Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prefix for imported secrets #49

Closed
almostjulian opened this issue Jan 30, 2024 · 8 comments
Closed

Prefix for imported secrets #49

almostjulian opened this issue Jan 30, 2024 · 8 comments
Labels
enhancement New feature or request

Comments

@almostjulian
Copy link
Contributor

I'm pulling secrets from Vault from multiple secret paths. Unfortunately, some of those secrets uniquely named. Could we get a new option to insert a prefix/parentPath into the secrets imported at the path?

e.g. something like:

{
    "ConnectionString": "secret value",
    "Option1": "secret value 2",
}

with code like:

config.AddVaultConfiguration(
        () => new VaultOptions(
            "htpp://localhost:8200",
            new KerberosAuthMethodInfo(),
            reloadOnChange: true,
            reloadCheckIntervalSeconds: 60),
        "azure/signalr",
        "secret", prefix: "SignalR" );

would mean the ConnectionString value would be accessible under Configuration[SignalR:ConnectionString]
@almostjulian almostjulian added the enhancement New feature or request label Jan 30, 2024
@MrZoidberg
Copy link
Owner

@almostjulian please check the BasePath in VaultConfigurationSource. It should do what you want:

 // act
 ConfigurationBuilder builder = new ConfigurationBuilder();
 builder.AddVaultConfiguration(
     () => new VaultOptions("http://localhost:8200", "root"),
     "SignalR", // <---- this is base path, basically the prefix
     "secret", // <---- this is the mount point
     this._logger);

@almostjulian
Copy link
Contributor Author

If the base path contains other folders (one more level of nesting before getting to secrets), this works as you describe, the configuration places all the folders as hierarchical configuration items. In my example above, if I set the base path to azure I would see secrets under signalr (e.g. signalr:ConnectionString) but it would also import everything underneath azure, which I don't want. If I go directly to signlar, it doesn't include the base path in the configuration name, so I would have to use Configuration['ConnectionString''].

I can include screenshots to illustrate if the above isn't clear.

@MrZoidberg
Copy link
Owner

So, do you want to import from Vault with a prefix, or read keys with a certain prefix, I think that's what I don't get at the moment :)

@almostjulian
Copy link
Contributor Author

The former, I want to import keys, and place them within a prefix of my choosing (without having to change anything on the vault side to do so).

@MrZoidberg
Copy link
Owner

Ok, I see. That is something possible. I don't have much time but can do some stuff over the weekend. Feel free to submit your PR if you can.

@almostjulian
Copy link
Contributor Author

Sure thing, I'll try to submit something later this week before the weekend.

@almostjulian
Copy link
Contributor Author

Apologies for the delay, I've created #53 for this

@MrZoidberg
Copy link
Owner

Released in 1.0.2 https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration/releases/tag/1.0.2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MrZoidberg @almostjulian