@nu-art/google-services/backend/modules/ModuleBE_SecretManager.js

google-services

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ModuleBE_SecretManager = exports.ModuleBE_SecretManager_Class = void 0;
const ts_common_1 = require("@nu-art/ts-common");
const secret_manager_1 = require("@google-cloud/secret-manager");
class ModuleBE_SecretManager_Class extends ts_common_1.Module {
    constructor() {
        super();
        //######################### Inner Logic #########################
        this.getOrCreateSecret = async (parent, name) => {
            try {
                const pathToSecret = `projects/${parent}/secrets/${name}`;
                const [secret] = await this.secretManagerClient.getSecret({ name: pathToSecret });
                //Secret exists, return it
                this.logVerbose(`Secret exists: ${secret.name}`);
                return secret;
            }
            catch (err) {
                if (err.code !== 5) { // error 5 means secret does not exist, so we continue on to create it
                    this.logError('Failed to get secret', err);
                    throw err;
                }
                //Secret did not exist, create and return it
                const [secret] = await this.secretManagerClient.createSecret({
                    parent: `projects/${parent}`,
                    secretId: name,
                    secret: {
                        name: name,
                        replication: {
                            automatic: {},
                        }
                    }
                });
                this.logVerbose(`Created secret ${secret.name}`);
                return secret;
            }
        };
        this.updateSecret = async (secret, data) => {
            try {
                const [version] = await this.secretManagerClient.addSecretVersion({
                    parent: secret.name,
                    payload: {
                        data: Buffer.from(data, 'utf-8')
                    },
                });
                this.logVerbose(`Updated secret ${secret.name} version ${version.name}`);
            }
            catch (err) {
                this.logError(`Failed to update secret ${secret.name}`);
                throw err;
            }
        };
        this.secretManagerClient = new secret_manager_1.SecretManagerServiceClient();
    }
    async getSecret(secretName) {
        var _a, _b;
        try {
            const [version] = await this.secretManagerClient.accessSecretVersion({
                name: secretName
            });
            const secretContent = (_b = (_a = version.payload) === null || _a === void 0 ? void 0 : _a.data) === null || _b === void 0 ? void 0 : _b.toString();
            if (!secretContent)
                throw new ts_common_1.MUSTNeverHappenException(`Got empty content for secret: ${secretName}`);
            return secretContent;
        }
        catch (e) {
            this.logError(`Failed to get secret: ${secretName}`, (0, ts_common_1.__stringify)(e));
            throw e;
        }
    }
    async upsertSecret(props) {
        const secret = await this.getOrCreateSecret(props.parent, props.name);
        if (!secret.name)
            throw new ts_common_1.BadImplementationException(`Got string with no name on it for ${(0, ts_common_1.__stringify)(props)}`);
        await this.updateSecret(secret, props.data);
        return secret.name;
    }
}
exports.ModuleBE_SecretManager_Class = ModuleBE_SecretManager_Class;
exports.ModuleBE_SecretManager = new ModuleBE_SecretManager_Class();