Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[App Config] Secret reference sample update #18775

Merged
merged 7 commits into from
Nov 22, 2021
Merged

[App Config] Secret reference sample update #18775

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
80fea54
secret reference sample updated
HarshaNalluru Nov 22, 2021
523683e
remove comment
HarshaNalluru Nov 22, 2021
eaa60b9
update comments
HarshaNalluru Nov 22, 2021
4f931fe
Maor's feedback
HarshaNalluru Nov 22, 2021
2775f27
try catch error from sample
HarshaNalluru Nov 22, 2021
94dc5af
remove and
HarshaNalluru Nov 22, 2021
2cf6000
Merge branch 'main' of https://github.com/Azure/azure-sdk-for-js into…
HarshaNalluru Nov 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 63 additions & 36 deletions sdk/appconfiguration/app-configuration/samples-dev/secretReference.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import {
ConfigurationSetting,
parseSecretReference
} from "@azure/app-configuration";
import { SecretClient } from "@azure/keyvault-secrets";
import { parseKeyVaultSecretIdentifier, SecretClient } from "@azure/keyvault-secrets";
import { DefaultAzureCredential } from "@azure/identity";

// Load the .env file if it exists
Expand All @@ -22,67 +22,94 @@ dotenv.config();

export async function main() {
console.log(`Running secretReference sample`);
const secretReference: ConfigurationSetting<SecretReferenceValue> = {
key: `secret${new Date().getTime()}`,
value: {
secretId: `secret-key${Math.ceil(100 + Math.random() * 900)}`
},
isReadOnly: false,
contentType: secretReferenceContentType
};

const key = `secret${new Date().getTime()}`;

// setup method creates
// - a secret using `@azure/keyvault-secrets`
// - and a corresponding secret reference config setting with `@azure/app-configuration`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I think you can drop and

await setup(key);

console.log(`Get the added secretReference from App Config with key: ${key}`);
// Set the following environment variable or edit the value on the following line.
const connectionString = process.env["APPCONFIG_CONNECTION_STRING"] || "";
const appConfigClient = new AppConfigurationClient(connectionString);
const getResponse = await appConfigClient.getConfigurationSetting({
key
});
// You can use the `isSecretReference` global method to check if the content type is secretReferenceContentType ("application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8")

const parsedSecretReference = parseSecretReference(getResponse);

// Get the name and vaultUrl from the secretId
const { name: secretName, vaultUrl } = parseKeyVaultSecretIdentifier(
parsedSecretReference.value.secretId
);

const secretClient = new SecretClient(vaultUrl, new DefaultAzureCredential());

// Read the secret we created
const secret = await secretClient.getSecret(secretName);
console.log(`Get the secret from keyvault key: ${secretName}, value: ${secret.value}`);

console.log(`Deleting the secret from keyvault`);
await secretClient.beginDeleteSecret(secretName);

await cleanupSampleValues([key], appConfigClient);
}

async function setup(key: string) {
if (
!process.env["AZURE_TENANT_ID"] ||
!process.env["AZURE_CLIENT_ID"] ||
!process.env["AZURE_CLIENT_SECRET"] ||
!process.env["KEYVAULT_URI"]
!process.env["KEYVAULT_URI"] ||
!process.env["APPCONFIG_CONNECTION_STRING"]
) {
console.log(
`At least one of the AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and KEYVAULT_URI variables is not present,
`At least one of the AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, APPCONFIG_CONNECTION_STRING and KEYVAULT_URI variables is not present,
please add the missing ones in your environment and rerun the sample.`
);
return;
}

let uri = process.env["KEYVAULT_URI"] || "<keyvault-uri>";
uri = !uri.endsWith("/") ? `${uri}/` : uri;
const secretId = `${uri}secrets/secret-key${Math.ceil(100 + Math.random() * 900)}`;

// DefaultAzureCredential expects the following three environment variables:
// - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
// - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
// - AZURE_CLIENT_SECRET: The client secret for the registered application
const credential = new DefaultAzureCredential();
const url = process.env["KEYVAULT_URI"] || "<keyvault-url>";
const secretClient = new SecretClient(uri, new DefaultAzureCredential());

const secretClient = new SecretClient(url, credential);
const secretName = parseKeyVaultSecretIdentifier(secretId).name;
// Create a secret
console.log(
`Create a keyvault secret with key: ${secretReference.value.secretId} and value: "MySecretValue"`
);
await secretClient.setSecret(secretReference.value.secretId, "MySecretValue");
console.log(`Create a keyvault secret with key: ${secretName} and value: "MySecretValue"`);
await secretClient.setSecret(secretName, "MySecretValue");

// creates the secret reference config setting
await createConfigSetting(key, secretId);
}

async function createConfigSetting(key: string, secretId: string) {
// Set the following environment variable or edit the value on the following line.
const connectionString = process.env["APPCONFIG_CONNECTION_STRING"] || "<connection string>";
const appConfigClient = new AppConfigurationClient(connectionString);

await cleanupSampleValues([secretReference.key], appConfigClient);
const secretReference: ConfigurationSetting<SecretReferenceValue> = {
key,
value: { secretId },
isReadOnly: false,
contentType: secretReferenceContentType
};

await cleanupSampleValues([key], appConfigClient);

console.log(
`Add a new secretReference with key: ${secretReference.key} and secretId: ${secretReference.value.secretId}`
`Add a new secretReference with key: ${key} and secretId: ${secretReference.value.secretId}`
);
await appConfigClient.addConfigurationSetting(secretReference);

console.log(`Get the added secretReference from App Config with key: ${secretReference.key}`);
const getResponse = await appConfigClient.getConfigurationSetting({
key: secretReference.key
});

// You can use the `isSecretReference` global method to check if the content type is secretReferenceContentType ("application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8")
const parsedSecretReference = parseSecretReference(getResponse);
// Read the secret we created
const secret = await secretClient.getSecret(parsedSecretReference.value.secretId);
console.log(`Get the secret from keyvault key: ${secret.name}, value: ${secret.value}`);

console.log(`Deleting the secret from keyvault`);
await secretClient.beginDeleteSecret(parsedSecretReference.value.secretId);

await cleanupSampleValues([secretReference.key], appConfigClient);
}

async function cleanupSampleValues(keys: string[], client: AppConfigurationClient) {
Expand Down
99 changes: 63 additions & 36 deletions sdk/appconfiguration/app-configuration/samples/v1/javascript/secretReference.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ const {
secretReferenceContentType,
parseSecretReference
} = require("@azure/app-configuration");
const { SecretClient } = require("@azure/keyvault-secrets");
const { parseKeyVaultSecretIdentifier, SecretClient } = require("@azure/keyvault-secrets");
const { DefaultAzureCredential } = require("@azure/identity");

// Load the .env file if it exists
Expand All @@ -18,65 +18,92 @@ dotenv.config();

async function main() {
console.log(`Running secretReference sample`);
const secretReference = {
key: `secret${new Date().getTime()}`,
value: {
secretId: `secret-key${Math.ceil(100 + Math.random() * 900)}`
},
isReadOnly: false,
contentType: secretReferenceContentType
};

const key = `secret${new Date().getTime()}`;

// setup method creates
// - a secret using `@azure/keyvault-secrets`
// - and a corresponding secret reference config setting with `@azure/app-configuration`
await setup(key);

console.log(`Get the added secretReference from App Config with key: ${key}`);
// Set the following environment variable or edit the value on the following line.
const connectionString = process.env["APPCONFIG_CONNECTION_STRING"] || "";
const appConfigClient = new AppConfigurationClient(connectionString);
const getResponse = await appConfigClient.getConfigurationSetting({
key
});
// You can use the `isSecretReference` global method to check if the content type is secretReferenceContentType ("application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8")

const parsedSecretReference = parseSecretReference(getResponse);

// Get the name and vaultUrl from the secretId
const { name: secretName, vaultUrl } = parseKeyVaultSecretIdentifier(
parsedSecretReference.value.secretId
);

const secretClient = new SecretClient(vaultUrl, new DefaultAzureCredential());

// Read the secret we created
const secret = await secretClient.getSecret(secretName);
console.log(`Get the secret from keyvault key: ${secretName}, value: ${secret.value}`);

console.log(`Deleting the secret from keyvault`);
await secretClient.beginDeleteSecret(secretName);

await cleanupSampleValues([key], appConfigClient);
}

async function setup(key) {
if (
!process.env["AZURE_TENANT_ID"] ||
!process.env["AZURE_CLIENT_ID"] ||
!process.env["AZURE_CLIENT_SECRET"] ||
!process.env["KEYVAULT_URI"]
!process.env["KEYVAULT_URI"] ||
!process.env["APPCONFIG_CONNECTION_STRING"]
) {
console.log(`At least one of the AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and KEYVAULT_URI variables is not present,
console.log(`At least one of the AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, APPCONFIG_CONNECTION_STRING and KEYVAULT_URI variables is not present,
please add the missing ones in your environment and rerun the sample.`);
return;
}

let uri = process.env["KEYVAULT_URI"] || "<keyvault-uri>";
uri = !uri.endsWith("/") ? `${uri}/` : uri;
const secretId = `${uri}secrets/secret-key${Math.ceil(100 + Math.random() * 900)}`;

// DefaultAzureCredential expects the following three environment variables:
// - AZURE_TENANT_ID: The tenant ID in Azure Active Directory
// - AZURE_CLIENT_ID: The application (client) ID registered in the AAD tenant
// - AZURE_CLIENT_SECRET: The client secret for the registered application
const credential = new DefaultAzureCredential();
const url = process.env["KEYVAULT_URI"] || "<keyvault-url>";
const secretClient = new SecretClient(uri, new DefaultAzureCredential());

const secretClient = new SecretClient(url, credential);
const secretName = parseKeyVaultSecretIdentifier(secretId).name;
// Create a secret
console.log(
`Create a keyvault secret with key: ${secretReference.value.secretId} and value: "MySecretValue"`
);
await secretClient.setSecret(secretReference.value.secretId, "MySecretValue");
console.log(`Create a keyvault secret with key: ${secretName} and value: "MySecretValue"`);
await secretClient.setSecret(secretName, "MySecretValue");

// creates the secret reference config setting
await createConfigSetting(key, secretId);
}

async function createConfigSetting(key, secretId) {
// Set the following environment variable or edit the value on the following line.
const connectionString = process.env["APPCONFIG_CONNECTION_STRING"] || "<connection string>";
const appConfigClient = new AppConfigurationClient(connectionString);

await cleanupSampleValues([secretReference.key], appConfigClient);
const secretReference = {
key,
value: { secretId },
isReadOnly: false,
contentType: secretReferenceContentType
};

await cleanupSampleValues([key], appConfigClient);

console.log(
`Add a new secretReference with key: ${secretReference.key} and secretId: ${secretReference.value.secretId}`
`Add a new secretReference with key: ${key} and secretId: ${secretReference.value.secretId}`
);
await appConfigClient.addConfigurationSetting(secretReference);

console.log(`Get the added secretReference from App Config with key: ${secretReference.key}`);
const getResponse = await appConfigClient.getConfigurationSetting({
key: secretReference.key
});

// You can use the `isSecretReference` global method to check if the content type is secretReferenceContentType ("application/vnd.microsoft.appconfig.keyvaultref+json;charset=utf-8")
const parsedSecretReference = parseSecretReference(getResponse);
// Read the secret we created
const secret = await secretClient.getSecret(parsedSecretReference.value.secretId);
console.log(`Get the secret from keyvault key: ${secret.name}, value: ${secret.value}`);

console.log(`Deleting the secret from keyvault`);
await secretClient.beginDeleteSecret(parsedSecretReference.value.secretId);

await cleanupSampleValues([secretReference.key], appConfigClient);
}

async function cleanupSampleValues(keys, client) {
Expand Down
Loading