Add option for secretGroupID

README.md

@@ -7,6 +7,7 @@ Concourse resource for secrets stored in IBM Cloud Secrets Manager instances.
 - **endpointURL**: _Required_ Endpoint URL of the Secrets Manager instance to connect to, see [secrets manager docs](https://cloud.ibm.com/apidocs/secrets-manager/secrets-manager-v2?code=go#endpoints) for more details.
 - **apikey**: _Required_ API key that allows access to read from the respective secrets manager instance.
 - **secretName**: _Required_ Name of the secret in the secrets manager instance. This is the name, not the ID of the secret. The secret will be searched for by name through the API.
+- **secretGroupID**: _Optional_ ID of the secret group to narrow down the search for the secret.
 
 ### Example
 

internal/smr/models.go

@@ -41,9 +41,10 @@ type InConfig struct {
 }
 
 type Source struct {
-	EndpointURL string `json:"endpointURL"`
-	ApiKey      string `json:"apikey"`
-	SecretName  string `json:"secretName"`
+	EndpointURL   string `json:"endpointURL"`
+	ApiKey        string `json:"apikey"`
+	SecretName    string `json:"secretName"`
+	SecretGroupID string `json:"secretGroupID"`
 }
 
 type CheckResult []Version

internal/smr/resource.go

@@ -60,7 +60,7 @@ func Check(r io.Reader) error {
 		return err
 	}
 
-	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source.SecretName)
+	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source)
 	if err != nil {
 		return err
 	}
@@ -92,7 +92,7 @@ func In(r io.Reader, target string) error {
 		return err
 	}
 
-	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source.SecretName)
+	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source)
 	if err != nil {
 		return err
 	}

internal/smr/secrets.go

@@ -56,9 +56,11 @@ func (s *SecretMetadata) Id() (string, error) {
 	return *s.ID, nil
 }
 
-func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, name string) (*SecretMetadata, error) {
-	listSecretsOptions := &sm.ListSecretsOptions{
-		Search: &name,
+func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, source Source) (*SecretMetadata, error) {
+	listSecretsOptions := &sm.ListSecretsOptions{Search: &source.SecretName}
+
+	if source.SecretGroupID != "" {
+		listSecretsOptions.Groups = append(listSecretsOptions.Groups, source.SecretGroupID)
 	}
 
 	pager, err := service.NewSecretsPager(listSecretsOptions)
@@ -77,11 +79,11 @@ func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, name string) (*S
 	}
 
 	if len(results) == 0 {
-		return nil, fmt.Errorf("cannot find secret with name %q", name)
+		return nil, fmt.Errorf("cannot find secret with name %q", source.SecretName)
 	}
 
 	if len(results) != 1 {
-		return nil, fmt.Errorf("more than one secret was found searching for %q", name)
+		return nil, fmt.Errorf("more than one secret was found searching for %q", source.SecretName)
 	}
 
 	data, err := json.Marshal(results[0])