Skip to content

Commit

Permalink
populate secrets from ddb
Browse files Browse the repository at this point in the history
  • Loading branch information
@0xngmi
0xngmi committed Jan 6, 2024
1 parent f40c6c9 commit c2518d9
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 0 deletions.
5 changes: 5 additions & 0 deletions serverless.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,11 @@ provider:
- dynamodb:BatchGetItem
Resource:
- "Fn::GetAtt": [DynamoTable, Arn]
- Effect: "Allow"
Action:
- dynamodb:GetItem
Resource:
- "arn:aws:dynamodb:eu-central-1:856461987125:table/secrets"
- Effect: Allow # Lambda logs on cloudwatch
Action:
- logs:CreateLogGroup
Expand Down
13 changes: 13 additions & 0 deletions src/peggedAssets/storePeggedAssets/storePegged.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import peggedAssets from "../../peggedData/peggedData";
import { importAdapter } from "../utils/importAdapter";
import { executeAndIgnoreErrors } from "./errorDb";
import { getCurrentUnixTimestamp } from "../../utils/date";
import dynamodb from "../../utils/shared/dynamodb";

const maxRetries = 4;
const chainBlocks = undefined; // not needed by any adapters
Expand Down Expand Up @@ -52,6 +53,18 @@ async function iteratePeggedAssets(peggedIndexes: number[]) {
return;
}

async function setEnvSecrets() {
try {
const { Item } = await dynamodb.getEnvSecrets()
Object.entries((Item as any)).forEach(([key, value]: any) => {
if (key !== 'PK' && key !== 'SK') process.env[key] = value
})
} catch (e) {
console.log('Unable to get env secrets: ', e)
}
}

export default async (peggedIndexes: number[]) => {
await setEnvSecrets()
await iteratePeggedAssets(peggedIndexes);
};
1 change: 1 addition & 0 deletions src/utils/shared/dynamodb.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ const dynamodb = {
})
.promise(),
scan: () => client.scan({ TableName }).promise(),
getEnvSecrets: (key: AWS.DynamoDB.DocumentClient.Key = { PK: 'lambda-secrets' }) => client.get({ TableName: 'secrets', Key: key }).promise()
};
export default dynamodb;

Expand Down

0 comments on commit c2518d9

Please sign in to comment.