public async Task VaultConfiguration_ReloadsValue(VaultKeyValueEngineVersion version)
{
// Arrange
var engine = await _vaultClient.CreateEngineAsync(_engineName, version);
await engine.SetSecretValueAsync("secret", new { key = "value" });
// Act
var config = Configure(vault =>
{
vault.Engine.Version = version;
vault.ReloadOnChange = true;
vault.ReloadDelay = TimeSpan.FromMilliseconds(100);
});
Assert.Equal("value", config.GetValue <string>("secret:key"));
var tcs = new TaskCompletionSource <object>();
using var callback = config.GetReloadToken().RegisterChangeCallback(_ => tcs.SetResult(_), null);
await engine.SetSecretValueAsync("secret", new { key = "new" });
await tcs.Task;
// Assert
Assert.Equal("new", config.GetValue <string>("secret:key"));
}
public async Task VaultConfiguration_ReadsSimpleValue(VaultKeyValueEngineVersion version)
{
// Arrange
var engine = await _vaultClient.CreateEngineAsync(_engineName, version);
await engine.SetSecretValueAsync("secret", new { key = "value" });
// Act
var config = Configure(vault => { vault.Engine.Version = version; });
// Assert
Assert.Equal("value", config.GetValue <string>("secret:key"));
}
public void VaultConfiguration_NoEngine_ReadsNothingIfOptional(VaultKeyValueEngineVersion version)
{
// Act
var config = Configure(
vault =>
{
vault.Engine.Version = version;
vault.Optional = true;
});
// Assert
Assert.Null(config.GetValue <string>("secret"));
}
private static SecretsEngineType MapType(VaultKeyValueEngineVersion version)
{
switch (version)
{
case VaultKeyValueEngineVersion.V1:
return(SecretsEngineType.KeyValueV1);
case VaultKeyValueEngineVersion.V2:
return(SecretsEngineType.KeyValueV2);
default:
throw new ArgumentOutOfRangeException(nameof(version));
}
}
public void VaultConfiguration_NoEngine_ThrowsIfNotOptional(VaultKeyValueEngineVersion version)
{
// Act
var exception = Assert.Throws <VaultEngineNotFoundException>(
() => Configure(
vault =>
{
vault.Engine.Version = version;
vault.Optional = false;
}));
// Assert
Assert.Equal(_engineName, exception.EngineName);
}
public async Task VaultConfiguration_ReadsJsonValue(VaultKeyValueEngineVersion version)
{
// Arrange
var engine = await _vaultClient.CreateEngineAsync(_engineName, version);
var json = new
{
key1 = "value1",
key2 = "value2"
};
await engine.SetSecretValueAsync("secret", new { json });
// Act
var config = Configure(vault => { vault.Engine.Version = version; });
// Assert
Assert.Equal("value1", config.GetValue <string>("secret:json:key1"));
Assert.Equal("value2", config.GetValue <string>("secret:json:key2"));
}
public static async Task <Engine> CreateEngineAsync(this VaultClient client, string engine, VaultKeyValueEngineVersion version)
{
await client.V1.System.MountSecretBackendAsync(
new SecretsEngine
{
Type = MapType(version),
Path = engine
}).ConfigureAwait(false);
return(new Engine(client, engine, version));
}
public Engine(VaultClient client, string name, VaultKeyValueEngineVersion version)
{
_client = client;
_name = name;
_version = version;
}
