From d81e9230b69244309821bfae5e33866d457a7cd6 Mon Sep 17 00:00:00 2001
From: "Marc A. Paradise" <marc.paradise@gmail.com>
Date: Wed, 14 Jul 2021 12:33:05 -0400
Subject: Fetch from AWS Secrets Manager now returns value

The secret value is now returned instead of the object wrapper provided
by the AWS SKD.

Usage in recipe now looks like this:

      value = secret(name: "test1", service: :aws_secrets_manager, config: { region: "us-west-1" })
      log "My secret is #{value}"

Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
---
 lib/chef/secret_fetcher/aws_secrets_manager.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/chef/secret_fetcher/aws_secrets_manager.rb b/lib/chef/secret_fetcher/aws_secrets_manager.rb
index 0dfb99b023..f5508cf59b 100644
--- a/lib/chef/secret_fetcher/aws_secrets_manager.rb
+++ b/lib/chef/secret_fetcher/aws_secrets_manager.rb
@@ -50,7 +50,9 @@ class Chef
       # @param identifier [String] the secret_id
       # @return Aws::SecretsManager::Types::GetSecretValueResponse
       def do_fetch(identifier)
-        client.get_secret_value(secret_id: identifier)
+        result = client.get_secret_value(secret_id: identifier)
+        # These fields are mutually exclusive
+        result.secret_string || result.secret_binary
       end
 
       def client
-- 
cgit v1.2.1