Skip to content

Migrate keyvault to pipeline #962

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bmc-msft merged 17 commits into from
Aug 24, 2022
Merged

Migrate keyvault to pipeline #962

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
8548e15
move keyvault to pipelines
demoray Jul 28, 2022
a1adf8d
remove reqwest from prereq
demoray Jul 28, 2022
ff4c7d7
fmt
demoray Jul 28, 2022
e21f0d8
Merge branch 'main' into migrate-keyvault-to-pipeline
demoray Aug 15, 2022
448f835
update to use streams instead of internal loops
demoray Aug 15, 2022
5958f9b
rename structs per previous pr feedback
demoray Aug 15, 2022
ec732de
use more direct responses
demoray Aug 15, 2022
7982df1
fix doc tests
demoray Aug 15, 2022
f848611
remove debugging println
demoray Aug 16, 2022
2f8cb71
remove unused feature
demoray Aug 16, 2022
c8b4f4d
Merge branch 'main' into migrate-keyvault-to-pipeline
demoray Aug 23, 2022
67a9b36
address feedback
demoray Aug 23, 2022
979893d
remove debug print
demoray Aug 23, 2022
af80079
remove endpoint as it's not needed anymore
demoray Aug 23, 2022
2ed2fe7
remove extra clone
demoray Aug 23, 2022
c41de36
use core's TimeoutPolicy
demoray Aug 23, 2022
482f2e8
address comments
demoray Aug 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions sdk/security_keyvault/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,15 @@ license = "MIT"
edition = "2021"

[dependencies]
async-trait = "0.1"
futures = "0.3"
base64 = "0.13"
reqwest = { version = "0.11", features = ["json"] }
time = "0.3.10"
time = "0.3"
const_format = "0.2.13"
serde_json = "1.0"
url = "2.2"
serde = { version = "1.0", features = ["derive"] }
azure_core = { path = "../core", version = "0.4"}
azure_core = { path = "../core", version = "0.4", no-default-features = true }

[dev-dependencies]
azure_identity = { path = "../identity", default_features = false }
Expand All @@ -30,4 +30,6 @@ async-trait = "0.1"
tokio = { version = "1.0", features = ["macros", "rt-multi-thread"] }

[features]
default = ["azure_core/enable_reqwest"]
default = ["enable_reqwest"]
enable_reqwest = ["azure_core/enable_reqwest"]
enable_reqwest_rustls = ["azure_core/enable_reqwest_rustls"]
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/backup_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,19 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;
let backup_response = client.backup(secret_name).into_future().await?;
dbg!(&backup_response);
Expand Down
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/delete_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,19 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
Copy link
Contributor

@rylev rylev Aug 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is always excluded in our examples, should we perhaps think about inverting this and requiring users who want it, to opt into it?

Copy link
Contributor Author

@bmc-msft bmc-msft Aug 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see #1016

.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;
client.delete(secret_name).into_future().await?;

Expand Down
27 changes: 14 additions & 13 deletions sdk/security_keyvault/examples/get_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,27 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use futures::StreamExt;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");

let creds = std::sync::Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;

let mut versions = client.get_versions(&secret_name).into_stream();
while let Some(version) = versions.next().await {
println!("{:?}", version?);
}

let secret = client.get(secret_name).into_future().await?;
dbg!(secret.value);

Expand Down
29 changes: 14 additions & 15 deletions sdk/security_keyvault/examples/get_secret_versions.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,27 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use futures::StreamExt;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;

let secrets = client.get_versions(secret_name).into_future().await?;
let mut secrets = client.get_versions(secret_name).into_stream();
while let Some(secret) = secrets.next().await {
println!("{:?}", secret?);
}

dbg!(&secrets);

Ok(())
Expand Down
31 changes: 14 additions & 17 deletions sdk/security_keyvault/examples/list_secrets.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,25 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use futures::stream::StreamExt;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
async fn main() -> azure_core::Result<()> {
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;

let secrets = client.list_secrets().into_future().await?;
dbg!(&secrets);
let mut stream = client.list_secrets().into_stream();
while let Some(response) = stream.next().await {
dbg!(&response?);
}

Ok(())
}
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/pass_client.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,18 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;

get_secret(&client).await?;
Expand Down
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/restore_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,19 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let backup_blob = env::var("BACKUP_BLOB").expect("Missing BACKUP_BLOB environment variable.");

let creds = Arc::new(ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
));
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);

let client = SecretClient::new(&keyvault_url, creds)?;

client.restore_secret(&backup_blob).into_future().await?;
Expand Down
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/set_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,22 @@
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");
let secret_value =
env::var("SECRET_VALUE").expect("Missing SECRET_VALUE environment variable.");

let creds = ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);
let client = SecretClient::new(&keyvault_url, Arc::new(creds))?;

let client = SecretClient::new(&keyvault_url, creds)?;

client.set(&secret_name, secret_value).into_future().await?;

Expand Down
22 changes: 8 additions & 14 deletions sdk/security_keyvault/examples/update_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,30 +1,24 @@
use azure_core::date;
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::DefaultAzureCredentialBuilder;
use azure_security_keyvault::SecretClient;
use std::env;
use std::sync::Arc;
use std::{env, sync::Arc};
use time::OffsetDateTime;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable.");
let client_secret =
env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable.");
let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
let keyvault_url =
env::var("KEYVAULT_URL").expect("Missing KEYVAULT_URL environment variable.");
let secret_name = env::var("SECRET_NAME").expect("Missing SECRET_NAME environment variable.");
let secret_version =
env::var("SECRET_VERSION").expect("Missing SECRET_VERSION environment variable.");

let creds = ClientSecretCredential::new(
azure_core::new_http_client(),
tenant_id,
client_id,
client_secret,
TokenCredentialOptions::default(),
let creds = Arc::new(
DefaultAzureCredentialBuilder::new()
.exclude_managed_identity_credential()
.build(),
);
let client = SecretClient::new(&keyvault_url, Arc::new(creds))?;

let client = SecretClient::new(&keyvault_url, creds)?;

// Disable secret.
client
Expand Down
Loading