Add option to omit Vault Key name in Configuration Data (#10)

almostjulian · web-flow · commit 378f151484b2 · 2021-01-26T23:05:27.000+02:00
* Add option to omit Vault Key name in Configuration Data

* Add tests
diff --git a/Source/VaultSharp.Extensions.Configuration/VaultConfigurationProvider.cs b/Source/VaultSharp.Extensions.Configuration/VaultConfigurationProvider.cs
@@ -106,7 +106,8 @@ private async Task LoadVaultDataAsync(IVaultClient vaultClient)
 
                 if (shouldSetValue)
                 {
-                    this.SetData(data, key);
+                    this.SetData(data, this.ConfigurationSource.Options.OmitVaultKeyName ? string.Empty : key);
+
                     this._versionsCache[key] = secretData.SecretData.Metadata.Version;
                 }
             }
diff --git a/Source/VaultSharp.Extensions.Configuration/VaultOptions.cs b/Source/VaultSharp.Extensions.Configuration/VaultOptions.cs
@@ -14,20 +14,23 @@ public class VaultOptions
         /// <param name="vaultRoleId">Vault Role ID.</param>
         /// <param name="reloadOnChange">Reload secrets if changed in Vault.</param>
         /// <param name="reloadCheckIntervalSeconds">Interval in seconds to check Vault for any changes.</param>
+        /// <param name="omitVaultKeyName">Omit Vault Key Name in Configuration Keys.</param>
         public VaultOptions(
             string vaultAddress,
             string? vaultToken,
             string? vaultSecret = null,
             string? vaultRoleId = null,
             bool reloadOnChange = false,
-            int reloadCheckIntervalSeconds = 300)
+            int reloadCheckIntervalSeconds = 300,
+            bool omitVaultKeyName = false)
         {
             this.VaultAddress = vaultAddress;
             this.VaultToken = vaultToken;
             this.VaultSecret = vaultSecret;
             this.VaultRoleId = vaultRoleId;
             this.ReloadOnChange = reloadOnChange;
             this.ReloadCheckIntervalSeconds = reloadCheckIntervalSeconds;
+            this.OmitVaultKeyName = omitVaultKeyName;
         }
 
         /// <summary>
@@ -60,5 +63,10 @@ public VaultOptions(
         /// Gets interval in seconds to check Vault for any changes.
         /// </summary>
         public int ReloadCheckIntervalSeconds { get; }
+
+        /// <summary>
+        /// Gets a value indicating whether the Vault key should be ommited when generation Configuration key names.
+        /// </summary>
+        public bool OmitVaultKeyName { get;  }
     }
 }
diff --git a/Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs b/Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs
@@ -10,6 +10,7 @@ namespace VaultSharp.Extensions.Configuration.Test
     using FluentAssertions;
     using Microsoft.Extensions.Configuration;
     using Microsoft.VisualStudio.TestPlatform.TestHost;
+    using Newtonsoft.Json;
     using Serilog;
     using Serilog.Core;
     using Serilog.Extensions.Logging;
@@ -64,6 +65,17 @@ await vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(sectionPair.Key, data)
             }
         }
 
+        private async Task LoadDataAsync(string secretPath, string jsonData)
+        {
+            var authMethod = new TokenAuthMethodInfo("root");
+
+            var vaultClientSettings = new VaultClientSettings("http://localhost:8200", authMethod);
+            IVaultClient vaultClient = new VaultClient(vaultClientSettings);
+
+            var dictionary = JsonConvert.DeserializeObject<Dictionary<string, object>>(jsonData);
+            await vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(secretPath, dictionary).ConfigureAwait(false);
+        }
+
         [Fact]
         public async Task Success_SimpleTest_TokenAuth()
         {
@@ -132,6 +144,35 @@ public async Task Success_SimpleTest_TokenAuth()
             }
         }
 
+        [Fact]
+        public async Task Success_SimpleTestOmitVaultKey_TokenAuth()
+        {
+            string jsonData = @"{""option1"": ""value1"",""subsection"":{""option2"": ""value2""}}";
+            var container = this.PrepareVaultContainer();
+            try
+            {
+                await container.StartAsync().ConfigureAwait(false);
+                await this.LoadDataAsync("myservice-config", jsonData).ConfigureAwait(false);
+
+                // act
+                ConfigurationBuilder builder = new ConfigurationBuilder();
+                builder.AddVaultConfiguration(
+                    () => new VaultOptions("http://localhost:8200", "root", omitVaultKeyName: true),
+                    "myservice-config",
+                    "secret",
+                    this._logger);
+                var configurationRoot = builder.Build();
+
+                // assert
+                configurationRoot.GetValue<string>("option1").Should().Be("value1");
+                configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
+            }
+            finally
+            {
+                await container.DisposeAsync().ConfigureAwait(false);
+            }
+        }
+
         [Fact]
         public async Task Success_WatcherTest_TokenAuth()
         {
@@ -193,6 +234,59 @@ public async Task Success_WatcherTest_TokenAuth()
                 await container.DisposeAsync().ConfigureAwait(false);
             }
         }
+
+        [Fact]
+        public async Task Success_WatcherTest_OmitVaultKey_TokenAuth()
+        {
+            // arrange
+            using CancellationTokenSource cts = new CancellationTokenSource();
+            string jsonData = @"{""option1"": ""value1"",""subsection"":{""option2"": ""value2""}}";
+
+            var container = this.PrepareVaultContainer();
+            try
+            {
+                await container.StartAsync().ConfigureAwait(false);
+                await this.LoadDataAsync("myservice-config", jsonData).ConfigureAwait(false);
+
+
+                // act
+                ConfigurationBuilder builder = new ConfigurationBuilder();
+                builder.AddVaultConfiguration(
+                    () => new VaultOptions("http://localhost:8200", "root", reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true),
+                    "myservice-config",
+                    "secret",
+                    this._logger);
+                var configurationRoot = builder.Build();
+                VaultChangeWatcher changeWatcher = new VaultChangeWatcher(configurationRoot, this._logger);
+                await changeWatcher.StartAsync(cts.Token).ConfigureAwait(false);
+                var reloadToken = configurationRoot.GetReloadToken();
+
+                // assert
+                configurationRoot.GetValue<string>("option1").Should().Be("value1");
+                configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
+                reloadToken.HasChanged.Should().BeFalse();
+
+                // load new data and wait for reload
+                jsonData =
+                    @"{""option1"": ""value1_new"",""subsection"": {""option2"": ""value2_new""},""subsection3"": {""option3"": ""value3_new""}}";
+
+                await this.LoadDataAsync("myservice-config", jsonData).ConfigureAwait(false);
+                await Task.Delay(TimeSpan.FromSeconds(15)).ConfigureAwait(true);
+
+                reloadToken.HasChanged.Should().BeTrue();
+                configurationRoot.GetValue<string>("option1").Should().Be("value1_new");
+                configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2_new");
+                configurationRoot.GetSection("subsection3").GetValue<string>("option3").Should().Be("value3_new");
+
+                changeWatcher.Dispose();
+            }
+            finally
+            {
+                cts.Cancel();
+                await container.DisposeAsync().ConfigureAwait(false);
+            }
+        }
+
     }
 
     public class TestConfigObject

Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,8 @@ private async Task LoadVaultDataAsync(IVaultClient vaultClient)`
`106`	`106`
`107`	`107`	`if (shouldSetValue)`
`108`	`108`	`{`
`109`		`- this.SetData(data, key);`
	`109`	`+ this.SetData(data, this.ConfigurationSource.Options.OmitVaultKeyName ? string.Empty : key);`
	`110`	`+`
`110`	`111`	`this._versionsCache[key] = secretData.SecretData.Metadata.Version;`
`111`	`112`	`}`
`112`	`113`	`}`