in app/aws.go [62:83]
func loadSecret(ctx context.Context, manager *secretsmanager.Client, secretID string) (string, error) {
input := &secretsmanager.GetSecretValueInput{
SecretId: ptrFromString(secretID),
VersionStage: ptrFromString("AWSCURRENT"),
}
result, err := manager.GetSecretValue(ctx, input)
if err != nil {
return "", fmt.Errorf("failed to retrieve sercet value: %w", err)
}
if result.SecretString != nil {
return *result.SecretString, nil
}
decodedBinarySecretBytes := make([]byte, base64.StdEncoding.DecodedLen(len(result.SecretBinary)))
if _, err := base64.StdEncoding.Decode(decodedBinarySecretBytes, result.SecretBinary); err != nil {
return "", fmt.Errorf("failed to decode base64 encoded secret: %w", err)
}
return string(decodedBinarySecretBytes), nil
}