Secret Manager Support for AWS services (#937)

README.md

@@ -45,6 +45,7 @@ any longer.
 * **CloudFormation** at http://localhost:4581
 * **CloudWatch** at http://localhost:4582
 * **SSM** at http://localhost:4583
+* **SecretsManager** at http://localhost:4584
 
 
 Additionally, *LocalStack* provides a powerful set of tools to interact with the cloud services, including
@@ -293,7 +294,7 @@ Simply add the following dependency to your `pom.xml` file:
 <dependency>
     <groupId>cloud.localstack</groupId>
     <artifactId>localstack-utils</artifactId>
-    <version>0.1.14</version>
+    <version>0.1.15</version>
 </dependency>
 ```
 

localstack/constants.py

@@ -30,7 +30,7 @@
 LOCALHOST = 'localhost'
 
 # version of the Maven dependency with Java utility code
-LOCALSTACK_MAVEN_VERSION = '0.1.14'
+LOCALSTACK_MAVEN_VERSION = '0.1.15'
 
 # map of default service APIs and ports to be spun up (fetch map from localstack_client)
 DEFAULT_SERVICE_PORTS = localstack_client.config.get_service_ports()

localstack/ext/java/pom.xml

@@ -5,7 +5,7 @@
     <groupId>cloud.localstack</groupId>
     <artifactId>localstack-utils</artifactId>
     <packaging>jar</packaging>
-    <version>0.1.14</version>
+    <version>0.1.15</version>
     <name>localstack-utils</name>
 
     <description>Java utilities for the LocalStack platform.</description>

localstack/ext/java/src/main/java/cloud/localstack/DockerTestUtils.java

@@ -23,6 +23,8 @@
 import com.amazonaws.services.lambda.AWSLambdaClientBuilder;
 import com.amazonaws.services.s3.AmazonS3;
 import com.amazonaws.services.s3.AmazonS3ClientBuilder;
+import com.amazonaws.services.secretsmanager.AWSSecretsManager;
+import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
 import com.amazonaws.services.sns.AmazonSNS;
 import com.amazonaws.services.sns.AmazonSNSClientBuilder;
 import com.amazonaws.services.sqs.AmazonSQS;
@@ -58,6 +60,12 @@ public static AmazonS3 getClientS3() {
         return builder.build();
     }
 
+    public static AWSSecretsManager getClientSecretsManager() {
+        return AWSSecretsManagerClientBuilder.standard()
+                .withEndpointConfiguration(createEndpointConfiguration(LocalstackDocker.INSTANCE::getEndpointSecretsmanager))
+                .withCredentials(getCredentialsProvider()).build();
+    }
+
     public static AmazonKinesis getClientKinesis() {
         return AmazonKinesisClientBuilder.standard()
                 .withEndpointConfiguration(createEndpointConfiguration(LocalstackDocker.INSTANCE::getEndpointKinesis))

localstack/ext/java/src/main/java/cloud/localstack/Localstack.java

@@ -130,6 +130,10 @@ public static String getEndpointSSM() {
         return ensureInstallationAndGetEndpoint(ServiceName.SSM);
     }
 
+    public static String getEndpointSecretsmanager() {
+        return ensureInstallationAndGetEndpoint(ServiceName.SECRETSMANAGER);
+    }
+
     /* UTILITY METHODS */
 
     private static void ensureInstallation() {

localstack/ext/java/src/main/java/cloud/localstack/ServiceName.java

@@ -18,4 +18,5 @@ public class ServiceName {
     public static final String CLOUDFORMATION = "cloudformation";
     public static final String CLOUDWATCH = "cloudwatch";
     public static final String SSM = "ssm";
+    public static final String SECRETSMANAGER = "secretsmanager";
 }

localstack/ext/java/src/main/java/cloud/localstack/TestUtils.java

@@ -11,6 +11,8 @@
 import com.amazonaws.services.lambda.AWSLambdaClientBuilder;
 import com.amazonaws.services.s3.AmazonS3;
 import com.amazonaws.services.s3.AmazonS3ClientBuilder;
+import com.amazonaws.services.secretsmanager.AWSSecretsManager;
+import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
 import com.amazonaws.services.sqs.AmazonSQS;
 import com.amazonaws.services.sqs.AmazonSQSClient;
 import com.amazonaws.services.sqs.AmazonSQSClientBuilder;
@@ -57,6 +59,12 @@ public static AmazonS3 getClientS3() {
         return builder.build();
     }
 
+    public static AWSSecretsManager getClientSecretsManager() {
+        return AWSSecretsManagerClientBuilder.standard().
+                withEndpointConfiguration(getEndpointConfigurationSecretsManager()).
+                withCredentials(getCredentialsProvider()).build();
+    }
+
     public static AmazonKinesis getClientKinesis() {
         return AmazonKinesisClientBuilder.standard().
                 withEndpointConfiguration(getEndpointConfigurationKinesis()).
@@ -83,6 +91,10 @@ protected static AwsClientBuilder.EndpointConfiguration getEndpointConfiguration
         return getEndpointConfiguration(Localstack.getEndpointS3());
     }
 
+    protected static AwsClientBuilder.EndpointConfiguration getEndpointConfigurationSecretsManager() {
+        return getEndpointConfiguration(Localstack.getEndpointSecretsmanager());
+    }
+
     protected static AwsClientBuilder.EndpointConfiguration getEndpointConfiguration(String endpointURL) {
         return new AwsClientBuilder.EndpointConfiguration(endpointURL, DEFAULT_REGION);
     }

localstack/ext/java/src/main/java/cloud/localstack/docker/LocalstackDocker.java

@@ -170,6 +170,10 @@ public String getEndpointCloudWatch() {
     public String getEndpointSSM() {
         return endpointForService(ServiceName.SSM);
     }
+
+    public String getEndpointSecretsmanager() {
+        return endpointForService(ServiceName.SECRETSMANAGER);
+    }
 
     public String endpointForService(String serviceName) {
         if (serviceToPortMap == null) {

localstack/plugins.py

@@ -2,7 +2,7 @@
     start_s3, start_sns, start_ses, start_apigateway,
     start_elasticsearch_service, start_lambda, start_redshift, start_firehose,
     start_cloudwatch, start_cloudformation, start_dynamodbstreams, start_route53,
-    start_ssm)
+    start_ssm, start_secretsmanager)
 from localstack.services.apigateway import apigateway_listener
 from localstack.services.cloudformation import cloudformation_listener
 from localstack.services.dynamodb import dynamodb_listener, dynamodb_starter
@@ -36,6 +36,8 @@ def register_localstack_plugins():
             start=start_ses))
         register_plugin(Plugin('ssm',
             start=start_ssm))
+        register_plugin(Plugin('secretsmanager',
+            start=start_secretsmanager))
         register_plugin(Plugin('apigateway',
             start=start_apigateway,
             listener=apigateway_listener.UPDATE_APIGATEWAY))

localstack/services/infra.py

@@ -17,7 +17,7 @@
 from localstack.config import (USE_SSL, PORT_ROUTE53, PORT_S3,
     PORT_FIREHOSE, PORT_LAMBDA, PORT_SNS, PORT_REDSHIFT, PORT_CLOUDWATCH,
     PORT_DYNAMODBSTREAMS, PORT_SES, PORT_ES, PORT_CLOUDFORMATION, PORT_APIGATEWAY,
-    PORT_SSM)
+    PORT_SSM, PORT_SECRETSMANAGER)
 from localstack.utils import common, persistence
 from localstack.utils.common import (run, TMP_THREADS, in_ci, run_cmd_safe,
     TIMESTAMP_FORMAT, FuncThread, ShellCommandThread, mkdir)
@@ -193,6 +193,10 @@ def start_ssm(port=PORT_SSM, asynchronous=False):
     return start_moto_server('ssm', port, name='SSM', asynchronous=asynchronous)
 
 
+def start_secretsmanager(port=PORT_SECRETSMANAGER, asynchronous=False):
+    return start_moto_server('secretsmanager', port, name='Secrets Manager', asynchronous=asynchronous)
+
+
 # ---------------
 # HELPER METHODS
 # ---------------

requirements.txt

@@ -16,7 +16,7 @@ flask-cors==3.0.3
 flask_swagger==0.2.12
 jsonpath-rw==1.4.0
 localstack-ext>=0.8.6
-localstack-client==0.4
+localstack-client==0.6
 moto-ext==1.3.4
 nose==1.3.7
 psutil==5.4.3

tests/integration/test_secretsmanager.py

@@ -0,0 +1,20 @@
+import unittest
+from localstack.utils.aws import aws_stack
+
+
+class SecretsManagerTest(unittest.TestCase):
+    def test_create_secret(self):
+        secretsmanager_client = aws_stack.connect_to_service('secretsmanager')
+
+        secretsmanager_client.create_secret(
+            Name='test_secret_put',
+            SecretString='mysecret',
+            Description='testing creation of secrets'
+        )
+
+        response = secretsmanager_client.get_secret_value(
+            SecretId='test_secret_put',
+        )
+
+        assert response['Name'] == 'test_secret_put'
+        assert response['SecretString'] == 'mysecret'