/// <summary>
/// <para>Adds the user secrets secret source with specified user secrets ID.</para>
/// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="userSecretsId">The user secrets ID.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="ArgumentException">Thrown when the <paramref name="userSecretsId"/> is blank.</exception>
public static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, string userSecretsId, Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");
Guard.NotNullOrWhitespace(userSecretsId, nameof(userSecretsId), "Requires a non-blank user secrets ID to locate the user secrets");
return(AddUserSecrets(builder, userSecretsId, options => options.MutateSecretName = mutateSecretName));
}
/// <summary>
/// <para>Adds the user secrets secret source. This searches <paramref name="assembly"/> for an instance
/// of <see cref="UserSecretsIdAttribute"/>, which specifies a user secrets ID.</para>
/// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="assembly">The assembly with the <see cref="UserSecretsIdAttribute" />.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="assembly"/> is <c>null</c>.</exception>
/// <exception cref="InvalidOperationException">Thrown when <paramref name="assembly"/> does not have a valid <see cref="UserSecretsIdAttribute"/>.</exception>
public static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, Assembly assembly, Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");
Guard.NotNull(assembly, nameof(assembly), "Requires an assembly to retrieve the user secrets ID which locates the local user secrets");
return(AddUserSecrets(builder, assembly, options => options.MutateSecretName = mutateSecretName));
}
/// <summary>
/// Adds command line arguments as secrets to the secret store.
/// </summary>
/// <param name="builder">The secret store to add the command line arguments to.</param>
/// <param name="arguments">The command line arguments that will be considered secrets.</param>
/// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="arguments"/> is <c>null</c>.</exception>
public static SecretStoreBuilder AddCommandLine(this SecretStoreBuilder builder, string[] arguments, Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the command line arguments as secrets to the secret store");
Guard.NotNull(arguments, nameof(arguments), "Requires a set of command line arguments to be set as secret in the secret store");
return(AddCommandLine(builder, arguments, name: null, mutateSecretName: mutateSecretName));
}
/// <summary>
/// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
/// </summary>
/// <param name="builder">The builder to add the Docker secrets provider to.</param>
/// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
/// <param name="name">The unique name to register this HashiCorp provider in the secret store.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank or is not an absolute path.</exception>
/// <exception cref="DirectoryNotFoundException">Thrown when the <paramref name="directoryPath"/> is not found on the system.</exception>
public static SecretStoreBuilder AddDockerSecrets(
this SecretStoreBuilder builder,
string directoryPath,
string name,
Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path inside the Docker container to locate the secrets");
Guard.For(() => !Path.IsPathRooted(directoryPath),
new ArgumentException("Requires an absolute directory path inside the Docker container to located the secrets", nameof(directoryPath)));
if (!Directory.Exists(directoryPath))
{
throw new DirectoryNotFoundException($"The directory {directoryPath} which is configured as secretsDirectoryPath does not exist.");
}
var configuration = new KeyPerFileConfigurationSource
{
FileProvider = new PhysicalFileProvider(directoryPath),
Optional = false
};
var provider = new KeyPerFileConfigurationProvider(configuration);
provider.Load();
return(builder.AddProvider(new DockerSecretsSecretProvider(directoryPath), options =>
{
options.Name = name;
options.MutateSecretName = mutateSecretName;
}));
}
/// <summary>
/// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
/// </summary>
/// <param name="builder">The builder to add the Docker secrets provider to.</param>
/// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c></exception>
/// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank</exception>
public static SecretStoreBuilder AddDockerSecrets(this SecretStoreBuilder builder, string directoryPath, Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path to locate the Docker secrets");
return(AddDockerSecrets(builder, directoryPath, name: null, mutateSecretName: mutateSecretName));
}
/// <summary>
/// <para>Adds the user secrets secret source with specified user secrets ID.</para>
/// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
/// </summary>
/// <typeparam name="T">The type from the assembly to search for an instance of <see cref="UserSecretsIdAttribute"/>.</typeparam>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="InvalidOperationException">Thrown when the assembly containing <typeparamref name="T"/> does not have <see cref="UserSecretsIdAttribute"/>.</exception>
public static SecretStoreBuilder AddUserSecrets <T>(
this SecretStoreBuilder builder,
Func <string, string> mutateSecretName = null) where T : class
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");
return(AddUserSecrets <T>(builder, options => options.MutateSecretName = mutateSecretName));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="configuration">The configuration of the application, containing secrets.</param>
public static SecretStoreBuilder AddConfiguration(
this SecretStoreBuilder builder,
IConfiguration configuration)
{
Guard.NotNull(builder, nameof(builder));
return(builder.AddProvider(new ConfigurationSecretProvider(configuration)));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the environment.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="target">The target on which the environment variables should be retrieved.</param>
public static SecretStoreBuilder AddEnvironmentVariables(
this SecretStoreBuilder builder,
EnvironmentVariableTarget target = EnvironmentVariableSecretProvider.DefaultTarget)
{
Guard.NotNull(builder, nameof(builder));
return(builder.AddProvider(new EnvironmentVariableSecretProvider(target)));
}
private static SecretStoreBuilder AddUserSecrets <T>(
SecretStoreBuilder builder,
Action <SecretProviderOptions> configureOptions)
{
Assembly assembly = typeof(T).GetTypeInfo().Assembly;
return(AddUserSecrets(builder, assembly, configureOptions));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="configuration">The configuration of the application, containing secrets.</param>
/// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
public static SecretStoreBuilder AddConfiguration(
this SecretStoreBuilder builder,
IConfiguration configuration,
Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");
return(builder.AddProvider(new ConfigurationSecretProvider(configuration), mutateSecretName));
}
/// <summary>
/// Configure an <see cref="ISecretProvider"/> in the application with a given set of stores configured in the given <paramref name="configureSecretStores"/>.
/// </summary>
/// <param name="hostBuilder">The builder to append the secret store configuration to.</param>
/// <param name="configureSecretStores">The customization of the different target secret store sources to include in the final <see cref="ISecretProvider"/>.</param>
public static IHostBuilder ConfigureSecretStore(this IHostBuilder hostBuilder, Action <HostBuilderContext, IConfiguration, SecretStoreBuilder> configureSecretStores)
{
return(hostBuilder.ConfigureServices((context, services) =>
{
var builder = new SecretStoreBuilder(services);
configureSecretStores(context, context.Configuration, builder);
builder.RegisterSecretStore();
}));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="configuration">The configuration of the application, containing secrets.</param>
/// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
public static SecretStoreBuilder AddConfiguration(
this SecretStoreBuilder builder,
IConfiguration configuration,
Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");
Guard.NotNull(configuration, nameof(configuration), "Requires a configuration instance to retrieve the secrets from");
return(AddConfiguration(builder, configuration, name: null, mutateSecretName: mutateSecretName));
}
/// <summary>
/// Configure an <see cref="ISecretProvider"/> in the application with a given set of stores configured in the given <paramref name="configureSecretStores"/>.
/// </summary>
/// <param name="hostBuilder">The builder to append the secret store configuration to.</param>
/// <param name="configureSecretStores">The customization of the different target secret store sources to include in the final <see cref="ISecretProvider"/>.</param>
public static IHostBuilder ConfigureSecretStore(this IHostBuilder hostBuilder, Action <HostBuilderContext, IConfiguration, SecretStoreBuilder> configureSecretStores)
{
return(hostBuilder.ConfigureServices((context, services) =>
{
var builder = new SecretStoreBuilder(services);
configureSecretStores(context, context.Configuration, builder);
services.TryAddSingleton <ISecretProvider, CompositeSecretProvider>();
}));
}
private static (IList <SecretStoreSource> before, IList <SecretStoreSource> after) TrackSecretStoreBuilderFunc(
SecretStoreBuilder builder,
Func <SecretStoreBuilder, SecretStoreBuilder> modifySecretStoreBuilder)
{
IList <SecretStoreSource> before = builder.SecretStoreSources.ToList();
modifySecretStoreBuilder(builder);
IList <SecretStoreSource> after = builder.SecretStoreSources;
return(before, after);
}
private static SecretStoreBuilder AddUserSecrets(SecretStoreBuilder builder, string userSecretsId, Action <SecretProviderOptions> configureOptions)
{
string directoryPath = GetUserSecretsDirectoryPath(userSecretsId);
JsonConfigurationSource source = CreateJsonFileSource(directoryPath);
var provider = new JsonConfigurationProvider(source);
provider.Load();
return(builder.AddProvider(new UserSecretsSecretProvider(provider), configureOptions));
}
/// <summary>
/// Adds Azure Key Vault as a secret source.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param>
/// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param>
/// <param name="allowCaching">The flag to indicate whether to include caching during secret retrieval in Azure key vault.</param>
public static SecretStoreBuilder AddAzureKeyVault(
this SecretStoreBuilder builder,
IKeyVaultAuthentication authentication,
IKeyVaultConfiguration configuration,
bool allowCaching = false)
{
Guard.NotNull(builder, nameof(builder));
Guard.NotNull(authentication, nameof(authentication));
Guard.NotNull(configuration, nameof(configuration));
return(AddAzureKeyVault(builder, authentication, configuration, allowCaching ? new CacheConfiguration() : null));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the environment.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="target">The target on which the environment variables should be retrieved.</param>
/// <param name="prefix">The optional prefix which will be prepended to the secret name when retrieving environment variables.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="ArgumentException">Thrown when the <paramref name="target"/> is outside the bounds of the enumeration.</exception>
public static SecretStoreBuilder AddEnvironmentVariables(
this SecretStoreBuilder builder,
EnvironmentVariableTarget target = EnvironmentVariableSecretProvider.DefaultTarget,
string prefix = null,
Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the environment secrets");
Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(EnvironmentVariableTarget), target),
$"Requires an environment variable target of either '{EnvironmentVariableTarget.Process}', '{EnvironmentVariableTarget.Machine}', or '{EnvironmentVariableTarget.User}'");
return(AddEnvironmentVariables(builder, target, prefix, name: null, mutateSecretName: mutateSecretName));
}
/// <summary>
/// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
/// </summary>
/// <param name="builder">The builder to add the Docker secrets provider to.</param>
/// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank or is not an absolute path.</exception>
public static SecretStoreBuilder AddDockerSecrets(this SecretStoreBuilder builder, string directoryPath, Func <string, string> mutateSecretName = null)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path inside the Docker container to locate the secrets");
Guard.For(() => !Path.IsPathRooted(directoryPath),
new ArgumentException("Requires an absolute directory path inside the Docker container to located the secrets", nameof(directoryPath)));
if (!Directory.Exists(directoryPath))
{
throw new DirectoryNotFoundException($"The directory {directoryPath} which is configured as secretsDirectoryPath does not exist.");
}
return(AddDockerSecrets(builder, directoryPath, name: null, mutateSecretName: mutateSecretName));
}
/// <summary>
/// Adds Azure Key Vault as a secret source which uses Managed Identity authentication.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
/// <param name="connectionString">The connection string to use to authenticate, if applicable.</param>
/// <param name="azureADInstance">The azure AD instance to use to authenticate, if applicable.</param>
/// <param name="allowCaching">The flag to indicate whether to include caching during secret retrieval in Azure key vault.</param>
public static SecretStoreBuilder AddAzureKeyVaultWithManagedServiceIdentity(
this SecretStoreBuilder builder,
string rawVaultUri,
string connectionString = null,
string azureADInstance = null,
bool allowCaching = false)
{
Guard.NotNull(rawVaultUri, nameof(rawVaultUri));
return(AddAzureKeyVault(
builder,
new ManagedServiceIdentityAuthentication(connectionString, azureADInstance),
new KeyVaultConfiguration(rawVaultUri),
allowCaching));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="configuration">The configuration of the application, containing secrets.</param>
/// <param name="name">The unique name to register this Configuration provider in the secret store.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
public static SecretStoreBuilder AddConfiguration(
this SecretStoreBuilder builder,
IConfiguration configuration,
string name,
Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");
Guard.NotNull(configuration, nameof(configuration), "Requires a configuration instance to retrieve the secrets from");
return(builder.AddProvider(new ConfigurationSecretProvider(configuration), options =>
{
options.Name = name;
options.MutateSecretName = mutateSecretName;
}));
}
/// <summary>
/// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
/// </summary>
/// <param name="builder">The builder to add the Docker secrets provider to.</param>
/// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
/// <param name="name">The unique name to register this HashiCorp provider in the secret store.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c></exception>
/// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank</exception>
public static SecretStoreBuilder AddDockerSecrets(
this SecretStoreBuilder builder,
string directoryPath,
string name,
Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path to locate the Docker secrets");
return(builder.AddProvider(new DockerSecretsSecretProvider(directoryPath), options =>
{
options.Name = name;
options.MutateSecretName = mutateSecretName;
}));
}
/// <summary>
/// Authorize the <see cref="ISecretProvider"/> instances added during the given <paramref name="addSecretProviders"/> function to be within the given <paramref name="role"/>.
/// </summary>
/// <param name="builder">The builder instance to add the authorized provider to.</param>
/// <param name="role">The authorized role for all the to-be-added providers.</param>
/// <param name="addSecretProviders">The function that will add the authorized providers.</param>
public static SecretStoreBuilder AuthorizedWithin(
this SecretStoreBuilder builder,
Role role,
Func <SecretStoreBuilder, SecretStoreBuilder> addSecretProviders)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the role-based authorization");
Guard.NotNull(addSecretProviders, nameof(addSecretProviders), "Requires a function to make a set of secret providers only available within a specific role");
Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(Role), role), "Requires the role only within the boundaries of the enumeration");
builder.AddCriticalException <AuthorizationException>();
(IList <SecretStoreSource> before, IList <SecretStoreSource> after) = TrackSecretStoreBuilderFunc(builder, addSecretProviders);
ReplaceSecretSourceWithAuthorized(role, after, before);
return(builder);
}
/// <summary>
/// Adds Azure Key Vault as a secret source which uses certificate authentication.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
/// <param name="clientId">The identifier of the application requesting the authentication token.</param>
/// <param name="certificate">The certificate that is used as credential.</param>
/// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
public static SecretStoreBuilder AddAzureKeyVaultWithCertificate(
this SecretStoreBuilder builder,
string rawVaultUri,
string clientId,
X509Certificate2 certificate,
ICacheConfiguration cacheConfiguration)
{
Guard.NotNull(rawVaultUri, nameof(rawVaultUri));
Guard.NotNull(clientId, nameof(clientId));
Guard.NotNull(certificate, nameof(certificate));
return(AddAzureKeyVault(
builder,
new CertificateBasedAuthentication(clientId, certificate),
new KeyVaultConfiguration(rawVaultUri),
cacheConfiguration: cacheConfiguration));
}
/// <summary>
/// Adds Azure Key Vault as a secret source which uses client secret authentication.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
/// <param name="clientId">The ClientId of the service principal, used to connect to Azure Key Vault</param>
/// <param name="clientKey">The Secret ClientKey of the service principal, used to connect to Azure Key Vault</param>
/// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
public static SecretStoreBuilder AddAzureKeyVaultWithServicePrincipal(
this SecretStoreBuilder builder,
string rawVaultUri,
string clientId,
string clientKey,
ICacheConfiguration cacheConfiguration)
{
Guard.NotNull(rawVaultUri, nameof(rawVaultUri));
Guard.NotNullOrEmpty(clientId, nameof(clientId));
Guard.NotNullOrEmpty(clientKey, nameof(clientKey));
return(AddAzureKeyVault(
builder,
new ServicePrincipalAuthentication(clientId, clientKey),
new KeyVaultConfiguration(rawVaultUri),
cacheConfiguration: cacheConfiguration));
}
/// <summary>
/// Adds a secret source to the secret store of the application that gets its secrets from the environment.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="target">The target on which the environment variables should be retrieved.</param>
/// <param name="prefix">The optional prefix which will be prepended to the secret name when retrieving environment variables.</param>
/// <param name="name">The unique name to register this Environment Variables provider in the secret store.</param>
/// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
/// <exception cref="ArgumentException">Thrown when the <paramref name="target"/> is outside the bounds of the enumeration.</exception>
public static SecretStoreBuilder AddEnvironmentVariables(
this SecretStoreBuilder builder,
EnvironmentVariableTarget target,
string prefix,
string name,
Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the environment secrets");
Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(EnvironmentVariableTarget), target),
$"Requires an environment variable target of either '{EnvironmentVariableTarget.Process}', '{EnvironmentVariableTarget.Machine}', or '{EnvironmentVariableTarget.User}'");
return(builder.AddProvider(new EnvironmentVariableSecretProvider(target, prefix), options =>
{
options.Name = name;
options.MutateSecretName = mutateSecretName;
}));
}
/// <summary>
/// Adds command line arguments as secrets to the secret store.
/// </summary>
/// <param name="builder">The secret store to add the command line arguments to.</param>
/// <param name="arguments">The command line arguments that will be considered secrets.</param>
/// <param name="name">The unique name to register this provider in the secret store.</param>
/// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
/// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="arguments"/> is <c>null</c>.</exception>
public static SecretStoreBuilder AddCommandLine(this SecretStoreBuilder builder, string[] arguments, string name, Func <string, string> mutateSecretName)
{
Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the command line arguments as secrets to the secret store");
Guard.NotNull(arguments, nameof(arguments), "Requires a set of command line arguments to be set as secret in the secret store");
var configProvider = new CommandLineConfigurationProvider(arguments);
configProvider.Load();
var secretProvider = new CommandLineSecretProvider(configProvider);
return(builder.AddProvider(secretProvider, options =>
{
options.Name = name;
options.MutateSecretName = mutateSecretName;
}));
}
/// <summary>
/// Adds Azure Key Vault as a secret source.
/// </summary>
/// <param name="builder">The builder to create the secret store.</param>
/// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param>
/// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param>
/// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
public static SecretStoreBuilder AddAzureKeyVault(
this SecretStoreBuilder builder,
IKeyVaultAuthentication authentication,
IKeyVaultConfiguration configuration,
ICacheConfiguration cacheConfiguration)
{
Guard.NotNull(builder, nameof(builder));
Guard.NotNull(authentication, nameof(authentication));
Guard.NotNull(configuration, nameof(configuration));
var keyVaultSecretProvider = new KeyVaultSecretProvider(authentication, configuration);
if (cacheConfiguration != null)
{
var cachedSecretProvider = new CachedSecretProvider(keyVaultSecretProvider, cacheConfiguration);
return(builder.AddProvider(cachedSecretProvider));
}
return(builder.AddProvider(keyVaultSecretProvider));
}
private static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, Assembly assembly, Action <SecretProviderOptions> configureOptions)
{
string userSecretsId = GetUserSecretsIdFromTypeAssembly(assembly);
return(AddUserSecrets(builder, userSecretsId, configureOptions));
}