hupe1980 / aws-parameter-cache Goto Github PK

I just found this repo, and quite like it. My use case requires one feature: hierarchical lookups.

If I had /config/app/default/LOG_LEVEL . and an override if one exists /config/app/feature-one/LOG_LEVEL, I would want to just cache the LOG_LEVEL resolved param. However as written if one of those was null, it would always try to fetch it?

Is this a complexity you'd find valuable for a contribution? I may fork - it's fine if you don't want this complexity.

https://github.com/hupe1980/aws-parameter-cache/blob/master/src/parameter.ts#L54

That line might change from getParameter to GetParameterByPath, and use the recursive lookup.

How you do hierarchical lookup can be opinionated, so doing it in an open way would be important.

Feel free to close this of course :) . Or if you see a way this repo would solve my use case with a less impactful change let me know!

Hi Team,

I think this caches param store values within a single lambda call, if we make another lambda call then values are fetched from param store again-is this correct

Nice library for fetching and caching parameters from SSM, just what I've been looking for!

Could you update the code in NPM registry? There seems to be some outdated code there. I don't know if this is an issue with your build process or what, but the code is a bit different in published module: https://unpkg.com/[email protected]/lib/ maxAge-parameter is missing and ssmParameter is configured differently.

Hi there! 👋

First of all, thanks for making this!

I ran into an unhandled promise rejection when using your library. In this case, my environment is missing the AWS region however I think this issue would arise for any failure of the request.

node:29164) UnhandledPromiseRejectionWarning: ConfigError: Missing region in config
    at Request.VALIDATE_REGION (<redacted>/node_modules/aws-sdk/lib/event_listeners.js:92:45)
    at Request.callListeners (<redacted>/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at callNextListener (<redacted>/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
    at <redacted>/node_modules/aws-sdk/lib/event_listeners.js:86:9
    at finish (<redacted>/node_modules/aws-sdk/lib/config.js:379:7)
    at <redacted>/node_modules/aws-sdk/lib/config.js:397:9
    at SharedIniFileCredentials.get (<redacted>/node_modules/aws-sdk/lib/credentials.js:127:7)
    at getAsyncCredentials (<redacted>/node_modules/aws-sdk/lib/config.js:391:24)
    at Config.getCredentials (<redacted>/node_modules/aws-sdk/lib/config.js:411:9)
    at Request.VALIDATE_CREDENTIALS (<redacted>/node_modules/aws-sdk/lib/event_listeners.js:81:26)
    at Request.callListeners (<redacted>/node_modules/aws-sdk/lib/sequential_executor.js:102:18)
    at Request.emit (<redacted>/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (<redacted>/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (<redacted>/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (<redacted>/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at Request.runTo (<redacted>/node_modules/aws-sdk/lib/request.js:403:15)
    at <redacted>/node_modules/aws-sdk/lib/request.js:792:12
    at new Promise (<anonymous>)
    at Request.promise (<redacted>/node_modules/aws-sdk/lib/request.js:778:12)
    at Parameter.getParameter (<redacted>/node_modules/aws-parameter-cache/lib/parameter.js:35:52)
    at Parameter.refreshParameter (<redacted>/node_modules/aws-parameter-cache/lib/parameter.js:28:34)
    at Parameter.refresh (<redacted>/node_modules/aws-parameter-cache/lib/refreshable.js:8:14)
    at Parameter.get value [as value] (<redacted>/node_modules/aws-parameter-cache/lib/parameter.js:14:18)

Adding a .catch() to the cachedResult promise should do the trick. Inside that block we can call the wrapping promise's reject. I'd be happy to open a PR, but thought it'd be good to touch base first 😄 Let me know what you think!

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository