Releases: mariotoffia/ssm
Substruct JSON & Externalize Parsers
This release allows for use sub structs that are treated as a string onto parameter store or secrets manager. However, the ssm library will de-/serialize the individual elements in a sub struct.
It also adds the ability to use the reflection parser along with tag parser to allow for users of this library to register their own tags and handle those appropriately.
For example when storing a secret in secrets manager you may choose to use json. In this case the json contains User, Password, and a Timeout. This is written and read back and forth the secrets manager. The use of strkey=password is only for the CDK generator to use template driven secret generation while emitting CDK code (thus will cloud formation generate password while provisioning the secret).
type MyDbServiceConfigAsm struct {
Name string
Connection struct {
User string `json:"user"`
Password string `json:"password"`
Timeout int `json:"timeout"`
} `asm:"bubbibobbo, strkey=password"`
}Cheers,
Mario
Reporting and CDK
This release updates the library to handle reporting for a DevOps pipeline. It produces a JSON with the configuration for each struct.
It is modelled as Marshal and Unmarshal for example:
type Sample struct {
ConnectionString string `asm:"connectstring, strkey=password, gurka=biffen, nasse=hunden"`
Secret string `asm:"mysecret"`
Parameter string `pms:"parameter, description=A sample value, pattern=.*, my=hobby, by=test"`
}
set := Sample{
ConnectString: "{\"user\":\"nisse\"}",
Secret: "{\"private\": \"nobody knows\", \"lockkey\":\"eeej1¤¤&1!\"}",
Parameter: "a parameter"
}
s := NewSsmSerializer("dev", "test-service")
objs, json, err := s.ReportWithOpts(&set, NoFilter, true)
if err != nil {
panic(err)
}Renders a JSON report on the following format:
{
"parameters": [
{
"type": "secrets-manager",
"fqname": "/dev/test-service/connectstring",
"keyid": "",
"description": "",
"tags": {"gurka":"biffen","nasse":"hunden"},
"details": {
"strkey": "password"
},
"value": "{\"user\": \"nisse\"}"
},
{
"type": "secrets-manager",
"fqname": "/dev/test-service/mysecret",
"keyid": "",
"description": "",
"tags": {},
"details": {
"strkey": null
},
"value": "{\"private\": \"nobody knows\", \"lockkey\":\"eeej1¤¤&1!\"}"
},
{
"type": "parameter-store",
"fqname": "/dev/test-service/parameter",
"keyid": "",
"description": "A sample value",
"tags": {"my":"hobby", "by": "test"},
"details": {
"pattern": ".*",
"tier": "Standard"
},
"value": "a parameter",
"valuetype": "String"
}
]
}Also project (folder cdk) where it adds a npm package to generate CDK Constructs that is template driven. This can then be used in a CDK stack to include parameters / secrets to be provisioned via CloudFormation. The only gotcha is that it is not possible to use Cloud Formation to create a SecretString parameter. However Secrets Manager secrets may be create and hence can be generated. Therefore filder out all secure parameter store parameters.
Basic Marshal & Unmarshal Support
This release can handle basic marshal and unmarshal using structs and nested structs (not pointers). It handles unmarshal of strings and integers. Marshalling may handle unsinged integers, floats and boolean as well.
This is basically for testing & not production!