Implement AWS Secrets Manager Client in Runner

Description

Create a client in GitLab Runner that can interact with AWS Secrets Manager to retrieve secrets.

Goals

Implement a client that can authenticate with AWS using OIDC tokens
Retrieve secrets from AWS Secrets Manager
Handle errors and edge cases appropriately

Implementation Plan

Step 1: Add AWS SDK Dependencies

Add the necessary AWS SDK dependencies to the Runner project

Step 2: Create AWS Secrets Manager Client

// helpers/secrets/aws/client.go



// Client is a client for interacting with AWS Secrets Manager


type Client struct {
    secretsClient *secretsmanager.Client
}

// ClientConfig holds configuration for the AWS Secrets Manager client


type ClientConfig struct {
    Region     string
    IDToken    string
    RoleARN    string
}

func (c *Client) GetSecret{}

Step 3: Integrate with Runner's Secret Resolver System

// helpers/secrets/resolver.go



// Add AWS Secrets Manager case to the resolver



// Add method to resolve AWS secrets


func (r *Resolver) resolveAWSSecret(ctx context.Context, secret Secret) (string, error) {}

```

## Testing Plan

### Step 1: Write Unit Tests for Client

```go
// helpers/secrets/aws/client_test.go

Step 2: Test AWS Secret Resolver Integration

// helpers/secrets/resolver_test.go

Acceptance Criteria

AWS Secrets Manager client is properly implemented
Client can authenticate with AWS using OIDC tokens
Client can retrieve secrets from AWS Secrets Manager
Error handling is robust and informative
Integration with Runner's secret resolver system works correctly
All tests pass

Dependencies

None

Edited May 14, 2025 by Aditya Tiwari