From ea0eb1ca29ed4dc74a911fb290075a6668464ad8 Mon Sep 17 00:00:00 2001
From: Nicholas Hulston <nicholas.hulston@datadoghq.com>
Date: Thu, 13 Feb 2025 11:54:34 -0500
Subject: [PATCH] get secrets from vault

---
 .gitlab/scripts/get_secrets.sh | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/.gitlab/scripts/get_secrets.sh b/.gitlab/scripts/get_secrets.sh
index e7396582..5cd2b204 100755
--- a/.gitlab/scripts/get_secrets.sh
+++ b/.gitlab/scripts/get_secrets.sh
@@ -21,21 +21,11 @@ fi
 
 printf "Getting AWS External ID...\n"
 
-EXTERNAL_ID=$(aws ssm get-parameter \
-    --region us-east-1 \
-    --name "ci.datadog-lambda-js.$EXTERNAL_ID_NAME" \
-    --with-decryption \
-    --query "Parameter.Value" \
-    --out text)
+EXTERNAL_ID=$(vault kv get -field=$EXTERNAL_ID_NAME kv/k8s/gitlab-runner/datadog-lambda-js/secrets)
 
 printf "Getting DD API KEY...\n"
 
-export DD_API_KEY=$(aws ssm get-parameter \
-    --region us-east-1 \
-    --name ci.datadog-lambda-js.dd-api-key \
-    --with-decryption \
-    --query "Parameter.Value" \
-    --out text)
+export DD_API_KEY=$(vault kv get -field=dd-api-key kv/k8s/gitlab-runner/datadog-lambda-js/secrets)
 
 printf "Assuming role...\n"