public static void AternativelyCompoundValue_Normalized(ConfigurationKey[] key, NonEmptyString value, NonEmptyString secretId) { var alternativelyCompoundKey = string.Join(AlternativeKeyDelimiter, key); var datum = new Dictionary <string, object> { [alternativelyCompoundKey] = value.Get, }; var response = new GetSecretValueResponse { SecretString = JsonConvert.SerializeObject(datum), }; var client = new Mock <IAmazonSecretsManager>(); _ = client .Setup(m => m.GetSecretValueAsync(It.IsNotNull <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ReturnsAsync(response); var configurationSource = new SecretsManagerConfigurationSource(client.Object, secretId.Get, Timeout.InfiniteTimeSpan); using var sut = new SecretsManagerConfigurationProvider(configurationSource); sut.Load(); var compoundKey = Combine(key.Select(k => k.Get)); client.Verify(m => m.GetSecretValueAsync(It.Is <GetSecretValueRequest>(r => r.SecretId == secretId.Get), It.IsAny <CancellationToken>()), Times.Once); Assert.Equal(value.Get, sut.Get(compoundKey)); }
public void Build_can_create_a_IConfigurationProvider_with_options(SecretsManagerConfigurationProviderOptions options, IConfigurationBuilder configurationBuilder) { var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Assert.That(provider, Is.Not.Null); Assert.That(provider, Is.InstanceOf <SecretsManagerConfigurationProvider>()); }
public void Build_can_create_a_IConfigurationProvider_with_credentials(AWSCredentials credentials, IConfigurationBuilder configurationBuilder) { var sut = new SecretsManagerConfigurationSource(credentials); var provider = sut.Build(configurationBuilder); Assert.That(provider, Is.Not.Null); Assert.That(provider, Is.InstanceOf <SecretsManagerConfigurationProvider>()); }
public static void NoReload_OK(NonEmptyString secretId) { var client = Mock.Of <IAmazonSecretsManager>(); var configurationSource = new SecretsManagerConfigurationSource(client, secretId.Get, Timeout.InfiniteTimeSpan); using var sut = new SecretsManagerConfigurationProvider(configurationSource); // note(cosborn) Assertion controlled by the "longRunningTestSeconds" parameter in `xunit.runner.json`. sut.WaitForReloadToComplete(Timeout.InfiniteTimeSpan); }
public void Build_uses_given_client_factory_method(IConfigurationBuilder configurationBuilder, SecretsManagerConfigurationProviderOptions options, Func <IAmazonSecretsManager> clientFactory) { options.CreateClient = clientFactory; var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Assert.That(provider, Is.Not.Null); Mock.Get(clientFactory).Verify(p => p()); }
public void Build_invokes_config_client_method(IConfigurationBuilder configurationBuilder, Action <AmazonSecretsManagerConfig> secretsManagerConfiguration) { var options = new SecretsManagerConfigurationProviderOptions { ConfigureSecretsManagerConfig = secretsManagerConfiguration }; var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Mock.Get(secretsManagerConfiguration).Verify(p => p(It.Is <AmazonSecretsManagerConfig>(c => c != null)), Times.Once()); }
/// <summary> /// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from the AWS Secret Manager. /// </summary> /// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param> /// <param name="accessKeyId">AWS Access Key ID</param> /// <param name="accessKeySecret">AWS Secret Access Key</param> /// <param name="region"> The system name of the service like "us-west-1". The default value is us-east-2</param> /// <param name="cacheSize">The maximum number of items the Cache can contain before evicting using LRU. The default value is 1024.</param> /// <param name="cacheItemTTL">The TTL of a Cache item in milliseconds.The default value is 3600000 ms, or 1 hour</param> public static IConfigurationBuilder AddSecretsManager(this IConfigurationBuilder configurationBuilder, string accessKeyId, string accessKeySecret, string region = "us-east-2", ushort cacheSize = 1024, uint cacheItemTTL = 3600000u) { if (!Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT").Equals("Development", StringComparison.OrdinalIgnoreCase)) { var source = new SecretsManagerConfigurationSource(accessKeyId, accessKeySecret, region, cacheSize, cacheItemTTL); configurationBuilder.Add(source); } return(configurationBuilder); }
public void Build_invokes_config_client_method(IConfigurationBuilder configurationBuilder) { bool configInvoked = false; AmazonSecretsManagerConfig usedConfig = null; var sut = new SecretsManagerConfigurationSource(options: new SecretsManagerConfigurationProviderOptions() { ConfigureSecretsManagerConfig = c => { usedConfig = c; configInvoked = true; } }); var provider = sut.Build(configurationBuilder); Assert.That(configInvoked, Is.True); Assert.That(usedConfig, Is.Not.Null); }
public static void DeepValue_Normalized(NonEmptyArray <ConfigurationKey> key, NonEmptyString value, NonEmptyString secretId) { var datum = GenerateDatum(key.Get, value.Get); var response = new GetSecretValueResponse { SecretString = JsonConvert.SerializeObject(datum), }; var client = new Mock <IAmazonSecretsManager>(); _ = client .Setup(m => m.GetSecretValueAsync(It.IsNotNull <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ReturnsAsync(response); var configurationSource = new SecretsManagerConfigurationSource(client.Object, secretId.Get, Timeout.InfiniteTimeSpan); using var sut = new SecretsManagerConfigurationProvider(configurationSource); sut.Load(); var compoundKey = Combine(key.Get.Select(k => k.Get)); client.Verify(m => m.GetSecretValueAsync(It.Is <GetSecretValueRequest>(r => r.SecretId == secretId.Get), It.IsAny <CancellationToken>()), Times.Once); Assert.Equal(value.Get, sut.Get(compoundKey));
public static void NoConfiguredSecret_Exception(NonEmptyString message, NonEmptyString secretId) { var client = new Mock <IAmazonSecretsManager>(); _ = client .Setup(m => m.GetSecretValueAsync(It.IsNotNull <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ThrowsAsync(new ResourceNotFoundException(message.Get)); var configurationSource = new SecretsManagerConfigurationSource(client.Object, secretId.Get, Timeout.InfiniteTimeSpan); using var sut = new SecretsManagerConfigurationProvider(configurationSource); var actual = Record.Exception(sut.Load); client.Verify( m => m.GetSecretValueAsync( It.Is <GetSecretValueRequest>(r => r.SecretId == secretId.Get), It.IsAny <CancellationToken>()), Times.Once); Assert.NotNull(actual); var rnfe = Assert.IsAssignableFrom <ResourceNotFoundException>(actual); Assert.Equal(message.Get, rnfe.Message, Ordinal); }
public static void PlainValue_Unchanged(ConfigurationKey key, NonEmptyString value, NonEmptyString secretId) { var datum = new Dictionary <string, object> { [key.Get] = value.Get, }; var response = new GetSecretValueResponse { SecretString = JsonConvert.SerializeObject(datum), }; var client = new Mock <IAmazonSecretsManager>(); _ = client .Setup(m => m.GetSecretValueAsync(It.IsNotNull <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ReturnsAsync(response); var configurationSource = new SecretsManagerConfigurationSource(client.Object, secretId.Get, Timeout.InfiniteTimeSpan); using var sut = new SecretsManagerConfigurationProvider(configurationSource); sut.Load(); client.Verify(m => m.GetSecretValueAsync(It.Is <GetSecretValueRequest>(r => r.SecretId == secretId.Get), It.IsAny <CancellationToken>()), Times.Once); Assert.Equal(value.Get, sut.Get(key.Get)); }