Skip to content

Commit f8db4b1

Browse files
XuechunHouXuechunHou
committed
close secret manager client in Shutdown, so that the network conenction can be reused across multiple calls to Retrieve()
1 parent a0fb2aa commit f8db4b1

File tree

2 files changed

+40
-5
lines changed

2 files changed

+40
-5
lines changed

confmap/provider/googlesecretmanagerprovider/provider.go

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99
"context"
1010
"fmt"
1111
"strings"
12+
"sync"
1213

1314
secretmanager "cloud.google.com/go/secretmanager/apiv1"
1415
gax "github.com/googleapis/gax-go/v2"
@@ -28,6 +29,7 @@ const (
2829
)
2930

3031
type provider struct {
32+
mu sync.Mutex
3133
client secretsManagerClient
3234
}
3335

@@ -41,24 +43,24 @@ func newProvider(confmap.ProviderSettings) confmap.Provider {
4143

4244
func (p *provider) Retrieve(ctx context.Context, uri string, _ confmap.WatcherFunc) (*confmap.Retrieved, error) {
4345
if !strings.HasPrefix(uri, schemeName+":") {
44-
return nil, fmt.Errorf("%q uri is not supported by %q provider", uri, schemeName)
46+
return nil, fmt.Errorf("%q uri is not supported by Google Secret Manager Provider", uri)
4547
}
4648
secretName := strings.TrimPrefix(uri, schemeName+":")
47-
49+
p.mu.Lock()
4850
if p.client == nil {
4951
client, err := secretmanager.NewClient(ctx)
5052
if err != nil {
53+
p.mu.Unlock()
5154
return nil, fmt.Errorf("failed to create a Google secret manager client: %w", err)
5255
}
53-
defer client.Close()
5456
p.client = client
57+
p.mu.Unlock()
5558
}
5659
req := &secretmanagerpb.AccessSecretVersionRequest{
5760
Name: secretName,
5861
}
5962
resp, err := p.client.AccessSecretVersion(ctx, req)
6063
if err != nil {
61-
var apiErr *apierror.APIError
6264
apiErr, ok := apierror.FromError(err)
6365
errorMsg := "failed to access secret version"
6466
if !ok {
@@ -73,6 +75,12 @@ func (*provider) Scheme() string {
7375
return schemeName
7476
}
7577

76-
func (*provider) Shutdown(context.Context) error {
78+
func (p *provider) Shutdown(context.Context) error {
79+
p.mu.Lock()
80+
if p.client != nil {
81+
p.client.Close()
82+
p.client = nil
83+
}
84+
p.mu.Unlock()
7785
return nil
7886
}

confmap/provider/googlesecretmanagerprovider/provider_test.go

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,3 +108,30 @@ func TestFactory(t *testing.T) {
108108
_, ok := p.(*provider)
109109
require.True(t, ok)
110110
}
111+
112+
func TestShutDown(t *testing.T) {
113+
tests := []struct {
114+
name string
115+
testSecretManager *mockSecretsManagerClient
116+
}{
117+
{
118+
name: "When secret manager client is non-nil",
119+
testSecretManager: &mockSecretsManagerClient{},
120+
},
121+
{
122+
name: "When secret manager client is nil",
123+
testSecretManager: nil,
124+
},
125+
}
126+
127+
for _, tc := range tests {
128+
t.Run(tc.name, func(t *testing.T) {
129+
testProvider := &provider{
130+
client: tc.testSecretManager,
131+
}
132+
err := testProvider.Shutdown(context.Background())
133+
require.NoError(t, err)
134+
require.Nil(t, testProvider.client)
135+
})
136+
}
137+
}

0 commit comments

Comments
 (0)