Merge pull request #15 from CDLUC3/merritt2

Enable decryption of SSM parameters
CDLUC3 · Jul 17, 2023 · 9765a8d · 9765a8d
2 parents 8f6a9cb + c4d8c20
commit 9765a8d
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 6 deletions.
diff --git a/lib/uc3-ssm.rb b/lib/uc3-ssm.rb
@@ -228,8 +228,7 @@ def sanitize_parameter_key(key)
     # Attempt to retrieve the value from AWS SSM
     def retrieve_ssm_value(key)
       return key if @ssm_skip_resolution
-
-      @client.get_parameter(name: key)[:parameter][:value]
+      @client.get_parameter(name: key, with_decryption: true)[:parameter][:value]
     rescue Aws::SSM::Errors::ParameterNotFound
       @logger.debug "ParameterNotFound for key '#{key}' in retrieve_ssm_value"
       nil

diff --git a/lib/uc3-ssm/version.rb b/lib/uc3-ssm/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Uc3Ssm
-  VERSION = '0.3.7'
+  VERSION = '0.3.10'
 end
diff --git a/spec/test/resolver_spec.rb b/spec/test/resolver_spec.rb
@@ -46,19 +46,19 @@ def mock_ssm(name, value)
         "ARN": "arn:aws:ssm:us-west-2:1111111111:parameter#{name}"
       }
     }
-    allow_any_instance_of(Aws::SSM::Client).to receive(:get_parameter).with({ name: name })
+    allow_any_instance_of(Aws::SSM::Client).to receive(:get_parameter).with({ name: name, with_decryption: true })
                                                                       .and_return(param_json)
   end
   # rubocop:enable Metrics/MethodLength
 
   def mock_ssm_failure(name, err)
-    allow_any_instance_of(Aws::SSM::Client).to receive(:get_parameter).with({ name: name })
+    allow_any_instance_of(Aws::SSM::Client).to receive(:get_parameter).with({ name: name, with_decryption: true })
                                                                       .and_raise(err)
   end
 
   def mock_ssm_not_found(name)
     allow_any_instance_of(Aws::SSM::Client).to receive(:get_parameter)
-        .with({ name: name })
+        .with({ name: name, with_decryption: true })
         .and_raise(Aws::SSM::Errors::ParameterNotFound.new({}, name))
   end