[英]How to access Secret Manager in Cloud Function node.js10?
I've been working on this for 2 days, very frustrated with the progress, any guidance on what is possibly wrong with my understanding/code/approach would be highly appreciated!我已经为此工作了 2 天,对进展感到非常沮丧,对于我的理解/代码/方法可能有什么问题的任何指导将不胜感激!
I'm trying to get version value from secret mananger using node.js, the script below works fine on GCE, but whenever I run it on Cloud function it fails.我正在尝试使用 node.js 从秘密管理器获取版本值,下面的脚本在 GCE 上运行良好,但是每当我在 Cloud 函数上运行它时,它都会失败。
// My script on GCE, it works fine
const { SecretManagerServiceClient } = require('@google-cloud/secret-manager');
const secretManagerServiceClient = new SecretManagerServiceClient();
const name = 'projects/moonhome/secrets/moonFirstSecret/versions/latest';
testSecretManager = async () => {
const [version] = await secretManagerServiceClient.accessSecretVersion({ name });
const payload = version.payload.data.toString();
console.debug(`Payload: ${payload}`);
};
testSecretManager();
// My index.js on Cloud Function
const { SecretManagerServiceClient } = require('@google-cloud/secret-manager');
const secretManagerServiceClient = new SecretManagerServiceClient();
const name = 'projects/moonhome/secrets/moonFirstSecret/versions/latest';
testSecretManager = async () => {
const [version] = await secretManagerServiceClient.accessSecretVersion({ name });
const payload = version.payload.data.toString();
console.debug(`Payload: ${payload}`);
};
exports.helloHttp = (req, res) => {
testSecretManager();
res.send("noooo1");
};
// One of many versions of packaga.json I tried on Cloud function
{
"dependencies": {
"@google-cloud/secret-manager": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/@google-cloud/secret-manager/-/secret-manager-3.1.0.tgz",
"integrity": "sha512-/9IOWEhKAz/r3kSyp16kjudELkEJSRhwFfzukKbzQehVRZ3RceNDzjn+Rti1TivODJHEEIBZVsQFsKp7cLfUgQ==",
"requires": {
"google-gax": "^2.1.0"
}
}
}
}
Below are my questions:以下是我的问题:
I noticed there is a list of available system packages on node.js runtime in Cloud Function, so I am wondering if that's the reason.我注意到 Cloud Function 中 node.js 运行时上有一个可用系统包的列表,所以我想知道这是否是原因。 I already filed a request to add @google-cloud/secret-manager
to node.js runtime.我已经提交了将@google-cloud/secret-manager
到 node.js 运行时的请求。 However, there is a example in the Cloud Function documentation where escape-html
is used which also is absent from that list.但是,在 Cloud Function 文档中有一个示例,其中使用了escape-html
,该列表中也没有。 My question is, should I request to add the secret-manager package to node.js runtime in my case?我的问题是,在我的情况下,我应该请求将 secret-manager 包添加到 node.js 运行时吗?
Since Cloud Function needs an event trigger, I also tried to wrap this testSecretManager
with a simple function to handle http request and tested it at the endpoint in my browser.由于 Cloud Function 需要一个事件触发器,我还尝试用一个简单的函数包装这个testSecretManager
来处理 http 请求并在我的浏览器的端点上对其进行测试。 The simple function itself works fine, but whenever I insert anything related to secret manager into that function, either the function fails or the page shows it Error: could not handle the request
.简单函数本身工作正常,但是每当我将与秘密管理器相关的任何内容插入该函数时,该函数要么失败,要么页面显示它Error: could not handle the request
。 My question is, do I have to wrap testSecretManager
with an HTTP request or any other event handling function to trigger my target function in Cloud Function?我的问题是,我是否必须使用 HTTP 请求或任何其他事件处理函数来包装testSecretManager
才能在 Cloud Function 中触发我的目标函数?
I am very confused with the package.json
file on Cloud function, when I use secret-manager in GCE, the package-lock.json
has 600+ lines, so I tried coping these lines to package.json
on Cloud Function, but it does not work.....my question is, what should I include in package.json when all I want is just the @google-cloud/secret-manager
package?我对 Cloud 函数上的package.json
文件很困惑,当我在 GCE 中使用 secret-manager 时, package-lock.json
有 600 多行,所以我尝试将这些行复制到 Cloud Function 上的package.json
,但它不起作用.....我的问题是,当我想要的只是@google-cloud/secret-manager
包时,我应该在 package.json 中包含什么?
You're confusing system packages and Node packages.你混淆了系统包和节点包。 System packages are installed on the host machine (eg apt-get install
).系统包安装在主机上(例如apt-get install
)。 NPM packages are installed into Node (eg npm install
). NPM 包安装到 Node 中(例如npm install
)。 You should not request secret manager be added to system packages.您不应请求将机密管理器添加到系统包中。
You're function is mixing sync and async.你的功能是混合同步和异步。 Since your testSecretManager
function is a sync, you need to preface with await
when you call it in helloHttp
.由于您的testSecretManager
函数是同步函数,因此在helloHttp
调用它时需要以await
helloHttp
。 Then you'll need to mark helloHttp
as async.然后您需要将helloHttp
标记为异步。 If that doesn't work, please copy and paste the exact error message and stacktrace.如果这不起作用,请复制并粘贴确切的错误消息和堆栈跟踪。
package.json
and package-lock.json
are separate files with separate syntaxes. package.json
和package-lock.json
是具有不同语法的独立文件。 You should not copy data from the lockfile into your package file.您不应将锁定文件中的数据复制到您的包文件中。 Here's an example you can copy:这是您可以复制的示例:
"dependencies": { "@google-cloud/secret-manager": "^3.1.0" },
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.