search

binxio / cfn-secret-provider

A CloudFormation custom resource provider for deploying secrets and keys
Apache License 2.0
141 stars 70 forks source link

Description change generates new secret #38

Closed basschipper closed 4 years ago

basschipper commented 4 years ago

I recently updated from version v0.12.3 to v1.1.1 because of issue #25. Updating the description (or any other property) with this new version is also triggering the generation of a new secret! Is this expected behaviour in this new version?

  Secret:
    Type: Custom::Secret
    Properties:
      Name: '/foo/bar'
      Description: Foo Bar
      Alphabet: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
      Length: 30
      ReturnSecret: True
      ServiceToken: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:cfn-secret-provider'

Looking at the code I think the self.refresh_on_update should be called as function, not as property? https://github.com/binxio/cfn-secret-provider/blob/master/src/cfn_secret_provider.py#L251

mvanholsteijn commented 4 years ago

You are right, the refresh on update is incorrect. It is missing the @property annotation. I will fix it later on this day.

basschipper commented 4 years ago

Thanks for the quick fix!