From 9b7e8b319dabbb49dfe07a69e6d5de671cb5a000 Mon Sep 17 00:00:00 2001
From: k8 <kate.ruh@gmail.com>
Date: Thu, 16 Nov 2023 16:08:40 -0500
Subject: [PATCH] chore: analytics to call aws secrets manager

JIRA:CLOUDSEC-12
---
 dataeng/resources/secrets-manager.sh          | 21 +++++++++++++++++++
 .../resources/stitch-snowflake-lag-monitor.sh |  5 +++++
 2 files changed, 26 insertions(+)
 create mode 100644 dataeng/resources/secrets-manager.sh

diff --git a/dataeng/resources/secrets-manager.sh b/dataeng/resources/secrets-manager.sh
new file mode 100644
index 000000000..97be9bc1c
--- /dev/null
+++ b/dataeng/resources/secrets-manager.sh
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+secret_to_call="$1"
+secret_name="$2"
+set +x
+
+SECRET_JSON=$(aws secretsmanager get-secret-value --secret-id $secret_to_call --region "us-east-1" --output json)
+# Check the exit status of the AWS CLI command
+
+echo "$SECRET_JSON"
+extract_and_store_secret_value() {
+
+    value=$(echo "$SECRET_JSON" | jq -r ".SecretString | fromjson.$secret_name" 2>/dev/null)
+    eval "$secret_name"='$value'
+}
+
+if [ $? -eq 0 ]; then
+    # Use jq to extract the values from the JSON response
+    extract_and_store_secret_value $SECRET_JSON $secret_name
+else
+    echo "AWS CLI command failed"
+fi
\ No newline at end of file
diff --git a/dataeng/resources/stitch-snowflake-lag-monitor.sh b/dataeng/resources/stitch-snowflake-lag-monitor.sh
index 1cdd7804e..d21581374 100644
--- a/dataeng/resources/stitch-snowflake-lag-monitor.sh
+++ b/dataeng/resources/stitch-snowflake-lag-monitor.sh
@@ -10,6 +10,11 @@ source "${PYTHON_VENV}/bin/activate"
 cd $WORKSPACE/analytics-tools/snowflake
 make requirements
 
+source secrets-manager.sh analytics-secure/job-configs/STITCH_SNOWFLAKE_LAG_MONITOR_JOB_EXTRA_VARS KEY_PATH
+source secrets-manager.sh analytics-secure/job-configs/STITCH_SNOWFLAKE_LAG_MONITOR_JOB_EXTRA_VARS PASSPHRASE_PATH
+source secrets-manager.sh analytics-secure/job-configs/STITCH_SNOWFLAKE_LAG_MONITOR_JOB_EXTRA_VARS USER
+source secrets-manager.sh analytics-secure/job-configs/STITCH_SNOWFLAKE_LAG_MONITOR_JOB_EXTRA_VARS ACCOUNT
+
 python stitch-snowflake-monitoring.py \
     --key_path $WORKSPACE/analytics-secure/$KEY_PATH \
     --passphrase_path $WORKSPACE/analytics-secure/$PASSPHRASE_PATH \