feat: run getSecrets not only as lambda

[nerdingasnate]

Is your feature request related to a problem? Please describe. I am trying to run idp-scim-sync in a k8s pod, but it does not work as it expects to have a credentials.json locally instead of an aws secret as when running like aws lambda.

Describe the solution you'd like I would like for it to use environment variables to read secrets if they are set as it does when running like a aws lambda

Describe alternatives you've considered I tried faking pod being a lambda with _LAMBDA_SERVER_PORT, but that just hangs There is also option of creating a secret in k8s and mounting that as a file, but would go against our best practices

Additional context

[christiangda]

hi @nerdingasnate, thank you very much for trying to use this software in k8s.

I created https://github.com/slashdevops/idp-scim-sync/pull/81 with an initial implementation of this feature.

Could you try to build this locally and test this implementation before I continue?

You will find new flags in the idpscim program, among which is -g, --use-secrets-manager use AWS Secrets Manager content or not (default: false)

And let me know if this works for you!

How to

After cloning the repo, use the PR branch

git clone [email protected]:slashdevops/idp-scim-sync.git
git checkout issue-#80

Make local binary

make

Check new flags

./build/idpscim --help 

Build a local image container, and check the warning message below!

# WARNING: this is necessary because the docker tag cannot contain the '#' character
git checkout -b issue80

make container-build   

Check fresh container images

docker images