[ExcludeFromCodeCoverage] //excluded as Msi isn't part of the build pipeline for testing. public static IConfigurationBuilder AddKeyVaultSecrets(this IConfigurationBuilder builder, List <string> keys, bool throwNotFoundErrors = false) { try { var instanceName = builder.Build().GetValue <string>("KeyVaultInstanceName"); if (instanceName.IsNullOrEmpty()) { throw new InvalidOperationException("Expecting setting \"KeyVaultInstanceName\" to infer instance name"); } var vault = new KeyVault(new MsiConfig { KeyVaultInstanceName = instanceName }); var secrets = new List <KeyValuePair <string, string> >(); // Gather secrets from Key Vault foreach (var key in keys) { try { var value = vault.GetSecret(key).GetAwaiter().GetResult(); secrets.Add(new KeyValuePair <string, string>(key, value)); } catch (KeyVaultErrorException e) { // Throw an exception if requested. if (e.Response.StatusCode == HttpStatusCode.NotFound && throwNotFoundErrors) { throw; } // Do nothing if it fails to find the value. Console.WriteLine($"Failed to find keyvault setting: {key}, exception: {e.Message}"); } } // Add them to config. if (secrets.Any()) { builder.AddInMemoryCollection(secrets); } // Keep track of instance. KeyVaultInstance = vault; // Return updated builder. return(builder); } catch (Exception ex) { throw new InvalidOperationException("Problem occurred retrieving secrets from KeyVault using Managed Identity", ex); } }
public KeyVaultIntegrationTests() { _config = new ConfigurationBuilder().AddJsonFile("appSettings.json").Build(); _kvClient = new KeyVault(new ServicePrincipleConfig { KeyVaultInstanceName = _config.GetValue <string>("InstanceName"), AppSecret = _config.GetValue <string>("AppSecret"), TenantId = _config.GetValue <string>("TenantId"), AppId = _config.GetValue <string>("AppId"), }); }
/// <summary> /// Adds key vault secrets to the configuration builder. /// Uses Service Principle configuration for security. /// </summary> /// <param name="builder">The builder to extend.</param> /// <param name="config">The service principle configuration information.</param> /// <param name="keys">The keys to lookup.</param> /// <returns>IConfigurationBuilder.</returns> /// <exception cref="InvalidOperationException">Problem occurred retrieving secrets from KeyVault</exception> public static IConfigurationBuilder AddKeyVaultSecrets(this IConfigurationBuilder builder, ServicePrincipleConfig config, params string[] keys) { try { var vault = new KeyVault(config); var secrets = new List <KeyValuePair <string, string> >(); // Gather secrets from Key Vault foreach (var key in keys) { try { var value = vault.GetSecret(key).GetAwaiter().GetResult(); secrets.Add(new KeyValuePair <string, string>(key, value)); } catch (KeyVaultErrorException e) { // Do nothing if it fails to find the value. Console.WriteLine($"Failed to find keyvault setting: {key}, exception: {e.Message}"); } } // Add them to config. if (secrets.Any()) { builder.AddInMemoryCollection(secrets); } // Keep track of instance. KeyVaultInstance = vault; // Return updated builder. return(builder); } catch (Exception ex) { throw new InvalidOperationException("Problem occurred retrieving secrets from KeyVault using Service Principle", ex); } }