Update Bitwarden code to use env instead of secret manager if env is present (#1592)

Co-authored-by: Suchintan <suchintan@users.noreply.github.com>

skyvern/config.py

@@ -134,6 +134,11 @@ class Settings(BaseSettings):
     VERIFICATION_CODE_INITIAL_WAIT_TIME_SECS: int = 40
     VERIFICATION_CODE_POLLING_TIMEOUT_MINS: int = 5
 
+    # Bitwarden Settings
+    BITWARDEN_CLIENT_ID: str | None = None
+    BITWARDEN_CLIENT_SECRET: str | None = None
+    BITWARDEN_MASTER_PASSWORD: str | None = None
+
     SVG_MAX_LENGTH: int = 100000
 
     ENABLE_LOG_ARTIFACTS: bool = False

skyvern/forge/sdk/workflow/context_manager.py

@@ -3,6 +3,7 @@ from typing import TYPE_CHECKING, Any
 
 import structlog
 
+from skyvern.config import settings
 from skyvern.exceptions import BitwardenBaseError, SkyvernException, WorkflowRunContextNotInitialized
 from skyvern.forge.sdk.api.aws import AsyncAWSClient
 from skyvern.forge.sdk.schemas.organizations import Organization
@@ -24,7 +25,6 @@ if TYPE_CHECKING:
 
 LOG = structlog.get_logger()
 
-
 BlockMetadata = dict[str, str | int | float | bool | dict | list]
 
 
@@ -159,9 +159,15 @@ class WorkflowRunContext:
         elif parameter.parameter_type == ParameterType.BITWARDEN_LOGIN_CREDENTIAL:
             try:
                 # Get the Bitwarden login credentials from AWS secrets
-                client_id = await aws_client.get_secret(parameter.bitwarden_client_id_aws_secret_key)
-                client_secret = await aws_client.get_secret(parameter.bitwarden_client_secret_aws_secret_key)
-                master_password = await aws_client.get_secret(parameter.bitwarden_master_password_aws_secret_key)
+                client_id = settings.BITWARDEN_CLIENT_ID or await aws_client.get_secret(
+                    parameter.bitwarden_client_id_aws_secret_key
+                )
+                client_secret = settings.BITWARDEN_CLIENT_SECRET or await aws_client.get_secret(
+                    parameter.bitwarden_client_secret_aws_secret_key
+                )
+                master_password = settings.BITWARDEN_MASTER_PASSWORD or await aws_client.get_secret(
+                    parameter.bitwarden_master_password_aws_secret_key
+                )
             except Exception as e:
                 LOG.error(f"Failed to get Bitwarden login credentials from AWS secrets. Error: {e}")
                 raise e
@@ -228,9 +234,15 @@ class WorkflowRunContext:
         elif parameter.parameter_type == ParameterType.BITWARDEN_SENSITIVE_INFORMATION:
             try:
                 # Get the Bitwarden login credentials from AWS secrets
-                client_id = await aws_client.get_secret(parameter.bitwarden_client_id_aws_secret_key)
-                client_secret = await aws_client.get_secret(parameter.bitwarden_client_secret_aws_secret_key)
-                master_password = await aws_client.get_secret(parameter.bitwarden_master_password_aws_secret_key)
+                client_id = settings.BITWARDEN_CLIENT_ID or await aws_client.get_secret(
+                    parameter.bitwarden_client_id_aws_secret_key
+                )
+                client_secret = settings.BITWARDEN_CLIENT_SECRET or await aws_client.get_secret(
+                    parameter.bitwarden_client_secret_aws_secret_key
+                )
+                master_password = settings.BITWARDEN_MASTER_PASSWORD or await aws_client.get_secret(
+                    parameter.bitwarden_master_password_aws_secret_key
+                )
             except Exception as e:
                 LOG.error(f"Failed to get Bitwarden login credentials from AWS secrets. Error: {e}")
                 raise e
@@ -280,9 +292,15 @@ class WorkflowRunContext:
         elif parameter.parameter_type == ParameterType.BITWARDEN_CREDIT_CARD_DATA:
             try:
                 # Get the Bitwarden login credentials from AWS secrets
-                client_id = await aws_client.get_secret(parameter.bitwarden_client_id_aws_secret_key)
-                client_secret = await aws_client.get_secret(parameter.bitwarden_client_secret_aws_secret_key)
-                master_password = await aws_client.get_secret(parameter.bitwarden_master_password_aws_secret_key)
+                client_id = settings.BITWARDEN_CLIENT_ID or await aws_client.get_secret(
+                    parameter.bitwarden_client_id_aws_secret_key
+                )
+                client_secret = settings.BITWARDEN_CLIENT_SECRET or await aws_client.get_secret(
+                    parameter.bitwarden_client_secret_aws_secret_key
+                )
+                master_password = settings.BITWARDEN_MASTER_PASSWORD or await aws_client.get_secret(
+                    parameter.bitwarden_master_password_aws_secret_key
+                )
             except Exception as e:
                 LOG.error(f"Failed to get Bitwarden login credentials from AWS secrets. Error: {e}")
                 raise e