Skip to content

Add KeyVault.Secrets configuration extensions #9937

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pakrym merged 8 commits into from
Feb 14, 2020
Merged

Add KeyVault.Secrets configuration extensions #9937

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
fdc1be4
Add KeyVault.Secrets configuration extensions
pakrym Feb 12, 2020
3ca3bca
Updates
pakrym Feb 12, 2020
06edc09
API Listing
pakrym Feb 12, 2020
1d574f3
Docs exclusion
pakrym Feb 12, 2020
220d2da
Key Vault
pakrym Feb 13, 2020
b4f9acd
API
pakrym Feb 14, 2020
3c8ff73
Merge branch 'master' into pakrym/add-extensions-configuration
pakrym Feb 14, 2020
d4862f8
Feedback
pakrym Feb 14, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions eng/.docsettings.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ known_presence_issues:
- ['sdk/keyvault','#5499']
- ['sdk/eventhub','#5499']
- ['sdk/attestation/Microsoft.Azure.Attestation','#5499']
- ['sdk/keyvault/Azure.Security.KeyVault.Secrets.Extensions.Configuration', '#9939']
- ['sdk/keyvault/Azure.Security.KeyVault.Secrets.AspNetCore.DataProtection','#9955']

# List for changelogs begins here
Expand Down
2 changes: 2 additions & 0 deletions eng/Packages.Data.props
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,8 @@
<PackageReference Update="Microsoft.AspNetCore.DataProtection" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.DependencyInjection.Abstractions" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.DependencyInjection" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.Configuration" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.Configuration.Abstractions" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.Logging.Abstractions" Version="2.1.0" />
<PackageReference Update="Microsoft.Extensions.Options" Version="2.1.0" />
<PackageReference Update="Microsoft.DotNet.GenAPI" Version="5.0.0-beta.19552.1" />
Expand Down
34 changes: 34 additions & 0 deletions ...figuration/api/Azure.Security.KeyVault.Secrets.Extensions.Configuration.netstandard2.0.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
namespace Azure.Security.KeyVault.Secrets.Extensions.Configuration
{
public partial class AzureKeyVaultConfigurationOptions
{
public AzureKeyVaultConfigurationOptions() { }
public AzureKeyVaultConfigurationOptions(System.Uri vaultUri, Azure.Core.TokenCredential credential) { }
public Azure.Security.KeyVault.Secrets.SecretClient Client { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
public Azure.Security.KeyVault.Secrets.Extensions.Configuration.IKeyVaultSecretManager Manager { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
public System.TimeSpan? ReloadInterval { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
}
public partial class DefaultKeyVaultSecretManager : Azure.Security.KeyVault.Secrets.Extensions.Configuration.IKeyVaultSecretManager
{
public DefaultKeyVaultSecretManager() { }
public virtual string GetKey(Azure.Security.KeyVault.Secrets.KeyVaultSecret secret) { throw null; }
public virtual bool Load(Azure.Security.KeyVault.Secrets.SecretProperties secret) { throw null; }
}
public partial interface IKeyVaultSecretManager
{
string GetKey(Azure.Security.KeyVault.Secrets.KeyVaultSecret secret);
bool Load(Azure.Security.KeyVault.Secrets.SecretProperties secret);
}
}
namespace Microsoft.Extensions.Configuration
{
public static partial class AzureKeyVaultConfigurationExtensions
{
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, Azure.Security.KeyVault.Secrets.Extensions.Configuration.AzureKeyVaultConfigurationOptions options) { throw null; }
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, Azure.Security.KeyVault.Secrets.SecretClient client, Azure.Security.KeyVault.Secrets.Extensions.Configuration.IKeyVaultSecretManager manager) { throw null; }
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, System.Uri vaultUri) { throw null; }
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, System.Uri vaultUri, Azure.Core.TokenCredential credential) { throw null; }
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, System.Uri vaultUri, Azure.Core.TokenCredential credential, Azure.Security.KeyVault.Secrets.Extensions.Configuration.IKeyVaultSecretManager manager) { throw null; }
public static Microsoft.Extensions.Configuration.IConfigurationBuilder AddAzureKeyVault(this Microsoft.Extensions.Configuration.IConfigurationBuilder configurationBuilder, System.Uri vaultUri, Azure.Security.KeyVault.Secrets.Extensions.Configuration.IKeyVaultSecretManager manager) { throw null; }
}
}
20 changes: 20 additions & 0 deletions ...ensions.Configuration/src/Azure.Security.KeyVault.Secrets.Extensions.Configuration.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<Description>Azure Key Vault configuration provider implementation for Microsoft.Extensions.Configuration.</Description>
<TargetFrameworks>$(RequiredTargetFrameworks)</TargetFrameworks>
<PackageTags>$(PackageTags);azure;keyvault</PackageTags>
<Version>1.0.0-preview.1</Version>
<EnableApiCompat>false</EnableApiCompat>
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Azure.Security.KeyVault.Secrets" />
<PackageReference Include="Azure.Identity" />
<PackageReference Include="Microsoft.Extensions.Configuration" />
</ItemGroup>

<ItemGroup>
<Compile Include="$(AzureCoreSharedSources)Argument.cs" />
</ItemGroup>
</Project>
119 changes: 119 additions & 0 deletions ...ity.KeyVault.Secrets.Extensions.Configuration/src/AzureKeyVaultConfigurationExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

using System;
using Azure.Core;
using Azure.Identity;
using Azure.Security.KeyVault.Secrets;
using Azure.Security.KeyVault.Secrets.Extensions.Configuration;

#pragma warning disable AZC0001 // Extension methods have to be in the correct namespace to appear in intellisense.
namespace Microsoft.Extensions.Configuration
#pragma warning restore
{
/// <summary>
/// Extension methods for registering <see cref="AzureKeyVaultConfigurationProvider"/> with <see cref="IConfigurationBuilder"/>.
/// </summary>
public static class AzureKeyVaultConfigurationExtensions
{
/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
Comment thread
heaths marked this conversation as resolved.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="vaultUri">The Azure Key Vault uri.</param>
/// <param name="credential">The credential to to use for authentication.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(
this IConfigurationBuilder configurationBuilder,
Uri vaultUri,
TokenCredential credential)
{
return AddAzureKeyVault(configurationBuilder, vaultUri, credential, new DefaultKeyVaultSecretManager());
}

/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="vaultUri">Azure Key Vault uri.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(
this IConfigurationBuilder configurationBuilder,
Uri vaultUri)
{
return AddAzureKeyVault(configurationBuilder, vaultUri, new DefaultAzureCredential());
}

/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="vaultUri">Azure Key Vault uri.</param>
/// <param name="manager">The <see cref="IKeyVaultSecretManager"/> instance used to control secret loading.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(
this IConfigurationBuilder configurationBuilder,
Uri vaultUri,
IKeyVaultSecretManager manager)
{
return AddAzureKeyVault(configurationBuilder, vaultUri, new DefaultAzureCredential(), manager);
}

/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="vaultUri">Azure Key Vault uri.</param>
/// <param name="credential">The credential to to use for authentication.</param>
/// <param name="manager">The <see cref="IKeyVaultSecretManager"/> instance used to control secret loading.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(
this IConfigurationBuilder configurationBuilder,
Uri vaultUri,
TokenCredential credential,
IKeyVaultSecretManager manager)
{
return AddAzureKeyVault(configurationBuilder, new AzureKeyVaultConfigurationOptions(vaultUri, credential)
{
Manager = manager
});
}

/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="client">The <see cref="SecretClient"/> to use for retrieving values.</param>
/// <param name="manager">The <see cref="IKeyVaultSecretManager"/> instance used to control secret loading.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(
this IConfigurationBuilder configurationBuilder,
SecretClient client,
IKeyVaultSecretManager manager)
{
return configurationBuilder.Add(new AzureKeyVaultConfigurationSource(new AzureKeyVaultConfigurationOptions()
{
Client = client,
Manager = manager
}));
}

/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the Azure KeyVault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="options">The <see cref="AzureKeyVaultConfigurationOptions"/> to use.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddAzureKeyVault(this IConfigurationBuilder configurationBuilder, AzureKeyVaultConfigurationOptions options)
{
Argument.AssertNotNull(configurationBuilder, nameof(configurationBuilder));
Argument.AssertNotNull(options, nameof(configurationBuilder));
Argument.AssertNotNull(options.Client, $"{nameof(options)}.{nameof(options.Client)}");
Argument.AssertNotNull(options.Manager, $"{nameof(options)}.{nameof(options.Manager)}");

configurationBuilder.Add(new AzureKeyVaultConfigurationSource(options));

return configurationBuilder;
}
}
}
50 changes: 50 additions & 0 deletions ...curity.KeyVault.Secrets.Extensions.Configuration/src/AzureKeyVaultConfigurationOptions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

using System;
using Azure.Core;
using Microsoft.Extensions.Configuration;

namespace Azure.Security.KeyVault.Secrets.Extensions.Configuration
{
/// <summary>
/// Options class used by the <see cref="AzureKeyVaultConfigurationExtensions"/>.
/// </summary>
public class AzureKeyVaultConfigurationOptions
{
/// <summary>
/// Creates a new instance of <see cref="AzureKeyVaultConfigurationOptions"/>.
/// </summary>
public AzureKeyVaultConfigurationOptions()
{
Manager = DefaultKeyVaultSecretManager.Instance;
}

/// <summary>
/// Creates a new instance of <see cref="AzureKeyVaultConfigurationOptions"/>.
/// </summary>
/// <param name="vaultUri">Azure Key Vault uri.</param>
/// <param name="credential">The <see cref="TokenCredential"/> to use for authentication.</param>
public AzureKeyVaultConfigurationOptions(
Uri vaultUri,
TokenCredential credential) : this()
{
Client = new SecretClient(vaultUri, credential);
}

/// <summary>
/// Gets or sets the <see cref="SecretClient"/> to use for retrieving values.
/// </summary>
public SecretClient Client { get; set; }

/// <summary>
/// Gets or sets the <see cref="IKeyVaultSecretManager"/> instance used to control secret loading.
/// </summary>
public IKeyVaultSecretManager Manager { get; set; }

/// <summary>
/// Gets or sets the timespan to wait between attempts at polling the Azure Key Vault for changes. <code>null</code> to disable reloading.
/// </summary>
public TimeSpan? ReloadInterval { get; set; }
}
}
Loading