Fix AWS region-id in the secrets generation The utility script add_secrets_aws_secrets_manager.sh needs to receive and use the AWS region to use. Using the default region may not be correct as may differ from the one used for the deployment. Change-Id: I2671492cb34ce567a8e161a1f0ef082c3c5d16de

commit: 30b1824928055668201039928b5d9fc2902f105f [log] [tgz]
author: Luca Milanesio <luca.milanesio@gmail.com> Wed May 20 15:17:57 2020 +0100
committer: Luca Milanesio <luca.milanesio@gmail.com> Wed May 20 21:56:59 2020 +0100
tree: 89c0c15d617b8568523627099dfd4a5a44964a32
parent: 5ce9f69bdfcb59699052b34368815bc21d9ac4ad [diff]
diff --git a/dual-master/README.md b/dual-master/README.md
index 5e2dbcd..ff91fd1 100644
--- a/dual-master/README.md
+++ b/dual-master/README.md

@@ -129,7 +129,7 @@
 
 You can now run the [script](../gerrit/add_secrets_aws_secrets_manager.sh) to
 upload them to AWS Secret Manager:
-`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix`
+`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix aws-region-id`
 
 When `secret_prefix` is omitted, it is set to `gerrit_secret` by default.
 

diff --git a/gerrit/add_secrets_aws_secrets_manager.sh b/gerrit/add_secrets_aws_secrets_manager.sh
index c76b9de..3026cf3 100755
--- a/gerrit/add_secrets_aws_secrets_manager.sh
+++ b/gerrit/add_secrets_aws_secrets_manager.sh

@@ -11,17 +11,21 @@
 export AWS_PAGER=;
 KEY_PREFIX=${2:-gerrit_secret}
 
+AWS_REGION=${3:-"us-east-1"}
+
 function set-secret-string {
   SECRET_ID=$1
 
-  if aws secretsmanager describe-secret --secret-id ${KEY_PREFIX}_${SECRET_ID} > /dev/null 2>&1
+  if aws secretsmanager describe-secret --region ${AWS_REGION} --secret-id ${KEY_PREFIX}_${SECRET_ID} > /dev/null 2>&1
   then
     echo "Updating secret ${KEY_PREFIX}_${SECRET_ID} ..."
-    aws secretsmanager put-secret-value --secret-id ${KEY_PREFIX}_${SECRET_ID} \
+    aws secretsmanager put-secret-value --region ${AWS_REGION} \
+      --secret-id ${KEY_PREFIX}_${SECRET_ID} \
       --secret-string file://$SECRETS_DIRECTORY/${SECRET_ID}
   else
     echo "Creating secret ${KEY_PREFIX}_${SECRET_ID} ..."
-    aws secretsmanager create-secret --name ${KEY_PREFIX}_${SECRET_ID} \
+    aws secretsmanager create-secret --region ${AWS_REGION} \
+      --name ${KEY_PREFIX}_${SECRET_ID} \
       --description "Gerrit ${SECRET_ID}" \
       --secret-string file://$SECRETS_DIRECTORY/${SECRET_ID}
   fi

diff --git a/master-slave/README.md b/master-slave/README.md
index e12ea3a..b2e2e6d 100644
--- a/master-slave/README.md
+++ b/master-slave/README.md

@@ -142,7 +142,7 @@
 
 You can now run the [script](../gerrit/add_secrets_aws_secrets_manager.sh) to
 upload them to AWS Secret Manager:
-`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix`
+`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix aws-region-id`
 
 When `secret_prefix` is omitted, it is set to `gerrit_secret` by default.
 

diff --git a/single-master/README.md b/single-master/README.md
index cc04708..407881a 100644
--- a/single-master/README.md
+++ b/single-master/README.md

@@ -128,7 +128,7 @@
 
 You can now run the [script](../gerrit/add_secrets_aws_secrets_manager.sh) to
 upload them to AWS Secret Manager:
-`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix`
+`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory secret_prefix aws-region-id`
 
 When `secret_prefix` is omitted, it is set to `gerrit_secret` by default.
commit	30b1824928055668201039928b5d9fc2902f105f	[log] [tgz]
author	Luca Milanesio <luca.milanesio@gmail.com>	Wed May 20 15:17:57 2020 +0100
committer	Luca Milanesio <luca.milanesio@gmail.com>	Wed May 20 21:56:59 2020 +0100
tree	89c0c15d617b8568523627099dfd4a5a44964a32
parent	5ce9f69bdfcb59699052b34368815bc21d9ac4ad [diff]