Remove Redis secrets backend

secrets/aws.go

@@ -18,7 +18,7 @@ type awsSecretsManager struct {
 	logger *slog.Logger
 }
 
-func newAWSSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL) (secretAPI, error) {
+func NewAWSSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL) (SecretAPI, error) {
 	cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(getRegion(url.Host)))
 	if err != nil {
 		return nil, fmt.Errorf("failed to load AWS config: %w", err)
@@ -30,7 +30,7 @@ func newAWSSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL
 	}, nil
 }
 
-func (a *awsSecretsManager) getSecretValue(ctx context.Context, key string) (string, bool) {
+func (a *awsSecretsManager) GetSecretValue(ctx context.Context, key string) (string, bool) {
 	value, err := a.client.GetSecretValue(ctx, &secretsmanager.GetSecretValueInput{
 		SecretId: &key,
 	})
@@ -45,7 +45,7 @@ func (a *awsSecretsManager) getSecretValue(ctx context.Context, key string) (str
 	return *value.SecretString, true
 }
 
-func (a *awsSecretsManager) checkSecretExists(ctx context.Context, key string) bool {
+func (a *awsSecretsManager) CheckSecretExists(ctx context.Context, key string) bool {
 	secrets, err := a.client.ListSecrets(ctx, &secretsmanager.ListSecretsInput{
 		Filters: []types.Filter{
 			{

secrets/az.go

@@ -19,7 +19,7 @@ type azSecretsManager struct {
 	logger *slog.Logger
 }
 
-func newAzSecretsManager(_ context.Context, logger *slog.Logger, url *url.URL) (secretAPI, error) {
+func NewAzSecretsManager(_ context.Context, logger *slog.Logger, url *url.URL) (SecretAPI, error) {
 	cred, err := azidentity.NewDefaultAzureCredential(nil)
 	if err != nil {
 		return nil, fmt.Errorf("failed to obtain Azure credentials: %w", err)
@@ -36,7 +36,7 @@ func newAzSecretsManager(_ context.Context, logger *slog.Logger, url *url.URL) (
 	}, nil
 }
 
-func (a *azSecretsManager) getSecretValue(ctx context.Context, key string) (string, bool) {
+func (a *azSecretsManager) GetSecretValue(ctx context.Context, key string) (string, bool) {
 	resp, err := a.client.GetSecret(ctx, key, latestVersion, nil)
 	if err != nil {
 		if status.Code(err) != codes.NotFound {
@@ -48,7 +48,7 @@ func (a *azSecretsManager) getSecretValue(ctx context.Context, key string) (stri
 	return *resp.Value, true
 }
 
-func (a *azSecretsManager) checkSecretExists(ctx context.Context, key string) bool {
+func (a *azSecretsManager) CheckSecretExists(ctx context.Context, key string) bool {
 	pager := a.client.NewListSecretVersionsPager(key, nil)
 	if !pager.More() {
 		return false

secrets/gcp.go

@@ -18,7 +18,7 @@ type gcpSecretsManager struct {
 	logger    *slog.Logger
 }
 
-func newGCPSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL) (secretAPI, error) {
+func NewGCPSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL) (SecretAPI, error) {
 	client, err := secretmanager.NewClient(ctx)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create secretmanager client: %w", err)
@@ -31,7 +31,7 @@ func newGCPSecretsManager(ctx context.Context, logger *slog.Logger, url *url.URL
 	}, nil
 }
 
-func (g *gcpSecretsManager) getSecretValue(ctx context.Context, key string) (string, bool) {
+func (g *gcpSecretsManager) GetSecretValue(ctx context.Context, key string) (string, bool) {
 	resp, err := g.client.AccessSecretVersion(ctx, &secretmanagerpb.AccessSecretVersionRequest{
 		Name: g.getLatestSecretID(key),
 	})
@@ -46,7 +46,7 @@ func (g *gcpSecretsManager) getSecretValue(ctx context.Context, key string) (str
 	return value, true
 }
 
-func (g *gcpSecretsManager) checkSecretExists(ctx context.Context, key string) bool {
+func (g *gcpSecretsManager) CheckSecretExists(ctx context.Context, key string) bool {
 	_, err := g.client.GetSecret(ctx, &secretmanagerpb.GetSecretRequest{
 		Name: g.getSecretID(key),
 	})

secrets/generic.go

@@ -26,25 +26,25 @@ import (
 // prefix used to reference secrets from external secret managers, to differentiate them from environment variables
 const secretPrefix = "secrets."
 
-type secretAPI interface {
-	getSecretValue(context.Context, string) (string, bool)
-	checkSecretExists(context.Context, string) bool
+type SecretAPI interface {
+	GetSecretValue(context.Context, string) (string, bool)
+	CheckSecretExists(context.Context, string) bool
 }
 
-type createSecretsManagerFn func(ctx context.Context, logger *slog.Logger, url *url.URL) (secretAPI, error)
+type CreateSecretsManagerFn func(ctx context.Context, logger *slog.Logger, url *url.URL) (SecretAPI, error)
 
-type secretManager struct {
-	secretAPI secretAPI
-	prefix    string
+type secretProvider struct {
+	SecretAPI
+	prefix string
 }
 
-func (s *secretManager) lookup(ctx context.Context, key string) (string, bool) {
+func (s *secretProvider) GetSecretValue(ctx context.Context, key string) (string, bool) {
 	secretName, field, ok := s.trimPrefixAndSplit(key)
 	if !ok {
 		return "", false
 	}
 
-	value, found := s.secretAPI.getSecretValue(ctx, secretName)
+	value, found := s.SecretAPI.GetSecretValue(ctx, secretName)
 	if !found {
 		return "", false
 	}
@@ -56,30 +56,30 @@ func (s *secretManager) lookup(ctx context.Context, key string) (string, bool) {
 	return getJSONValue(value, field)
 }
 
-func (s *secretManager) exists(ctx context.Context, key string) bool {
+func (s *secretProvider) CheckSecretExists(ctx context.Context, key string) bool {
 	secretName, _, ok := s.trimPrefixAndSplit(key)
 	if !ok {
 		return false
 	}
 
-	return s.secretAPI.checkSecretExists(ctx, secretName)
+	return s.SecretAPI.CheckSecretExists(ctx, secretName)
 }
 
-func newSecretManager(ctx context.Context, logger *slog.Logger, url *url.URL, createSecretsManagerFn createSecretsManagerFn) (LookupFn, ExistsFn, error) {
+func NewSecretProvider(ctx context.Context, logger *slog.Logger, url *url.URL, createSecretsManagerFn CreateSecretsManagerFn) (SecretAPI, error) {
 	secretsManager, err := createSecretsManagerFn(ctx, logger, url)
 	if err != nil {
-		return nil, nil, err
+		return nil, err
 	}
-	secretManager := &secretManager{
-		secretAPI: secretsManager,
+	secretProvider := &secretProvider{
+		SecretAPI: secretsManager,
 		prefix:    strings.TrimPrefix(url.Path, "/"),
 	}
 
-	return secretManager.lookup, secretManager.exists, nil
+	return secretProvider, nil
 }
 
 // trims the secret prefix and returns full secret ID with JSON field reference
-func (s *secretManager) trimPrefixAndSplit(key string) (string, string, bool) {
+func (s *secretProvider) trimPrefixAndSplit(key string) (string, string, bool) {
 	if !strings.HasPrefix(key, secretPrefix) {
 		return "", "", false
 	}

secrets/generic_test.go

@@ -91,29 +91,29 @@ func Test_secretManager_lookup(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			parsedURL, err := url.Parse(tt.args.url)
 			require.NoError(t, err)
-			loookup, exists, err := newSecretManager(context.Background(), slog.Default(), parsedURL, func(ctx context.Context, logger *slog.Logger, url *url.URL) (secretAPI, error) {
+			secretsApi, err := NewSecretProvider(context.Background(), slog.Default(), parsedURL, func(ctx context.Context, logger *slog.Logger, url *url.URL) (SecretAPI, error) {
 				return &fakeSecretManager{
 					secrets: tt.args.secrets,
 				}, nil
 			})
 			require.NoError(t, err)
 
-			gotExists := exists(context.Background(), tt.args.key)
+			gotExists := secretsApi.CheckSecretExists(context.Background(), tt.args.key)
 			assert.Equalf(t, tt.wantExists, gotExists, "exists(%v, %v)", context.Background(), tt.args.key)
 
-			gotValue, gotExists := loookup(context.Background(), tt.args.key)
+			gotValue, gotExists := secretsApi.GetSecretValue(context.Background(), tt.args.key)
 			assert.Equalf(t, tt.wantValue, gotValue, "lookup(%v, %v)", context.Background(), tt.args.key)
 			assert.Equalf(t, tt.wantExists, gotExists, "lookup(%v, %v)", context.Background(), tt.args.key)
 		})
 	}
 }
 
-func (f *fakeSecretManager) getSecretValue(_ context.Context, key string) (string, bool) {
+func (f *fakeSecretManager) GetSecretValue(_ context.Context, key string) (string, bool) {
 	value, ok := f.secrets[key]
 	return value, ok
 }
 
-func (f *fakeSecretManager) checkSecretExists(_ context.Context, key string) bool {
+func (f *fakeSecretManager) CheckSecretExists(_ context.Context, key string) bool {
 	_, ok := f.secrets[key]
 	return ok
 }

secrets/go.mod

@@ -8,9 +8,6 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0
 	github.com/aws/aws-sdk-go-v2/config v1.28.1
 	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.3
-	github.com/ory/dockertest/v3 v3.11.0
-	github.com/redis/go-redis/v9 v9.7.0
-	github.com/redpanda-data/benthos/v4 v4.40.0
 	github.com/stretchr/testify v1.9.0
 	github.com/tidwall/gjson v1.18.0
 	google.golang.org/grpc v1.67.1
@@ -21,19 +18,10 @@ require (
 	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
 	cloud.google.com/go/compute/metadata v0.5.2 // indirect
 	cloud.google.com/go/iam v1.2.1 // indirect
-	cuelang.org/go v0.9.2 // indirect
-	dario.cat/mergo v1.0.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
-	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
-	github.com/Jeffail/gabs/v2 v2.7.0 // indirect
-	github.com/Jeffail/grok v1.1.0 // indirect
-	github.com/Jeffail/shutdown v1.0.0 // indirect
-	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
-	github.com/OneOfOne/xxhash v1.2.8 // indirect
 	github.com/aws/aws-sdk-go-v2 v1.32.3 // indirect
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.42 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.18 // indirect
@@ -46,74 +34,22 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.32.3 // indirect
 	github.com/aws/smithy-go v1.22.0 // indirect
-	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
-	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/cockroachdb/apd/v3 v3.2.1 // indirect
-	github.com/containerd/continuity v0.4.3 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
-	github.com/docker/cli v26.1.4+incompatible // indirect
-	github.com/docker/docker v27.1.1+incompatible // indirect
-	github.com/docker/go-connections v0.5.0 // indirect
-	github.com/docker/go-units v0.5.0 // indirect
-	github.com/fatih/color v1.17.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/gofrs/uuid v4.4.0+incompatible // indirect
-	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
-	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
 	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
-	github.com/gorilla/handlers v1.5.2 // indirect
-	github.com/gorilla/mux v1.8.1 // indirect
-	github.com/govalues/decimal v0.1.29 // indirect
-	github.com/hashicorp/golang-lru/arc/v2 v2.0.7 // indirect
-	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
-	github.com/influxdata/go-syslog/v3 v3.0.0 // indirect
-	github.com/itchyny/gojq v0.12.16 // indirect
-	github.com/itchyny/timefmt-go v0.1.6 // indirect
-	github.com/jmespath/go-jmespath v0.4.0 // indirect
-	github.com/klauspost/compress v1.17.9 // indirect
-	github.com/klauspost/pgzip v1.2.6 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
-	github.com/matoous/go-nanoid/v2 v2.1.0 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
-	github.com/moby/docker-image-spec v1.3.1 // indirect
-	github.com/moby/term v0.5.0 // indirect
-	github.com/nsf/jsondiff v0.0.0-20210926074059-1e845ec5d249 // indirect
-	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.1.0 // indirect
-	github.com/opencontainers/runc v1.1.13 // indirect
-	github.com/pierrec/lz4/v4 v4.1.21 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
-	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/quipo/dependencysolver v0.0.0-20170801134659-2b009cb4ddcc // indirect
-	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
-	github.com/rickb777/period v1.0.6 // indirect
-	github.com/rickb777/plural v1.4.2 // indirect
-	github.com/robfig/cron/v3 v3.0.1 // indirect
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/segmentio/ksuid v1.0.4 // indirect
-	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/redis/go-redis/v9 v9.7.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.0 // indirect
-	github.com/tilinna/z85 v1.0.0 // indirect
-	github.com/urfave/cli/v2 v2.27.4 // indirect
-	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
-	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
-	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
-	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
@@ -128,10 +64,9 @@ require (
 	golang.org/x/text v0.19.0 // indirect
 	golang.org/x/time v0.7.0 // indirect
 	google.golang.org/api v0.203.0 // indirect
+	google.golang.org/genproto v0.0.0-20241015192408-796eee8c2d53 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20241007155032-5fefd90f89a9 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
 	google.golang.org/protobuf v1.35.1 // indirect
-	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )