getenv

package
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

README

Decouple how to retrieve a variable of any type (usually string or binary)

In Lambda, more often than not you would use environment variables to configure the runtime. You may also want to retrieve from Parameter Store or Secrets Manager instead if you have credentials or secrets. This module provides an abstract to decouple usage of an environment from how it is retrieved.

package main

import (
	"context"
	"crypto/hmac"
	"crypto/sha256"
	"log"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
	"github.com/aws/aws-sdk-go-v2/service/ssm"
	"github.com/nguyengg/go-aws-commons/lambda/getenv"
)

func main() {
	// while prototyping, you can retrieve from environment variable
	// r is the string value from environment variable named TEST
	v := getenv.Env("TEST")
	r := v.MustGet()
	log.Printf("%s (%T)", r, r) // r is a string

	// now you want to retrieve from Parameter Store using the AWS Parameter Store and Secrets Lambda extension
	// (available since we're running in Lambda) instead.
	v = getenv.ParameterString(&ssm.GetParameterInput{
		Name:           aws.String("my-parameter-name"),
		WithDecryption: aws.Bool(true),
	})
	r, err := v.GetWithContext(context.Background())
	log.Printf("%s (%T)", r, r) // r is a string

	// if you need to retrieve some binary key from Secrets Manager using the AWS Parameter Store and Secrets Lambda
	// extension (available since we're running in Lambda).
	// in this example, the key is retrieved and then used as secret key for HMAC verification.
	key := getenv.SecretBinary(&secretsmanager.GetSecretValueInput{
		SecretId:     aws.String("my-secret-id"),
		VersionId:    nil,
		VersionStage: nil,
	})
	h := hmac.New(sha256.New, key.MustGetWithContext(context.Background()))
	h.Write( /* some data */ )
	h.Sum(nil)
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultSecretStringDecoder 

func DefaultSecretStringDecoder(v string) (data []byte, err error)

DefaultSecretStringDecoder attempts to decode the string first with base64.RawStdEncoding, then with hex.DecodeString, and as a fallback, converts the string to []byte.

Types

type Variable 

type Variable[T any] interface {
	Get() (T, error)
	GetWithContext(ctx context.Context) (T, error)
	MustGet() T
	MustGetWithContext(ctx context.Context) T
}

Variable defines ways to retrieve a variable.

func Env 

func Env(key string) Variable[string]

Env calls os.Getenv and returns that value in subsequent calls.

See Getenv if you need something that calls os.Getenv on every invocation.

func EnvAs 

func EnvAs[T any](key string, m func(string) (T, error)) Variable[T]

EnvAs calls os.Getenv, decodes with m, then returns that value in subsequent calls.

See GetenvAs if you need something that calls os.Getenv on every invocation.

func Getenv 

func Getenv(key string) Variable[string]

Getenv calls os.Getenv on every invocation and returns its value.

Most of the time, Env suffices because environment variables are not updated that often. Use Getenv if you have a use case where the environment variables might be updated by some other processes.

func GetenvAs 

func GetenvAs[T any](key string, m func(string) (T, error)) Variable[T]

GetenvAs calls os.Getenv on every invocation, decodes with m, and returns its value.

Most of the time, EnvAs suffices because environment variables are not updated that often. Use GetenvAs if you have a use case where the environment variables might be updated by some other processes.

func Map 

func Map[In any, Out any](v Variable[In], m func(In) (Out, error)) Variable[Out]

Map provides a way to transform the original variable into another type.

Useful if you're getting base64-encoded strings from either environment variables or AWS ParameterAs Store and Secrets Manager Lambda extension.

func ParameterAs 

func ParameterAs[T any](input *ssm.GetParameterInput, m func(*string) (T, error)) Variable[T]

ParameterAs creates a Parameter Store Variable of type T that retrieves from the AWS Parameter and Secrets Lambda extension.

Function m is passed the Value from the ssm.GetParameterOutput.Parameter.

See https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands.

func ParameterBinary 

func ParameterBinary(input *ssm.GetParameterInput, decodeString func(string) ([]byte, error)) Variable[[]byte]

ParameterBinary creates a ParameterAs Store binary Variable that retrieves from the AWS Parameter and Secrets Lambda extension.

func ParameterString 

func ParameterString(input *ssm.GetParameterInput) Variable[string]

ParameterString creates a string Parameter Store Variable that retrieves from the AWS Parameter and Secrets Lambda extension.

func SecretAs 

func SecretAs[T any](input *secretsmanager.GetSecretValueInput, m func(secretBinary []byte, secretString *string) (T, error)) Variable[T]

SecretAs creates a Secrets Manager Variable of type T that retrieves from the AWS Parameter and Secrets Lambda extension.

Function m is passed both the SecretBinary and SecretString of secretsmanager.GetSecretValueOutput.

See https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands.

func SecretBinary 

func SecretBinary(input *secretsmanager.GetSecretValueInput) Variable[[]byte]

SecretBinary creates a binary Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.

If the SecretBinary is not available but the SecretString is, DefaultSecretStringDecoder is used to decode the SecretString from secretsmanager.GetSecretValueOutput.

See https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands.

func SecretBinaryWithDecoder 

func SecretBinaryWithDecoder(input *secretsmanager.GetSecretValueInput, decodeString func(secretString string) ([]byte, error)) Variable[[]byte]

SecretBinaryWithDecoder creates a binary Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.

If the SecretBinary is not available but the SecretString is, the given decodeString argument is used.

See https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands.

func SecretString 

func SecretString(input *secretsmanager.GetSecretValueInput) Variable[string]

SecretString creates a string Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.

See https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands.

func WithBase64Encoding 

func WithBase64Encoding(v Variable[string], encoding *base64.Encoding) Variable[[]byte]

WithBase64Encoding can be used to automatically base64-decode the variable.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.