From df602597170bfd9553a57e545a77b90882a7e867 Mon Sep 17 00:00:00 2001
From: Robert Kenny <r.kenny@wellcome.org>
Date: Thu, 9 Jan 2025 17:22:01 +0000
Subject: [PATCH] unwrap function call in bash secrets script

---
 .../bash_secrets_extension.sh                 | 22 ++++++-------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/pipeline/relation_embedder/relation_embedder/bash_secrets_extension.sh b/pipeline/relation_embedder/relation_embedder/bash_secrets_extension.sh
index fb37988c87..aefe52caaf 100755
--- a/pipeline/relation_embedder/relation_embedder/bash_secrets_extension.sh
+++ b/pipeline/relation_embedder/relation_embedder/bash_secrets_extension.sh
@@ -28,20 +28,6 @@ forward_sigterm_and_wait() {
 # To run any extension processes that need to start before the runtime initializes, run them before the /register
 echo "[${LAMBDA_EXTENSION_NAME}] Initialization"
 
-# Read secret from AWS Secrets Manager
-get_secret() {
-  local secret_name=$1
-  local secret_value
-  echo "[${LAMBDA_EXTENSION_NAME}] Getting secret: $secret_name"
-
-  secret_value=$(aws secretsmanager get-secret-value --secret-id "$secret_name" --query SecretString --output text)
-  if [[ -z "$secret_value" ]]; then
-    echo "[${LAMBDA_EXTENSION_NAME}] Secret not found: $secret_name"
-    exit 1
-  fi
-  echo "$secret_value"
-}
-
 # Extract secret value from environment variable and write to config file
 extract_secret_value_to_config() {
   local env_var=$1
@@ -54,14 +40,20 @@ extract_secret_value_to_config() {
   env_var_key=$(echo "$env_var" | cut -d= -f1)
 
   if [[ $env_var_value == "secret:"* ]]; then
+    echo "[${LAMBDA_EXTENSION_NAME}] Extracting secret value from environment variable: $env_var_key" > /dev/stdout
     secret_key=$(echo "$env_var_value" | cut -d: -f2)
-    secret_value=$(get_secret "$secret_key")
+    secret_value=$(aws secretsmanager get-secret-value --secret-id "$secret_key" --query SecretString --output text)
+    if [[ -z "$secret_value" ]]; then
+      echo "[${LAMBDA_EXTENSION_NAME}] Secret not found: $secret_key" > /dev/stdout
+      exit 1
+    fi
     echo "$env_var_key=\"$secret_value\"" >> /tmp/config
   fi
 }
 
 # Create a configuration file with secrets
 create_config_file() {
+  echo "[${LAMBDA_EXTENSION_NAME}] Creating config file :)" > /dev/stdout
   local env_vars
   local env_var