SFR-2472: Load secrets when loading env (#508)

kylevillegas93 · web-flow · commit b89b19bf4b00 · 2025-01-13T14:21:16.000-05:00
diff --git a/load_env.py b/load_env.py
@@ -2,6 +2,34 @@
 from typing import Optional
 import yaml
 
+from services.ssm_service import SSMService
+
+
+ENV_VAR_TO_SSM_NAME = {
+    'CONTENT_CAFE_USER': 'contentcafe/user',
+    'CONTENT_CAFE_PSWD': 'contentcafe/pswd',
+    'ELASTICSEARCH_PSWD': 'elasticsearch/pswd',
+    'ELASTICSEARCH_USER': 'elasticsearch/user',
+    'GITHUB_API_KEY': 'github-key',
+    'GOOGLE_BOOKS_KEY': 'google-books/api-key',
+    'HATHI_API_KEY': 'hathitrust/api-key',
+    'HATHI_API_SECRET': 'hathitrust/api-secret',
+    'NEW_RELIC_LICENSE_KEY': 'newrelic/key',
+    'NYPL_API_CLIENT_ID': 'nypl-api/client-id',
+    'NYPL_API_CLIENT_PUBLIC_KEY': 'nypl-api/public-key',
+    'NYPL_API_CLIENT_SECRET': 'nypl-api/client-secret',
+    'NYPL_BIB_PSWD': 'postgres/nypl-pswd',
+    'NYPL_BIB_USER': 'postgres/nypl-user',
+    'OCLC_METADATA_ID': 'oclc-metadata-clientid',
+    'OCLC_METADATA_SECRET': 'oclc-metadata-secret',
+    'OCLC_CLIENT_ID': 'oclc-search-clientid',
+    'OCLC_CLIENT_SECRET': 'oclc-search-secret',
+    'POSTGRES_PSWD': 'postgres/pswd',
+    'POSTGRES_USER': 'postgres/user',
+    'RABBIT_PSWD': 'rabbit-pswd',
+    'RABBIT_USER': 'rabbit-user',
+}
+
 
 def load_env_file(run_type: str, file_string: Optional[str]=None) -> None:
     """Loads configuration details from a specific yaml file.
@@ -37,3 +65,12 @@ def load_env_file(run_type: str, file_string: Optional[str]=None) -> None:
     if env_dict:
         for key, value in env_dict.items():
             os.environ[key] = value
+
+    load_secrets()
+            
+def load_secrets():
+    ssm_service = SSMService()
+
+    for env_var, param_name in ENV_VAR_TO_SSM_NAME.items():
+        if os.environ.get(env_var, None) is None:
+            os.environ[env_var] = ssm_service.get_parameter(param_name)
diff --git a/services/ssm_service.py b/services/ssm_service.py
@@ -15,7 +15,7 @@ def __init__(self):
             region_name=os.environ.get('AWS_REGION', None)
         )
 
-        self.environment = 'production' if os.environ['ENVIRONMENT'] == 'production' else 'qa'
+        self.environment = 'production' if os.environ.get('ENVIRONMENT', 'qa') == 'production' else 'qa'
 
     def get_parameter(self, parameter_name: str) -> Optional[dict]:
         try:

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ def __init__(self):`
`15`	`15`	`region_name=os.environ.get('AWS_REGION', None)`
`16`	`16`	`)`
`17`	`17`
`18`		`- self.environment = 'production' if os.environ['ENVIRONMENT'] == 'production' else 'qa'`
	`18`	`+ self.environment = 'production' if os.environ.get('ENVIRONMENT', 'qa') == 'production' else 'qa'`
`19`	`19`
`20`	`20`	`def get_parameter(self, parameter_name: str) -> Optional[dict]:`
`21`	`21`	`try:`