private static async Task AddVaultAsync(this IConfigurationBuilder builder, VaultOptions options) { VerifyOptions(options); var(client, _) = GetClientAndSettings(options); if (options.Kv is null || !options.Kv.Enabled) { return; } var kvPath = options.Kv?.Path; if (string.IsNullOrWhiteSpace(kvPath)) { throw new VaultException("Vault KV secret path can not be empty."); } Console.WriteLine($"Loading settings from Vault: '{options.Url}', KV path: '{kvPath}'."); var keyValueSecrets = new KeyValueSecrets(client, options); var secret = await keyValueSecrets.GetAsync(kvPath); var parser = new JsonParser(); var data = parser.Parse(JObject.FromObject(secret)); var source = new MemoryConfigurationSource { InitialData = data }; builder.Add(source); }
private static void VerifyOptions(VaultOptions options) { if (options.Kv is null) { return; } if (options.Kv.EngineVersion > 2 || options.Kv.EngineVersion < 0) { throw new VaultException($"Invalid KV engine version: {options.Kv.EngineVersion} (available: 1 or 2)."); } if (options.Kv.EngineVersion == 0) { options.Kv.EngineVersion = 2; } }
public KeyValueSecrets(IVaultClient client, VaultOptions options) { _client = client; _options = options; }
private static IAuthMethodInfo GetAuthMethod(VaultOptions options) => options.AuthType?.ToLowerInvariant() switch { "token" => new TokenAuthMethodInfo(options.Token),
private static (IVaultClient client, VaultClientSettings settings) GetClientAndSettings(VaultOptions options) { var settings = new VaultClientSettings(options.Url, GetAuthMethod(options)); var client = new VaultClient(settings); return(client, settings); }