package clients import ( "context" "encoding/json" "fmt" "edge-infra.dev/pkg/edge/bsl" "edge-infra.dev/pkg/lib/gcp/secretmanager" ) type ForemanSecretManagerClient struct { Client *secretmanager.SecretManager } func (f ForemanSecretManagerClient) GetForemanSecret(ctx context.Context, organization string) (*bsl.AccessKey, error) { bits, err := f.Client.GetLatestSecretValue(ctx, organization) if err != nil { return nil, err } return mapToAccessKey(bits) } func mapToAccessKey(bits []byte) (*bsl.AccessKey, error) { var keyMap map[string]string err := json.Unmarshal(bits, &keyMap) if err != nil { return nil, err } if err := validateKeys(keyMap); err != nil { return nil, err } return &bsl.AccessKey{ SharedKey: keyMap[bsl.SharedKey], SecretKey: keyMap[bsl.SecretKey], }, nil } func validateKeys(keyMap map[string]string) error { if _, ok := keyMap[bsl.SharedKey]; !ok { return fmt.Errorf("missing %s", bsl.SharedKey) } if _, ok := keyMap[bsl.SecretKey]; !ok { return fmt.Errorf("missing %s", bsl.SecretKey) } return nil } func NewForemanSecretManagerClient(ctx context.Context, projectID string) (ForemanSecretManagerClient, error) { client, err := secretmanager.NewWithOptions(ctx, projectID) if err != nil { return ForemanSecretManagerClient{}, err } return ForemanSecretManagerClient{ Client: &client, }, nil }