Skip to content

Java/.NET/Python: Unable to use SecretValue #2304

Closed
aws/jsii
#460
Closed
Java/.NET/Python: Unable to use SecretValue#2304
aws/jsii
#460
Assignees
RomainMuller
Labels
bugThis issue is a bug.language/dotnetRelated to .NET bindingslanguage/javaRelated to Java bindingslanguage/pythonRelated to Python bindings
@jousby

Description

@jousby
jousby
opened on Apr 16, 2019

Describe the bug
Prior to 0.28.0 I was retrieving my github user token from SecretsManager for using in a build pipeline with the following code:

SecretString secretString = new SecretString(this, "oauth", SecretStringProps.builder()
         .withSecretId("jousby/github")
         .build());

Secret githubToken = new Secret(secretString.jsonFieldValue("oauthToken"));

I can see from the changelog for 0.28.0 that this approach has been removed in favour of the more elegant SecretValue class.

My attempt to refactor to use SecretValue in Java looks like this:

SecretValue githubToken = SecretValue.secretsManager("jousby/github", SecretsManagerSecretOptions.builder()
        .withJsonField("oauthToken")
        .build());

When i run cdk synth on this though I get the following exception:

$ cdk synth
Exception in thread "main" software.amazon.jsii.JsiiException: Cannot read property 'cfnDynamicReference' of null
TypeError: Cannot read property 'cfnDynamicReference' of null
    at secretsManager (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-kernel-n1SyPd/node_modules/@aws-cdk/cdk/lib/secret-value.js:48:21)
    at _wrapSandboxCode (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6349:51)
    at Kernel._wrapSandboxCode (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6975:19)
    at ret._ensureSync (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6349:25)
    at Kernel._ensureSync (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6943:20)
    at Kernel.sinvoke (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6348:26)
    at KernelHost.processRequest (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6023:28)
    at KernelHost.run (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:5997:14)
    at processRequest (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:5997:45)
    at KernelHost.processRequest (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6065:16)
    at KernelHost.run (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:5997:14)
    at processRequest (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:5997:45)
    at KernelHost.processRequest (/private/var/folders/6k/6fp51jbx3xg83p3fs4vnr4l4t8strm/T/jsii-java-runtime7834811835378697967/jsii-runtime.js:6065:16)
	at software.amazon.jsii.JsiiRuntime.processErrorResponse(JsiiRuntime.java:112)
	at software.amazon.jsii.JsiiRuntime.requestResponse(JsiiRuntime.java:84)
	at software.amazon.jsii.JsiiClient.callStaticMethod(JsiiClient.java:169)
	at software.amazon.jsii.JsiiObject.jsiiStaticCall(JsiiObject.java:76)
	at software.amazon.awscdk.SecretValue.secretsManager(SecretValue.java:126)
	at com.myorg.PipelineStack.<init>(PipelineStack.java:50)
	at com.myorg.PipelineStack.<init>(PipelineStack.java:39)
	at com.myorg.PipelineApp.main(PipelineApp.java:9)
Subprocess exited with error 1

For what its worth i spun up a test project in typescript and tried a similiar usage of SecretValue which worked fine:

const secret = cdk.SecretValue.secretsManager('jousby/github', {
  jsonField: 'oauthToken'
});

To Reproduce
In a post 0.28.0 Java CDK project add a snippet to retrieve a SecretValue from SecretsManager (as per description above) and try to run cdk synth.

Expected behavior
CDK Stack successfully synthesises to CloudFormation.

Version:

  • OS = MacOS High Sierra (10.13.6)
  • Programming Language = Java
  • CDK Version = 0.28.0

Metadata

Metadata

Assignees

Labels

bugThis issue is a bug.language/dotnetRelated to .NET bindingslanguage/javaRelated to Java bindingslanguage/pythonRelated to Python bindings

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions