Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: use Map for tags for AWS secrets manager and kms #1055

Merged
merged 13 commits into from
Feb 4, 2025
Merged

fix: use Map for tags for AWS secrets manager and kms #1055

merged 13 commits into from
Feb 4, 2025

Conversation

usmansaleem
Copy link
Contributor

@usmansaleem usmansaleem commented Jan 28, 2025
edited
Loading

PR Description

Modify AWS KMS and Secrets Manager tags cli options to take tag name and value pair in single option. This also fixes the issue where KMS tags were not correctly applying tag filter to keys which didn't have any tags.

Obsolete Options(s):
--aws-kms-tag-names-filter
--aws-kms-tag-values-filter
--aws-secrets-tag-names-filter
--aws-secrets-tag-values-filter

New Option(s):
--aws-kms-tag <TagName>=<TagValue>
--aws-secrets-tag <TagName>=<TagValue>

The above tag option can be repeated on command line to filter AWS kms/secrets keys which matches multiple tags and values, for example:

eth1 --aws-kms-tag <TagNameA>=<TagValueA> --aws-kms-tag <TagNameB>=<TagValueB>
eth2 --aws-secrets-tag <TagNameA>=<TagValueA> --aws-secrets-tag <TagNameB>=<TagValueB>.

In config file and environment variables, the pipe symbol | can be used as a split token to specify multiple tags and values in single line:

eth1.aws-kms-tag: "<TagNameA>=<TagValueA>|<TagNameB>=<TagValueB>"
eth2.aws-secrets-tag:  "<TagNameA>=<TagValueA>|<TagNameB>=<TagValueB>"

Fixed Issue(s)

fixes #1052

Documentation

  • I thought about documentation and added the doc-change-required label to this PR if updates are required.

Changelog

  • I thought about adding a changelog entry, and added one if I deemed necessary.

Testing

  • I thought about testing these changes in a realistic/non-local environment.

@usmansaleem usmansaleem changed the title wip - Use Map for tags for AWS secrets manager and kms fix: use Map for tags for AWS secrets manager and kms Jan 30, 2025
@usmansaleem usmansaleem added the doc-change-required Indicates an issue or PR that requires doc to be updated label Jan 30, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 30, 2025
edited
Loading

All contributors have signed the CLA ✍️ ✅
Posted by the CLA Assistant Lite bot.

@usmansaleem usmansaleem marked this pull request as ready for review January 30, 2025 23:05
github-actions bot added a commit that referenced this pull request Feb 2, 2025
@github-actions
@usmansaleem has signed the CLA in #1055
038e012
@usmansaleem
Copy link
Contributor Author

recheck

@usmansaleem usmansaleem requested a review from jframe February 3, 2025 00:09
jframe
jframe approved these changes Feb 3, 2025
View reviewed changes
Copy link
Contributor

@jframe jframe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@usmansaleem usmansaleem merged commit 65ce049 into Consensys:master Feb 4, 2025
6 checks passed
@usmansaleem usmansaleem deleted the aws_kms_tags branch February 4, 2025 06:02
@github-actions github-actions bot locked and limited conversation to collaborators Feb 4, 2025
@alexandratran alexandratran removed the doc-change-required Indicates an issue or PR that requires doc to be updated label Feb 17, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jframe jframe jframe approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Incorrect tag filter application for AWS KMS in eth1 mode
3 participants
@usmansaleem @jframe @alexandratran