Merge pull request #8 from nathanielvarona/improvement/upgrade-runtim…

…e-and-pritunl-url-to-secrets

Upgrade the Python Runtime and Put the Pritunl Base URL to Secrets

.gitignore

@@ -131,4 +131,3 @@ dmypy.json
 .vscode
 .envrc
 .aws-sam
-samconfig.toml

pritunl_slack_app/function/pritunl_slack_app/pritunl_slack.py

@@ -3,7 +3,6 @@
 import json
 
 from random import choice
-from urllib.parse import urlparse
 
 from slack_bolt import App
 
@@ -22,6 +21,7 @@
     )
 
     pritunl = Pritunl(
+        url = get_secret(os.environ['PRITUNL_BASE_URL']),
         secret = get_secret(os.environ['PRITUNL_API_SECRET']),
         token = get_secret(os.environ['PRITUNL_API_TOKEN'])
     )
@@ -84,7 +84,7 @@ def processing_request(respond, body):
                 'pin' : user_pin,
             }
 
-            org, user = org_user(pritunl_obj=pritunl, org_name=org_name, user_name=user_name)
+            org, user = org_user(pritunl=pritunl, org_name=org_name, user_name=user_name)
 
             if user:
                 respond(f"Your profile already exists! \nUpdating your profile with new PIN.")
@@ -95,7 +95,7 @@ def processing_request(respond, body):
                     )
 
                 if update:
-                    key_uri_url, key_view_url = profile_key(pritunl_obj=pritunl, org_id=update['organization'], usr_id=update['id'])
+                    key_uri_url, key_view_url = profile_key(pritunl=pritunl, org_id=update['organization'], usr_id=update['id'])
 
                     respond_line = [
                         f"\n",
@@ -119,7 +119,7 @@ def processing_request(respond, body):
 
                 if create_user:
                     for user in create_user:
-                        key_uri_url, key_view_url = profile_key(pritunl_obj=pritunl, org_id=user['organization'], usr_id=user['id'])
+                        key_uri_url, key_view_url = profile_key(pritunl=pritunl, org_id=user['organization'], usr_id=user['id'])
 
                         respond_line = [
                             f"\n",

samconfig.toml

@@ -0,0 +1,33 @@
+# More information about the configuration file can be found here:
+# https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-config.html
+version = 0.1
+
+[default]
+[default.global.parameters]
+stack_name = "pritunl-slack-app"
+
+[default.build.parameters]
+cached = true
+parallel = true
+
+[default.validate.parameters]
+lint = true
+
+[default.deploy.parameters]
+capabilities = "CAPABILITY_IAM"
+confirm_changeset = true
+resolve_s3 = true
+s3_prefix = "pritunl-slack-app"
+region = "us-east-1"
+
+[default.package.parameters]
+resolve_s3 = true
+
+[default.sync.parameters]
+watch = true
+
+[default.local_start_api.parameters]
+warm_containers = "EAGER"
+
+[default.local_start_lambda.parameters]
+warm_containers = "EAGER"

template.yaml

@@ -33,6 +33,7 @@ Parameters:
   PritunlBaseUrl:
     Type: String
     Description: Pritunl API Base Url
+    NoEcho: true
 
   PritunlApiSecret:
     Type: String
@@ -72,12 +73,12 @@ Resources:
     Properties:
       CodeUri: pritunl_slack_app/function
       Handler: pritunl_slack_app.function_handler.handler
-      Runtime: python3.9
+      Runtime: python3.10
       Architectures:
         - x86_64
       Environment:
         Variables:
-          PRITUNL_BASE_URL: !Ref PritunlBaseUrl
+          PRITUNL_BASE_URL: !Ref AWSPritunlBaseUrl
           PRITUNL_API_SECRET: !Ref AWSSecretPritunlApiSecret
           PRITUNL_API_TOKEN: !Ref AWSSecretPritunlApiToken
           SLACK_SIGNING_SECRET: !Ref AWSSecretSlackSigningSecret
@@ -93,6 +94,7 @@ Resources:
               Action:
                 - "secretsmanager:GetSecretValue"
               Resource:
+                - !Ref AWSPritunlBaseUrl
                 - !Ref AWSSecretPritunlApiSecret
                 - !Ref AWSSecretPritunlApiToken
                 - !Ref AWSSecretSlackSigningSecret
@@ -123,6 +125,12 @@ Resources:
       TargetFunctionArn: !Ref PritunlSlackFunction
       AuthType: NONE
 
+  AWSPritunlBaseUrl:
+    Type: "AWS::SecretsManager::Secret"
+    Properties:
+      Name: PritunlBaseUrl
+      SecretString: !Ref PritunlBaseUrl
+
   AWSSecretPritunlApiSecret:
     Type: "AWS::SecretsManager::Secret"
     Properties: