This repository demonstrates how to write a ServerSpec test for an application that fetches secrets from AWS Secrets Manager
AWS is mocked through localstack. An instance of ASM is spun up together with the app using docker-compose. Additionally, there is an init container that populates one secret into the mock ASM instance.
bundle install
bundle exec rspec spec/container_spec.rb
docker-compose up
localstack
is exposed when using docker-compose
. Mock credentials are required
export AWS_ACCESS_KEY_ID=stuff
export AWS_SECRET_ACCESS_KEY=happens
aws secretsmanager list-secrets --endpoint-url http://localhost:4584 --region eu-central-1
Storing a secret can be done by doing:
aws secretsmanager put-secret-value --endpoint-url http://localhost:4584 --region eu-central-1 --secret-id a_secret --secret-string donttellanybody