Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_secretsmanager crashes on non-string JSON values #10421

Closed
ajbdev opened this issue Dec 22, 2020 · 8 comments
Closed

aws_secretsmanager crashes on non-string JSON values #10421

ajbdev opened this issue Dec 22, 2020 · 8 comments
Labels
bug enhancement good first issue

Comments

@ajbdev
Copy link

ajbdev commented Dec 22, 2020
edited
Loading

Overview of the Issue

An AWS secret manager JSON secret that contains non-string values will cause packer to crash with a go marshaling error:

template: root:1:3: executing "root" at <aws_secretsmanager
`developmentDBSecret52FA5B0R-RsFGddtv` `host`>: error calling
aws_secretsmanager: json: cannot unmarshal number into Go value of type string

Reproduction Steps

Steps to reproduce this issue

  1. Store a secret in AWS secrets manager with a number value. E.g:
{
  "port": 5432
}
  1. Use the aws_secretsmanager function to retrieve a secret in a packer config

Observed result: attempting to retrieve any key will throw a JSON marshaling failure.

Packer version

1.6.6

Simplified Packer Buildfile

...
"variables": {
  "var1": "aws_secretsmanger `secretname` `keyname`"
}

Operating system and Environment details

Ubuntu 20 amd64
@ajbdev ajbdev added the bug label Dec 22, 2020
@ajbdev ajbdev changed the title aws_secretsmanager crashes on non-string values aws_secretsmanager crashes on non-string JSON values Dec 22, 2020
@ajbdev
Copy link
Author

ajbdev commented Dec 22, 2020

My golang-fu is too weak to know the proper solution here, but I think the offending code is here: https://github.com/hashicorp/packer-plugin-sdk/blob/main/template/interpolate/aws/secretsmanager/secretsmanager.go#L79-L87

@SwampDragons
Copy link
Contributor

Yeah, it looks like the template function only supports string values for secrets; the docs should be clearer on this.

@SwampDragons
Copy link
Contributor

you're right about the location of the issue -- we could probably unmarshal into a map[string]interface{} and cast it into the map[string]string var.

@teddylear
Copy link
Contributor

@SwampDragons I can take a look into this if that's alright

@teddylear teddylear mentioned this issue Jan 17, 2021
Merged
@teddylear
Copy link
Contributor

@SwampDragons I created this PR to address the outlined issue. Please let me know if there's anything that needs to be changed. There is still the question of if this should be changed to return an interface instead of string, but my understanding is that would be a more large scale refactor.

@teddylear
Copy link
Contributor

@SwampDragons This should be able to be closed now that PR is merged.

@azr
Copy link
Contributor

azr commented Jan 21, 2021

Right ! Thanks @teddylear

@azr azr closed this as completed Jan 21, 2021
@ghost
Copy link

ghost commented Feb 21, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked as resolved and limited conversation to collaborators Feb 21, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug enhancement good first issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ajbdev @SwampDragons @azr @teddylear