Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
310 views
in Technique[技术] by (71.8m points)

python - Test Lambda function with secrets locally without AWS secrets manager

I have code like this

Unix = 'linux'
Mac = 'darwin'
if sys.platform == Unix
   do this
elif sys.platform == Mac
   do this

I have this check for sys platform because aws is unix based, and therefore if sys.platform = 'Mac' then I am running locally.

I'm running into trouble when I try to dockerize this application because the dockerized build is linux based, so in this if-else statement, the build will run the 1st part of the if-else even though I'm building the docker container locally.

Is it possible to set the sys.platform in a dockerfile?

edit:

Problem Statement:

Trying to dockerize an aws lambda function. To do so, I need to test the lambda function locally.

My lamba function composition looks like this:

app
    lambda_function1
        database.py
        helper.py
functions
    lambda_function1.py

The main purpose of this lambda function is to read data from the production database, and then predict some value based on the data.

database.py
    import helper
    ...
    class DB:
        def __init__(self):
            self.secrets = helper.get_secrets()
            self.db_name = self.secrets.get('DB', '')
            self.db_host = self.secrets.get('Host', '')
            self.db_password = self.secrets.get('Password', '')
        ...
helper.py
    import sys
    import boto3
    ....
    def get_secrets():
        secrets = {}
        if sys.platform == constants.MAC_PLATFORM:
            secrets = local_secrets()
            return secrets
        session = boto3.session.Session()
        client = session.client(service_name='secretsmanager',
                                region_name='us-west-2')
        secrets = get_aws_secrets()

As you can see, if sys platform is 'darwin', then the secrets will be local secrets. If sys platform is 'linux', then the secrets will be secrets pulled from aws.

For some reason, I am unable to connect to the database with the aws secrets in my local docker build due to a tcp/ip error. I think this is due to some weird configuration issue that I don't have locally that aws might have, therefore I would like to start by working with the local database in docker, and use the get_local_secrets method to obtain secrets.

Any ideas?

question from:https://stackoverflow.com/questions/65944098/test-lambda-function-with-secrets-locally-without-aws-secrets-manager

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I'd use the environment variable suggestion and run locally by setting some values at runtime:

import os

if os.environ.get('LOCAL_TEST', 'false').lower().strip() == 'true':
    secrets = local_secrets()
else:
    # use aws secrets

And run your container like:

docker run -e LOCAL_TEST=true your_image

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...