Skip to content

A String Type That Unmarshals From Google Secret Manager

Notifications You must be signed in to change notification settings

brockwood/secretstring

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SecretString

SecretString provides an encoding.TextUnmarshaler interface around a string that will retrieve a secret stored in a project's Google Secret Manager. It is meant to be used with Google Cloud Functions and Kelsey Hightower's envconfig library.

Requirements

The following is required:

  • The Go code that uses this needs a GCP_PROJECT environment variable set
  • It is a bit of a hack, but set the default tag to the name of the secret (see example below)

Instructions

To use this in your project, pull it down:

go get -u github.com/brockwood/secretstring

Example

package main

import (
    "fmt"
    "log"

    "github.com/brockwood/secretstring"
    "github.com/kelseyhightower/envconfig"
)

type Config struct {
    SuperSecret secretstring.SecretString `default:"SecretName"`
    GCPProject  string `split_words:"true"`
}

func main() {
    var c Config
    err := envconfig.Process("", &c)
    if err != nil {
        log.Fatal(err.Error())
    }
    format := "SuperSecret: %s\nGCP_PROJECT: %s\n"
    _, err = fmt.Printf(format, c.SuperSecret, c.GCPProject)
    if err != nil {
        log.Fatal(err.Error())
    }
}

The output:

Windows4Ever:testenv rockwoodson$ GCP_PROJECT=my-project go run main.go
SuperSecret: Drink your Ovaltine
GCP_PROJECT: my-project
Windows4Ever:testenv rockwoodson$

Note

The GCPProject struct member above is not required for the SecretString decoder to work and is only there as additional debugging output.

About

A String Type That Unmarshals From Google Secret Manager

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages