Closed liorzam closed 3 weeks ago
Latest commit: 27f15d19524c6fe7f362c6ad470e213073f5ba87
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
The load_env.sh
script has been enhanced to dynamically fetch secrets from AWS Secrets Manager based on keywords in the git remote URL. It introduces a new fetch_secret()
function, logic to determine the appropriate secret name, and filters to exclude specific keys before exporting the secrets as environment variables.
File | Change Summary |
---|---|
scripts/load_env.sh |
Added fetch_secret() function, logic for secret name determination, key filtering, and environment variable export logic. |
sequenceDiagram
participant Script as load_env.sh
participant AWS as AWS Secrets Manager
participant Env as Environment Variables
Script->>Script: Determine secret name from git URL
Script->>AWS: fetch_secret(secret_name)
AWS-->>Script: Return secret values
Script->>Script: Filter out specific keys
Script->>Env: Export filtered secrets as environment variables
In the code where secrets lie,
A script now fetches from the sky.
With keys it filters, guards the gate,
Environment variables set, no wait.
Secure and swift, the changes flow,
A rabbit's touch, the secrets show. 🐇✨
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
@liorzam Using bash will turn the experience of using Ballerine even more complex for Windows-based users. I'm having difficulties understanding your decision to go with bash script (opposed to AWS SDK) and skipping secrets.
source ./scripts/load_env.sh
Summary by CodeRabbit