ssm-entrypoint in cai-ecs-entrypoint-1.1.0

- old
+ new
@@ -1,35 +1,41 @@
 #!/usr/bin/env ruby
 
-require 'aws-sdk-ssm'
-
 env = {}
-puts 'Injecting application secrets...'
 
-begin
-  client = Aws::SSM::Client.new
+if ENV.has_key?('SSM_KEY_PATH')
+  require 'aws-sdk-ssm'
 
-  next_token = nil
-  loop do
-    secrets = client.get_parameters_by_path(
-      path: ENV.fetch('SSM_KEY_PATH'),
-      with_decryption: true,
-      next_token: next_token
-    )
+  puts 'Injecting application secrets...'
 
-    secrets.parameters.map do |parameter|
-      key = parameter.name.split('/').last
-      value = parameter.value
-      env[key] = value
-    end
+  begin
+    client = Aws::SSM::Client.new
 
-    next_token = secrets.next_token
-    break unless next_token
+    next_token = nil
+    loop do
+      secrets = client.get_parameters_by_path(
+        path: ENV.fetch('SSM_KEY_PATH'),
+        with_decryption: true,
+        next_token: next_token
+      )
 
-    sleep 1 # don't overrun the API rate limit
+      secrets.parameters.map do |parameter|
+        key = parameter.name.split('/').last
+        value = parameter.value
+        env[key] = value
+      end
+
+      next_token = secrets.next_token
+      break unless next_token
+
+      sleep 1 # don't overrun the API rate limit
+    end
+  rescue Aws::Errors::MissingRegionError
+    puts 'Error: Missing AWS Region'
+    exit 1
+  rescue Aws::Errors::MissingCredentialsError
+    puts 'Error: Missing AWS Credentials'
+    exit 2
   end
-rescue Aws::Errors::MissingRegionError
-  puts 'ERROR! Unable to fetch SSM parameters!'
-  puts 'In production environments, this should fail startup!'
 end
 
 exec env, *ARGV