Add aws-secrets-manager example (#206)

* Add aws-secrets-manager example * Update aws-s3-folder example
VirtusLab · Oct 5, 2023 · fec6fec · fec6fec
1 parent bf28b62
commit fec6fec
Show file tree

Hide file tree

Showing 7 changed files with 125 additions and 16 deletions.
diff --git a/examples/aws-s3-folder/Main.scala b/examples/aws-s3-folder/Main.scala
@@ -61,29 +61,32 @@ val siteDir = "www"
   )
 
   // For each file in the directory, create an S3 object stored in `siteBucket`
-  val uploads: Array[Output[s3.BucketObject]] = File(siteDir).listFiles().map { file =>
+  val uploads: Output[List[s3.BucketObject]] = File(siteDir).listFiles().toList.traverse { file =>
     val name = NonEmptyString(file.getName) match
-      case Some(name) => name
-      case None => throw new RuntimeException("Unexpected empty file name")
-    s3.BucketObject(
-      name,
-      s3.BucketObjectArgs(
-        bucket = siteBucket.id, // reference the s3.Bucket object
-        source = FileAsset(file.getAbsolutePath), // use FileAsset to point to a file
-        contentType = Files.probeContentType(file.toPath) // set the MIME type of the file
-      ),
-      CustomResourceOptions(
-        dependsOn = siteBucket.map(List(_))
+      case Some(name) => Output(name)
+      case None       => Output(None).map(_ => throw new RuntimeException("Unexpected empty file name"))
+
+    name.flatMap {
+      s3.BucketObject(
+        _,
+        s3.BucketObjectArgs(
+          bucket = siteBucket.id, // reference the s3.Bucket object
+          source = FileAsset(file.getAbsolutePath), // use FileAsset to point to a file
+          contentType = Files.probeContentType(file.toPath) // set the MIME type of the file
+        ),
+        CustomResourceOptions(
+          dependsOn = siteBucket.map(List(_))
+        )
       )
-    )
+    }
   }
 
   for
     bucket <- siteBucket
     _      <- siteBucketPublicAccessBlock
     _      <- siteBucketPolicy
-    _      <- Output.sequence(uploads)
-  yield Pulumi.exports(
+    _      <- uploads
+  yield exports(
     bucketName = bucket.bucket,
     websiteUrl = bucket.websiteEndpoint
   )

diff --git a/examples/aws-s3-folder/project.scala b/examples/aws-s3-folder/project.scala
@@ -1,4 +1,5 @@
 //> using scala "3.3.1"
 //> using plugin "org.virtuslab::besom-compiler-plugin:0.1.0"
 //> using dep "org.virtuslab::besom-core:0.1.0"
-//> using dep "org.virtuslab::besom-aws:6.2.1-core.0.1.0"
+//> using dep "org.virtuslab::besom-aws:6.2.1-core.0.1.0"
+//> using options -Werror -Wunused:all -Wvalue-discard -Wnonunit-statement
diff --git a/examples/aws-secrets-manager/.gitignore b/examples/aws-secrets-manager/.gitignore
@@ -0,0 +1,8 @@
+### Scala an JVM
+*.class
+*.log
+.bsp
+.scala-build
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
diff --git a/examples/aws-secrets-manager/Main.scala b/examples/aws-secrets-manager/Main.scala
@@ -0,0 +1,27 @@
+import besom.*
+import besom.api.aws
+import besom.api.aws.secretsmanager.SecretVersionArgs
+
+@main def main = Pulumi.run {
+  // Get the Pulumi secret value
+  val mySecret = config.getSecret("aws-secrets-manager:mySecret")
+
+  // Create an AWS secret
+  val secret = aws.secretsmanager.Secret("mySecret")
+
+  // Store a new secret version
+  val secretVersion = aws.secretsmanager.SecretVersion(
+    "secretVersion",
+    SecretVersionArgs(
+      secretId = secret.id,
+      secretString = mySecret
+    )
+  )
+
+  for
+    secret <- secret
+    _      <- secretVersion
+  yield exports(
+    secretId = secret.id // Export secret ID (in this case the ARN)
+  )
+}
diff --git a/examples/aws-secrets-manager/Pulumi.yaml b/examples/aws-secrets-manager/Pulumi.yaml
@@ -0,0 +1,8 @@
+name: aws-secrets-manager
+runtime: scala
+description: An AWS Secrets Manager example
+template:
+  config:
+    aws:region:
+      description: The AWS region to deploy into
+      default: us-east-1
diff --git a/examples/aws-secrets-manager/README.md b/examples/aws-secrets-manager/README.md
@@ -0,0 +1,57 @@
+# Setup AWS Secrets manager
+
+A simple program that creates an AWS secret and a version under AWS Secrets Manager
+
+## Prerequisites
+
+[Follow the instructions](https://www.pulumi.com/docs/clouds/aws/get-started/begin/)
+to get started with Pulumi & AWS.
+
+## Deploying and running the program
+
+Note: some values in this example will be different from run to run.
+These values are indicated with `***`.
+
+1. Create a new stack, which is an isolated deployment target for this example:
+
+    ```bash
+    pulumi stack init aws-secrets-manager-dev
+    ```
+
+2.  Set the AWS region:
+
+    ```bash
+    pulumi config set aws:region us-west-2
+    ```
+
+3. Create a Pulumi secret that will be saved in the secret manager:
+
+    ```bash
+    pulumi config set --secret mySecret
+    ```
+
+4. Run `pulumi up` to preview and deploy changes. After the preview is shown
+   you will be prompted if you want to continue or not.
+
+    ```bash
+    pulumi up
+    ```
+
+    After a couple of minutes, your VM will be ready. Your web server will start on port `80`.
+
+5. To see the resources that were created, run `pulumi stack output`:
+
+    ```bash
+    pulumi stack output
+    ```
+
+6. From there, feel free to experiment. Simply making edits and running pulumi up will incrementally update your infrastructure.
+
+7. To clean up resources, destroy your stack and remove it:
+
+    ```bash
+    pulumi destroy
+    ```
+    ```bash
+    pulumi stack rm aws-secrets-manager-dev
+    ```
diff --git a/examples/aws-secrets-manager/project.scala b/examples/aws-secrets-manager/project.scala
@@ -0,0 +1,5 @@
+//> using scala "3.3.1"
+//> using plugin "org.virtuslab::besom-compiler-plugin:0.1.0"
+//> using dep "org.virtuslab::besom-core:0.1.0"
+//> using dep "org.virtuslab::besom-aws:6.2.1-core.0.1.0"
+//> using options -Werror -Wunused:all -Wvalue-discard -Wnonunit-statement