Search in sources :

Example 1 with VaultException

use of com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.

the class AWSVaultServiceImpl method createOrReplace.

@Override
public Uni<Void> createOrReplace(EventBridgeSecret secret) {
    CreateSecretRequest createSecretRequest = CreateSecretRequest.builder().name(secret.getId()).secretString(Json.encode(secret.getValues())).build();
    return Uni.createFrom().future(asyncClient.createSecret(createSecretRequest)).replaceWithVoid().onFailure(e -> !(e instanceof ResourceExistsException)).retry().withJitter(DEFAULT_JITTER).withBackOff(DEFAULT_BACKOFF).atMost(MAX_RETRIES).onFailure(ResourceExistsException.class).recoverWithUni(() -> replaceSecret(secret)).onFailure().transform(e -> new VaultException("Could not replace secret '%s' in AWS Vault", e)).invoke(() -> {
        CACHE.put(secret.getId(), secret);
        LOGGER.debug("Secret '{}' created in AWS Vault", secret.getId());
    });
}
Also used : ResourceNotFoundException(software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException) Json(io.vertx.core.json.Json) Logger(org.slf4j.Logger) LoggerFactory(org.slf4j.LoggerFactory) CreateSecretRequest(software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest) PutSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest) ResourceExistsException(software.amazon.awssdk.services.secretsmanager.model.ResourceExistsException) Uni(io.smallrye.mutiny.Uni) DeleteSecretRequest(software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest) Inject(javax.inject.Inject) SecretsManagerAsyncClient(software.amazon.awssdk.services.secretsmanager.SecretsManagerAsyncClient) Duration(java.time.Duration) Map(java.util.Map) ApplicationScoped(javax.enterprise.context.ApplicationScoped) EventBridgeSecret(com.redhat.service.bridge.infra.models.EventBridgeSecret) GetSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException) LRUCache(io.vertx.ext.web.impl.LRUCache) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException) ResourceExistsException(software.amazon.awssdk.services.secretsmanager.model.ResourceExistsException) CreateSecretRequest(software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest)

Example 2 with VaultException

use of com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.

the class AWSVaultServiceImpl method get.

@Override
public Uni<EventBridgeSecret> get(String name) {
    if (CACHE.containsKey(name)) {
        LOGGER.debug("Secret '{}' found in the cache.", name);
        return Uni.createFrom().item(CACHE.get(name));
    }
    return Uni.createFrom().future(asyncClient.getSecretValue(GetSecretValueRequest.builder().secretId(name).build())).onFailure(e -> !(e instanceof ResourceNotFoundException)).retry().withJitter(DEFAULT_JITTER).withBackOff(DEFAULT_BACKOFF).atMost(MAX_RETRIES).onFailure().transform(e -> new VaultException("Secret '%s' not found in AWS Vault", e)).flatMap(x -> {
        LOGGER.debug("Secret '{}' found in AWS Vault", name);
        EventBridgeSecret secret = new EventBridgeSecret().setId(name).setValues(Json.decodeValue(x.secretString(), Map.class));
        CACHE.put(name, secret);
        return Uni.createFrom().item(secret);
    });
}
Also used : ResourceNotFoundException(software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException) Json(io.vertx.core.json.Json) Logger(org.slf4j.Logger) LoggerFactory(org.slf4j.LoggerFactory) CreateSecretRequest(software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest) PutSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest) ResourceExistsException(software.amazon.awssdk.services.secretsmanager.model.ResourceExistsException) Uni(io.smallrye.mutiny.Uni) DeleteSecretRequest(software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest) Inject(javax.inject.Inject) SecretsManagerAsyncClient(software.amazon.awssdk.services.secretsmanager.SecretsManagerAsyncClient) Duration(java.time.Duration) Map(java.util.Map) ApplicationScoped(javax.enterprise.context.ApplicationScoped) EventBridgeSecret(com.redhat.service.bridge.infra.models.EventBridgeSecret) GetSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException) LRUCache(io.vertx.ext.web.impl.LRUCache) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException) ResourceNotFoundException(software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException) EventBridgeSecret(com.redhat.service.bridge.infra.models.EventBridgeSecret) Map(java.util.Map)

Example 3 with VaultException

use of com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException in project sandbox by 5733d9e2be6485d52ffa08870cabdee0.

the class AWSVaultServiceImpl method replaceSecret.

private Uni<Void> replaceSecret(EventBridgeSecret secret) {
    LOGGER.debug("Secret '{}' already exists in AWS Vault. Replacing..", secret.getId());
    PutSecretValueRequest putSecretValueRequest = PutSecretValueRequest.builder().secretId(secret.getId()).secretString(Json.encode(secret.getValues())).build();
    return Uni.createFrom().future(asyncClient.putSecretValue(putSecretValueRequest)).replaceWithVoid().onFailure().retry().withJitter(DEFAULT_JITTER).withBackOff(DEFAULT_BACKOFF).atMost(MAX_RETRIES).onFailure().transform(e -> new VaultException("Could not replace secret '%s' in AWS Vault", e)).invoke(() -> LOGGER.debug("Secret '{}' replaced", secret.getId()));
}
Also used : ResourceNotFoundException(software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException) Json(io.vertx.core.json.Json) Logger(org.slf4j.Logger) LoggerFactory(org.slf4j.LoggerFactory) CreateSecretRequest(software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest) PutSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest) ResourceExistsException(software.amazon.awssdk.services.secretsmanager.model.ResourceExistsException) Uni(io.smallrye.mutiny.Uni) DeleteSecretRequest(software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest) Inject(javax.inject.Inject) SecretsManagerAsyncClient(software.amazon.awssdk.services.secretsmanager.SecretsManagerAsyncClient) Duration(java.time.Duration) Map(java.util.Map) ApplicationScoped(javax.enterprise.context.ApplicationScoped) EventBridgeSecret(com.redhat.service.bridge.infra.models.EventBridgeSecret) GetSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException) LRUCache(io.vertx.ext.web.impl.LRUCache) PutSecretValueRequest(software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest) VaultException(com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException)

Aggregations

VaultException (com.redhat.service.bridge.infra.exceptions.definitions.platform.VaultException)3 EventBridgeSecret (com.redhat.service.bridge.infra.models.EventBridgeSecret)3 Uni (io.smallrye.mutiny.Uni)3 Json (io.vertx.core.json.Json)3 LRUCache (io.vertx.ext.web.impl.LRUCache)3 Duration (java.time.Duration)3 Map (java.util.Map)3 ApplicationScoped (javax.enterprise.context.ApplicationScoped)3 Inject (javax.inject.Inject)3 Logger (org.slf4j.Logger)3 LoggerFactory (org.slf4j.LoggerFactory)3 SecretsManagerAsyncClient (software.amazon.awssdk.services.secretsmanager.SecretsManagerAsyncClient)3 CreateSecretRequest (software.amazon.awssdk.services.secretsmanager.model.CreateSecretRequest)3 DeleteSecretRequest (software.amazon.awssdk.services.secretsmanager.model.DeleteSecretRequest)3 GetSecretValueRequest (software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest)3 PutSecretValueRequest (software.amazon.awssdk.services.secretsmanager.model.PutSecretValueRequest)3 ResourceExistsException (software.amazon.awssdk.services.secretsmanager.model.ResourceExistsException)3 ResourceNotFoundException (software.amazon.awssdk.services.secretsmanager.model.ResourceNotFoundException)3