-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsecrets.go
37 lines (32 loc) · 1.14 KB
/
secrets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package windowcontrol
import (
"context"
"fmt"
secretmanager "cloud.google.com/go/secretmanager/apiv1"
secretmanagerpb "google.golang.org/genproto/googleapis/cloud/secretmanager/v1"
)
// SecretManager allows to access secrets
type SecretManager struct {
client *secretmanager.Client
}
// NewSecretManager creates a new SecretManager object
func NewSecretManager(ctx context.Context) (*SecretManager, error) {
client, err := secretmanager.NewClient(ctx)
if err != nil {
return nil, fmt.Errorf("unable to create secretmanager client: %w", err)
}
return &SecretManager{
client: client,
}, nil
}
// AccessSecret requests and returns a secret with the given name in the given project
func (sm *SecretManager) AccessSecret(ctx context.Context, projectID, secretName string) (string, error) {
req := &secretmanagerpb.AccessSecretVersionRequest{
Name: fmt.Sprintf("projects/%s/secrets/%s/versions/latest", projectID, secretName),
}
result, err := sm.client.AccessSecretVersion(ctx, req)
if err != nil {
return "", fmt.Errorf("unable to access secret %s in project %s: %w", secretName, projectID, err)
}
return string(result.Payload.Data), nil
}