/org/demo/parameters/ParametersFunction.java

@@ -32,16 +32,18 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import software.amazon.lambda.powertools.parameters.ParamManager;
+import software.amazon.lambda.powertools.parameters.secrets.SecretsProvider;
 import software.amazon.lambda.powertools.parameters.ssm.SSMProvider;
-import software.amazon.lambda.powertools.parameters.SecretsProvider;
 
 public class ParametersFunction implements RequestHandler<APIGatewayProxyRequestEvent, APIGatewayProxyResponseEvent> {
     private final static Logger log = LogManager.getLogger(ParametersFunction.class);
 
     SSMProvider ssmProvider = SSMProvider
             .builder()
             .build();
-    SecretsProvider secretsProvider = ParamManager.getSecretsProvider();
+    SecretsProvider secretsProvider = SecretsProvider
+            .builder()
+            .build();
 
     String simpleValue = ssmProvider.defaultMaxAge(30, SECONDS).get("/powertools-java/sample/simplekey");
     String listValue = ssmProvider.withMaxAge(60, SECONDS).get("/powertools-java/sample/keylist");

pom.xml

@@ -56,6 +56,7 @@
         <module>examples</module>
         <module>powertools-parameters/powertools-parameters-ssm</module>
         <module>powertools-parameters/powertools-parameters-tests</module>
+        <module>powertools-parameters/powertools-parameters-secrets</module>
     </modules>
 
     <scm>

powertools-parameters/pom.xml

@@ -58,20 +58,6 @@
             <groupId>software.amazon.lambda</groupId>
             <artifactId>powertools-common</artifactId>
         </dependency>
-        <dependency>
-            <groupId>software.amazon.awssdk</groupId>
-            <artifactId>secretsmanager</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>software.amazon.awssdk</groupId>
-                    <artifactId>apache-client</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>software.amazon.awssdk</groupId>
-                    <artifactId>netty-nio-client</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>url-connection-client</artifactId>

powertools-parameters/powertools-parameters-secrets/pom.xml

@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>software.amazon.lambda</groupId>
+        <artifactId>powertools-parent</artifactId>
+        <version>2.0.0-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>powertools-parameters-secrets</artifactId>
+    <name>Powertools for AWS Lambda (Java) library Parameters - Secrets Manager</name>
+    <description>Secrets Manager implementation for the Parameters module</description>
+
+    <issueManagement>
+        <system>GitHub Issues</system>
+        <url>https://github.com/aws-powertools/powertools-lambda-java/issues</url>
+    </issueManagement>
+    <scm>
+        <url>https://github.com/aws-powertools/powertools-lambda-java.git</url>
+    </scm>
+    <developers>
+        <developer>
+            <name>Powertools for AWS Lambda team</name>
+            <organization>Amazon Web Services</organization>
+            <organizationUrl>https://aws.amazon.com/</organizationUrl>
+        </developer>
+    </developers>
+
+    <distributionManagement>
+        <snapshotRepository>
+            <id>ossrh</id>
+            <url>https://aws.oss.sonatype.org/content/repositories/snapshots</url>
+        </snapshotRepository>
+    </distributionManagement>
+
+    <dependencies>
+        <dependency>
+            <groupId>software.amazon.lambda</groupId>
+            <artifactId>powertools-parameters</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>software.amazon.awssdk</groupId>
+            <artifactId>secretsmanager</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>software.amazon.awssdk</groupId>
+                    <artifactId>apache-client</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>software.amazon.awssdk</groupId>
+                    <artifactId>netty-nio-client</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- Test dependencies -->
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-engine</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-inline</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.assertj</groupId>
+            <artifactId>assertj-core</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjweaver</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>3.1.2</version>
+                <configuration>
+                    <environmentVariables>
+                        <AWS_REGION>eu-central-1</AWS_REGION>
+                    </environmentVariables>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-checkstyle-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>

powertools-parameters/src/main/java/software/amazon/lambda/powertools/parameters/SecretsProvider.java renamed to powertools-parameters/powertools-parameters-secrets/src/main/java/software/amazon/lambda/powertools/parameters/secrets/SecretsProvider.java

@@ -12,7 +12,7 @@
  *
  */
 
-package software.amazon.lambda.powertools.parameters;
+package software.amazon.lambda.powertools.parameters.secrets;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 
@@ -27,6 +27,7 @@
 import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
 import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
 import software.amazon.lambda.powertools.common.internal.UserAgentConfigurator;
+import software.amazon.lambda.powertools.parameters.BaseProvider;
 import software.amazon.lambda.powertools.parameters.cache.CacheManager;
 import software.amazon.lambda.powertools.parameters.transform.TransformationManager;
 import software.amazon.lambda.powertools.parameters.transform.Transformer;
@@ -151,7 +152,7 @@ SecretsManagerClient getClient() {
         return client;
     }
 
-    static class Builder {
+    public static class Builder {
 
         private SecretsManagerClient client;
         private CacheManager cacheManager;
@@ -163,7 +164,7 @@ private static SecretsManagerClient createClient() {
                     .region(Region.of(System.getenv(SdkSystemSetting.AWS_REGION.environmentVariable())))
                     .overrideConfiguration(ClientOverrideConfiguration.builder()
                             .putAdvancedOption(SdkAdvancedClientOption.USER_AGENT_SUFFIX,
-                                    UserAgentConfigurator.getUserAgent(PARAMETERS)).build())
+                                    UserAgentConfigurator.getUserAgent(BaseProvider.PARAMETERS)).build())
                     .build();
         }
 
@@ -174,7 +175,8 @@ private static SecretsManagerClient createClient() {
          */
         public SecretsProvider build() {
             if (cacheManager == null) {
-                throw new IllegalStateException("No CacheManager provided, please provide one");
+                // TODO - what should we do with this
+                cacheManager = new CacheManager();
             }
             SecretsProvider provider;
             if (client == null) {

powertools-parameters/powertools-parameters-tests/src/test/java/software/amazon/lambda/powertools/parameters/SecretsProviderTest.java renamed to powertools-parameters/powertools-parameters-secrets/src/test/java/software/amazon/lambda/powertools/parameters/secrets/SecretsProviderTest.java

@@ -12,21 +12,24 @@
  *
  */
 
-package software.amazon.lambda.powertools.parameters;
+package software.amazon.lambda.powertools.parameters.secrets;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
 import static org.assertj.core.api.Assertions.assertThatRuntimeException;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.mockito.MockitoAnnotations.openMocks;
 
 import java.time.temporal.ChronoUnit;
 import java.util.Base64;
+import org.assertj.core.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.ArgumentCaptor;
 import org.mockito.Captor;
 import org.mockito.Mock;
 import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
 import software.amazon.awssdk.core.SdkBytes;
 import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
 import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
@@ -51,7 +54,7 @@ public class SecretsProviderTest {
 
     @BeforeEach
     public void init() {
-        openMocks(this);
+        MockitoAnnotations.openMocks(this);
         cacheManager = new CacheManager();
         provider = new SecretsProvider(cacheManager, client);
     }
@@ -67,8 +70,8 @@ public void getValue() {
 
         String value = provider.getValue(key);
 
-        assertThat(value).isEqualTo(expectedValue);
-        assertThat(paramCaptor.getValue().secretId()).isEqualTo(key);
+        Assertions.assertThat(value).isEqualTo(expectedValue);
+        Assertions.assertThat(paramCaptor.getValue().secretId()).isEqualTo(key);
     }
 
     @Test
@@ -82,27 +85,28 @@ public void getValueBase64() {
 
         String value = provider.getValue(key);
 
-        assertThat(value).isEqualTo(expectedValue);
-        assertThat(paramCaptor.getValue().secretId()).isEqualTo(key);
+        Assertions.assertThat(value).isEqualTo(expectedValue);
+        Assertions.assertThat(paramCaptor.getValue().secretId()).isEqualTo(key);
     }
 
     @Test
     public void getMultipleValuesThrowsException() {
 
         // Act & Assert
-        assertThatRuntimeException().isThrownBy(() -> provider.getMultipleValues("path"))
+        Assertions.assertThatRuntimeException().isThrownBy(() -> provider.getMultipleValues("path"))
                 .withMessage("Impossible to get multiple values from AWS Secrets Manager");
 
     }
 
     @Test
-    public void testSecretsProviderBuilderMissingCacheManager_throwsException() {
+    public void testGetSecretsProvider_withoutParameter_shouldCreateDefaultClient() {
 
-        // Act & Assert
-        assertThatIllegalStateException().isThrownBy(() -> SecretsProvider.builder()
-                        .withClient(client)
-                        .withTransformationManager(transformationManager)
-                        .build())
-                .withMessage("No CacheManager provided, please provide one");
+        // Act
+        SecretsProvider secretsProvider = SecretsProvider.builder()
+                .build();
+
+        // Assert
+        assertNotNull(secretsProvider);
+        assertNotNull(secretsProvider.getClient());
     }
 }

powertools-parameters/powertools-parameters-ssm/pom.xml

@@ -44,6 +44,21 @@
             <version>${project.version}</version>
         </dependency>
 
+        <dependency>
+            <groupId>software.amazon.awssdk</groupId>
+            <artifactId>ssm</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>software.amazon.awssdk</groupId>
+                    <artifactId>apache-client</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>software.amazon.awssdk</groupId>
+                    <artifactId>netty-nio-client</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
         <!-- Test dependencies -->
         <dependency>
             <groupId>org.junit.jupiter</groupId>
@@ -80,20 +95,6 @@
             <artifactId>aspectjweaver</artifactId>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>software.amazon.awssdk</groupId>
-            <artifactId>ssm</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>software.amazon.awssdk</groupId>
-                    <artifactId>apache-client</artifactId>
-                </exclusion>
-                <exclusion>
-                    <groupId>software.amazon.awssdk</groupId>
-                    <artifactId>netty-nio-client</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
     </dependencies>
 
     <build>

powertools-parameters/powertools-parameters-tests/pom.xml

@@ -23,6 +23,11 @@
             <artifactId>powertools-parameters-ssm</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>software.amazon.lambda</groupId>
+            <artifactId>powertools-parameters-secrets</artifactId>
+            <version>${project.version}</version>
+        </dependency>
 
         <!-- Test dependencies -->
         <dependency>

powertools-parameters/powertools-parameters-tests/src/test/java/software/amazon/lambda/powertools/parameters/LambdaParametersAspectTest.java

@@ -63,18 +63,19 @@ public void init() {
     }
 
     @Test
-    public void testDefault_ShouldUseSSMProvider() {
-        try (MockedStatic<ParamManager> mocked = Mockito.mockStatic(ParamManager.class)) {
-            mocked.when(() -> ParamManager.getProvider(SSMProvider.class)).thenReturn(defaultProvider);
-            Mockito.when(defaultProvider.get("/default")).thenReturn("value");
-
-            Assertions.assertThat(defaultValue).isEqualTo("value");
-            mocked.verify(() -> ParamManager.getProvider(SSMProvider.class), Mockito.times(1));
-            Mockito.verify(defaultProvider, Mockito.times(1)).get("/default");
-
-            mocked.reset();
-        }
-    }
+    // TODO - no more defaults!
+//    public void testDefault_ShouldUseSSMProvider() {
+//        try (MockedStatic<ParamManager> mocked = Mockito.mockStatic(ParamManager.class)) {
+//            mocked.when(() -> ParamManager.getProvider(SSMProvider.class)).thenReturn(defaultProvider);
+//            Mockito.when(defaultProvider.get("/default")).thenReturn("value");
+//
+//            Assertions.assertThat(defaultValue).isEqualTo("value");
+//            mocked.verify(() -> ParamManager.getProvider(SSMProvider.class), Mockito.times(1));
+//            Mockito.verify(defaultProvider, Mockito.times(1)).get("/default");
+//
+//            mocked.reset();
+//        }
+//    }
 
     @Test
     public void testSimple() {