NR-281256 [ NEW_RELIC_LICENSE_KEY Priority check ]

checks/sanity_check.go

@@ -30,18 +30,24 @@ func sanityCheck(ctx context.Context, conf *config.Configuration, res *api.Regis
 
 	envKeyExists := util.EnvVarExists("NEW_RELIC_LICENSE_KEY")
 	var timeout = 1 * time.Second
+
+	//Secret Manager
 	ctxSecret, cancelSecret := context.WithTimeout(ctx, timeout)
 	defer cancelSecret()
-	isSecretConfigured := credentials.IsSecretConfigured(ctxSecret, conf)
 
+	isSecretConfigured := false
+	if conf.LicenseKeySecretId != "" {
+		isSecretConfigured = credentials.IsSecretConfigured(ctxSecret, conf)
+	}
+
+	// SSM Parameter
 	ctxSSMParameter, cancelSSMParameter := context.WithTimeout(ctx, timeout)
 	defer cancelSSMParameter()
 
 	isSSMParameterConfigured := false
 	if conf.LicenseKeySSMParameterName != "" {
 		isSSMParameterConfigured = credentials.IsSSMParameterConfigured(ctxSSMParameter, conf)
 	}
-
 
 	if isSecretConfigured && envKeyExists {
 		return fmt.Errorf("There is both a AWS Secrets Manager secret and a NEW_RELIC_LICENSE_KEY environment variable set. Recommend removing the NEW_RELIC_LICENSE_KEY environment variable and using the AWS Secrets Manager secret.")
@@ -55,5 +61,9 @@ func sanityCheck(ctx context.Context, conf *config.Configuration, res *api.Regis
 		return fmt.Errorf("There is both a AWS Secrets Manager secret and a AWS Parameter Store parameter set. Recommend using just one.")
 	}
 
+	if !envKeyExists && !isSecretConfigured && !isSSMParameterConfigured {
+		util.Debugln("No configured license key found, attempting fallback to default AWS Secrets Manager secret with NEW_RELIC_LICENSE_KEY.")
+	}
+
 	return nil
 }

checks/sanity_check_test.go

@@ -37,7 +37,7 @@ func (m mockSecretManager) GetSecretValueWithContext(_ context.Context, input *s
 
 type mockSSM struct {
 	ssmiface.SSMAPI
-	validParameters []string
+	validParameters   []string
 	IsParameterCalled bool
 }
 
@@ -197,48 +197,46 @@ func TestSanityCheck(t *testing.T) {
 	}
 }
 
-
 func TestSanityCheckSSMParameter(t *testing.T) {
-    ctx := context.Background()
-
-    tests := []struct {
-        name               string
-        ssmParameterName   string
-        validParameters    []string
-        expectParamCalled  bool
-        expectedErr        error
-    }{
-        {
-            name:               "SSM Parameter configured",
-            ssmParameterName:   "parameter",
-            validParameters:    []string{"parameter"},
-            expectParamCalled:  true,
-            expectedErr:        nil,
-        },
-        {
-            name:               "SSM Parameter not configured",
-            expectParamCalled:  false,
-            expectedErr:        nil,
-        },
-    }
-
-    for _, tc := range tests {
-        t.Run(tc.name, func(t *testing.T) {
-            conf := config.Configuration{
-                LicenseKeySSMParameterName: tc.ssmParameterName,
-            }
-
-            mSSM := &mockSSM{
-                validParameters: tc.validParameters,
-            }
-
-            credentials.OverrideSSM(mSSM)
-
-            err := sanityCheck(ctx, &conf, &api.RegistrationResponse{}, runtimeConfig{})
-
-            assert.Equal(t, tc.expectedErr, err, "Error from sanityCheck")
-            assert.Equal(t, tc.expectParamCalled, mSSM.IsParameterCalled, "Error in expected SSM parameter check")
-        })
-    }
-}
+	ctx := context.Background()
+
+	tests := []struct {
+		name              string
+		ssmParameterName  string
+		validParameters   []string
+		expectParamCalled bool
+		expectedErr       error
+	}{
+		{
+			name:              "SSM Parameter configured",
+			ssmParameterName:  "parameter",
+			validParameters:   []string{"parameter"},
+			expectParamCalled: true,
+			expectedErr:       nil,
+		},
+		{
+			name:              "SSM Parameter not configured",
+			expectParamCalled: false,
+			expectedErr:       nil,
+		},
+	}
 
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			conf := config.Configuration{
+				LicenseKeySSMParameterName: tc.ssmParameterName,
+			}
+
+			mSSM := &mockSSM{
+				validParameters: tc.validParameters,
+			}
+
+			credentials.OverrideSSM(mSSM)
+
+			err := sanityCheck(ctx, &conf, &api.RegistrationResponse{}, runtimeConfig{})
+
+			assert.Equal(t, tc.expectedErr, err, "Error from sanityCheck")
+			assert.Equal(t, tc.expectParamCalled, mSSM.IsParameterCalled, "Error in expected SSM parameter check")
+		})
+	}
+}

credentials/credentials.go

@@ -120,7 +120,7 @@ func GetNewRelicLicenseKey(ctx context.Context, conf *config.Configuration) (str
 		return envLicenseKey, nil
 	}
 
-	util.Debugln("No configured license key found, attempting fallbacks")
+	util.Debugln("No configured license key found, attempting fallbacks to default")
 
 	licenseKey, err := tryLicenseKeyFromSecret(ctx, defaultSecretId)
 	if err == nil {