func()

in provider/secrets_manager_provider.go [210:242]

• 24 lines of code
• 5 McCabe index (conditional complexity)

func (p *SecretsManagerProvider) fetchSecret(
	ctx context.Context,
	client SecretsManagerClient,
	descriptor *SecretDescriptor,
) (ver string, val *SecretValue, err error) {

	req := secretsmanager.GetSecretValueInput{SecretId: aws.String(descriptor.GetSecretName(client.IsFailover))}

	// Use explicit version if specified
	if len(descriptor.GetObjectVersion(client.IsFailover)) != 0 {
		req.SetVersionId(descriptor.GetObjectVersion(client.IsFailover))
	}

	// Use stage label if specified
	if len(descriptor.GetObjectVersionLabel(client.IsFailover)) != 0 {
		req.SetVersionStage(descriptor.GetObjectVersionLabel(client.IsFailover))
	}

	rsp, err := client.Client.GetSecretValueWithContext(ctx, &req)
	if err != nil {
		return "", nil, fmt.Errorf("%s: Failed fetching secret %s: %w", client.Region, descriptor.ObjectName, err)
	}

	// Use either secret string or secret binary.
	var sValue []byte
	if rsp.SecretString != nil {
		sValue = []byte(*rsp.SecretString)
	} else {
		sValue = rsp.SecretBinary
	}

	return *rsp.VersionId, &SecretValue{Value: sValue, Descriptor: *descriptor}, nil
}