Feature/58 aws options from appsettings #61
Conversation
…region from AWSOptions if required
| and both will be used. The same applies for the `ListSecretsFilters` collection. For all other properties, the code-based configuration | ||
| will take precedence. |
There was a problem hiding this comment.
Is it really "code-based precedence will take precedence" or simply "last called wins"?
| If you would like to build this project locally, just execute the `build.cake` script. | ||
| If you would like to build this project locally, just exe7ute the `build.cake` script. |
| /// <summary> | ||
| /// Determines whether or not the options for the configuration provider should be read from configuration. | ||
| /// </summary> | ||
| public bool ReadFromConfig { get; set; } |
There was a problem hiding this comment.
I would avoid shortenings.
| public bool ReadFromConfig { get; set; } | |
| public bool ReadFromConfiguration { get; set; } |
| /// <summary> | ||
| /// The name of the configuration section containing the options. | ||
| /// </summary> | ||
| public string ConfigSectionName { get; set; } = SecretsManagerConfigurationSection.DefaultConfigSectionName; |
There was a problem hiding this comment.
Same as above.
| public string ConfigSectionName { get; set; } = SecretsManagerConfigurationSection.DefaultConfigSectionName; | |
| public string ConfigurationSectionName { get; set; } = SecretsManagerConfigurationSection.DefaultConfigSectionName; |
| /// Enables the extension to read options from an IConfigurationSection. | ||
| /// </summary> | ||
| /// <param name="configSectionName">The name of the configuration section containing the options.</param> | ||
| public void ReadFromConfigSection(string configSectionName = SecretsManagerConfigurationSection.DefaultConfigSectionName) |
There was a problem hiding this comment.
I'd go for ReadFromConfiguration instead.
| public void ReadFromConfigSection(string configSectionName = SecretsManagerConfigurationSection.DefaultConfigSectionName) | |
| public void ReadFromConfiguration(string configSectionName = SecretsManagerConfigurationSection.DefaultConfigSectionName) |
Another option could be UseConfiguration. What do you think?
|
|
||
| public RegionEndpoint? Region { get; set; } | ||
|
|
||
| public IConfigurationProvider Build(IConfigurationBuilder builder) | ||
| { | ||
| var client = CreateClient(); | ||
| var client = CreateClient(); |
| options.AcceptedSecretArns?.AddRange(smConfig.AcceptedSecretArns); | ||
|
|
||
| options.PollingInterval ??= smConfig?.PollingIntervalInSeconds != null | ||
| ? TimeSpan.FromSeconds(smConfig.PollingIntervalInSeconds.Value) |
There was a problem hiding this comment.
I think we should support TimeSpan.Parse as well here.
| if (profile == null) | ||
| return FallbackCredentialsFactory.GetCredentials(); |
There was a problem hiding this comment.
| if (profile == null) | |
| return FallbackCredentialsFactory.GetCredentials(); | |
| if (profile == null) | |
| { | |
| return FallbackCredentialsFactory.GetCredentials(); | |
| } |
| ## Configuration via appsettings.json | ||
| Many options can be specified in a JSON file rather than hardcoded within the app. To do so, | ||
| the `ReadFromConfigSection` method should be called, like so: |
There was a problem hiding this comment.
I would rather specify that many options can be specified using the Microsoft Configuration system without limiting to the JSON file. After all, the configuration values can be provided using other providers.
| ```csharp | ||
| builder.AddSecretsManager(configurator: options => | ||
| { | ||
| options.ReadFromConfigSection(); |
| /// The location of the file containing the credentials profiles. | ||
| /// </summary> | ||
| public string ProfilesLocation { get; set; } | ||
| } |
There was a problem hiding this comment.
I've been thinking if it's better for the extension to handle everything or if it is worth taking a dependency on AWSSDK.Extensions.NETCore.Setup .
Unfortunately AWSOptions? options = settings.GetAWSOptions("AWS:SecretsManager"); from the mentioned AWS package does not initialize AWSCredentials for some reason.
To overcome this I added a new method to IConfiguration : GetAWSOptionsWithCredentials that also sets the options.Credentials.
Using AWSSDK.Extensions.NETCore.Setup will allow smooth integration with localstack through localstack-dotnet-client
There was a problem hiding this comment.
I'd like to keep this library as supple and lean as possible.
|
I'm considering closing this PR because I am doubtful about importing the whole authentication and request signing into this library. There are still good bits that should be taken like support for configuration file. I will open a new PR with that part and make sure that @devklick will get recognition for their work on this PR that was instrumental to understand the problem space and how to go forward. |
Kralizek
force-pushed
the
master
branch
3 times, most recently
from
433e32f to
2b70308
Compare
The changes in this PR are to address issues #58 and #57 - Adding support to take pieces of configuration from an appsettings file, rather than all configuration having to be specified in code.
Reading from config
Can be enabled by calling the
SecretsManagerConfigurationProviderOptions.ReadFromConfigSectionmethod and optionally specifying the name of the config section to be read from. See example app for usage.Supported options
Several options can be specified in config - see the example config section in README for those that are supported.
Falling back on AWS config
The default AWS config section will be used as a fallback source for the AWS client region & credentials profile if this information is not specified in the custom config section. See README for more.
Mixing appsettings and hardcoded config
Options can be taken from a combination of appsettings & hardcoded, but some rules apply - see README for more.
Still to be done