谷歌云秘密管理器nodejs getsecret问题
Posted
技术标签:
【中文标题】谷歌云秘密管理器nodejs getsecret问题【英文标题】:google cloud secret manager nodejs getsecret problem 【发布时间】:2021-01-05 05:08:10 【问题描述】:我需要在我的 Cloudrun 应用程序中从 Google Secret Manager 获取密码。 我的代码:
const SecretManagerServiceClient = require('@google-cloud/secret-manager');
const smClient = new SecretManagerServiceClient();
const pgpwd = 'projects/xxxxxxxx/secrets/pgpwd';
async function getSecret()
const [version] = await smClient.accessSecretVersion(
pgpwd: pgpwd
);
const pwd = version.payload.data.toString();
return pwd;
const pwd = getSecret();
console.log(`out secret $pwd`);
在部署期间接收...
020-09-18 11:55:12.421 IDT> node index.js
2020-09-18 11:55:12.421 IDT
2020-09-18 11:55:14.061 IDTout secret [object Promise]
2020-09-18 11:55:14.062 IDTServer running on port 8080
2020-09-18 11:55:15.451 IDT(node:14) UnhandledPromiseRejectionWarning: Error: 3 INVALID_ARGUMENT: Invalid resource field value in the request.
2020-09-18 11:55:15.451 IDT at Object.callErrorFromStatus (/usr/src/app/node_modules/@grpc/grpc-js/build/src/call.js:31:26)
2020-09-18 11:55:15.451 IDT at Object.onReceiveStatus (/usr/src/app/node_modules/@grpc/grpc-js/build/src/client.js:176:52)
2020-09-18 11:55:15.451 IDT at Object.onReceiveStatus (/usr/src/app/node_modules/@grpc/grpc-js/build/src/client-interceptors.js:342:141)
2020-09-18 11:55:15.451 IDT at Object.onReceiveStatus (/usr/src/app/node_modules/@grpc/grpc-js/build/src/client-interceptors.js:305:181)
2020-09-18 11:55:15.451 IDT at /usr/src/app/node_modules/@grpc/grpc-js/build/src/call-stream.js:124:78
2020-09-18 11:55:15.451 IDT at processTicksAndRejections (internal/process/task_queues.js:79:11)
2020-09-18 11:55:15.451 IDT(node:14) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
2020-09-18 11:55:15.551 IDT(node:14) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
【问题讨论】:
【参考方案1】:const [version] = await smClient.accessSecretVersion(
pgpwd: pgpwd
);
应该是:
const [version] = await smClient.accessSecretVersion(
name: pgpwd
);
而pgpwd
的格式应为:
projects/PROJECT/secrets/NAME/versions/VERSION
您可以使用版本号或魔术别名“latest”来获取最新的。
【讨论】:
以上是关于谷歌云秘密管理器nodejs getsecret问题的主要内容,如果未能解决你的问题,请参考以下文章
谷歌云上的getEffectiveOrgPolicy错误运行秘密安装卷