├── .editorconfig
├── .gitattributes
├── .github
    ├── CODE_OF_CONDUCT.md
    ├── CONTRIBUTING.md
    ├── ISSUE_TEMPLATE
    │   ├── BUG_REPORT.md
    │   ├── FEATURE_REQUEST.md
    │   └── QUESTION.md
    ├── PULL_REQUEST_TEMPLATE.md
    ├── SECURITY.md
    ├── release-drafter.yml
    └── workflows
    │   ├── build.yml
    │   ├── master.yml
    │   ├── release-drafter.yml
    │   └── release.yml
├── .gitignore
├── .vscode
    ├── launch.json
    └── tasks.json
├── Directory.Build.props
├── Directory.Build.targets
├── Gitversion.yml
├── Key.snk
├── LICENSE.md
├── README.md
├── Source
    ├── .dockerignore
    ├── Directory.Build.props
    ├── SampleWebApp
    │   ├── Controllers
    │   │   └── HelloController.cs
    │   ├── Dockerfile
    │   ├── Options
    │   │   └── TestOptions.cs
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── launchSettings.json
    │   ├── SampleWebApp.csproj
    │   ├── Startup.cs
    │   ├── appsettings.Development.json
    │   ├── appsettings.json
    │   └── secrets.json
    └── VaultSharp.Extensions.Configuration
    │   ├── VaultChangeWatcher.cs
    │   ├── VaultConfigurationExtensions.cs
    │   ├── VaultConfigurationProvider.cs
    │   ├── VaultConfigurationSource.cs
    │   ├── VaultEnvironmentVariableNames.cs
    │   ├── VaultOptions.cs
    │   └── VaultSharp.Extensions.Configuration.csproj
├── Tests
    ├── .editorconfig
    ├── Directory.Build.props
    └── VaultSharp.Extensions.Configuration.Test
    │   ├── IntegrationTests.cs
    │   ├── IntegrationTests_SSL.cs
    │   ├── VaultSharp.Extensions.Configuration.Test.csproj
    │   ├── approle.sh
    │   └── approle_nolist.sh
├── VaultSharp.Extensions.Configuration.sln
├── build.cake
├── docker-compose.yml
├── makefile
├── runsettings.xml
└── tools
    ├── nuget.exe
    └── packages.config


/.editorconfig:
--------------------------------------------------------------------------------
  1 | # Version: 1.6.0 (Using https://semver.org/)
  2 | # Updated: 2020-07-28
  3 | # See https://github.com/RehanSaeed/EditorConfig/releases for release notes.
  4 | # See https://github.com/RehanSaeed/EditorConfig for updates to this file.
  5 | # See http://EditorConfig.org for more information about .editorconfig files.
  6 | 
  7 | ##########################################
  8 | # Common Settings
  9 | ##########################################
 10 | 
 11 | # This file is the top-most EditorConfig file
 12 | root = true
 13 | 
 14 | # All Files
 15 | [*]
 16 | charset = utf-8
 17 | indent_style = space
 18 | indent_size = 4
 19 | insert_final_newline = true
 20 | trim_trailing_whitespace = true
 21 | 
 22 | ##########################################
 23 | # File Extension Settings
 24 | ##########################################
 25 | 
 26 | # Visual Studio Solution Files
 27 | [*.sln]
 28 | indent_style = tab
 29 | 
 30 | # Visual Studio XML Project Files
 31 | [*.{csproj,vbproj,vcxproj.filters,proj,projitems,shproj}]
 32 | indent_size = 2
 33 | 
 34 | # XML Configuration Files
 35 | [*.{xml,config,props,targets,nuspec,resx,ruleset,vsixmanifest,vsct}]
 36 | indent_size = 2
 37 | 
 38 | # JSON Files
 39 | [*.{json,json5,webmanifest}]
 40 | indent_size = 2
 41 | 
 42 | # YAML Files
 43 | [*.{yml,yaml}]
 44 | indent_size = 2
 45 | 
 46 | # Markdown Files
 47 | [*.md]
 48 | trim_trailing_whitespace = false
 49 | 
 50 | # Web Files
 51 | [*.{htm,html,js,jsm,ts,tsx,css,sass,scss,less,svg,vue}]
 52 | indent_size = 2
 53 | 
 54 | # Batch Files
 55 | [*.{cmd,bat}]
 56 | end_of_line = crlf
 57 | 
 58 | # Bash Files
 59 | [*.sh]
 60 | end_of_line = lf
 61 | 
 62 | # Makefiles
 63 | [Makefile]
 64 | indent_style = tab
 65 | 
 66 | ##########################################
 67 | # File Header (Uncomment to support file headers)
 68 | # https://docs.microsoft.com/en-us/visualstudio/ide/reference/add-file-header
 69 | ##########################################
 70 | 
 71 | # [*.{cs,csx,cake,vb,vbx}]
 72 | # file_header_template = <copyright file="{fileName}" company="PROJECT-AUTHOR">\nCopyright (©) PROJECT-AUTHOR. All Rights Reserved\n</copyright>
 73 | 
 74 | # SA1636: File header copyright text should match
 75 | # Justification: .editorconfig supports file headers, so specifying a stylecop.json file with the file header is not needed.
 76 | # dotnet_diagnostic.SA1636.severity = none
 77 | 
 78 | ##########################################
 79 | # .NET Language Conventions
 80 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions
 81 | ##########################################
 82 | 
 83 | # .NET Code Style Settings
 84 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#net-code-style-settings
 85 | [*.{cs,csx,cake,vb,vbx}]
 86 | # "this." and "Me." qualifiers
 87 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#this-and-me
 88 | dotnet_style_qualification_for_field = true:warning
 89 | dotnet_style_qualification_for_property = true:warning
 90 | dotnet_style_qualification_for_method = true:warning
 91 | dotnet_style_qualification_for_event = true:warning
 92 | # Language keywords instead of framework type names for type references
 93 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#language-keywords
 94 | dotnet_style_predefined_type_for_locals_parameters_members = true:warning
 95 | dotnet_style_predefined_type_for_member_access = true:warning
 96 | # Modifier preferences
 97 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#normalize-modifiers
 98 | dotnet_style_require_accessibility_modifiers = always:warning
 99 | csharp_preferred_modifier_order = public,private,protected,internal,static,extern,new,virtual,abstract,sealed,override,readonly,unsafe,volatile,async
100 | visual_basic_preferred_modifier_order = Partial,Default,Private,Protected,Public,Friend,NotOverridable,Overridable,MustOverride,Overloads,Overrides,MustInherit,NotInheritable,Static,Shared,Shadows,ReadOnly,WriteOnly,Dim,Const,WithEvents,Widening,Narrowing,Custom,Async
101 | dotnet_style_readonly_field = true:warning
102 | # Parentheses preferences
103 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#parentheses-preferences
104 | dotnet_style_parentheses_in_arithmetic_binary_operators = always_for_clarity:warning
105 | dotnet_style_parentheses_in_relational_binary_operators = always_for_clarity:warning
106 | dotnet_style_parentheses_in_other_binary_operators = always_for_clarity:warning
107 | dotnet_style_parentheses_in_other_operators = never_if_unnecessary:suggestion
108 | # Expression-level preferences
109 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#expression-level-preferences
110 | dotnet_style_object_initializer = true:warning
111 | dotnet_style_collection_initializer = true:warning
112 | dotnet_style_explicit_tuple_names = true:warning
113 | dotnet_style_prefer_inferred_tuple_names = true:warning
114 | dotnet_style_prefer_inferred_anonymous_type_member_names = true:warning
115 | dotnet_style_prefer_auto_properties = true:warning
116 | dotnet_style_prefer_is_null_check_over_reference_equality_method = true:warning
117 | dotnet_style_prefer_conditional_expression_over_assignment = false:suggestion
118 | dotnet_style_prefer_conditional_expression_over_return = false:suggestion
119 | dotnet_style_prefer_compound_assignment = true:warning
120 | # Null-checking preferences
121 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#null-checking-preferences
122 | dotnet_style_coalesce_expression = true:warning
123 | dotnet_style_null_propagation = true:warning
124 | # Parameter preferences
125 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#parameter-preferences
126 | dotnet_code_quality_unused_parameters = all:warning
127 | # More style options (Undocumented)
128 | # https://github.com/MicrosoftDocs/visualstudio-docs/issues/3641
129 | dotnet_style_operator_placement_when_wrapping = end_of_line
130 | # https://github.com/dotnet/roslyn/pull/40070
131 | dotnet_style_prefer_simplified_interpolation = true:warning
132 | 
133 | # C# Code Style Settings
134 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#c-code-style-settings
135 | [*.{cs,csx,cake}]
136 | # Implicit and explicit types
137 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#implicit-and-explicit-types
138 | csharp_style_var_for_built_in_types = true:warning
139 | csharp_style_var_when_type_is_apparent = true:warning
140 | csharp_style_var_elsewhere = true:warning
141 | # Expression-bodied members
142 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#expression-bodied-members
143 | csharp_style_expression_bodied_methods = true:warning
144 | csharp_style_expression_bodied_constructors = true:warning
145 | csharp_style_expression_bodied_operators = true:warning
146 | csharp_style_expression_bodied_properties = true:warning
147 | csharp_style_expression_bodied_indexers = true:warning
148 | csharp_style_expression_bodied_accessors = true:warning
149 | csharp_style_expression_bodied_lambdas = true:warning
150 | csharp_style_expression_bodied_local_functions = true:warning
151 | # Pattern matching
152 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#pattern-matching
153 | csharp_style_pattern_matching_over_is_with_cast_check = true:warning
154 | csharp_style_pattern_matching_over_as_with_null_check = true:warning
155 | # Inlined variable declarations
156 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#inlined-variable-declarations
157 | csharp_style_inlined_variable_declaration = true:warning
158 | # Expression-level preferences
159 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#expression-level-preferences
160 | csharp_prefer_simple_default_expression = true:warning
161 | # "Null" checking preferences
162 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#c-null-checking-preferences
163 | csharp_style_throw_expression = true:warning
164 | csharp_style_conditional_delegate_call = true:warning
165 | # Code block preferences
166 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#code-block-preferences
167 | csharp_prefer_braces = true:warning
168 | # Unused value preferences
169 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#unused-value-preferences
170 | csharp_style_unused_value_expression_statement_preference = discard_variable:suggestion
171 | csharp_style_unused_value_assignment_preference = discard_variable:suggestion
172 | # Index and range preferences
173 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#index-and-range-preferences
174 | csharp_style_prefer_index_operator = true:warning
175 | csharp_style_prefer_range_operator = true:warning
176 | # Miscellaneous preferences
177 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-language-conventions#miscellaneous-preferences
178 | csharp_style_deconstructed_variable_declaration = true:warning
179 | csharp_style_pattern_local_over_anonymous_function = true:warning
180 | csharp_using_directive_placement = inside_namespace:warning
181 | csharp_prefer_static_local_function = true:warning
182 | csharp_prefer_simple_using_statement = true:suggestion
183 | 
184 | ##########################################
185 | # .NET Formatting Conventions
186 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-code-style-settings-reference#formatting-conventions
187 | ##########################################
188 | 
189 | # Organize usings
190 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-formatting-conventions#organize-using-directives
191 | dotnet_sort_system_directives_first = true
192 | # Newline options
193 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-formatting-conventions#new-line-options
194 | csharp_new_line_before_open_brace = all
195 | csharp_new_line_before_else = true
196 | csharp_new_line_before_catch = true
197 | csharp_new_line_before_finally = true
198 | csharp_new_line_before_members_in_object_initializers = true
199 | csharp_new_line_before_members_in_anonymous_types = true
200 | csharp_new_line_between_query_expression_clauses = true
201 | # Indentation options
202 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-formatting-conventions#indentation-options
203 | csharp_indent_case_contents = true
204 | csharp_indent_switch_labels = true
205 | csharp_indent_labels = no_change
206 | csharp_indent_block_contents = true
207 | csharp_indent_braces = false
208 | csharp_indent_case_contents_when_block = false
209 | # Spacing options
210 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-formatting-conventions#spacing-options
211 | csharp_space_after_cast = false
212 | csharp_space_after_keywords_in_control_flow_statements = true
213 | csharp_space_between_parentheses = false
214 | csharp_space_before_colon_in_inheritance_clause = true
215 | csharp_space_after_colon_in_inheritance_clause = true
216 | csharp_space_around_binary_operators = before_and_after
217 | csharp_space_between_method_declaration_parameter_list_parentheses = false
218 | csharp_space_between_method_declaration_empty_parameter_list_parentheses = false
219 | csharp_space_between_method_declaration_name_and_open_parenthesis = false
220 | csharp_space_between_method_call_parameter_list_parentheses = false
221 | csharp_space_between_method_call_empty_parameter_list_parentheses = false
222 | csharp_space_between_method_call_name_and_opening_parenthesis = false
223 | csharp_space_after_comma = true
224 | csharp_space_before_comma = false
225 | csharp_space_after_dot = false
226 | csharp_space_before_dot = false
227 | csharp_space_after_semicolon_in_for_statement = true
228 | csharp_space_before_semicolon_in_for_statement = false
229 | csharp_space_around_declaration_statements = false
230 | csharp_space_before_open_square_brackets = false
231 | csharp_space_between_empty_square_brackets = false
232 | csharp_space_between_square_brackets = false
233 | # Wrapping options
234 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-formatting-conventions#wrap-options
235 | csharp_preserve_single_line_statements = false
236 | csharp_preserve_single_line_blocks = true
237 | 
238 | ##########################################
239 | # .NET Naming Conventions
240 | # https://docs.microsoft.com/visualstudio/ide/editorconfig-naming-conventions
241 | ##########################################
242 | 
243 | [*.{cs,csx,cake,vb,vbx}]
244 | 
245 | ##########################################
246 | # Styles
247 | ##########################################
248 | 
249 | # camel_case_style - Define the camelCase style
250 | dotnet_naming_style.camel_case_style.capitalization = camel_case
251 | # pascal_case_style - Define the PascalCase style
252 | dotnet_naming_style.pascal_case_style.capitalization = pascal_case
253 | # first_upper_style - The first character must start with an upper-case character
254 | dotnet_naming_style.first_upper_style.capitalization = first_word_upper
255 | # prefix_interface_with_i_style - Interfaces must be PascalCase and the first character of an interface must be an 'I'
256 | dotnet_naming_style.prefix_interface_with_i_style.capitalization = pascal_case
257 | dotnet_naming_style.prefix_interface_with_i_style.required_prefix = I
258 | # prefix_type_parameters_with_t_style - Generic Type Parameters must be PascalCase and the first character must be a 'T'
259 | dotnet_naming_style.prefix_type_parameters_with_t_style.capitalization = pascal_case
260 | dotnet_naming_style.prefix_type_parameters_with_t_style.required_prefix = T
261 | # disallowed_style - Anything that has this style applied is marked as disallowed
262 | dotnet_naming_style.disallowed_style.capitalization  = pascal_case
263 | dotnet_naming_style.disallowed_style.required_prefix = ____RULE_VIOLATION____
264 | dotnet_naming_style.disallowed_style.required_suffix = ____RULE_VIOLATION____
265 | # internal_error_style - This style should never occur... if it does, it indicates a bug in file or in the parser using the file
266 | dotnet_naming_style.internal_error_style.capitalization  = pascal_case
267 | dotnet_naming_style.internal_error_style.required_prefix = ____INTERNAL_ERROR____
268 | dotnet_naming_style.internal_error_style.required_suffix = ____INTERNAL_ERROR____
269 | 
270 | ##########################################
271 | # .NET Design Guideline Field Naming Rules
272 | # Naming rules for fields follow the .NET Framework design guidelines
273 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/index
274 | ##########################################
275 | 
276 | # All public/protected/protected_internal constant fields must be PascalCase
277 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/field
278 | dotnet_naming_symbols.public_protected_constant_fields_group.applicable_accessibilities = public, protected, protected_internal
279 | dotnet_naming_symbols.public_protected_constant_fields_group.required_modifiers         = const
280 | dotnet_naming_symbols.public_protected_constant_fields_group.applicable_kinds           = field
281 | dotnet_naming_rule.public_protected_constant_fields_must_be_pascal_case_rule.symbols    = public_protected_constant_fields_group
282 | dotnet_naming_rule.public_protected_constant_fields_must_be_pascal_case_rule.style      = pascal_case_style
283 | dotnet_naming_rule.public_protected_constant_fields_must_be_pascal_case_rule.severity   = warning
284 | 
285 | # All public/protected/protected_internal static readonly fields must be PascalCase
286 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/field
287 | dotnet_naming_symbols.public_protected_static_readonly_fields_group.applicable_accessibilities = public, protected, protected_internal
288 | dotnet_naming_symbols.public_protected_static_readonly_fields_group.required_modifiers         = static, readonly
289 | dotnet_naming_symbols.public_protected_static_readonly_fields_group.applicable_kinds           = field
290 | dotnet_naming_rule.public_protected_static_readonly_fields_must_be_pascal_case_rule.symbols    = public_protected_static_readonly_fields_group
291 | dotnet_naming_rule.public_protected_static_readonly_fields_must_be_pascal_case_rule.style      = pascal_case_style
292 | dotnet_naming_rule.public_protected_static_readonly_fields_must_be_pascal_case_rule.severity   = warning
293 | 
294 | # No other public/protected/protected_internal fields are allowed
295 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/field
296 | dotnet_naming_symbols.other_public_protected_fields_group.applicable_accessibilities = public, protected, protected_internal
297 | dotnet_naming_symbols.other_public_protected_fields_group.applicable_kinds           = field
298 | dotnet_naming_rule.other_public_protected_fields_disallowed_rule.symbols             = other_public_protected_fields_group
299 | dotnet_naming_rule.other_public_protected_fields_disallowed_rule.style               = disallowed_style
300 | dotnet_naming_rule.other_public_protected_fields_disallowed_rule.severity            = error
301 | 
302 | ##########################################
303 | # StyleCop Field Naming Rules
304 | # Naming rules for fields follow the StyleCop analyzers
305 | # This does not override any rules using disallowed_style above
306 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers
307 | ##########################################
308 | 
309 | # All constant fields must be PascalCase
310 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1303.md
311 | dotnet_naming_symbols.stylecop_constant_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected, private
312 | dotnet_naming_symbols.stylecop_constant_fields_group.required_modifiers         = const
313 | dotnet_naming_symbols.stylecop_constant_fields_group.applicable_kinds           = field
314 | dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.symbols    = stylecop_constant_fields_group
315 | dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.style      = pascal_case_style
316 | dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.severity   = warning
317 | 
318 | # All static readonly fields must be PascalCase
319 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1311.md
320 | dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected, private
321 | dotnet_naming_symbols.stylecop_static_readonly_fields_group.required_modifiers         = static, readonly
322 | dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_kinds           = field
323 | dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.symbols    = stylecop_static_readonly_fields_group
324 | dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.style      = pascal_case_style
325 | dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.severity   = warning
326 | 
327 | # No non-private instance fields are allowed
328 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1401.md
329 | dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected
330 | dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_kinds           = field
331 | dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.symbols               = stylecop_fields_must_be_private_group
332 | dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.style                 = disallowed_style
333 | dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.severity              = error
334 | 
335 | # Private fields must be camelCase
336 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1306.md
337 | dotnet_naming_symbols.stylecop_private_fields_group.applicable_accessibilities = private
338 | dotnet_naming_symbols.stylecop_private_fields_group.applicable_kinds           = field
339 | dotnet_naming_rule.stylecop_private_fields_must_be_camel_case_rule.symbols     = stylecop_private_fields_group
340 | dotnet_naming_rule.stylecop_private_fields_must_be_camel_case_rule.style       = camel_case_style
341 | dotnet_naming_rule.stylecop_private_fields_must_be_camel_case_rule.severity    = warning
342 | 
343 | # Local variables must be camelCase
344 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1312.md
345 | dotnet_naming_symbols.stylecop_local_fields_group.applicable_accessibilities = local
346 | dotnet_naming_symbols.stylecop_local_fields_group.applicable_kinds           = local
347 | dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.symbols     = stylecop_local_fields_group
348 | dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.style       = camel_case_style
349 | dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.severity    = silent
350 | 
351 | # This rule should never fire.  However, it's included for at least two purposes:
352 | # First, it helps to understand, reason about, and root-case certain types of issues, such as bugs in .editorconfig parsers.
353 | # Second, it helps to raise immediate awareness if a new field type is added (as occurred recently in C#).
354 | dotnet_naming_symbols.sanity_check_uncovered_field_case_group.applicable_accessibilities = *
355 | dotnet_naming_symbols.sanity_check_uncovered_field_case_group.applicable_kinds           = field
356 | dotnet_naming_rule.sanity_check_uncovered_field_case_rule.symbols  = sanity_check_uncovered_field_case_group
357 | dotnet_naming_rule.sanity_check_uncovered_field_case_rule.style    = internal_error_style
358 | dotnet_naming_rule.sanity_check_uncovered_field_case_rule.severity = error
359 | 
360 | 
361 | ##########################################
362 | # Other Naming Rules
363 | ##########################################
364 | 
365 | # All of the following must be PascalCase:
366 | # - Namespaces
367 | #   https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-namespaces
368 | #   https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1300.md
369 | # - Classes and Enumerations
370 | #   https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-classes-structs-and-interfaces
371 | #   https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1300.md
372 | # - Delegates
373 | #   https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-classes-structs-and-interfaces#names-of-common-types
374 | # - Constructors, Properties, Events, Methods
375 | #   https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-type-members
376 | dotnet_naming_symbols.element_group.applicable_kinds = namespace, class, enum, struct, delegate, event, method, property
377 | dotnet_naming_rule.element_rule.symbols              = element_group
378 | dotnet_naming_rule.element_rule.style                = pascal_case_style
379 | dotnet_naming_rule.element_rule.severity             = warning
380 | 
381 | # Interfaces use PascalCase and are prefixed with uppercase 'I'
382 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-classes-structs-and-interfaces
383 | dotnet_naming_symbols.interface_group.applicable_kinds = interface
384 | dotnet_naming_rule.interface_rule.symbols              = interface_group
385 | dotnet_naming_rule.interface_rule.style                = prefix_interface_with_i_style
386 | dotnet_naming_rule.interface_rule.severity             = warning
387 | 
388 | # Generics Type Parameters use PascalCase and are prefixed with uppercase 'T'
389 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/names-of-classes-structs-and-interfaces
390 | dotnet_naming_symbols.type_parameter_group.applicable_kinds = type_parameter
391 | dotnet_naming_rule.type_parameter_rule.symbols              = type_parameter_group
392 | dotnet_naming_rule.type_parameter_rule.style                = prefix_type_parameters_with_t_style
393 | dotnet_naming_rule.type_parameter_rule.severity             = warning
394 | 
395 | # Function parameters use camelCase
396 | # https://docs.microsoft.com/dotnet/standard/design-guidelines/naming-parameters
397 | dotnet_naming_symbols.parameters_group.applicable_kinds = parameter
398 | dotnet_naming_rule.parameters_rule.symbols              = parameters_group
399 | dotnet_naming_rule.parameters_rule.style                = camel_case_style
400 | dotnet_naming_rule.parameters_rule.severity             = warning
401 | 
402 | ##########################################
403 | # License
404 | ##########################################
405 | # The following applies as to the .editorconfig file ONLY, and is
406 | # included below for reference, per the requirements of the license
407 | # corresponding to this .editorconfig file.
408 | # See: https://github.com/RehanSaeed/EditorConfig
409 | #
410 | # MIT License
411 | #
412 | # Copyright (c) 2017-2019 Muhammad Rehan Saeed
413 | # Copyright (c) 2019 Henry Gabryjelski
414 | #
415 | # Permission is hereby granted, free of charge, to any
416 | # person obtaining a copy of this software and associated
417 | # documentation files (the "Software"), to deal in the
418 | # Software without restriction, including without limitation
419 | # the rights to use, copy, modify, merge, publish, distribute,
420 | # sublicense, and/or sell copies of the Software, and to permit
421 | # persons to whom the Software is furnished to do so, subject
422 | # to the following conditions:
423 | #
424 | # The above copyright notice and this permission notice shall be
425 | # included in all copies or substantial portions of the Software.
426 | #
427 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
428 | # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
429 | # OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
430 | # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
431 | # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
432 | # WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
433 | # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
434 | # OTHER DEALINGS IN THE SOFTWARE.
435 | ##########################################
436 | 


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
 1 | ###############################
 2 | # Git Line Endings            #
 3 | ###############################
 4 | 
 5 | # Set default behavior to automatically normalize line endings.
 6 | * text=auto
 7 | 
 8 | # Force batch scripts to always use CRLF line endings so that if a repo is accessed
 9 | # in Windows via a file share from Linux, the scripts will work.
10 | *.{cmd,[cC][mM][dD]} text eol=crlf
11 | *.{bat,[bB][aA][tT]} text eol=crlf
12 | 
13 | # Force bash scripts to always use LF line endings so that if a repo is accessed
14 | # in Unix via a file share from Windows, the scripts will work.
15 | *.sh text eol=lf
16 | 
17 | ###############################
18 | # Git Large File System (LFS) #
19 | ###############################
20 | 
21 | # Archives
22 | *.7z filter=lfs diff=lfs merge=lfs -text
23 | *.br filter=lfs diff=lfs merge=lfs -text
24 | *.gz filter=lfs diff=lfs merge=lfs -text
25 | *.tar filter=lfs diff=lfs merge=lfs -text
26 | *.zip filter=lfs diff=lfs merge=lfs -text
27 | 
28 | # Documents
29 | *.pdf filter=lfs diff=lfs merge=lfs -text
30 | 
31 | # Images
32 | *.gif filter=lfs diff=lfs merge=lfs -text
33 | *.ico filter=lfs diff=lfs merge=lfs -text
34 | *.jpg filter=lfs diff=lfs merge=lfs -text
35 | *.pdf filter=lfs diff=lfs merge=lfs -text
36 | *.png filter=lfs diff=lfs merge=lfs -text
37 | *.psd filter=lfs diff=lfs merge=lfs -text
38 | *.webp filter=lfs diff=lfs merge=lfs -text
39 | 
40 | # Fonts
41 | *.woff2 filter=lfs diff=lfs merge=lfs -text
42 | 
43 | # Other
44 | *.exe filter=lfs diff=lfs merge=lfs -text
45 | 


--------------------------------------------------------------------------------
/.github/CODE_OF_CONDUCT.md:
--------------------------------------------------------------------------------
 1 | # Contributor Covenant Code of Conduct
 2 | 
 3 | ## Our Pledge
 4 | 
 5 | In the interest of fostering an open and welcoming environment, we as
 6 | contributors and maintainers pledge to making participation in our project and
 7 | our community a harassment-free experience for everyone, regardless of age, body
 8 | size, disability, ethnicity, sex characteristics, gender identity and expression,
 9 | level of experience, education, socio-economic status, nationality, personal
10 | appearance, race, religion, or sexual identity and orientation.
11 | 
12 | ## Our Standards
13 | 
14 | Examples of behaviour that contributes to creating a positive environment
15 | include:
16 | 
17 | * Using welcoming and inclusive language
18 | * Being respectful of differing viewpoints and experiences
19 | * Gracefully accepting constructive criticism
20 | * Focusing on what is best for the community
21 | * Showing empathy towards other community members
22 | 
23 | Examples of unacceptable behaviour by participants include:
24 | 
25 | * The use of sexualized language or imagery and unwelcome sexual attention or
26 |  advances
27 | * Trolling, insulting/derogatory comments, and personal or political attacks
28 | * Public or private harassment
29 | * Publishing others' private information, such as a physical or electronic
30 |  address, without explicit permission
31 | * Other conduct which could reasonably be considered inappropriate in a
32 |  professional setting
33 | 
34 | ## Our Responsibilities
35 | 
36 | Project maintainers are responsible for clarifying the standards of acceptable
37 | behaviour and are expected to take appropriate and fair corrective action in
38 | response to any instances of unacceptable behaviour.
39 | 
40 | Project maintainers have the right and responsibility to remove, edit, or
41 | reject comments, commits, code, wiki edits, issues, and other contributions
42 | that are not aligned to this Code of Conduct, or to ban temporarily or
43 | permanently any contributor for other behaviours that they deem inappropriate,
44 | threatening, offensive, or harmful.
45 | 
46 | ## Scope
47 | 
48 | This Code of Conduct applies both within project spaces and in public spaces
49 | when an individual is representing the project or its community. Examples of
50 | representing a project or community include using an official project e-mail
51 | address, posting via an official social media account, or acting as an appointed
52 | representative at an online or offline event. Representation of a project may be
53 | further defined and clarified by project maintainers.
54 | 
55 | ## Enforcement
56 | 
57 | Instances of abusive, harassing, or otherwise unacceptable behaviour may be
58 | reported by contacting [user@example.com|@ExampleUser]. All
59 | complaints will be reviewed and investigated and will result in a response that
60 | is deemed necessary and appropriate to the circumstances. The project team is
61 | obligated to maintain confidentiality with regard to the reporter of an incident.
62 | Further details of specific enforcement policies may be posted separately.
63 | 
64 | Project maintainers who do not follow or enforce the Code of Conduct in good
65 | faith may face temporary or permanent repercussions as determined by other
66 | members of the project's leadership.
67 | 
68 | ## Attribution
69 | 
70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71 | available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
72 | 
73 | [homepage]: https://www.contributor-covenant.org
74 | 
75 | For answers to common questions about this code of conduct, see
76 | https://www.contributor-covenant.org/faq
77 | 


--------------------------------------------------------------------------------
/.github/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # All contributions, however small are valued!
 2 | 
 3 | # Steps to contribute
 4 | 
 5 |  If you want to make a small change, go ahead and raise a pull request, otherwise follow these steps:
 6 | 
 7 | 1. View the [Issues](https://github.com/Username/Project/issues) page to see a To-Do list of things to be implemented.
 8 | 2. Raise an issue or comment on an existing issue with what you want to contribute if one does not already exist.
 9 | 3. When you get the go ahead, follow the coding guidelines and raise a pull request.
10 | 4. Include a link to the issue in your pull request.
11 | 
12 | # Coding Guidelines
13 | 
14 | - Projects use StyleCop and .editorconfig to produce style warnings. Please fix all warnings in any code you submit.
15 | - Write unit tests for any code written.
16 | 
17 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/BUG_REPORT.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Bug Report
 3 | about: Create a report to help us improve
 4 | title: ''
 5 | labels: bug
 6 | assignees: ''
 7 | ---
 8 | 
 9 | ### Describe the bug
10 | 
11 | A clear and concise description of what the bug is.
12 | 
13 | ### To Reproduce
14 | 
15 | A link to some code to reproduce the bug can speed up a fix. Alternatively, show steps to reproduce the behaviour:
16 | 
17 | 1. Go to '...'
18 | 2. Click on '....'
19 | 3. Scroll down to '....'
20 | 4. See error
21 | 
22 | ### Expected behaviour
23 | 
24 | A clear and concise description of what you expected to happen.
25 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Feature Request
 3 | about: Suggest an idea for this project
 4 | title: ''
 5 | labels: enhancement
 6 | assignees: ''
 7 | ---
 8 | 
 9 | ### Describe the feature
10 | 
11 | A clear and concise description of what the feature is.
12 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/QUESTION.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Question
 3 | about: Ask a general question about how to use the project
 4 | title: ''
 5 | labels: question
 6 | assignees: ''
 7 | ---
 8 | 
 9 | ### Question
10 | 
11 | Ask your question.
12 | 


--------------------------------------------------------------------------------
/.github/PULL_REQUEST_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | <!--
2 | Thank you good citizen for your hard work!
3 | 
4 | Please read the contributing guide before raising a pull request.
5 | https://github.com/Username/Project/blob/master/.github/CONTRIBUTING.md
6 | -->
7 | 


--------------------------------------------------------------------------------
/.github/SECURITY.md:
--------------------------------------------------------------------------------
 1 | # Security Policy
 2 | 
 3 | ## Supported Versions
 4 | 
 5 | This project supports only the latest version with security updates. However, we'll do our best to help and answer questions about older versions.
 6 | 
 7 | ## Reporting a Vulnerability
 8 | 
 9 | Contact mihail.merkulov@gmail.com to report a security vulnerability. You will be thanked!
10 | 


--------------------------------------------------------------------------------
/.github/release-drafter.yml:
--------------------------------------------------------------------------------
 1 | # release-drafter automatically creates a draft release for you each time you complete a PR in the master branch.
 2 | # It uses GitHub labels to categorize changes (See categories) and draft the release.
 3 | # release-drafter also generates a version for your release based on GitHub labels. You can add a label of 'major',
 4 | # 'minor' or 'patch' to determine which number in the version to increment.
 5 | # You may need to add these labels yourself.
 6 | # See https://github.com/release-drafter/release-drafter
 7 | name-template: '$RESOLVED_VERSION'
 8 | tag-template: '$RESOLVED_VERSION'
 9 | change-template: '- $TITLE by @$AUTHOR (#$NUMBER)'
10 | no-changes-template: '- No changes'
11 | categories:
12 |   - title: '🚀 New Features'
13 |     labels:
14 |       - 'enhancement'
15 |   - title: '🐛 Bug Fixes'
16 |     labels:
17 |       - 'bug'
18 |   - title: '🧰 Maintenance'
19 |     labels:
20 |       - 'maintenance'
21 | version-resolver:
22 |   major:
23 |     labels:
24 |       - 'major'
25 |   minor:
26 |     labels:
27 |       - 'minor'
28 |   patch:
29 |     labels:
30 |       - 'patch'
31 |   default: patch
32 | template: |
33 |   $CHANGES
34 | 
35 |   ## 👨🏼‍💻 Contributors
36 | 
37 |   $CONTRIBUTORS
38 | 


--------------------------------------------------------------------------------
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
 1 | name: Build
 2 | 
 3 | on:
 4 |   pull_request:
 5 | 
 6 | env:
 7 |   # Set the DOTNET_SKIP_FIRST_TIME_EXPERIENCE environment variable to stop wasting time caching packages
 8 |   DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
 9 |   # Disable sending usage data to Microsoft
10 |   DOTNET_CLI_TELEMETRY_OPTOUT: true
11 |   # Set the build number in MinVer
12 |   MINVERBUILDMETADATA: build.${{github.run_number}}
13 | 
14 | jobs:
15 |   build:
16 |     name: Build
17 |     runs-on: ubuntu-latest
18 |     steps:
19 |     - name: Checkout
20 |       uses: actions/checkout@v4
21 |       with:
22 |         lfs: true
23 |         fetch-depth: 0
24 |     - name: 'Git Fetch Tags'
25 |       run: git fetch --tags
26 |       shell: bash
27 |     - name: 'Install .NET Core SDK'
28 |       uses: actions/setup-dotnet@v4
29 |       with:
30 |         dotnet-version: |
31 |           6.0.x
32 |           7.0.x
33 |           8.0.x
34 |           9.0.x
35 |     - name: 'Fix permissions'
36 |       run: chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle.sh && chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle_nolist.sh
37 |       shell: bash
38 |     - name: Test      
39 |       run: make Test
40 |       shell: bash
41 |     - name: 'Pack'
42 |       run: make Pack
43 |       shell: bash    
44 |     - name: Copy Coverage To Predictable Location
45 |       if: github.event_name == 'pull_request'
46 |       run: cp coverage/*/coverage.cobertura.xml coverage/coverage.cobertura.xml
47 |     - name: 'Publish Code Coverage'
48 |       uses: actions/upload-artifact@v4
49 |       with:
50 |         name: Coverage Cobertura Report
51 |         path: './coverage/coverage.cobertura.xml'
52 |     - name: 'Publish Test Results'
53 |       uses: actions/upload-artifact@v4
54 |       with:
55 |         name: Tests HTML Report
56 |         path: './coverage/VaultSharp.Extensions.Configuration.Test.html'
57 |     - name: Code Coverage Summary Report
58 |       if: github.event_name == 'pull_request'
59 |       uses: irongut/CodeCoverageSummary@v1.3.0
60 |       with:
61 |         filename: './coverage/coverage.cobertura.xml'
62 |         badge: true
63 |         fail_below_min: false
64 |         format: markdown
65 |         hide_branch_rate: false
66 |         hide_complexity: true
67 |         indicators: true
68 |         output: both
69 |     - name: Add Coverage PR Comment
70 |       uses: marocchino/sticky-pull-request-comment@v2
71 |       if: github.event_name == 'pull_request'
72 |       with:
73 |         recreate: true
74 |         path: code-coverage-results.md
75 |     - name: 'Pack'
76 |       run: make Pack
77 |       shell: bash    
78 | 


--------------------------------------------------------------------------------
/.github/workflows/master.yml:
--------------------------------------------------------------------------------
 1 | name: Build Status
 2 | 
 3 | on:
 4 |   push:
 5 |     branches:
 6 |       - master
 7 | 
 8 | env:
 9 |   # Set the DOTNET_SKIP_FIRST_TIME_EXPERIENCE environment variable to stop wasting time caching packages
10 |   DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
11 |   # Disable sending usage data to Microsoft
12 |   DOTNET_CLI_TELEMETRY_OPTOUT: true
13 |   # Set the build number in MinVer
14 |   MINVERBUILDMETADATA: build.${{github.run_number}}
15 | 
16 | jobs:
17 |   build:
18 |     name: Build
19 |     runs-on: ubuntu-latest
20 |     steps:
21 |     - name: Checkout
22 |       uses: actions/checkout@v4
23 |       with:
24 |         lfs: true
25 |         fetch-depth: 0
26 |     - name: 'Install .NET Core SDK'
27 |       uses: actions/setup-dotnet@v4
28 |       with:
29 |         dotnet-version: |
30 |           6.0.x
31 |           7.0.x
32 |           8.0.x
33 |           9.0.x
34 |     - name: 'Fix permissions'
35 |       run: chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle.sh && chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle_nolist.sh
36 |       shell: bash
37 |     - name: Test      
38 |       run: make Test
39 |       shell: bash
40 |     - name: 'Pack'
41 |       run: make Pack
42 |       shell: bash 
43 |     - name: Copy Coverage To Predictable Location
44 |       run: cp coverage/*/coverage.cobertura.xml coverage/coverage.cobertura.xml
45 |     - name: 'Extract summary from Code Coverage Summary Report'
46 |       shell: bash
47 |       run: |
48 |         COVERAGE=$(cat coverage/coverage.cobertura.xml | grep -oP '(?<=line-rate=")[^"]*' -m 1)
49 |         COVERAGE=$(printf "%.0f\n" $(bc -l <<< "$COVERAGE*100"))
50 |         echo "COVERAGE=$COVERAGE%" >> $GITHUB_ENV
51 |         echo "BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_ENV
52 |     - name: Create the Badgegg
53 |       uses: schneegans/dynamic-badges-action@v1.7.0
54 |       with:
55 |         auth: ${{ secrets.GIST_SECRET }}
56 |         gistID: 5242a4e2d58a428062b3a59824d5864e
57 |         filename: VaultSharp.Extensions.Configuration__${{ env.BRANCH }}.json
58 |         label: Coverage
59 |         message: ${{ env.COVERAGE }}
60 |         color: "#3fbe25"
61 |         namedLogo: dotnet
62 | 


--------------------------------------------------------------------------------
/.github/workflows/release-drafter.yml:
--------------------------------------------------------------------------------
 1 | name: Release Drafter
 2 | 
 3 | on:
 4 |   push:
 5 |     branches:
 6 |       - master
 7 | 
 8 | jobs:
 9 |   update_release_draft:
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - uses: release-drafter/release-drafter@v6
13 |         env:
14 |           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
15 | 


--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
 1 | name: Release
 2 | 
 3 | on:
 4 |   push:
 5 |     tags:
 6 |       - '*'
 7 | 
 8 | jobs:
 9 |   build:
10 |     name: Release
11 |     runs-on: ubuntu-latest
12 |     steps:
13 |     - name: Checkout
14 |       uses: actions/checkout@v4
15 |       with:
16 |         lfs: true
17 |         fetch-depth: 0
18 |     - name: 'Git Fetch Tags'
19 |       run: git fetch --tags
20 |       shell: pwsh
21 |     - name: 'Install .NET Core SDK'
22 |       uses: actions/setup-dotnet@v4
23 |       with:
24 |         dotnet-version: |
25 |           6.0.x
26 |           7.0.x
27 |           8.0.x
28 |           9.0.x
29 |     - name: 'Fix permissions'
30 |       run: chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle.sh && chmod +x ./Tests/VaultSharp.Extensions.Configuration.Test/approle_nolist.sh
31 |       shell: bash
32 |     - name: 'Publish'
33 |       run: make Push
34 |       env:
35 |         NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
36 |       shell: pwsh
37 |     - name: 'Publish Code Coverage'
38 |       uses: actions/upload-artifact@v4
39 |       with:
40 |         name: tests
41 |         path: './Artefacts/**/coverage.opencover.xml'
42 |     - name: 'Publish Test Results'
43 |       uses: actions/upload-artifact@v4
44 |       with:
45 |         name: tests
46 |         path: './Artefacts/VaultSharp.Extensions.Configuration.Test.html'
47 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | ## Ignore Visual Studio temporary files, build results, and
  2 | ## files generated by popular Visual Studio add-ons.
  3 | ##
  4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
  5 | 
  6 | # User-specific files
  7 | *.rsuser
  8 | *.suo
  9 | *.user
 10 | *.userosscache
 11 | *.sln.docstates
 12 | .DS_Store
 13 | .idea/
 14 | 
 15 | # User-specific files (MonoDevelop/Xamarin Studio)
 16 | *.userprefs
 17 | 
 18 | # Mono auto generated files
 19 | mono_crash.*
 20 | 
 21 | # Build results
 22 | [Dd]ebug/
 23 | [Dd]ebugPublic/
 24 | [Rr]elease/
 25 | [Rr]eleases/
 26 | x64/
 27 | x86/
 28 | [Aa][Rr][Mm]/
 29 | [Aa][Rr][Mm]64/
 30 | bld/
 31 | [Bb]in/
 32 | [Oo]bj/
 33 | [Ll]og/
 34 | 
 35 | # Visual Studio 2015/2017 cache/options directory
 36 | .vs/
 37 | # Uncomment if you have tasks that create the project's static files in wwwroot
 38 | #wwwroot/
 39 | 
 40 | # Visual Studio 2017 auto generated files
 41 | Generated\ Files/
 42 | 
 43 | # MSTest test Results
 44 | [Tt]est[Rr]esult*/
 45 | [Bb]uild[Ll]og.*
 46 | 
 47 | # NUnit
 48 | *.VisualState.xml
 49 | TestResult.xml
 50 | nunit-*.xml
 51 | 
 52 | # Build Results of an ATL Project
 53 | [Dd]ebugPS/
 54 | [Rr]eleasePS/
 55 | dlldata.c
 56 | 
 57 | # Benchmark Results
 58 | BenchmarkDotNet.Artifacts/
 59 | 
 60 | # .NET Core
 61 | project.lock.json
 62 | project.fragment.lock.json
 63 | artifacts/
 64 | 
 65 | # StyleCop
 66 | StyleCopReport.xml
 67 | 
 68 | # Files built by Visual Studio
 69 | *_i.c
 70 | *_p.c
 71 | *_h.h
 72 | *.ilk
 73 | *.meta
 74 | *.obj
 75 | *.iobj
 76 | *.pch
 77 | *.pdb
 78 | *.ipdb
 79 | *.pgc
 80 | *.pgd
 81 | *.rsp
 82 | *.sbr
 83 | *.tlb
 84 | *.tli
 85 | *.tlh
 86 | *.tmp
 87 | *.tmp_proj
 88 | *_wpftmp.csproj
 89 | *.log
 90 | *.vspscc
 91 | *.vssscc
 92 | .builds
 93 | *.pidb
 94 | *.svclog
 95 | *.scc
 96 | 
 97 | # Chutzpah Test files
 98 | _Chutzpah*
 99 | 
100 | # Visual C++ cache files
101 | ipch/
102 | *.aps
103 | *.ncb
104 | *.opendb
105 | *.opensdf
106 | *.sdf
107 | *.cachefile
108 | *.VC.db
109 | *.VC.VC.opendb
110 | 
111 | # Visual Studio profiler
112 | *.psess
113 | *.vsp
114 | *.vspx
115 | *.sap
116 | 
117 | # Visual Studio Trace Files
118 | *.e2e
119 | 
120 | # TFS 2012 Local Workspace
121 | $tf/
122 | 
123 | # Guidance Automation Toolkit
124 | *.gpState
125 | 
126 | # ReSharper is a .NET coding add-in
127 | _ReSharper*/
128 | *.[Rr]e[Ss]harper
129 | *.DotSettings.user
130 | 
131 | # JustCode is a .NET coding add-in
132 | .JustCode
133 | 
134 | # TeamCity is a build add-in
135 | _TeamCity*
136 | 
137 | # DotCover is a Code Coverage Tool
138 | *.dotCover
139 | 
140 | # AxoCover is a Code Coverage Tool
141 | .axoCover/*
142 | !.axoCover/settings.json
143 | 
144 | # Visual Studio code coverage results
145 | *.coverage
146 | *.coveragexml
147 | 
148 | # NCrunch
149 | _NCrunch_*
150 | .*crunch*.local.xml
151 | nCrunchTemp_*
152 | 
153 | # MightyMoose
154 | *.mm.*
155 | AutoTest.Net/
156 | 
157 | # Web workbench (sass)
158 | .sass-cache/
159 | 
160 | # Installshield output folder
161 | [Ee]xpress/
162 | 
163 | # DocProject is a documentation generator add-in
164 | DocProject/buildhelp/
165 | DocProject/Help/*.HxT
166 | DocProject/Help/*.HxC
167 | DocProject/Help/*.hhc
168 | DocProject/Help/*.hhk
169 | DocProject/Help/*.hhp
170 | DocProject/Help/Html2
171 | DocProject/Help/html
172 | 
173 | # Click-Once directory
174 | publish/
175 | 
176 | # Publish Web Output
177 | *.[Pp]ublish.xml
178 | *.azurePubxml
179 | # Note: Comment the next line if you want to checkin your web deploy settings,
180 | # but database connection strings (with potential passwords) will be unencrypted
181 | *.pubxml
182 | *.publishproj
183 | 
184 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
185 | # checkin your Azure Web App publish settings, but sensitive information contained
186 | # in these scripts will be unencrypted
187 | PublishScripts/
188 | 
189 | # NuGet Packages
190 | *.nupkg
191 | # NuGet Symbol Packages
192 | *.snupkg
193 | # The packages folder can be ignored because of Package Restore
194 | **/[Pp]ackages/*
195 | # except build/, which is used as an MSBuild target.
196 | !**/[Pp]ackages/build/
197 | # Uncomment if necessary however generally it will be regenerated when needed
198 | #!**/[Pp]ackages/repositories.config
199 | # NuGet v3's project.json files produces more ignorable files
200 | *.nuget.props
201 | *.nuget.targets
202 | 
203 | # Microsoft Azure Build Output
204 | csx/
205 | *.build.csdef
206 | 
207 | # Microsoft Azure Emulator
208 | ecf/
209 | rcf/
210 | 
211 | # Windows Store app package directories and files
212 | AppPackages/
213 | BundleArtifacts/
214 | Package.StoreAssociation.xml
215 | _pkginfo.txt
216 | *.appx
217 | *.appxbundle
218 | *.appxupload
219 | 
220 | # Visual Studio cache files
221 | # files ending in .cache can be ignored
222 | *.[Cc]ache
223 | # but keep track of directories ending in .cache
224 | !?*.[Cc]ache/
225 | 
226 | # Others
227 | ClientBin/
228 | ~$*
229 | *~
230 | *.dbmdl
231 | *.dbproj.schemaview
232 | *.jfm
233 | *.pfx
234 | *.publishsettings
235 | orleans.codegen.cs
236 | 
237 | # Including strong name files can present a security risk
238 | # (https://github.com/github/gitignore/pull/2483#issue-259490424)
239 | #*.snk
240 | 
241 | # Since there are multiple workflows, uncomment next line to ignore bower_components
242 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
243 | #bower_components/
244 | 
245 | # RIA/Silverlight projects
246 | Generated_Code/
247 | 
248 | # Backup & report files from converting an old project file
249 | # to a newer Visual Studio version. Backup files are not needed,
250 | # because we have git ;-)
251 | _UpgradeReport_Files/
252 | Backup*/
253 | UpgradeLog*.XML
254 | UpgradeLog*.htm
255 | ServiceFabricBackup/
256 | *.rptproj.bak
257 | 
258 | # SQL Server files
259 | *.mdf
260 | *.ldf
261 | *.ndf
262 | 
263 | # Business Intelligence projects
264 | *.rdl.data
265 | *.bim.layout
266 | *.bim_*.settings
267 | *.rptproj.rsuser
268 | *- [Bb]ackup.rdl
269 | *- [Bb]ackup ([0-9]).rdl
270 | *- [Bb]ackup ([0-9][0-9]).rdl
271 | 
272 | # Microsoft Fakes
273 | FakesAssemblies/
274 | 
275 | # GhostDoc plugin setting file
276 | *.GhostDoc.xml
277 | 
278 | # Node.js Tools for Visual Studio
279 | .ntvs_analysis.dat
280 | node_modules/
281 | 
282 | # Visual Studio 6 build log
283 | *.plg
284 | 
285 | # Visual Studio 6 workspace options file
286 | *.opt
287 | 
288 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
289 | *.vbw
290 | 
291 | # Visual Studio LightSwitch build output
292 | **/*.HTMLClient/GeneratedArtifacts
293 | **/*.DesktopClient/GeneratedArtifacts
294 | **/*.DesktopClient/ModelManifest.xml
295 | **/*.Server/GeneratedArtifacts
296 | **/*.Server/ModelManifest.xml
297 | _Pvt_Extensions
298 | 
299 | # Paket dependency manager
300 | .paket/paket.exe
301 | paket-files/
302 | 
303 | # FAKE - F# Make
304 | .fake/
305 | 
306 | # CodeRush personal settings
307 | .cr/personal
308 | 
309 | # Python Tools for Visual Studio (PTVS)
310 | __pycache__/
311 | *.pyc
312 | 
313 | # Cake - Uncomment if you are using it
314 | # tools/**
315 | # !tools/packages.config
316 | 
317 | # Tabs Studio
318 | *.tss
319 | 
320 | # Telerik's JustMock configuration file
321 | *.jmconfig
322 | 
323 | # BizTalk build output
324 | *.btp.cs
325 | *.btm.cs
326 | *.odx.cs
327 | *.xsd.cs
328 | 
329 | # OpenCover UI analysis results
330 | OpenCover/
331 | 
332 | # Azure Stream Analytics local run output
333 | ASALocalRun/
334 | 
335 | # MSBuild Binary and Structured Log
336 | *.binlog
337 | 
338 | # NVidia Nsight GPU debugger configuration file
339 | *.nvuser
340 | 
341 | # MFractors (Xamarin productivity tool) working folder
342 | .mfractor/
343 | 
344 | # Local History for Visual Studio
345 | .localhistory/
346 | 
347 | # BeatPulse healthcheck temp database
348 | healthchecksdb
349 | 
350 | # Backup folder for Package Reference Convert tool in Visual Studio 2017
351 | MigrationBackup/
352 | 
353 | # Ionide (cross platform F# VS Code tools) working folder
354 | .ionide/
355 | 
356 | Artefacts/
357 | coverage/


--------------------------------------------------------------------------------
/.vscode/launch.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     // Use IntelliSense to learn about possible attributes.
 3 |     // Hover to view descriptions of existing attributes.
 4 |     // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
 5 |     "version": "0.2.0",
 6 |     "configurations": [
 7 |         {
 8 |             "name": ".NET Core Launch (console)",
 9 |             "type": "coreclr",
10 |             "request": "launch",
11 |             "preLaunchTask": "build",
12 |             "program": "${workspaceFolder}/Tests/VaultSharp.Extensions.Configuration.Test/bin/Debug/netcoreapp3.1/VaultSharp.Extensions.Configuration.Test.dll",
13 |             "args": [],
14 |             "cwd": "${workspaceFolder}/Tests/VaultSharp.Extensions.Configuration.Test",
15 |             "console": "internalConsole",
16 |             "stopAtEntry": false
17 |         },
18 |         {
19 |             "name": ".NET Core Attach",
20 |             "type": "coreclr",
21 |             "request": "attach",
22 |             "processId": "${command:pickProcess}"
23 |         }
24 |     ]
25 | }


--------------------------------------------------------------------------------
/.vscode/tasks.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "version": "2.0.0",
 3 |     "tasks": [
 4 |         {
 5 |             "label": "build",
 6 |             "command": "dotnet",
 7 |             "type": "process",
 8 |             "args": [
 9 |                 "build",
10 |                 "${workspaceFolder}/Tests/VaultSharp.Extensions.Configuration.Test/VaultSharp.Extensions.Configuration.Test.csproj",
11 |                 "/property:GenerateFullPaths=true",
12 |                 "/consoleloggerparameters:NoSummary"
13 |             ],
14 |             "problemMatcher": "$msCompile"
15 |         },
16 |         {
17 |             "label": "publish",
18 |             "command": "dotnet",
19 |             "type": "process",
20 |             "args": [
21 |                 "publish",
22 |                 "${workspaceFolder}/Tests/VaultSharp.Extensions.Configuration.Test/VaultSharp.Extensions.Configuration.Test.csproj",
23 |                 "/property:GenerateFullPaths=true",
24 |                 "/consoleloggerparameters:NoSummary"
25 |             ],
26 |             "problemMatcher": "$msCompile"
27 |         },
28 |         {
29 |             "label": "watch",
30 |             "command": "dotnet",
31 |             "type": "process",
32 |             "args": [
33 |                 "watch",
34 |                 "run",
35 |                 "${workspaceFolder}/Tests/VaultSharp.Extensions.Configuration.Test/VaultSharp.Extensions.Configuration.Test.csproj",
36 |                 "/property:GenerateFullPaths=true",
37 |                 "/consoleloggerparameters:NoSummary"
38 |             ],
39 |             "problemMatcher": "$msCompile"
40 |         }
41 |     ]
42 | }


--------------------------------------------------------------------------------
/Directory.Build.props:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project>
 3 |   <PropertyGroup Label="Build">
 4 |     <LangVersion>latest</LangVersion>
 5 |     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
 6 |   </PropertyGroup>
 7 |   <PropertyGroup Label="Package">
 8 |     <Authors>Mykhaylo Merkulov</Authors>
 9 |     <Company>Mykhaylo Merkulov</Company>
10 |     <Copyright>Copyright 2025 © Mykhaylo Merkulov. All rights Reserved</Copyright>
11 |     <PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
12 |     <PackageLicenseExpression>MIT</PackageLicenseExpression>
13 |     <PackageProjectUrl>https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration</PackageProjectUrl>
14 |     <RepositoryUrl>https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration.git</RepositoryUrl>
15 |     <RepositoryType>git</RepositoryType>
16 |     <PackageReleaseNotes>https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration/releases</PackageReleaseNotes>
17 |   </PropertyGroup>
18 | 
19 |   <PropertyGroup Condition="'$(GITHUB_ACTIONS)' == 'true'">
20 |     <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild>
21 |   </PropertyGroup>
22 | </Project>
23 | 


--------------------------------------------------------------------------------
/Directory.Build.targets:
--------------------------------------------------------------------------------
 1 | <Project>
 2 | 
 3 |   <Target Name="Versioning" BeforeTargets="MinVer">
 4 |     <PropertyGroup Label="Build">
 5 |       <MinVerDefaultPreReleaseIdentifiers>preview.0</MinVerDefaultPreReleaseIdentifiers>
 6 |       <!-- Tag your repository with the semantic version e.g. '1.0.0' to version all NuGet packages. If you have
 7 |            multiple NuGet packages in your solution and want to version them separately, then uncomment this line
 8 |            and tag your repository with the name of the package followed by the semantic version e.g.
 9 |            'PackageName-1.0.0'. -->
10 |       <!--<MinVerTagPrefix>$(PackageId)-</MinVerTagPrefix>-->
11 |       <MinVerVerbosity>normal</MinVerVerbosity>
12 |     </PropertyGroup>
13 |   </Target>
14 | 
15 | </Project>
16 | 


--------------------------------------------------------------------------------
/Gitversion.yml:
--------------------------------------------------------------------------------
1 | 
2 | mode: ContinuousDelivery
3 | branches: {}
4 | ignore:
5 |   sha: []
6 | merge-message-formats: {}
7 | 


--------------------------------------------------------------------------------
/Key.snk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/MrZoidberg/VaultSharp.Extensions.Configuration/74f2456cbc458b5dc04df6b5ad4dd091597efa3c/Key.snk


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2025 Mykhaylo Merkulov
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # VaultSharp.Extensions.Configuration
  2 | 
  3 | [![GitHub Actions Status](https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration/workflows/Build/badge.svg?branch=master)](https://github.com/MrZoidberg/VaultSharp.Extensions.Configuration/actions) ![Nuget](https://img.shields.io/nuget/v/VaultSharp.Extensions.Configuration) ![badge](https://img.shields.io/endpoint?url=https://gist.githubusercontent.com/MrZoidberg/5242a4e2d58a428062b3a59824d5864e/raw/VaultSharp.Extensions.Configuration__master.json)
  4 | 
  5 | VaultSharp.Extensions.Configuration is an extension to [VaultSharp](https://github.com/rajanadar/VaultSharp) that allows reading configuration options from Vault.
  6 | 
  7 | VaultSharp.Extensions.Configuration is a .NET Standard 2.0, 2.1, .NET 6.0, .NET 7.0, and .NET 8.0 based cross-platform C# Library.
  8 | 
  9 | ## Get Started
 10 | 
 11 | VaultSharp.Extensions.Configuration can be installed using the Nuget package manager or the dotnet CLI.
 12 | 
 13 | `dotnet add package VaultSharp.Extensions.Configuration`
 14 | 
 15 | It can be injected as a [IConfigurationProvider](https://docs.microsoft.com/en-us/dotnet/api/microsoft.extensions.configuration.iconfigurationprovider?view=dotnet-plat-ext-3.1)
 16 | to load configuration from HashiCorp Vault:
 17 | 
 18 | ```csharp
 19 | public static IHostBuilder CreateHostBuilder(string[] args) =>
 20 |     Host.CreateDefaultBuilder(args)
 21 |         .ConfigureAppConfiguration((hostingContext, config) =>
 22 |         {
 23 |             config.AddJsonFile("appsettings.json")
 24 |                 .AddVaultConfiguration(() => new VaultOptions("http://localhost:8200", "root"), "sampleapp", "secret");
 25 |         })
 26 |         .ConfigureWebHostDefaults(webBuilder =>
 27 |         {
 28 |             webBuilder.UseStartup<Startup>();
 29 |         });
 30 | ```
 31 | 
 32 | The `AddVaultConfiguration` method accepts several parameters:
 33 | 
 34 | 1. Function to provide VaultOptions with Vault connection configuration (optional).
 35 | 
 36 | 2. Application alias in Vault data. It's used a part of the path to read secrets.
 37 | 
 38 | 3. Mount point of KV secrets. The default value is `secret` (optional).
 39 | 
 40 | ## Monitoring for changes
 41 | 
 42 | You can enable monitoring of changes in Vault data and automatic reload by setting `VaultOptions.ReloadOnChange` to `true`.
 43 | The default check interval is 5 minutes, but can be configured.
 44 | Data is checked using version information from key metadata.
 45 | 
 46 | ```csharp
 47 | config.AddVaultConfiguration(
 48 |         () => new VaultOptions(
 49 |             "http://localhost:8200",
 50 |             "root",
 51 |             reloadOnChange: true,
 52 |             reloadCheckIntervalSeconds: 60),
 53 |         "sampleapp",
 54 |         "secret");
 55 | ```
 56 | 
 57 | Also you would need to register hosted services `VaultChangeWatcher` in your `Startup.cs` that will check Vault data for updates:
 58 | 
 59 | ```csharp
 60 | public void ConfigureServices(IServiceCollection services)
 61 | {
 62 |     services.AddControllers();
 63 |     services.AddHostedService<VaultChangeWatcher>();
 64 | }
 65 | ```
 66 | 
 67 | Later in your services you can track changes in app configuration using `IOptionsSnapshot` or `IOptionsMonitor`.
 68 | Keep in mind that your service should be registered as scoped or transient to receive updates.
 69 | Also `IOptionsSnapshot` can return empty value in some cases ([it's .net core bug](https://github.com/dotnet/runtime/issues/37860))
 70 | 
 71 | ## Configuration using additional characters for a configuration path
 72 | 
 73 | This will be helpful when you want to flatten the structure of the secrets.
 74 | For example the following two secret objects will evaluate to the same configuration if for the second object the `additionalCharactersForConfigurationPath` option is used with `new []{'.'}` value:
 75 | 
 76 | ```json
 77 | {
 78 |     "secrets":
 79 |     {
 80 |         "DB": 
 81 |         {
 82 |             "ConnectionString": "secret value"
 83 |         }
 84 |     }
 85 | }
 86 | ```
 87 | 
 88 | ```json
 89 | {
 90 |     "secrets":
 91 |     {
 92 |         "DB.ConnectionString": "secret value" 
 93 |     }
 94 | }
 95 | ```
 96 | 
 97 | ```csharp
 98 | config.AddVaultConfiguration(
 99 |         () => new VaultOptions(
100 |             "htpp://localhost:8200",
101 |             "root",
102 |             additionalCharactersForConfigurationPath: new []{'.'}),),
103 |         "sampleapp",
104 |         "secret");
105 | ```
106 | new VaultOptions("http://localhost:8200", "root", null, null, false, 300, false, new []{'.'}),
107 | ## Configuration using environment variables
108 | 
109 | Alternatively, you can configure Vault connection using next environment variables:
110 | 
111 | - `VAULT_ADDR` : Address of the Vault instance. Default value is `"http://locahost:8200`.
112 | - `VAULT_TOKEN` : Vault token. Used for token-based authentication. Default value is `root`.
113 | - `VAULT_ROLEID` : Vault AppRole ID. Used for AppRole-based authentication.
114 | - `VAULT_SECRET` : Vault AppRole secret. Used for AppRole-based authentication.
115 | - `VAULT_INSECURE` : Allow insecure SSL connections to Vault. Default value is `false`.
116 | 
117 | ## Configuration using code
118 | 
119 | You can configure Vault connection using any supported auth method (look at https://github.com/rajanadar/VaultSharp#auth-methods):
120 | 
121 | ```csharp
122 | config.AddVaultConfiguration(
123 |         () => new VaultOptions(
124 |             "htpp://localhost:8200",
125 |             new KerberosAuthMethodInfo(),
126 |             reloadOnChange: true,
127 |             reloadCheckIntervalSeconds: 60),
128 |         "sampleapp",
129 |         "secret");
130 | ```
131 | 
132 | You can enable insecure TLS connections to Vault:
133 | 
134 | ```csharp
135 | builder.AddVaultConfiguration(
136 |     () => new VaultOptions("https://localhost:8200", "root", insecureConnection: true),
137 |     "test",
138 |     "secret",
139 |     this._logger);
140 | ```
141 | 
142 | Or manually validate TLS certificate:
143 | 
144 | ```csharp
145 | builder.AddVaultConfiguration(
146 |     () => new VaultOptions("https://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, insecureConnection: false, serverCertificateCustomValidationCallback: (message, cert, chain, errors) =>
147 |     {
148 |         return true; //add your validation logic here
149 |     }),
150 |     "test",
151 |     "secret",
152 |     this._logger);
153 | ```
154 | 
155 | ## Preparing secrets in Vault
156 | 
157 | You need to store your secrets with special naming rules.
158 | First of all, all secrets should use KV2 storage and have prefix `{app_alias}` or `{app_alias}/{env}`.
159 | 
160 | For example, if your app has alias `sampleapp` and environment `producton` and you want to have configuration option `ConnectionString` your secret path would be or `sampleapp` or `sampleapp/producton`.
161 | 
162 | All parameters are grouped and arranged in folders and can be managed within the group. All secret data should use JSON format with secret data inside:
163 | 
164 | ```json
165 | {
166 |     "ConnectionString": "secret value",
167 |     "Option1": "secret value 2",
168 | }
169 | ```
170 | 
171 | ### Nested secrets
172 | 
173 | There are two ways to create nested parameters.
174 | 
175 | 1. Description of nesting directly in Json format (preferred approach):
176 | 
177 | ```json
178 | {
179 |     "DB": 
180 |     {
181 |         "ConnectionString": "secret value"
182 |     }
183 | }
184 | ```
185 | 
186 | 1. Creating a parameter on the desired path "sampleapp/producton/DB":
187 | 
188 | ```json
189 | {
190 |     "ConnectionString": "secret value"
191 | }
192 | ```
193 | 
194 | ## Limitations
195 | 
196 | - Currently, only token and AppRole based authentication is supported from configuration. Other types of authentication can be used by code.
197 | - TTL of the secrets is not controlled.
198 | 
199 | ## Contributing
200 | 
201 | Before starting work on a pull request, I suggest commenting on, or raising, an issue on the issue tracker so that we can help and coordinate efforts.
202 | 
203 | To run tests locally you need to have Docker running and have Vault's default port 8200 free.
204 | 


--------------------------------------------------------------------------------
/Source/.dockerignore:
--------------------------------------------------------------------------------
  1 | 
  2 | # Created by https://www.gitignore.io/api/csharp
  3 | 
  4 | ### Csharp ###
  5 | ## Ignore Visual Studio temporary files, build results, and
  6 | ## files generated by popular Visual Studio add-ons.
  7 | 
  8 | # User-specific files
  9 | *.suo
 10 | *.user
 11 | *.userosscache
 12 | *.sln.docstates
 13 | 
 14 | # User-specific files (MonoDevelop/Xamarin Studio)
 15 | *.userprefs
 16 | 
 17 | # Build results
 18 | [Dd]ebug/
 19 | [Dd]ebugPublic/
 20 | [Rr]elease/
 21 | [Rr]eleases/
 22 | x64/
 23 | x86/
 24 | bld/
 25 | [Bb]in/
 26 | [Oo]bj/
 27 | [Ll]og/
 28 | 
 29 | # Visual Studio 2015 cache/options directory
 30 | .vs/
 31 | # Uncomment if you have tasks that create the project's static files in wwwroot
 32 | #wwwroot/
 33 | 
 34 | # MSTest test Results
 35 | [Tt]est[Rr]esult*/
 36 | [Bb]uild[Ll]og.*
 37 | 
 38 | # NUNIT
 39 | *.VisualState.xml
 40 | TestResult.xml
 41 | 
 42 | # Build Results of an ATL Project
 43 | [Dd]ebugPS/
 44 | [Rr]eleasePS/
 45 | dlldata.c
 46 | 
 47 | # DNX
 48 | project.lock.json
 49 | project.fragment.lock.json
 50 | artifacts/
 51 | Properties/launchSettings.json
 52 | 
 53 | *_i.c
 54 | *_p.c
 55 | *_i.h
 56 | *.ilk
 57 | *.meta
 58 | *.obj
 59 | *.pch
 60 | *.pdb
 61 | *.pgc
 62 | *.pgd
 63 | *.rsp
 64 | *.sbr
 65 | *.tlb
 66 | *.tli
 67 | *.tlh
 68 | *.tmp
 69 | *.tmp_proj
 70 | *.log
 71 | *.vspscc
 72 | *.vssscc
 73 | .builds
 74 | *.pidb
 75 | *.svclog
 76 | *.scc
 77 | 
 78 | # Chutzpah Test files
 79 | _Chutzpah*
 80 | 
 81 | # Visual C++ cache files
 82 | ipch/
 83 | *.aps
 84 | *.ncb
 85 | *.opendb
 86 | *.opensdf
 87 | *.sdf
 88 | *.cachefile
 89 | *.VC.db
 90 | *.VC.VC.opendb
 91 | 
 92 | # Visual Studio profiler
 93 | *.psess
 94 | *.vsp
 95 | *.vspx
 96 | *.sap
 97 | 
 98 | # TFS 2012 Local Workspace
 99 | $tf/
100 | 
101 | # Guidance Automation Toolkit
102 | *.gpState
103 | 
104 | # ReSharper is a .NET coding add-in
105 | _ReSharper*/
106 | *.[Rr]e[Ss]harper
107 | *.DotSettings.user
108 | 
109 | # JustCode is a .NET coding add-in
110 | .JustCode
111 | 
112 | # TeamCity is a build add-in
113 | _TeamCity*
114 | 
115 | # DotCover is a Code Coverage Tool
116 | *.dotCover
117 | 
118 | # Visual Studio code coverage results
119 | *.coverage
120 | *.coveragexml
121 | 
122 | # NCrunch
123 | _NCrunch_*
124 | .*crunch*.local.xml
125 | nCrunchTemp_*
126 | 
127 | # MightyMoose
128 | *.mm.*
129 | AutoTest.Net/
130 | 
131 | # Web workbench (sass)
132 | .sass-cache/
133 | 
134 | # Installshield output folder
135 | [Ee]xpress/
136 | 
137 | # DocProject is a documentation generator add-in
138 | DocProject/buildhelp/
139 | DocProject/Help/*.HxT
140 | DocProject/Help/*.HxC
141 | DocProject/Help/*.hhc
142 | DocProject/Help/*.hhk
143 | DocProject/Help/*.hhp
144 | DocProject/Help/Html2
145 | DocProject/Help/html
146 | 
147 | # Click-Once directory
148 | publish/
149 | 
150 | # Publish Web Output
151 | *.[Pp]ublish.xml
152 | *.azurePubxml
153 | # TODO: Comment the next line if you want to checkin your web deploy settings
154 | # but database connection strings (with potential passwords) will be unencrypted
155 | *.pubxml
156 | *.publishproj
157 | 
158 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
159 | # checkin your Azure Web App publish settings, but sensitive information contained
160 | # in these scripts will be unencrypted
161 | PublishScripts/
162 | 
163 | # NuGet Packages
164 | *.nupkg
165 | # The packages folder can be ignored because of Package Restore
166 | **/packages/*
167 | # except build/, which is used as an MSBuild target.
168 | !**/packages/build/
169 | # Uncomment if necessary however generally it will be regenerated when needed
170 | #!**/packages/repositories.config
171 | # NuGet v3's project.json files produces more ignoreable files
172 | *.nuget.props
173 | *.nuget.targets
174 | 
175 | # Microsoft Azure Build Output
176 | csx/
177 | *.build.csdef
178 | 
179 | # Microsoft Azure Emulator
180 | ecf/
181 | rcf/
182 | 
183 | # Windows Store app package directories and files
184 | AppPackages/
185 | BundleArtifacts/
186 | Package.StoreAssociation.xml
187 | _pkginfo.txt
188 | 
189 | # Visual Studio cache files
190 | # files ending in .cache can be ignored
191 | *.[Cc]ache
192 | # but keep track of directories ending in .cache
193 | !*.[Cc]ache/
194 | 
195 | # Others
196 | ClientBin/
197 | ~$*
198 | *~
199 | *.dbmdl
200 | *.dbproj.schemaview
201 | *.jfm
202 | *.pfx
203 | *.publishsettings
204 | node_modules/
205 | orleans.codegen.cs
206 | 
207 | # Since there are multiple workflows, uncomment next line to ignore bower_components
208 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
209 | #bower_components/
210 | 
211 | # RIA/Silverlight projects
212 | Generated_Code/
213 | 
214 | # Backup & report files from converting an old project file
215 | # to a newer Visual Studio version. Backup files are not needed,
216 | # because we have git ;-)
217 | _UpgradeReport_Files/
218 | Backup*/
219 | UpgradeLog*.XML
220 | UpgradeLog*.htm
221 | 
222 | # SQL Server files
223 | *.mdf
224 | *.ldf
225 | 
226 | # Business Intelligence projects
227 | *.rdl.data
228 | *.bim.layout
229 | *.bim_*.settings
230 | 
231 | # Microsoft Fakes
232 | FakesAssemblies/
233 | 
234 | # GhostDoc plugin setting file
235 | *.GhostDoc.xml
236 | 
237 | # Node.js Tools for Visual Studio
238 | .ntvs_analysis.dat
239 | 
240 | # Visual Studio 6 build log
241 | *.plg
242 | 
243 | # Visual Studio 6 workspace options file
244 | *.opt
245 | 
246 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
247 | *.vbw
248 | 
249 | # Visual Studio LightSwitch build output
250 | **/*.HTMLClient/GeneratedArtifacts
251 | **/*.DesktopClient/GeneratedArtifacts
252 | **/*.DesktopClient/ModelManifest.xml
253 | **/*.Server/GeneratedArtifacts
254 | **/*.Server/ModelManifest.xml
255 | _Pvt_Extensions
256 | 
257 | # Paket dependency manager
258 | .paket/paket.exe
259 | paket-files/
260 | 
261 | # FAKE - F# Make
262 | .fake/
263 | 
264 | # JetBrains Rider
265 | .idea/
266 | *.sln.iml
267 | 
268 | # CodeRush
269 | .cr/
270 | 
271 | # Python Tools for Visual Studio (PTVS)
272 | __pycache__/
273 | *.pyc
274 | 
275 | # Cake - Uncomment if you are using it
276 | # tools/
277 | tools/Cake.CoreCLR
278 | .vscode
279 | tools
280 | .dotnet
281 | Dockerfile
282 | 
283 | # .env file contains default environment variables for docker
284 | .env
285 | .git/
286 | 
287 | Directory.Build.props


--------------------------------------------------------------------------------
/Source/Directory.Build.props:
--------------------------------------------------------------------------------
 1 | <Project>
 2 | 
 3 |   <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
 4 | 
 5 |   <PropertyGroup Label="Build">
 6 |     <GenerateDocumentationFile>true</GenerateDocumentationFile>
 7 |   </PropertyGroup>
 8 | 
 9 |   <PropertyGroup Label="Signing">
10 |     <SignAssembly>true</SignAssembly>
11 |     <AssemblyOriginatorKeyFile>../../Key.snk</AssemblyOriginatorKeyFile>
12 |   </PropertyGroup>
13 | 
14 |   <PropertyGroup Label="Source Link">
15 |     <!-- Optional: Declare that the Repository URL can be published to NuSpec -->
16 |     <PublishRepositoryUrl>true</PublishRepositoryUrl>
17 |     <!-- Optional: Embed source files that are not tracked by the source control manager to the PDB -->
18 |     <EmbedUntrackedSources>true</EmbedUntrackedSources>
19 |     <Deterministic>True</Deterministic>
20 |     <!-- Optional: Include PDB in the built .nupkg -->
21 |     <AllowedOutputExtensionsInPackageBuildOutputFolder>$(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb</AllowedOutputExtensionsInPackageBuildOutputFolder>
22 |   </PropertyGroup>
23 | 
24 | </Project>
25 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Controllers/HelloController.cs:
--------------------------------------------------------------------------------
 1 | namespace SampleWebApp.Controllers;
 2 | 
 3 | using Microsoft.AspNetCore.Mvc;
 4 | using Microsoft.Extensions.Options;
 5 | using Options;
 6 | 
 7 | [Route("hello")]
 8 | [ApiController]
 9 | public class HelloController
10 | {
11 |     [HttpGet("")]
12 |     public IActionResult GetValue([FromServices] IOptionsSnapshot<TestOptions> testOptions) => new OkObjectResult(testOptions.Value);
13 | }
14 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build-env
 2 | WORKDIR /app
 3 | 
 4 | # Copy csproj and restore as distinct layers
 5 | COPY /Source/SampleWebApp/SampleWebApp.csproj ./Source/SampleWebApp/
 6 | COPY /Source/VaultSharp.Extensions.Configuration/VaultSharp.Extensions.Configuration.csproj ./Source/VaultSharp.Extensions.Configuration/
 7 | RUN dotnet restore ./Source/SampleWebApp/SampleWebApp.csproj
 8 | 
 9 | # Copy everything else and build
10 | COPY . ./
11 | RUN dotnet publish ./Source/SampleWebApp/SampleWebApp.csproj -c Release -o out
12 | 
13 | # Build runtime image
14 | FROM mcr.microsoft.com/dotnet/aspnet:6.0
15 | WORKDIR /app
16 | COPY --from=build-env /app/out .
17 | ENTRYPOINT ["dotnet", "SampleWebApp.dll"]
18 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Options/TestOptions.cs:
--------------------------------------------------------------------------------
1 | namespace SampleWebApp.Options;
2 | 
3 | public class TestOptions
4 | {
5 |     public const string Test = "Test";
6 | 
7 |     public string ValueA { get; set; }
8 | }
9 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Program.cs:
--------------------------------------------------------------------------------
 1 | namespace SampleWebApp;
 2 | 
 3 | using System;
 4 | using Microsoft.AspNetCore.Hosting;
 5 | using Microsoft.Extensions.Configuration;
 6 | using Microsoft.Extensions.Hosting;
 7 | using Microsoft.Extensions.Logging;
 8 | using VaultSharp.Extensions.Configuration;
 9 | 
10 | public class Program
11 | {
12 |     public static ILogger Logger { get; private set; }
13 | 
14 |     public static void Main(string[] args) => CreateHostBuilder(args).Build().Run();
15 | 
16 |     private static IHostBuilder CreateHostBuilder(string[] args) =>
17 |         Host.CreateDefaultBuilder(args)
18 |             .ConfigureLogging((hostingContext, logging) =>
19 |             {
20 |                 logging.AddConfiguration(hostingContext.Configuration.GetSection("Logging"));
21 |                 logging.AddConsole();
22 |                 logging.AddDebug();
23 |             })
24 |             .ConfigureAppConfiguration((hostingContext, config) =>
25 |             {
26 |                 using var loggerFactory = LoggerFactory.Create(builder =>
27 |                     builder.AddConsole(c => c.LogToStandardErrorThreshold = LogLevel.Debug).AddDebug());
28 |                 Logger = loggerFactory.CreateLogger<Program>();
29 | 
30 |                 config.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
31 |                     .AddJsonFile(
32 |                         $"appsettings.{Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") ?? "Development"}.json",
33 |                         optional: true)
34 |                     .AddEnvironmentVariables()
35 |                     .AddVaultConfiguration(
36 |                         () => new VaultOptions(
37 |                             "http://vault:8200", // Change this to "http://localhost:8200" if you are working locally without Docker
38 |                             "root",
39 |                             reloadOnChange: true,
40 |                             reloadCheckIntervalSeconds: 60),
41 |                         "sampleapp",
42 |                         "secret",
43 |                         Logger);
44 |             })
45 |             .ConfigureWebHostDefaults(webBuilder =>
46 |             {
47 |                 webBuilder.UseStartup<Startup>();
48 |             });
49 | }
50 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Properties/launchSettings.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "$schema": "http://json.schemastore.org/launchsettings.json",
 3 |   "iisSettings": {
 4 |     "windowsAuthentication": false,
 5 |     "anonymousAuthentication": true,
 6 |     "iisExpress": {
 7 |       "applicationUrl": "http://localhost:57534",
 8 |       "sslPort": 44375
 9 |     }
10 |   },
11 |   "profiles": {
12 |     "IIS Express": {
13 |       "commandName": "IISExpress",
14 |       "launchBrowser": true,
15 |       "launchUrl": "weatherforecast",
16 |       "environmentVariables": {
17 |         "ASPNETCORE_ENVIRONMENT": "Development"
18 |       }
19 |     },
20 |     "SampleWebApp": {
21 |       "commandName": "Project",
22 |       "launchBrowser": true,
23 |       "launchUrl": "weatherforecast",
24 |       "applicationUrl": "https://localhost:5001;http://localhost:5000",
25 |       "environmentVariables": {
26 |         "ASPNETCORE_ENVIRONMENT": "Development"
27 |       }
28 |     }
29 |   }
30 | }
31 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/SampleWebApp.csproj:
--------------------------------------------------------------------------------
 1 | <Project Sdk="Microsoft.NET.Sdk.Web">
 2 | 
 3 |     <PropertyGroup>
 4 |         <TargetFramework>net8.0</TargetFramework>
 5 |         <TreatWarningsAsErrors>False</TreatWarningsAsErrors>
 6 |         <IsPackable>false</IsPackable>
 7 |         <WarningLevel>0</WarningLevel>
 8 |     </PropertyGroup>
 9 | 
10 |     <ItemGroup>
11 |       <ProjectReference Include="..\VaultSharp.Extensions.Configuration\VaultSharp.Extensions.Configuration.csproj" />
12 |     </ItemGroup>
13 | 
14 |     <ItemGroup>
15 |       <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="9.0.0">
16 |         <PrivateAssets>all</PrivateAssets>
17 |         <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
18 |       </PackageReference>
19 |       <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0">
20 |         <PrivateAssets>all</PrivateAssets>
21 |         <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
22 |       </PackageReference>
23 |       <PackageReference Include="MinVer" Version="6.0.0">
24 |         <PrivateAssets>all</PrivateAssets>
25 |         <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
26 |       </PackageReference>
27 |     </ItemGroup>
28 | 
29 | 
30 | </Project>
31 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/Startup.cs:
--------------------------------------------------------------------------------
 1 | namespace SampleWebApp;
 2 | 
 3 | using Microsoft.AspNetCore.Builder;
 4 | using Microsoft.AspNetCore.Hosting;
 5 | using Microsoft.Extensions.Configuration;
 6 | using Microsoft.Extensions.DependencyInjection;
 7 | using Microsoft.Extensions.Hosting;
 8 | using Options;
 9 | using VaultSharp.Extensions.Configuration;
10 | 
11 | public class Startup
12 | {
13 |     public Startup(IConfiguration configuration) => this.Configuration = configuration;
14 | 
15 |     public IConfiguration Configuration { get; }
16 | 
17 |     // This method gets called by the runtime. Use this method to add services to the container.
18 |     public void ConfigureServices(IServiceCollection services)
19 |     {
20 |         services.AddControllers();
21 |         services.AddHostedService<VaultChangeWatcher>();
22 |         services
23 |             .AddOptions<TestOptions>()
24 |             .Bind(this.Configuration.GetSection("Test"), options => options.ErrorOnUnknownConfiguration = true);
25 |     }
26 | 
27 |     // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
28 |     public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
29 |     {
30 |         if (env.IsDevelopment())
31 |         {
32 |             app.UseDeveloperExceptionPage();
33 |         }
34 | 
35 |         app.UseHttpsRedirection();
36 | 
37 |         app.UseRouting();
38 | 
39 |         app.UseAuthorization();
40 | 
41 |         app.UseEndpoints(endpoints =>
42 |         {
43 |             endpoints.MapControllers();
44 |         });
45 |     }
46 | }
47 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/appsettings.Development.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "Logging": {
 3 |     "LogLevel": {
 4 |       "Default": "Information",
 5 |       "Microsoft": "Warning",
 6 |       "Microsoft.Hosting.Lifetime": "Information"
 7 |     }
 8 |   }
 9 | }
10 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/appsettings.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "Logging": {
 3 |     "LogLevel": {
 4 |       "Default": "Information",
 5 |       "Microsoft": "Warning",
 6 |       "Microsoft.Hosting.Lifetime": "Information"
 7 |     }
 8 |   },
 9 |   "AllowedHosts": "*"
10 | }
11 | 


--------------------------------------------------------------------------------
/Source/SampleWebApp/secrets.json:
--------------------------------------------------------------------------------
1 | {
2 |     "secret/sampleapp/Test/ValueA": "test test test"
3 | }
4 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultChangeWatcher.cs:
--------------------------------------------------------------------------------
 1 | namespace VaultSharp.Extensions.Configuration
 2 | {
 3 |     using System;
 4 |     using System.Collections.Generic;
 5 |     using System.Linq;
 6 |     using System.Threading;
 7 |     using System.Threading.Tasks;
 8 |     using Microsoft.Extensions.Configuration;
 9 |     using Microsoft.Extensions.Hosting;
10 |     using Microsoft.Extensions.Logging;
11 | 
12 |     /// <summary>
13 |     /// Background service to notify about Vault data changes.
14 |     /// </summary>
15 |     public class VaultChangeWatcher : BackgroundService
16 |     {
17 |         private readonly ILogger? _logger;
18 |         private IEnumerable<VaultConfigurationProvider> _configProviders;
19 | 
20 |         /// <summary>
21 |         /// Initializes a new instance of the <see cref="VaultChangeWatcher"/> class.
22 |         /// test.
23 |         /// </summary>
24 |         /// <param name="configuration">Instance of IConfiguration</param>
25 |         /// <param name="logger">Optional logger provider</param>
26 |         public VaultChangeWatcher(IConfiguration configuration, ILogger? logger = null)
27 |         {
28 |             var configurationRoot = (IConfigurationRoot)configuration;
29 |             if (configurationRoot == null)
30 |             {
31 |                 throw new ArgumentNullException(nameof(configurationRoot));
32 |             }
33 | 
34 |             this._logger = logger;
35 | 
36 |             this._configProviders = configurationRoot.Providers.OfType<VaultConfigurationProvider>().Where(p => p.ConfigurationSource.Options.ReloadOnChange).ToList() !;
37 |         }
38 | 
39 |         /// <inheritdoc />
40 |         protected override async Task ExecuteAsync(CancellationToken stoppingToken)
41 |         {
42 |             var timers = new Dictionary<int, int>(); // key - index of config provider, value - timer
43 |             var minTime = int.MaxValue;
44 |             var i = 0;
45 |             foreach (var provider in this._configProviders)
46 |             {
47 |                 var waitForSec = provider.ConfigurationSource.Options.ReloadCheckIntervalSeconds;
48 |                 minTime = Math.Min(minTime, waitForSec);
49 |                 timers[i] = waitForSec;
50 |                 i++;
51 |             }
52 | 
53 |             this._logger?.LogInformation($"VaultChangeWatcher will use {minTime} seconds interval");
54 | 
55 |             while (!stoppingToken.IsCancellationRequested)
56 |             {
57 |                 try
58 |                 {
59 |                     await Task.Delay(TimeSpan.FromSeconds(minTime), stoppingToken).ConfigureAwait(false);
60 |                     if (stoppingToken.IsCancellationRequested)
61 |                     {
62 |                         break;
63 |                     }
64 | 
65 |                     for (var j = 0; j < this._configProviders.Count(); j++)
66 |                     {
67 |                         var timer = timers[j];
68 |                         timer -= minTime;
69 |                         if (timer <= 0)
70 |                         {
71 |                             this._configProviders.ElementAt(j).Load();
72 |                             timers[j] = this._configProviders.ElementAt(j).ConfigurationSource.Options
73 |                                 .ReloadCheckIntervalSeconds;
74 |                         }
75 |                         else
76 |                         {
77 |                             timers[j] = timer;
78 |                         }
79 |                     }
80 |                 }
81 |                 catch (Exception ex)
82 |                 {
83 |                     this._logger?.LogError(ex, $"An exception occurred in {nameof(VaultChangeWatcher)}");
84 |                 }
85 |             }
86 |         }
87 |     }
88 | }
89 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultConfigurationExtensions.cs:
--------------------------------------------------------------------------------
 1 | namespace VaultSharp.Extensions.Configuration
 2 | {
 3 | #pragma warning disable CA2000
 4 | 
 5 |     using System;
 6 |     using Microsoft.Extensions.Configuration;
 7 |     using Microsoft.Extensions.Logging;
 8 | 
 9 |     /// <summary>
10 |     /// Vault configuration extensions.
11 |     /// </summary>
12 |     public static class VaultConfigurationExtensions
13 |     {
14 |         /// <summary>
15 |         /// Add Vault as a configuration provider.
16 |         /// </summary>
17 |         /// <param name="configuration">Configuration builder instance.</param>
18 |         /// <param name="options">Vault options provider action.</param>
19 |         /// <param name="basePath">Base path for vault keys.</param>
20 |         /// <param name="mountPoint">KV mounting point.</param>
21 |         /// <param name="logger">Logger instance.</param>
22 |         /// <returns>Instance of <see cref="IConfigurationBuilder"/>.</returns>
23 |         public static IConfigurationBuilder AddVaultConfiguration(
24 |             this IConfigurationBuilder configuration,
25 |             Func<VaultOptions> options,
26 |             string basePath,
27 |             string? mountPoint = null,
28 |             ILogger? logger = null)
29 |         {
30 |             if (configuration == null)
31 |             {
32 |                 throw new ArgumentNullException(nameof(configuration));
33 |             }
34 | 
35 |             _ = options ?? throw new ArgumentNullException(nameof(options));
36 | 
37 |             var vaultOptions = options();
38 |             configuration.Add(new VaultConfigurationSource(vaultOptions, basePath, mountPoint, logger));
39 |             return configuration;
40 |         }
41 | 
42 |         /// <summary>
43 |         /// Add Vault as a configuration provider.
44 |         /// </summary>
45 |         /// <param name="configuration">Configuration builder instance.</param>
46 |         /// <param name="basePath">Base path for vault keys.</param>
47 |         /// <param name="mountPoint">KV mounting point.</param>
48 |         /// <param name="logger">Logger instance.</param>
49 |         /// <returns>Instance of <see cref="IConfigurationBuilder"/>.</returns>
50 |         public static IConfigurationBuilder AddVaultConfiguration(
51 |             this IConfigurationBuilder configuration,
52 |             string basePath,
53 |             string? mountPoint = null,
54 |             ILogger? logger = null)
55 |         {
56 |             if (configuration == null)
57 |             {
58 |                 throw new ArgumentNullException(nameof(configuration));
59 |             }
60 | 
61 |             if (basePath == null)
62 |             {
63 |                 throw new ArgumentNullException(nameof(basePath));
64 |             }
65 | 
66 |             var insecureOk = bool.TryParse(Environment.GetEnvironmentVariable(VaultEnvironmentVariableNames.InsecureConnection), out var insecure);
67 | 
68 |             var vaultOptions = new VaultOptions(
69 |                 Environment.GetEnvironmentVariable(VaultEnvironmentVariableNames.Address) ??
70 |                 VaultConfigurationSource.DefaultVaultUrl,
71 |                 Environment.GetEnvironmentVariable(VaultEnvironmentVariableNames.Token) ?? VaultConfigurationSource.DefaultVaultToken,
72 |                 Environment.GetEnvironmentVariable(VaultEnvironmentVariableNames.Secret),
73 |                 Environment.GetEnvironmentVariable(VaultEnvironmentVariableNames.RoleId),
74 |                 insecureOk && insecure);
75 |             configuration.Add(new VaultConfigurationSource(vaultOptions, basePath, mountPoint, logger));
76 |             return configuration;
77 |         }
78 |     }
79 | #pragma warning restore CA2000
80 | }
81 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultConfigurationProvider.cs:
--------------------------------------------------------------------------------
  1 | namespace VaultSharp.Extensions.Configuration
  2 | {
  3 |     using System;
  4 |     using System.Collections.Generic;
  5 |     using System.Globalization;
  6 |     using System.Linq;
  7 |     using System.Net;
  8 |     using System.Net.Http;
  9 |     using System.Text;
 10 |     using System.Text.Json;
 11 |     using System.Threading.Tasks;
 12 |     using Microsoft.Extensions.Configuration;
 13 |     using Microsoft.Extensions.Logging;
 14 |     using VaultSharp;
 15 |     using VaultSharp.Core;
 16 |     using VaultSharp.V1.AuthMethods;
 17 |     using VaultSharp.V1.AuthMethods.AppRole;
 18 |     using VaultSharp.V1.AuthMethods.Token;
 19 |     using VaultSharp.V1.Commons;
 20 | 
 21 |     /// <summary>
 22 |     /// Vault configuration provider.
 23 |     /// </summary>
 24 |     public class VaultConfigurationProvider : ConfigurationProvider
 25 |     {
 26 |         private readonly ILogger? logger;
 27 |         private IVaultClient? vaultClient;
 28 |         private readonly Dictionary<string, int> versionsCache;
 29 | 
 30 |         /// <summary>
 31 |         /// Initializes a new instance of the <see cref="VaultConfigurationProvider"/> class.
 32 |         /// </summary>
 33 |         /// <param name="source">Vault configuration source.</param>
 34 |         /// <param name="logger">Logger instance.</param>
 35 |         public VaultConfigurationProvider(VaultConfigurationSource source, ILogger? logger)
 36 |         {
 37 |             this.logger = logger;
 38 |             this.ConfigurationSource = source ?? throw new ArgumentNullException(nameof(source));
 39 |             this.versionsCache = new Dictionary<string, int>();
 40 |         }
 41 | 
 42 |         /// <summary>
 43 |         /// Gets <see cref="VaultConfigurationSource"/>.
 44 |         /// </summary>
 45 |         internal VaultConfigurationSource ConfigurationSource { get; private set; }
 46 | 
 47 |         /// <inheritdoc/>
 48 |         public override void Load()
 49 |         {
 50 |             try
 51 |             {
 52 |                 if (this.vaultClient == null)
 53 |                 {
 54 |                     IAuthMethodInfo? authMethod = null;
 55 |                     if (this.ConfigurationSource.Options.AuthMethod != null)
 56 |                     {
 57 |                         authMethod = this.ConfigurationSource.Options.AuthMethod;
 58 |                     }
 59 |                     else if (!string.IsNullOrEmpty(this.ConfigurationSource.Options.VaultRoleId) &&
 60 |                         !string.IsNullOrEmpty(this.ConfigurationSource.Options.VaultSecret))
 61 |                     {
 62 |                         this.logger?.LogDebug("VaultConfigurationProvider: using AppRole authentication");
 63 |                         authMethod = new AppRoleAuthMethodInfo(
 64 |                             this.ConfigurationSource.Options.VaultRoleId,
 65 |                             this.ConfigurationSource.Options.VaultSecret);
 66 |                     }
 67 |                     else if (!string.IsNullOrEmpty(this.ConfigurationSource.Options.VaultToken))
 68 |                     {
 69 |                         this.logger?.LogDebug("VaultConfigurationProvider: using Token authentication");
 70 |                         authMethod = new TokenAuthMethodInfo(this.ConfigurationSource.Options.VaultToken);
 71 |                     }
 72 | 
 73 |                     var vaultClientSettings = new VaultClientSettings(this.ConfigurationSource.Options.VaultAddress, authMethod)
 74 |                     {
 75 |                         UseVaultTokenHeaderInsteadOfAuthorizationHeader = true,
 76 |                         Namespace = this.ConfigurationSource.Options.Namespace,
 77 | 
 78 |                         PostProcessHttpClientHandlerAction = handler =>
 79 |                         {
 80 |                             if (handler is HttpClientHandler clientHandler)
 81 |                             {
 82 |                                 if (this.ConfigurationSource.Options.AcceptInsecureConnection)
 83 |                                 {
 84 | #if NETSTANDARD2_0
 85 |                                     clientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, sslPolicyErrors) => true;
 86 | #else
 87 |                                     clientHandler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
 88 | #endif
 89 |                                 }
 90 |                                 else if (this.ConfigurationSource.Options.ServerCertificateCustomValidationCallback != null)
 91 |                                 {
 92 |                                     clientHandler.ServerCertificateCustomValidationCallback = this.ConfigurationSource.Options.ServerCertificateCustomValidationCallback;
 93 |                                 }
 94 | 
 95 |                                 this.ConfigurationSource.Options.PostProcessHttpClientHandlerAction?.Invoke(clientHandler);
 96 |                             }
 97 |                         }
 98 |                     };
 99 |                     this.vaultClient = new VaultClient(vaultClientSettings);
100 |                 }
101 | 
102 |                 var hasChanges = this.LoadVaultDataAsync(this.vaultClient)
103 |                      .ConfigureAwait(false)
104 |                      .GetAwaiter()
105 |                      .GetResult();
106 | 
107 |                 if (hasChanges)
108 |                 {
109 |                     this.OnReload();
110 |                 }
111 | 
112 |             }
113 |             catch (Exception e) when (e is VaultApiException || e is System.Net.Http.HttpRequestException)
114 |             {
115 |                 this.logger?.Log(LogLevel.Error, e, "Cannot load configuration from Vault");
116 |                 throw;
117 |             }
118 |         }
119 | 
120 |         /// <summary>
121 |         /// This will fetch the vault token again before the new operation.
122 |         /// Use IConfiguration object: configurationRoot.Providers.OfType&lt;VaultConfigurationProvider&lt;().FirstOrDefault().ResetToken();
123 |         /// See https://github.com/rajanadar/VaultSharp/blob/34ab400c2a295f4a81d97fc5d65f38509c7e0f05/README.md?plain=1#L92
124 |         /// </summary>
125 |         public void ResetToken() => this.vaultClient?.V1.Auth.ResetVaultToken();
126 | 
127 |         private async Task<bool> LoadVaultDataAsync(IVaultClient vaultClient)
128 |         {
129 |             var hasChanges = false;
130 |             await foreach (var secretData in this.ReadKeysAsync(vaultClient, this.ConfigurationSource.BasePath))
131 |             {
132 |                 this.logger?.LogDebug($"VaultConfigurationProvider: got Vault data with key `{secretData.Key}`");
133 | 
134 |                 var key = secretData.Key;
135 |                 var len = this.ConfigurationSource.BasePath.TrimStart('/').Length;
136 |                 key = key.TrimStart('/').Substring(len).TrimStart('/').Replace('/', ':');
137 |                 key = this.ReplaceTheAdditionalCharactersForConfigurationPath(key);
138 | 
139 |                 if (this.ConfigurationSource.Options.KeyPrefix != null)
140 |                 {
141 |                     if (string.IsNullOrEmpty(key))
142 |                     {
143 |                         key = this.ConfigurationSource.Options.KeyPrefix;
144 |                     }
145 |                     else
146 |                     {
147 |                         key = this.ConfigurationSource.Options.KeyPrefix + ":" + key;
148 |                     }
149 | 
150 |                 }
151 |                 var data = secretData.SecretData.Data;
152 | 
153 |                 var shouldSetValue = true;
154 |                 if (this.versionsCache.TryGetValue(key, out var currentVersion))
155 |                 {
156 |                     shouldSetValue = secretData.SecretData.Metadata.Version > currentVersion;
157 |                     var keyMsg = shouldSetValue ? "has new version" : "is outdated";
158 |                     this.logger?.LogDebug($"VaultConfigurationProvider: Data for key `{secretData.Key}` {keyMsg}");
159 |                 }
160 | 
161 |                 if (shouldSetValue)
162 |                 {
163 |                     this.SetData(data, this.ConfigurationSource.Options.OmitVaultKeyName ? string.Empty : key);
164 |                     hasChanges = true;
165 |                     this.versionsCache[key] = secretData.SecretData.Metadata.Version;
166 |                 }
167 |             }
168 | 
169 |             return hasChanges;
170 |         }
171 | 
172 |         private void SetData<TValue>(IEnumerable<KeyValuePair<string, TValue>> data, string? key)
173 |         {
174 |             foreach (var pair in data)
175 |             {
176 |                 var nestedKey = string.IsNullOrEmpty(key) ? pair.Key : $"{key}:{pair.Key}";
177 |                 nestedKey = this.ReplaceTheAdditionalCharactersForConfigurationPath(nestedKey);
178 | 
179 |                 var nestedValue = (JsonElement)(object)pair.Value!;
180 |                 this.SetItemData(nestedKey, nestedValue);
181 |             }
182 |         }
183 | 
184 |         private void SetItemData(string nestedKey, JsonElement nestedValue)
185 |         {
186 |             switch ((nestedValue).ValueKind)
187 |             {
188 |                 case JsonValueKind.Object:
189 |                     var jObject = nestedValue.EnumerateObject().ToDictionary(x => x.Name, x => x.Value).ToList();
190 |                     if (jObject != null)
191 |                     {
192 |                         this.SetData(jObject, nestedKey);
193 |                     }
194 |                     break;
195 |                 case JsonValueKind.Array:
196 |                     var array = nestedValue.EnumerateArray();
197 |                     for(var i = 0; i < array.Count(); i++)
198 |                     {
199 |                         var arrElement = array.ElementAt(i);
200 | 
201 |                         if (arrElement.ValueKind == JsonValueKind.Array)
202 |                         {
203 |                             this.SetData(new[] { new KeyValuePair<string, JsonElement?>($"{nestedKey}:{i}", arrElement) }, null);
204 |                         }
205 |                         else if (arrElement.ValueKind == JsonValueKind.Object)
206 |                         {
207 |                             this.SetData(new[] { new KeyValuePair<string, JsonElement?>($"{nestedKey}:{i}", arrElement) }, null);
208 |                         }
209 |                         else
210 |                         {
211 |                             this.SetItemData($"{nestedKey}:{i}", arrElement);
212 |                         }
213 |                     }
214 |                     break;
215 |                 case JsonValueKind.String:
216 |                     this.Set(nestedKey, nestedValue.GetString());
217 |                     break;
218 |                 case JsonValueKind.Number:
219 |                     this.Set(nestedKey, nestedValue.GetDecimal().ToString(CultureInfo.InvariantCulture));
220 |                     break;
221 |                 case JsonValueKind.True:
222 |                     this.Set(nestedKey, true.ToString());
223 |                     break;
224 |                 case JsonValueKind.False:
225 |                     this.Set(nestedKey, false.ToString());
226 |                     break;
227 |                 case JsonValueKind.Null:
228 |                     this.Set(nestedKey, null);
229 |                     break;
230 |                 default:
231 |                     break;
232 |             }
233 |         }
234 | 
235 |         private async IAsyncEnumerable<KeyedSecretData> ReadKeysAsync(IVaultClient vaultClient, string path)
236 |         {
237 |             Secret<ListInfo>? keys = null;
238 |             var folderPath = path;
239 | 
240 |             if (this.ConfigurationSource.Options.AlwaysAddTrailingSlashToBasePath && folderPath.EndsWith("/", StringComparison.InvariantCulture) == false)
241 |             {
242 |                 folderPath += "/";
243 |             }
244 | 
245 |             if (folderPath.EndsWith("/", StringComparison.InvariantCulture))
246 |             {
247 |                 try
248 |                 {
249 |                     keys = await vaultClient.V1.Secrets.KeyValue.V2.ReadSecretPathsAsync(folderPath, this.ConfigurationSource.MountPoint).ConfigureAwait(false);
250 |                 }
251 |                 catch (VaultApiException ex) when (ex.HttpStatusCode == HttpStatusCode.NotFound)
252 |                 {
253 |                     // this is key, not a folder
254 |                 }
255 |             }
256 | 
257 |             if (keys != null)
258 |             {
259 |                 foreach (var key in keys.Data.Keys)
260 |                 {
261 |                     var keyData = this.ReadKeysAsync(vaultClient, folderPath + key);
262 |                     await foreach (var secretData in keyData)
263 |                     {
264 |                         yield return secretData;
265 |                     }
266 |                 }
267 |             }
268 | 
269 |             var valuePath = path;
270 |             if (valuePath.EndsWith("/", StringComparison.InvariantCulture) == true)
271 |             {
272 |                 valuePath = valuePath.TrimEnd('/');
273 |             }
274 | 
275 |             KeyedSecretData? keyedSecretData = null;
276 |             try
277 |             {
278 |                 var secretData = await vaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync(valuePath, null, this.ConfigurationSource.MountPoint)
279 |                     .ConfigureAwait(false);
280 |                 keyedSecretData = new KeyedSecretData(valuePath, secretData.Data);
281 |             }
282 |             catch (VaultApiException ex) when (ex.HttpStatusCode == HttpStatusCode.NotFound)
283 |             {
284 |                 // this is folder, not a key
285 |             }
286 | 
287 |             if (keyedSecretData != null)
288 |             {
289 |                 yield return keyedSecretData;
290 |             }
291 |         }
292 | 
293 |         private string ReplaceTheAdditionalCharactersForConfigurationPath(string inputKey)
294 |         {
295 |             if (!this.ConfigurationSource.Options.AdditionalStringsForConfigurationPath.Any())
296 |             {
297 |                 return inputKey;
298 |             }
299 | 
300 |             var outputKey = new StringBuilder(inputKey);
301 | 
302 |             foreach (var c in this.ConfigurationSource.Options.AdditionalStringsForConfigurationPath)
303 |             {
304 |                 outputKey.Replace(c, ":");
305 |             }
306 | 
307 |             return outputKey.ToString();
308 |         }
309 | 
310 |         private class KeyedSecretData
311 |         {
312 |             public KeyedSecretData(string key, SecretData secretData)
313 |             {
314 |                 this.Key = key;
315 |                 this.SecretData = secretData;
316 |             }
317 | 
318 |             public string Key { get; }
319 | 
320 |             public SecretData SecretData { get; }
321 |         }
322 |     }
323 | }
324 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultConfigurationSource.cs:
--------------------------------------------------------------------------------
 1 | namespace VaultSharp.Extensions.Configuration
 2 | {
 3 |     using Microsoft.Extensions.Configuration;
 4 |     using Microsoft.Extensions.Logging;
 5 |     using VaultSharp.V1.SecretsEngines;
 6 | 
 7 |     /// <summary>
 8 |     /// Vault configuration source.
 9 |     /// </summary>
10 |     public class VaultConfigurationSource : IConfigurationSource
11 |     {
12 |         /// <summary>
13 |         /// Default Vault URL.
14 |         /// </summary>
15 |         internal const string DefaultVaultUrl = "http://locahost:8200";
16 | 
17 |         /// <summary>
18 |         /// Default Vault token.
19 |         /// </summary>
20 |         internal const string DefaultVaultToken = "root";
21 | 
22 |         private readonly ILogger? logger;
23 | 
24 |         /// <summary>
25 |         /// Initializes a new instance of the <see cref="VaultConfigurationSource"/> class.
26 |         /// </summary>
27 |         /// <param name="options">Vault options.</param>
28 |         /// <param name="basePath">Base path.</param>
29 |         /// <param name="mountPoint">Mounting point.</param>
30 |         /// <param name="logger">Logger instance.</param>
31 |         public VaultConfigurationSource(VaultOptions options, string basePath, string? mountPoint = null, ILogger? logger = null)
32 |         {
33 |             this.logger = logger;
34 |             this.Options = options;
35 |             this.BasePath = basePath;
36 |             this.MountPoint = mountPoint ?? SecretsEngineMountPoints.Defaults.KeyValueV2;
37 |         }
38 | 
39 |         /// <summary>
40 |         /// Gets Vault connection options.
41 |         /// </summary>
42 |         public VaultOptions Options { get; }
43 | 
44 |         /// <summary>
45 |         /// Gets base path for vault URLs.
46 |         /// </summary>
47 |         public string BasePath { get; }
48 | 
49 |         /// <summary>
50 |         /// Gets mounting point.
51 |         /// </summary>
52 |         public string MountPoint { get; }
53 | 
54 |         /// <summary>
55 |         /// Build configuration provider.
56 |         /// </summary>
57 |         /// <param name="builder">Configuration builder.</param>
58 |         /// <returns>Instance of <see cref="IConfigurationProvider"/>.</returns>
59 |         public virtual IConfigurationProvider Build(IConfigurationBuilder builder) => new VaultConfigurationProvider(this, this.logger);
60 |     }
61 | }
62 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultEnvironmentVariableNames.cs:
--------------------------------------------------------------------------------
 1 | namespace VaultSharp.Extensions.Configuration
 2 | {
 3 |     /// <summary>
 4 |     /// Class contains all environment variables names related to vault configuration.
 5 |     /// </summary>
 6 |     public static class VaultEnvironmentVariableNames
 7 |     {
 8 |         /// <summary>
 9 |         /// Environment variable name for Vault address.
10 |         /// </summary>
11 |         public const string Address = "VAULT_ADDR";
12 | 
13 |         /// <summary>
14 |         ///  Environment variable name for Vault token.
15 |         /// </summary>
16 |         public const string Token = "VAULT_TOKEN";
17 | 
18 |         /// <summary>
19 |         ///  Environment variable name for Vault RoleId.
20 |         /// </summary>
21 |         public const string RoleId = "VAULT_ROLEID";
22 | 
23 |         /// <summary>
24 |         ///  Environment variable name for Vault secret.
25 |         /// </summary>
26 |         public const string Secret = "VAULT_SECRET";
27 | 
28 |         /// <summary>
29 |         ///  Environment variable name for disabling server certificate validation for Vault client.
30 |         /// </summary>
31 |         public const string InsecureConnection = "VAULT_INSECURE";
32 |     }
33 | }
34 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultOptions.cs:
--------------------------------------------------------------------------------
  1 | namespace VaultSharp.Extensions.Configuration
  2 | {
  3 |     using System;
  4 |     using System.Collections.Generic;
  5 |     using System.Linq;
  6 |     using System.Net.Http;
  7 |     using System.Net.Security;
  8 |     using System.Security.Cryptography.X509Certificates;
  9 |     using VaultSharp.V1.AuthMethods;
 10 | 
 11 |     /// <summary>
 12 |     /// Vault options class.
 13 |     /// </summary>
 14 |     public class VaultOptions
 15 |     {
 16 |         /// <summary>
 17 |         /// Initializes a new instance of the <see cref="VaultOptions"/> class.
 18 |         /// </summary>
 19 |         /// <param name="vaultAddress">Vault address.</param>
 20 |         /// <param name="vaultToken">Vault token.</param>
 21 |         /// <param name="vaultSecret">Vault secret.</param>
 22 |         /// <param name="vaultRoleId">Vault Role ID.</param>
 23 |         /// <param name="reloadOnChange">Reload secrets if changed in Vault.</param>
 24 |         /// <param name="reloadCheckIntervalSeconds">Interval in seconds to check Vault for any changes.</param>
 25 |         /// <param name="omitVaultKeyName">Omit Vault Key Name in Configuration Keys.</param>
 26 |         /// <param name="keyPrefix">Store all Vault keys under this prefix </param>
 27 |         /// <param name="additionalCharactersForConfigurationPath">Additional characters for the Configuration path.</param>
 28 |         /// <param name="additionalStringsForConfigurationPath">Additional strings for the Configuration path.</param>
 29 |         /// <param name="namespace">Vault namespace.</param>
 30 |         /// <param name="alwaysAddTrailingSlashToBasePath">Should a trailing slash be added to the base path. See AlwaysAddTrailingSlashToBasePath property for details </param>
 31 |         /// <param name="insecureConnection">(Dangerous!) Ignore certificate validation. This implies self-signed certificates are accepted.</param>
 32 |         /// <param name="serverCertificateCustomValidationCallback">An optional action to post-process the HttpClientHandler. Used to manually validate the server certificate. Ignored if AcceptInsecureConnection is true.</param>
 33 |         public VaultOptions(
 34 |             string vaultAddress,
 35 |             string? vaultToken,
 36 |             string? vaultSecret = null,
 37 |             string? vaultRoleId = null,
 38 |             bool reloadOnChange = false,
 39 |             int reloadCheckIntervalSeconds = 300,
 40 |             bool omitVaultKeyName = false,
 41 |             string? keyPrefix = null,
 42 |             IEnumerable<char>? additionalCharactersForConfigurationPath = null,
 43 |             IEnumerable<string>? additionalStringsForConfigurationPath = null,
 44 |             string? @namespace = null,
 45 |             bool alwaysAddTrailingSlashToBasePath = true,
 46 |             bool insecureConnection = false,
 47 |             Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? serverCertificateCustomValidationCallback = null)
 48 |         {
 49 |             this.VaultAddress = vaultAddress;
 50 |             this.VaultToken = vaultToken;
 51 |             this.VaultSecret = vaultSecret;
 52 |             this.VaultRoleId = vaultRoleId;
 53 |             this.ReloadOnChange = reloadOnChange;
 54 |             this.ReloadCheckIntervalSeconds = reloadCheckIntervalSeconds;
 55 |             this.OmitVaultKeyName = omitVaultKeyName;
 56 |             this.KeyPrefix = keyPrefix;
 57 | #pragma warning disable CS0618 // Type or member is obsolete
 58 |             this.AdditionalCharactersForConfigurationPath = additionalCharactersForConfigurationPath ?? Array.Empty<char>();
 59 | #pragma warning restore CS0618 // Type or member is obsolete
 60 |             this.AdditionalStringsForConfigurationPath = [..additionalStringsForConfigurationPath ?? [], ..(additionalCharactersForConfigurationPath ?? []).Select(x => x.ToString())];
 61 |             this.Namespace = @namespace;
 62 |             this.AlwaysAddTrailingSlashToBasePath = alwaysAddTrailingSlashToBasePath;
 63 |             this.AcceptInsecureConnection = insecureConnection;
 64 |             this.ServerCertificateCustomValidationCallback = serverCertificateCustomValidationCallback;
 65 |         }
 66 | 
 67 |         /// <summary>
 68 |         /// Initializes a new instance of the <see cref="VaultOptions"/> class.
 69 |         /// </summary>
 70 |         /// <param name="vaultAddress">Vault address.</param>
 71 |         /// <param name="authMethod">Vault auth method.</param>
 72 |         /// <param name="reloadOnChange">Reload secrets if changed in Vault.</param>
 73 |         /// <param name="reloadCheckIntervalSeconds">Interval in seconds to check Vault for any changes.</param>
 74 |         /// <param name="omitVaultKeyName">Omit Vault Key Name in Configuration Keys.</param>
 75 |         /// <param name="additionalCharactersForConfigurationPath">Additional characters for the Configuration path.</param>
 76 |         /// <param name="additionalStringsForConfigurationPath">Additional strings for the Configuration path.</param>
 77 |         /// <param name="namespace">Vault namespace.</param>
 78 |         /// <param name="alwaysAddTrailingSlashToBasePath">Should a trailing slash be added to the base path. See AlwaysAddTrailingSlashToBasePath property for details </param>
 79 |         /// <param name="insecureConnection">(Dangerous!) Ignore certificate validation. This implies self-signed certificates are accepted.</param>
 80 |         /// <param name="serverCertificateCustomValidationCallback">An optional action to post-process the HttpClientHandler. Used to manually validate the server certificate. Ignored if AcceptInsecureConnection is true.</param>
 81 |         public VaultOptions(
 82 |             string vaultAddress,
 83 |             IAuthMethodInfo authMethod,
 84 |             bool reloadOnChange = false,
 85 |             int reloadCheckIntervalSeconds = 300,
 86 |             bool omitVaultKeyName = false,
 87 |             IEnumerable<char>? additionalCharactersForConfigurationPath = null,
 88 |             IEnumerable<string>? additionalStringsForConfigurationPath = null,
 89 |             string? @namespace = null,
 90 |             bool alwaysAddTrailingSlashToBasePath = true,
 91 |             bool insecureConnection = false,
 92 |             Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? serverCertificateCustomValidationCallback = null)
 93 |         {
 94 |             this.VaultAddress = vaultAddress;
 95 |             this.AuthMethod = authMethod;
 96 |             this.ReloadOnChange = reloadOnChange;
 97 |             this.ReloadCheckIntervalSeconds = reloadCheckIntervalSeconds;
 98 |             this.OmitVaultKeyName = omitVaultKeyName;
 99 | #pragma warning disable CS0618 // Type or member is obsolete
100 |             this.AdditionalCharactersForConfigurationPath = additionalCharactersForConfigurationPath ?? Array.Empty<char>();
101 | #pragma warning restore CS0618 // Type or member is obsolete
102 |             this.AdditionalStringsForConfigurationPath = [..additionalStringsForConfigurationPath ?? [], ..(additionalCharactersForConfigurationPath ?? []).Select(x => x.ToString())];
103 |             this.Namespace = @namespace;
104 |             this.AlwaysAddTrailingSlashToBasePath = alwaysAddTrailingSlashToBasePath;
105 |             this.AcceptInsecureConnection = insecureConnection;
106 |             this.ServerCertificateCustomValidationCallback = serverCertificateCustomValidationCallback;
107 |         }
108 | 
109 |         /// <summary>
110 |         /// Gets Vault Auth method
111 |         /// </summary>
112 |         public IAuthMethodInfo? AuthMethod { get; }
113 | 
114 |         /// <summary>
115 |         /// Gets Vault URL address.
116 |         /// </summary>
117 |         public string VaultAddress { get; }
118 | 
119 |         /// <summary>
120 |         /// Gets Vault access token. Used for token-based authentication.
121 |         /// </summary>
122 |         public string? VaultToken { get; }
123 | 
124 |         /// <summary>
125 |         /// Gets Vault secret. Used for role-based authentication.
126 |         /// </summary>
127 |         public string? VaultSecret { get; }
128 | 
129 |         /// <summary>
130 |         /// Gets Vault role identifier. Used for role-based authentication.
131 |         /// </summary>
132 |         public string? VaultRoleId { get; }
133 | 
134 |         /// <summary>
135 |         /// Gets a value indicating whether gets value indicating that secrets should be re-read when they are changed in Vault.
136 |         /// In this case Reload token will be triggered.
137 |         /// </summary>
138 |         public bool ReloadOnChange { get; }
139 | 
140 |         /// <summary>
141 |         /// Gets interval in seconds to check Vault for any changes.
142 |         /// </summary>
143 |         public int ReloadCheckIntervalSeconds { get; }
144 | 
145 |         /// <summary>
146 |         /// Gets a value indicating whether the Vault key should be ommited when generation Configuration key names.
147 |         /// </summary>
148 |         public bool OmitVaultKeyName { get; }
149 | 
150 |         /// <summary>
151 |         /// Store all read keys under this Configuration key name prefix.
152 |         /// </summary>
153 |         public string? KeyPrefix { get; }
154 | 
155 |         /// <summary>
156 |         /// Gets an array of characters that will be used as a path to form the Configuration.
157 |         /// This may not be equal to <see cref="AdditionalStringsForConfigurationPath"/>.
158 |         /// </summary>
159 |         [Obsolete($"Please use ${nameof(AdditionalStringsForConfigurationPath)}. This property will be removed in a future release.")]
160 |         public IEnumerable<char> AdditionalCharactersForConfigurationPath { get; }
161 | 
162 |         /// <summary>
163 |         /// Gets an array of strings that will be used as a path to form the Configuration.
164 |         /// Contains string values of <see cref="AdditionalCharactersForConfigurationPath"/>.
165 |         /// </summary>
166 |         public IEnumerable<string> AdditionalStringsForConfigurationPath { get; }
167 | 
168 |         /// <summary>
169 |         /// Gets Vault namespace.
170 |         /// </summary>
171 |         public string? Namespace { get; }
172 | 
173 |         /// <summary>
174 |         /// Gets the value indicating whether to always add a trailing slash to the base path.
175 |         /// If it is true, the base path is considered to be a "folder" with nested keys, otherwise the base path is considered to be a key itself.
176 |         /// It is true by default. Set to false if you don't have permissions to list keys in the base path.
177 |         /// </summary>
178 |         public bool AlwaysAddTrailingSlashToBasePath { get; }
179 | 
180 |         /// <summary>
181 |         /// Indicates whether we should disregard the certificate validation (for examples, servers behind Internet aren't likely to have a strong certs but we can't afford to use HTTP either)
182 |         /// Previously, the certificate behavior can be set globally, but subsequently removed in .NET Core and onwards due to security reasons.
183 |         /// We need to set the behavior to each HttpClient on a case-by-case basis. As such, this option is provided as a resolution.
184 |         /// If it is true, a custom PostProcessHttpClientHandlerAction will be injected to the VaultClientSettings to accept any server certificate.
185 |         /// Default value: false. Hashicorp also recommend using a proper CA to setup Vault access due to security concerns.
186 |         /// </summary>
187 |         public bool AcceptInsecureConnection { get; }
188 | 
189 |         /// <summary>
190 |         /// An optional action to post-process the HttpClientHandler. Used to manually validate the server certificate. Ignored if AcceptInsecureConnection is true.
191 |         /// </summary>
192 |         public Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? ServerCertificateCustomValidationCallback { get; set;}
193 | 
194 |         /// <summary>
195 |         /// An optional hook to allow custom configuration of the HttpClientHandler.
196 |         /// This is useful if you need to customize the HTTP client's proxy settings, for example.
197 |         /// </summary>
198 |         /// <remarks>
199 |         /// The action will be invoked after the VaultSharp provider applies the AcceptInsecureConnection and ServerCertificateCustomValidationCallback
200 |         /// customizations, if you enabled them.  Be aware that if you overwrite the HttpMessageHandler's ServerCertificateCustomValidationCallback
201 |         /// in your action-handler method, you will cancel out the effect of enabling the AcceptInsecureConnection and/or
202 |         /// ServerCertificateCustomValidationCallback options.
203 |         /// </remarks>
204 |         public Action<HttpMessageHandler>? PostProcessHttpClientHandlerAction { get; set; }
205 |     }
206 | }
207 | 


--------------------------------------------------------------------------------
/Source/VaultSharp.Extensions.Configuration/VaultSharp.Extensions.Configuration.csproj:
--------------------------------------------------------------------------------
  1 | <Project Sdk="Microsoft.NET.Sdk">
  2 | 
  3 |   <PropertyGroup Label="Build">
  4 |     <LangVersion>default</LangVersion>
  5 |     <TreatWarningsAsErrors>True</TreatWarningsAsErrors>
  6 |     <NoWarn>SA1633;SA1028;SA1309;CA1303;CS1591;IDE0057</NoWarn>
  7 |     <PackageId>VaultSharp.Extensions.Configuration</PackageId>
  8 |     <PackageLicenseExpression>MIT</PackageLicenseExpression>
  9 |     <Nullable>enable</Nullable>
 10 |     <TargetFrameworks>net6.0;net7.0;net8.0;net9.0;netstandard2.0;netstandard2.1</TargetFrameworks>
 11 |     <IncludeSymbols>true</IncludeSymbols>
 12 |     <SymbolPackageFormat>snupkg</SymbolPackageFormat>
 13 |     <Copyright>Copyright 2025 © Mykhaylo Merkulov. All rights Reserved</Copyright>
 14 |   </PropertyGroup>
 15 | 
 16 |   <PropertyGroup Label="Package">
 17 |     <Product>VaultSharp.Extensions.Configuration</Product>
 18 |     <Description>
 19 |       Configuration extension that allows you to use Hashicorp Vault as a configuration backend.
 20 |       This library is built with .NET Standard 2.0, 2.1, .NET 6, .NET 7, .NET 8, .NET 9
 21 |     </Description>
 22 |     <PackageTags>Vault;Configuration;Data protection;Hashicorp</PackageTags>
 23 |     <PackageReadmeFile>README.md</PackageReadmeFile>
 24 |   </PropertyGroup>
 25 | 
 26 |   <ItemGroup>
 27 |     <None Include="..\..\README.md" Pack="true" PackagePath="\" />
 28 |   </ItemGroup>
 29 | 
 30 |   <ItemGroup>
 31 |     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0">
 32 |       <PrivateAssets>all</PrivateAssets>
 33 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 34 |     </PackageReference>    
 35 |     <PackageReference Include="GitVersion.MsBuild" Version="6.2.0">
 36 |       <PrivateAssets>all</PrivateAssets>
 37 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 38 |     </PackageReference>
 39 |     <PackageReference Include="coverlet.msbuild" Version="6.0.4">
 40 |        <PrivateAssets>all</PrivateAssets>
 41 |        <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 42 |     </PackageReference>
 43 |   </ItemGroup>
 44 | 
 45 |   <ItemGroup>    
 46 |     <PackageReference Include="VaultSharp" Version="1.17.5.1" />
 47 |     <PackageReference Include="MinVer" Version="5.0.0">
 48 |       <PrivateAssets>all</PrivateAssets>
 49 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 50 |     </PackageReference>
 51 |   </ItemGroup>
 52 | 
 53 |    <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
 54 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 55 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 56 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="6.0.0" />
 57 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="6.0.3" />
 58 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="6.0.0">
 59 |       <PrivateAssets>all</PrivateAssets>
 60 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 61 |     </PackageReference>
 62 |   </ItemGroup>
 63 | 
 64 |   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.1'">
 65 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 66 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 67 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="7.0.0" />
 68 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="7.0.1" />
 69 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="7.0.4">
 70 |       <PrivateAssets>all</PrivateAssets>
 71 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 72 |     </PackageReference>
 73 |   </ItemGroup>
 74 | 
 75 |   <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
 76 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 77 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 78 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 79 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 80 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="9.0.0">
 81 |       <PrivateAssets>all</PrivateAssets>
 82 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 83 |     </PackageReference>
 84 |   </ItemGroup>
 85 | 
 86 |   <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
 87 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 88 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 89 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 90 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 91 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="7.0.4">
 92 |       <PrivateAssets>all</PrivateAssets>
 93 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 94 |     </PackageReference>
 95 |   </ItemGroup>
 96 | 
 97 |   <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
 98 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 99 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
100 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
101 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
102 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="8.0.0">
103 |       <PrivateAssets>all</PrivateAssets>
104 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
105 |     </PackageReference>
106 |   </ItemGroup>
107 | 
108 |   <ItemGroup Condition="'$(TargetFramework)' == 'net9.0'">
109 |     <PackageReference Include="System.Text.Json" Version="9.0.4" />
110 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="9.0.4" />
111 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="9.0.4" />
112 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.4" />
113 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="9.0.0">
114 |       <PrivateAssets>all</PrivateAssets>
115 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
116 |     </PackageReference>
117 |   </ItemGroup>
118 | 
119 |   <PropertyGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
120 |     <AssemblyTitle>VaultSharp configuration extensions .NET Standard 2.0</AssemblyTitle>
121 |   </PropertyGroup>
122 | 
123 |   <PropertyGroup Condition="'$(TargetFramework)' == 'netstandard2.1'">
124 |     <AssemblyTitle>VaultSharp configuration extensions .NET Standard 2.1</AssemblyTitle>
125 |   </PropertyGroup>
126 | 
127 |   <PropertyGroup Condition="'$(TargetFramework)'=='net6.0'">
128 |     <AssemblyTitle>VaultSharp configuration extensions .NET 6</AssemblyTitle>
129 |   </PropertyGroup>
130 | 
131 |   <PropertyGroup Condition="'$(TargetFramework)'=='net7.0'">
132 |     <AssemblyTitle>VaultSharp configuration extensions .NET 7</AssemblyTitle>
133 |   </PropertyGroup>
134 | 
135 |   <PropertyGroup Condition="'$(TargetFramework)'=='net8.0'">
136 |     <AssemblyTitle>VaultSharp configuration extensions .NET 8</AssemblyTitle>
137 |   </PropertyGroup>
138 | 
139 |   <PropertyGroup Condition="'$(TargetFramework)'=='net9.0'">
140 |     <AssemblyTitle>VaultSharp configuration extensions .NET 9</AssemblyTitle>
141 |   </PropertyGroup>
142 | 
143 |   <PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Debug|net6.0|AnyCPU'">
144 |     <WarningLevel>5</WarningLevel>
145 |   </PropertyGroup>
146 | 
147 |   <PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Release|net6.0|AnyCPU'">
148 |     <WarningLevel>5</WarningLevel>
149 |   </PropertyGroup>
150 | 
151 | </Project>
152 | 


--------------------------------------------------------------------------------
/Tests/.editorconfig:
--------------------------------------------------------------------------------
 1 | ##########################################
 2 | # StyleCop
 3 | ##########################################
 4 | 
 5 | [*]
 6 | # SA0001: XML comment analysis is disabled due to project configuration
 7 | # Justification: Comments turned off
 8 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA0001.md
 9 | dotnet_diagnostic.SA0001.severity = none
10 | 
11 | [*.cs]
12 | # SA1600: A C# code element is missing a documentation header.
13 | # Justification: Comments turned off
14 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1600.md
15 | dotnet_diagnostic.SA1600.severity = none
16 | 
17 | # SA1601: A C# partial element is missing a documentation header.
18 | # Justification: Comments turned off
19 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1601.md
20 | dotnet_diagnostic.SA1601.severity = none
21 | 
22 | # SA1602: An item within a C# enumeration is missing an XML documentation header.
23 | # Justification: Comments turned off
24 | # https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1602.md
25 | dotnet_diagnostic.SA1602.severity = none
26 | 
27 | ##########################################
28 | # Custom
29 | ##########################################
30 | 
31 | [*.cs]
32 | # CA1062: Validate arguments of public methods
33 | # Justification: xUnit Theory method parameters don't need to be validated
34 | # https://docs.microsoft.com/en-us/visualstudio/code-quality/ca1062
35 | dotnet_diagnostic.CA1062.severity = none
36 | 
37 | # CA1707: Identifiers should not contain underscores
38 | # Justification: Test method names contain underscores
39 | # https://docs.microsoft.com/en-us/visualstudio/code-quality/ca1707
40 | dotnet_diagnostic.CA1707.severity = none
41 | 


--------------------------------------------------------------------------------
/Tests/Directory.Build.props:
--------------------------------------------------------------------------------
1 | <Project>
2 | 
3 |   <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
4 | </Project>
5 | 


--------------------------------------------------------------------------------
/Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs:
--------------------------------------------------------------------------------
  1 | namespace VaultSharp.Extensions.Configuration.Test
  2 | {
  3 |     using System;
  4 |     using System.Collections.Generic;
  5 |     using System.IO;
  6 |     using System.Net;
  7 |     using System.Net.Http;
  8 |     using System.Threading;
  9 |     using System.Threading.Tasks;
 10 |     using DotNet.Testcontainers.Builders;
 11 |     using DotNet.Testcontainers.Containers;
 12 |     using FluentAssertions;
 13 |     using Microsoft.Extensions.Configuration;
 14 |     using Microsoft.Extensions.Logging;
 15 |     using Moq;
 16 |     using Serilog;
 17 |     using Serilog.Extensions.Logging;
 18 |     using VaultSharp.Core;
 19 |     using VaultSharp.V1.AuthMethods;
 20 |     using VaultSharp.V1.AuthMethods.AppRole;
 21 |     using VaultSharp.V1.AuthMethods.Token;
 22 |     using Xunit;
 23 |     using ILogger = Microsoft.Extensions.Logging.ILogger;
 24 | 
 25 |     [CollectionDefinition("VaultSharp.Extensions.Configuration.Tests", DisableParallelization = true)]
 26 |     public partial class IntegrationTests
 27 |     {
 28 |         private readonly ILogger logger;
 29 | 
 30 |         public IntegrationTests()
 31 |         {
 32 |             Log.Logger = new LoggerConfiguration()
 33 |                 .MinimumLevel.Debug()
 34 |                 .WriteTo.Console()
 35 |                 .CreateLogger();
 36 |             this.logger = new SerilogLoggerProvider(Log.Logger).CreateLogger(nameof(IntegrationTests));
 37 |         }
 38 | 
 39 |         private IContainer PrepareVaultContainer(bool enableSSL = false, string? script = null, string tokenId = "root")
 40 |         {
 41 |             var builder = new ContainerBuilder()
 42 |                 .WithImage("vault:1.13.3")
 43 |                 .WithName("vaultsharptest_"+Guid.NewGuid().ToString().Substring(0,8))
 44 |                 .WithPortBinding(8200, 8200)
 45 |                 .WithWaitStrategy(Wait.ForUnixContainer().UntilPortIsAvailable(8200))
 46 |                 .WithEnvironment("VAULT_UI", "true")
 47 |                 .WithEnvironment("VAULT_DEV_ROOT_TOKEN_ID", tokenId)
 48 |                 .WithEnvironment("VAULT_DEV_LISTEN_ADDRESS", "0.0.0.0:8200");
 49 | 
 50 |             if (enableSSL)
 51 |             {
 52 |                 // docker run -p 8200:8200 -v "${PWD}/certs:/tmp/certs" vault server -dev-tls=true -dev-tls-cert-dir=tmp/certs
 53 |                 builder = builder.WithCommand(new[] { "server", "-dev-tls=true" });
 54 |             }
 55 | 
 56 |             if (!string.IsNullOrEmpty(script))
 57 |             {
 58 |                 var appRoleScript = Path.Combine(Environment.CurrentDirectory, script);
 59 |                 builder = builder
 60 |                     .WithBindMount(appRoleScript, "/tmp/script.sh");
 61 |             }
 62 | 
 63 |             return builder.Build();
 64 |         }
 65 | 
 66 |         private async Task LoadDataAsync(string server, Dictionary<string, IEnumerable<KeyValuePair<string, object>>> values)
 67 |         {
 68 |             var authMethod = new TokenAuthMethodInfo("root");
 69 | 
 70 |             var vaultClientSettings = new VaultClientSettings(server, authMethod)
 71 |             {
 72 |                 SecretsEngineMountPoints = { KeyValueV2 = "secret" },
 73 |                 PostProcessHttpClientHandlerAction = handler =>
 74 |                 {
 75 |                     if (handler is HttpClientHandler clientHandler)
 76 |                     {
 77 |                         clientHandler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
 78 |                     }
 79 |                 }
 80 |             };
 81 |             IVaultClient vaultClient = new VaultClient(vaultClientSettings);
 82 | 
 83 |             foreach (var sectionPair in values)
 84 |             {
 85 |                 var data = new Dictionary<string, object>();
 86 |                 foreach (var pair in sectionPair.Value)
 87 |                 {
 88 |                     data.Add(pair.Key, pair.Value);
 89 |                 }
 90 | 
 91 |                 await vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(sectionPair.Key, data);
 92 |             }
 93 |         }
 94 | 
 95 |         private async Task<(string RoleId, string SecretId)> GetAppRoleCreds(string roleName)
 96 |         {
 97 |             var authMethod = new TokenAuthMethodInfo("root");
 98 | 
 99 |             var vaultClientSettings = new VaultClientSettings("http://localhost:8200", authMethod) { SecretsEngineMountPoints = { KeyValueV2 = "secret" } };
100 |             IVaultClient vaultClient = new VaultClient(vaultClientSettings);
101 | 
102 |             var roleId = await vaultClient.V1.Auth.AppRole.GetRoleIdAsync(roleName);
103 |             var secretId = await vaultClient.V1.Auth.AppRole.PullNewSecretIdAsync(roleName);
104 |             return (RoleId: roleId.Data.RoleId, SecretId: secretId.Data.SecretId);
105 |         }
106 | 
107 | 
108 |         [Fact]
109 |         public async Task Success_SimpleTest_TokenAuth()
110 |         {
111 |             // arrange
112 |             var values =
113 |                 new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
114 |                 {
115 |                     {
116 |                         "test", new[]
117 |                         {
118 |                             new KeyValuePair<string, object>("option1", "value1"),
119 |                             new KeyValuePair<string, object>("option3", 5),
120 |                             new KeyValuePair<string, object>("option4", true),
121 |                             new KeyValuePair<string, object>("option5", new[] { "v1", "v2", "v3" }),
122 |                             new KeyValuePair<string, object>(
123 |                                 "option6",
124 |                                 new[]
125 |                                 {
126 |                                     new TestConfigObject() {OptionA = "a1", OptionB = "b1"},
127 |                                     new TestConfigObject() {OptionA = "a2", OptionB = "b2"},
128 |                                 }),
129 |                         }
130 |                     },
131 |                     {
132 |                         "test/subsection", new[]
133 |                         {
134 |                             new KeyValuePair<string, object>("option2", "value2"),
135 |                         }
136 |                     },
137 |                     {
138 |                         "test/otherSubsection.otherSubsection2/otherSubsection3.otherSubsection4.otherSubsection5", new[]
139 |                         {
140 |                             new KeyValuePair<string, object>("option7", "value7"),
141 |                         }
142 |                     },
143 |                     {
144 |                         "test/subsection/testsection", new[]
145 |                         {
146 |                             new KeyValuePair<string, object>("option8", "value8"),
147 |                         }
148 |                     },
149 |                 };
150 | 
151 |             var container = this.PrepareVaultContainer();
152 |             try
153 |             {
154 |                 await container.StartAsync();
155 |                 await this.LoadDataAsync("http://localhost:8200", values);
156 | 
157 |                 // act
158 |                 var builder = new ConfigurationBuilder();
159 |                 builder.AddVaultConfiguration(
160 |                     () => new VaultOptions("http://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }),
161 |                     "test",
162 |                     "secret",
163 |                     this.logger);
164 |                 var configurationRoot = builder.Build();
165 | 
166 |                 // assert
167 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
168 |                 configurationRoot.GetValue<int>("option3").Should().Be(5);
169 |                 configurationRoot.GetValue<bool>("option4").Should().Be(true);
170 |                 configurationRoot.GetValue<string>("option5:0").Should().Be("v1");
171 |                 configurationRoot.GetValue<string>("option5:1").Should().Be("v2");
172 |                 configurationRoot.GetValue<string>("option5:2").Should().Be("v3");
173 |                 var t1 = new TestConfigObject();
174 |                 configurationRoot.Bind("option6:0", t1);
175 |                 t1.OptionA.Should().Be("a1");
176 |                 t1.OptionB.Should().Be("b1");
177 |                 var t2 = new TestConfigObject();
178 |                 configurationRoot.Bind("option6:1", t2);
179 |                 t2.OptionA.Should().Be("a2");
180 |                 t2.OptionB.Should().Be("b2");
181 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
182 |                 configurationRoot.GetSection("otherSubsection")
183 |                     .GetSection("otherSubsection2")
184 |                     .GetSection("otherSubsection3")
185 |                     .GetSection("otherSubsection4")
186 |                     .GetSection("otherSubsection5")
187 |                     .GetValue<string>("option7").Should().Be("value7");
188 |                 configurationRoot.GetSection("subsection").GetSection("testsection").GetValue<string>("option8").Should().Be("value8");
189 |             }
190 |             finally
191 |             {
192 |                 await container.DisposeAsync();
193 |             }
194 |         }
195 | 
196 |          [Fact]
197 |         public async Task Success_SimpleTestWithKeyPrefix_TokenAuth()
198 |         {
199 |             // arrange
200 |             var values =
201 |                 new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
202 |                 {
203 |                     {
204 |                         "test", new[]
205 |                         {
206 |                             new KeyValuePair<string, object>("option1", "value1"),
207 |                             new KeyValuePair<string, object>("option3", 5),
208 |                             new KeyValuePair<string, object>("option4", true),
209 |                             new KeyValuePair<string, object>("option5", new[] { "v1", "v2", "v3" }),
210 |                             new KeyValuePair<string, object>(
211 |                                 "option6",
212 |                                 new[]
213 |                                 {
214 |                                     new TestConfigObject() {OptionA = "a1", OptionB = "b1"},
215 |                                     new TestConfigObject() {OptionA = "a2", OptionB = "b2"},
216 |                                 }),
217 |                         }
218 |                     },
219 |                     {
220 |                         "test/subsection", new[]
221 |                         {
222 |                             new KeyValuePair<string, object>("option2", "value2"),
223 |                         }
224 |                     },
225 |                     {
226 |                         "test/otherSubsection.otherSubsection2/otherSubsection3.otherSubsection4.otherSubsection5", new[]
227 |                         {
228 |                             new KeyValuePair<string, object>("option7", "value7"),
229 |                         }
230 |                     },
231 |                     {
232 |                         "test/otherSubsection__otherSubsection2/otherSubsection3__otherSubsection4__otherSubsection6", new[]
233 |                         {
234 |                             new KeyValuePair<string, object>("option9", "value9"),
235 |                         }
236 |                     },
237 |                     {
238 |                         "test/subsection/testsection", new[]
239 |                         {
240 |                             new KeyValuePair<string, object>("option8", "value8"),
241 |                         }
242 |                     },
243 |                 };
244 | 
245 |             var container = this.PrepareVaultContainer();
246 |             try
247 |             {
248 |                 await container.StartAsync();
249 |                 await this.LoadDataAsync("http://localhost:8200", values);
250 | 
251 |                 // act
252 |                 var builder = new ConfigurationBuilder();
253 | 
254 |                 var keyPrefix = "MyConfig";
255 |                 builder.AddVaultConfiguration(
256 |                     () => new VaultOptions("http://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, additionalStringsForConfigurationPath: ["__"], keyPrefix: keyPrefix),
257 |                     "test",
258 |                     "secret",
259 |                     this.logger);
260 |                 var configurationRoot = builder.Build();
261 | 
262 |                 // assert
263 |                 configurationRoot.GetValue<string>($"{keyPrefix}:option1").Should().Be("value1");
264 |                 configurationRoot.GetValue<int>($"{keyPrefix}:option3").Should().Be(5);
265 |                 configurationRoot.GetValue<bool>($"{keyPrefix}:option4").Should().Be(true);
266 |                 configurationRoot.GetValue<string>($"{keyPrefix}:option5:0").Should().Be("v1");
267 |                 configurationRoot.GetValue<string>($"{keyPrefix}:option5:1").Should().Be("v2");
268 |                 configurationRoot.GetValue<string>($"{keyPrefix}:option5:2").Should().Be("v3");
269 |                 var t1 = new TestConfigObject();
270 |                 configurationRoot.Bind($"{keyPrefix}:option6:0", t1);
271 |                 t1.OptionA.Should().Be("a1");
272 |                 t1.OptionB.Should().Be("b1");
273 |                 var t2 = new TestConfigObject();
274 |                 configurationRoot.Bind($"{keyPrefix}:option6:1", t2);
275 |                 t2.OptionA.Should().Be("a2");
276 |                 t2.OptionB.Should().Be("b2");
277 |                 configurationRoot.GetSection($"{keyPrefix}:subsection").GetValue<string>("option2").Should().Be("value2");
278 |                 configurationRoot.GetSection($"{keyPrefix}:otherSubsection")
279 |                     .GetSection("otherSubsection2")
280 |                     .GetSection("otherSubsection3")
281 |                     .GetSection("otherSubsection4")
282 |                     .GetSection("otherSubsection5")
283 |                     .GetValue<string>("option7").Should().Be("value7");
284 |                 configurationRoot.GetSection($"{keyPrefix}:otherSubsection")
285 |                     .GetSection("otherSubsection2")
286 |                     .GetSection("otherSubsection3")
287 |                     .GetSection("otherSubsection4")
288 |                     .GetSection("otherSubsection6")
289 |                     .GetValue<string>("option9").Should().Be("value9");
290 |                 configurationRoot.GetSection($"{keyPrefix}:subsection").GetSection("testsection").GetValue<string>("option8").Should().Be("value8");
291 |             }
292 |             finally
293 |             {
294 |                 await container.DisposeAsync();
295 |             }
296 |         }
297 | 
298 | 
299 |         [Fact]
300 |         public async Task Success_SimpleTestOmitVaultKey_TokenAuth()
301 |         {
302 |             var values =
303 |                new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
304 |                {
305 |                     {
306 |                         "myservice-config", new[]
307 |                         {
308 |                             new KeyValuePair<string, object>("option1", "value1"),
309 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
310 |                         }
311 |                     },
312 |                };
313 | 
314 |             var container = this.PrepareVaultContainer();
315 |             try
316 |             {
317 |                 await container.StartAsync();
318 |                 await this.LoadDataAsync("http://localhost:8200", values);
319 | 
320 |                 // act
321 |                 var builder = new ConfigurationBuilder();
322 |                 builder.AddVaultConfiguration(
323 |                     () => new VaultOptions("http://localhost:8200", "root", omitVaultKeyName: true),
324 |                     "myservice-config",
325 |                     "secret",
326 |                     this.logger);
327 |                 var configurationRoot = builder.Build();
328 | 
329 |                 // assert
330 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
331 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
332 |             }
333 |             finally
334 |             {
335 |                 await container.DisposeAsync();
336 |             }
337 |         }
338 | 
339 |         [Fact]
340 |         public async Task Success_WatcherTest_TokenAuth()
341 |         {
342 |             // arrange
343 |             using var cts = new CancellationTokenSource();
344 | 
345 |             var values =
346 |                 new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
347 |                 {
348 |                     { "test", new[] { new KeyValuePair<string, object>("option1", "value1") } },
349 |                     { "test/subsection", new[] { new KeyValuePair<string, object>("option2", "value2") } },
350 |                 };
351 | 
352 |             var container = this.PrepareVaultContainer();
353 |             try
354 |             {
355 |                 await container.StartAsync();
356 |                 await this.LoadDataAsync("http://localhost:8200", values);
357 | 
358 | 
359 |                 // act
360 |                 var builder = new ConfigurationBuilder();
361 |                 builder.AddVaultConfiguration(
362 |                     () => new VaultOptions("http://localhost:8200", "root", reloadOnChange: true, reloadCheckIntervalSeconds: 10),
363 |                     "test",
364 |                     "secret",
365 |                     this.logger);
366 |                 var configurationRoot = builder.Build();
367 |                 var changeWatcher = new VaultChangeWatcher(configurationRoot, this.logger);
368 |                 await changeWatcher.StartAsync(cts.Token);
369 |                 var reloadToken = configurationRoot.GetReloadToken();
370 | 
371 |                 // assert
372 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
373 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
374 |                 reloadToken.HasChanged.Should().BeFalse();
375 | 
376 |                 // load new data and wait for reload
377 |                 values = new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
378 |                 {
379 |                     { "test", new[] { new KeyValuePair<string, object>("option1", "value1_new") } },
380 |                     { "test/subsection", new[] { new KeyValuePair<string, object>("option2", "value2_new") } },
381 |                     { "test/subsection3", new[] { new KeyValuePair<string, object>("option3", "value3_new") } },
382 |                     { "test/testsection", new[] { new KeyValuePair<string, object>("option4", "value4_new") } },
383 |                 };
384 |                 await this.LoadDataAsync("http://localhost:8200", values);
385 |                 await Task.Delay(TimeSpan.FromSeconds(15), cts.Token).ConfigureAwait(true);
386 | 
387 |                 reloadToken.HasChanged.Should().BeTrue();
388 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1_new");
389 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2_new");
390 |                 configurationRoot.GetSection("subsection3").GetValue<string>("option3").Should().Be("value3_new");
391 |                 configurationRoot.GetSection("testsection").GetValue<string>("option4").Should().Be("value4_new");
392 | 
393 |                 changeWatcher.Dispose();
394 |             }
395 |             finally
396 |             {
397 |                 await cts.CancelAsync();
398 |                 await container.DisposeAsync();
399 |             }
400 |         }
401 | 
402 |          [Fact]
403 |         public async Task Success_WatcherTestWithPrefix_TokenAuth()
404 |         {
405 |             // arrange
406 |             using var cts = new CancellationTokenSource();
407 | 
408 |             var values =
409 |                 new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
410 |                 {
411 |                     { "test", new[] { new KeyValuePair<string, object>("option1", "value1") } },
412 |                     { "test/subsection", new[] { new KeyValuePair<string, object>("option2", "value2") } },
413 |                 };
414 | 
415 |             var container = this.PrepareVaultContainer();
416 |             try
417 |             {
418 |                 await container.StartAsync();
419 |                 await this.LoadDataAsync("http://localhost:8200", values);
420 | 
421 |                 var testPrefix = "MyConfig";
422 | 
423 |                 // act
424 |                 var builder = new ConfigurationBuilder();
425 |                 builder.AddVaultConfiguration(
426 |                     () => new VaultOptions("http://localhost:8200", "root", reloadOnChange: true, reloadCheckIntervalSeconds: 10, keyPrefix: testPrefix),
427 |                     "test",
428 |                     "secret",
429 |                     this.logger);
430 |                 var configurationRoot = builder.Build();
431 |                 var changeWatcher = new VaultChangeWatcher(configurationRoot, this.logger);
432 |                 await changeWatcher.StartAsync(cts.Token);
433 |                 var reloadToken = configurationRoot.GetReloadToken();
434 | 
435 |                 // assert
436 |                 configurationRoot.GetValue<string>($"{testPrefix}:option1").Should().Be("value1");
437 |                 configurationRoot.GetSection($"{testPrefix}:subsection").GetValue<string>("option2").Should().Be("value2");
438 |                 reloadToken.HasChanged.Should().BeFalse();
439 | 
440 |                 // load new data and wait for reload
441 |                 values = new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
442 |                 {
443 |                     { "test", new[] { new KeyValuePair<string, object>("option1", "value1_new") } },
444 |                     { "test/subsection", new[] { new KeyValuePair<string, object>("option2", "value2_new") } },
445 |                     { "test/subsection3", new[] { new KeyValuePair<string, object>("option3", "value3_new") } },
446 |                     { "test/testsection", new[] { new KeyValuePair<string, object>("option4", "value4_new") } },
447 |                 };
448 |                 await this.LoadDataAsync("http://localhost:8200", values);
449 |                 await Task.Delay(TimeSpan.FromSeconds(15), cts.Token).ConfigureAwait(true);
450 | 
451 |                 reloadToken.HasChanged.Should().BeTrue();
452 |                 configurationRoot.GetValue<string>($"{testPrefix}:option1").Should().Be("value1_new");
453 |                 configurationRoot.GetSection($"{testPrefix}:subsection").GetValue<string>("option2").Should().Be("value2_new");
454 |                 configurationRoot.GetSection($"{testPrefix}:subsection3").GetValue<string>("option3").Should().Be("value3_new");
455 |                 configurationRoot.GetSection($"{testPrefix}:testsection").GetValue<string>("option4").Should().Be("value4_new");
456 | 
457 |                 changeWatcher.Dispose();
458 |             }
459 |             finally
460 |             {
461 |                 await cts.CancelAsync();
462 |                 await container.DisposeAsync();
463 |             }
464 |         }
465 | 
466 |         [Fact]
467 |         public async Task Success_WatcherTest_NoChanges()
468 |         {
469 |             // arrange
470 |             using var cts = new CancellationTokenSource();
471 | 
472 |             var values =
473 |                 new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
474 |                 {
475 |                     { "test", new[] { new KeyValuePair<string, object>("option1", "value1") } },
476 |                     { "test/subsection", new[] { new KeyValuePair<string, object>("option2", "value2") } },
477 |                 };
478 | 
479 |             var container = this.PrepareVaultContainer();
480 |             try
481 |             {
482 |                 await container.StartAsync();
483 |                 await this.LoadDataAsync("http://localhost:8200", values);
484 | 
485 | 
486 |                 // act
487 |                 var builder = new ConfigurationBuilder();
488 |                 builder.AddVaultConfiguration(
489 |                     () => new VaultOptions("http://localhost:8200", "root", reloadOnChange: true, reloadCheckIntervalSeconds: 10),
490 |                     "test",
491 |                     "secret",
492 |                     this.logger);
493 |                 var configurationRoot = builder.Build();
494 |                 var changeWatcher = new VaultChangeWatcher(configurationRoot, this.logger);
495 |                 await changeWatcher.StartAsync(cts.Token);
496 |                 var reloadToken = configurationRoot.GetReloadToken();
497 | 
498 |                 // assert
499 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
500 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
501 |                 reloadToken.HasChanged.Should().BeFalse();
502 | 
503 |                 // load new data and wait for reload
504 |                 //await this.LoadDataAsync(values);
505 |                 await Task.Delay(TimeSpan.FromSeconds(20), cts.Token).ConfigureAwait(true);
506 | 
507 |                 reloadToken.HasChanged.Should().BeFalse();
508 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
509 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
510 | 
511 |                 changeWatcher.Dispose();
512 |             }
513 |             finally
514 |             {
515 |                 await cts.CancelAsync();
516 |                 await container.DisposeAsync();
517 |             }
518 |         }
519 | 
520 |         [Fact]
521 |         public async Task Success_WatcherTest_OmitVaultKey_TokenAuth()
522 |         {
523 |             // arrange
524 |             using var cts = new CancellationTokenSource();
525 |             var values =
526 |              new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
527 |              {
528 |                     {
529 |                         "myservice-config", new[]
530 |                         {
531 |                             new KeyValuePair<string, object>("option1", "value1"),
532 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
533 |                         }
534 |                     },
535 |              };
536 | 
537 |             var container = this.PrepareVaultContainer();
538 |             try
539 |             {
540 |                 await container.StartAsync(cts.Token);
541 |                 await this.LoadDataAsync("http://localhost:8200", values);
542 | 
543 | 
544 |                 // act
545 |                 var builder = new ConfigurationBuilder();
546 |                 builder.AddVaultConfiguration(
547 |                     () => new VaultOptions("http://localhost:8200", "root", reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true),
548 |                     "myservice-config",
549 |                     "secret",
550 |                     this.logger);
551 |                 var configurationRoot = builder.Build();
552 |                 var changeWatcher = new VaultChangeWatcher(configurationRoot, this.logger);
553 |                 await changeWatcher.StartAsync(cts.Token);
554 |                 var reloadToken = configurationRoot.GetReloadToken();
555 | 
556 |                 // assert
557 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
558 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
559 |                 reloadToken.HasChanged.Should().BeFalse();
560 | 
561 |                 // load new data and wait for reload
562 |                 values =
563 |                  new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
564 |                  {
565 |                         {
566 |                             "myservice-config", new[]
567 |                             {
568 |                                 new KeyValuePair<string, object>("option1", "value1_new"),
569 |                                 new KeyValuePair<string, object>("subsection", new {option2 = "value2_new"}),
570 |                                 new KeyValuePair<string, object>("subsection3", new {option3 = "value3_new"}),
571 |                             }
572 |                         },
573 |                  };
574 | 
575 |                 await this.LoadDataAsync("http://localhost:8200", values);
576 |                 await Task.Delay(TimeSpan.FromSeconds(15), cts.Token).ConfigureAwait(true);
577 | 
578 |                 reloadToken.HasChanged.Should().BeTrue();
579 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1_new");
580 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2_new");
581 |                 configurationRoot.GetSection("subsection3").GetValue<string>("option3").Should().Be("value3_new");
582 | 
583 |                 changeWatcher.Dispose();
584 |             }
585 |             finally
586 |             {
587 |                 await cts.CancelAsync();
588 |                 await container.DisposeAsync();
589 |             }
590 |         }
591 | 
592 |         [Fact]
593 |         public async Task Success_TokenAuthMethod()
594 |         {
595 |             // arrange
596 |             using var cts = new CancellationTokenSource();
597 |             var values =
598 |               new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
599 |               {
600 |                     {
601 |                         "myservice-config", new[]
602 |                         {
603 |                             new KeyValuePair<string, object>("option1", "value1"),
604 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
605 |                         }
606 |                     },
607 |               };
608 | 
609 |             var container = this.PrepareVaultContainer();
610 |             try
611 |             {
612 |                 await container.StartAsync(cts.Token);
613 |                 await this.LoadDataAsync("http://localhost:8200", values);
614 | 
615 |                 // act
616 |                 var builder = new ConfigurationBuilder();
617 |                 builder.AddVaultConfiguration(
618 |                     () => new VaultOptions("http://localhost:8200", new TokenAuthMethodInfo("root"), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true),
619 |                     "myservice-config",
620 |                     "secret",
621 |                     this.logger);
622 |                 var configurationRoot = builder.Build();
623 | 
624 |                 // assert
625 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
626 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
627 |             }
628 |             finally
629 |             {
630 |                 await cts.CancelAsync();
631 |                 await container.DisposeAsync();
632 |             }
633 |         }
634 | 
635 |         [Fact]
636 |         public async Task Success_AppRoleAuthMethod()
637 |         {
638 |             // arrange
639 |             using var cts = new CancellationTokenSource();
640 |             var values =
641 |              new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
642 |              {
643 |                     {
644 |                         "myservice-config", new[]
645 |                         {
646 |                             new KeyValuePair<string, object>("option1", "value1"),
647 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
648 |                         }
649 |                     },
650 |              };
651 | 
652 |             var container = this.PrepareVaultContainer(script: "approle.sh");
653 |             try
654 |             {
655 |                 await container.StartAsync(cts.Token);
656 |                 var execResult = await container.ExecAsync(new[] { "/tmp/script.sh" });
657 |                 if (execResult.ExitCode != 0)
658 |                 {
659 |                     var msg = execResult.Stdout + Environment.NewLine + execResult.Stderr;
660 |                     throw new Exception(msg);
661 |                 }
662 |                 var (RoleId, SecretId) = await this.GetAppRoleCreds("test-role");
663 |                 await this.LoadDataAsync("http://localhost:8200", values);
664 | 
665 |                 // act
666 |                 var builder = new ConfigurationBuilder();
667 |                 builder.AddVaultConfiguration(
668 |                     () => new VaultOptions("http://localhost:8200", new AppRoleAuthMethodInfo(RoleId, SecretId), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true),
669 |                     "myservice-config",
670 |                     "secret",
671 |                     this.logger);
672 |                 var configurationRoot = builder.Build();
673 | 
674 |                 // assert
675 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
676 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
677 |             }
678 |             finally
679 |             {
680 |                 await cts.CancelAsync();
681 |                 await container.DisposeAsync();
682 |             }
683 |         }
684 | 
685 |         [Fact]
686 |         public async Task Success_AppRoleAuthMethodNoListPermissions()
687 |         {
688 |             // arrange
689 |             using var cts = new CancellationTokenSource();
690 |             var values =
691 |              new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
692 |              {
693 |                     {
694 |                         "myservice-config", new[]
695 |                         {
696 |                             new KeyValuePair<string, object>("option1", "value1"),
697 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
698 |                         }
699 |                     },
700 |              };
701 | 
702 |             var container = this.PrepareVaultContainer(script: "approle_nolist.sh");
703 |             try
704 |             {
705 |                 await container.StartAsync(cts.Token);
706 |                 var execResult = await container.ExecAsync(new[] { "/tmp/script.sh" });
707 |                 if (execResult.ExitCode != 0)
708 |                 {
709 |                     var msg = execResult.Stdout + Environment.NewLine + execResult.Stderr;
710 |                     throw new Exception(msg);
711 |                 }
712 |                 var (RoleId, SecretId) = await this.GetAppRoleCreds("test-role");
713 |                 await this.LoadDataAsync("http://localhost:8200", values);
714 | 
715 |                 // act
716 |                 var builder = new ConfigurationBuilder();
717 |                 builder.AddVaultConfiguration(
718 |                     () => new VaultOptions("http://localhost:8200", new AppRoleAuthMethodInfo(RoleId, SecretId), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true, alwaysAddTrailingSlashToBasePath: false),
719 |                     "myservice-config",
720 |                     "secret",
721 |                     this.logger);
722 |                 var configurationRoot = builder.Build();
723 | 
724 |                 // assert
725 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
726 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
727 |             }
728 |             finally
729 |             {
730 |                 await cts.CancelAsync();
731 |                 await container.DisposeAsync();
732 |             }
733 |         }
734 | 
735 | 
736 |         [Fact]
737 |         public async Task Failure_PermissionDenied()
738 |         {
739 |             // arrange
740 |             using var cts = new CancellationTokenSource();
741 |             var values =
742 |               new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
743 |               {
744 |                     {
745 |                         "myservice-config", new[]
746 |                         {
747 |                             new KeyValuePair<string, object>("option1", "value1"),
748 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
749 |                         }
750 |                     },
751 |               };
752 |             var loggerMock = new Mock<ILogger<IntegrationTests>>();
753 |             var container = this.PrepareVaultContainer();
754 |             try
755 |             {
756 |                 await container.StartAsync(cts.Token);
757 |                 await this.LoadDataAsync("http://localhost:8200", values);
758 | 
759 |                 // act
760 |                 var builder = new ConfigurationBuilder();
761 |                 builder.AddVaultConfiguration(
762 |                     () => new VaultOptions("http://localhost:8200", new TokenAuthMethodInfo("NON VALID TOKEN"), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true),
763 |                     "myservice-config",
764 |                     "secret",
765 |                     loggerMock.Object);
766 |                 Action act = () => builder.Build();
767 |                 act.Should().Throw<VaultApiException>().And.HttpStatusCode.Should().Be(HttpStatusCode.Forbidden);
768 | 
769 |             }
770 |             finally
771 |             {
772 |                 await cts.CancelAsync();
773 |                 await container.DisposeAsync();
774 |             }
775 | 
776 |             // assert
777 |             loggerMock.Verify(
778 |                 x => x.Log(
779 |                     It.Is<LogLevel>(l => l == LogLevel.Error),
780 |                     It.IsAny<EventId>(),
781 |                     It.Is<It.IsAnyType>((v, t) => v.ToString() == "Cannot load configuration from Vault"),
782 |                     It.Is<VaultApiException>(exception => exception.HttpStatusCode == HttpStatusCode.Forbidden),
783 |                     It.Is<Func<It.IsAnyType, Exception?, string>>((v, t) => true)), Times.Once);
784 | 
785 |         }
786 | 
787 |         [Fact]
788 |         public async Task Success_Proxy_Verify_Custom_Hook_Invoked()
789 |         {
790 |             // arrange
791 |             using CancellationTokenSource cts = new CancellationTokenSource();
792 |             var values =
793 |               new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
794 |               {
795 |                     {
796 |                         "myservice-config", new[]
797 |                         {
798 |                             new KeyValuePair<string, object>("option1", "value1"),
799 |                             new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
800 |                         }
801 |                     },
802 |               };
803 | 
804 |             var container = this.PrepareVaultContainer();
805 |             try
806 |             {
807 |                 await container.StartAsync(cts.Token);
808 |                 await this.LoadDataAsync("http://localhost:8200", values);
809 | 
810 |                 // Moq mock of PostProcessHttpClientHandlerAction implementation:
811 |                 var mockConfigureProxyAction = new Mock<Action<HttpMessageHandler>>();
812 | 
813 |                 // act
814 |                 ConfigurationBuilder builder = new ConfigurationBuilder();
815 |                 builder.AddVaultConfiguration(
816 |                     () => new VaultOptions("http://localhost:8200", new TokenAuthMethodInfo("root"), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true)
817 |                     {
818 |                         PostProcessHttpClientHandlerAction = mockConfigureProxyAction.Object
819 |                     },
820 |                     "myservice-config",
821 |                     "secret",
822 |                     this.logger);
823 |                 var configurationRoot = builder.Build();
824 | 
825 |                 // assert secrets were loaded successfully:
826 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
827 |                 configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");
828 | 
829 |                 // assert that PostProcessHttpClientHandlerAction was actually invoked, and a HttpMessageHandler was passed:
830 |                 mockConfigureProxyAction.Verify(x => x(It.IsAny<HttpMessageHandler>()), Times.Once);
831 |             }
832 |             finally
833 |             {
834 |                 cts.Cancel();
835 |                 await container.DisposeAsync();
836 |             }
837 |         }
838 | 
839 |         [Fact(Skip = "vault-proxy required")]
840 |         public async Task Success_TokenNoAuthMethod()
841 |         {
842 |             // arrange
843 |             using CancellationTokenSource cts = new CancellationTokenSource();
844 |             var values =
845 |               new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
846 |               {
847 |                     {
848 |                         "myservice-config", new[]
849 |                         {
850 |                             new KeyValuePair<string, object>("option1", "value1")
851 |                         }
852 |                     },
853 |               };
854 | 
855 |             var container = this.PrepareVaultContainer(tokenId: "");
856 |             try
857 |             {
858 |                 await container.StartAsync(cts.Token).ConfigureAwait(false);
859 |                 await this.LoadDataAsync("http://localhost:8200", values).ConfigureAwait(false);
860 | 
861 |                 // Moq mock of PostProcessHttpClientHandlerAction implementation:
862 |                 var mockConfigureProxyAction = new Mock<Action<HttpMessageHandler>>();
863 | 
864 |                 // act
865 |                 ConfigurationBuilder builder = new ConfigurationBuilder();
866 |                 builder.AddVaultConfiguration(
867 |                     () => new VaultOptions("http://localhost:8200", (IAuthMethodInfo)null!)
868 |                     {
869 |                         PostProcessHttpClientHandlerAction = mockConfigureProxyAction.Object
870 |                     },
871 |                     "myservice-config",
872 |                     "secret",
873 |                     this.logger);
874 |                 var configurationRoot = builder.Build();
875 | 
876 |                 // assert secrets were loaded successfully:
877 |                 configurationRoot.GetValue<string>("option1").Should().Be("value1");
878 | 
879 |                 // assert that PostProcessHttpClientHandlerAction was actually invoked, and a HttpMessageHandler was passed:
880 |                 mockConfigureProxyAction.Verify(x => x(It.IsAny<HttpMessageHandler>()), Times.Once);
881 |             }
882 |             finally
883 |             {
884 |                 cts.Cancel();
885 |                 await container.DisposeAsync().ConfigureAwait(false);
886 |             }
887 |         }
888 |     }
889 | 
890 |     public class TestConfigObject
891 |     {
892 |         public string OptionA { get; set; }
893 | 
894 |         public string OptionB { get; set; }
895 |     }
896 | }
897 | 


--------------------------------------------------------------------------------
/Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests_SSL.cs:
--------------------------------------------------------------------------------
  1 | namespace VaultSharp.Extensions.Configuration.Test;
  2 | 
  3 | using System;
  4 | using System.Collections.Generic;
  5 | using System.IO;
  6 | using System.Linq;
  7 | using System.Security.Cryptography.X509Certificates;
  8 | using System.Text;
  9 | using System.Threading.Tasks;
 10 | using FluentAssertions;
 11 | using Microsoft.Extensions.Configuration;
 12 | using Xunit;
 13 | 
 14 | public partial class IntegrationTests
 15 | {
 16 |     [Fact]
 17 |     public async Task SSL_Enabled_InsecureConnection()
 18 |     {
 19 |         // arrange
 20 |         var values =
 21 |             new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
 22 |             {
 23 |                     {
 24 |                         "test", new[]
 25 |                         {
 26 |                             new KeyValuePair<string, object>("option1", "value1"),
 27 |                         }
 28 |                     },
 29 |             };
 30 | 
 31 |         var container = this.PrepareVaultContainer(enableSSL: true);
 32 |   
 33 |         try
 34 |         {
 35 |             await container.StartAsync();
 36 |             await this.LoadDataAsync("https://localhost:8200", values);
 37 | 
 38 |             // act
 39 |             var builder = new ConfigurationBuilder();
 40 |             builder.AddVaultConfiguration(
 41 |                 () => new VaultOptions("https://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, insecureConnection: true),
 42 |                 "test",
 43 |                 "secret",
 44 |                 this.logger);
 45 |             var configurationRoot = builder.Build();
 46 | 
 47 |             // assert
 48 |             configurationRoot.GetValue<string>("option1").Should().Be("value1");
 49 |         }
 50 |         finally
 51 |         {
 52 |             await container.DisposeAsync();
 53 |         }
 54 |     }
 55 | 
 56 |     [Fact]
 57 |     public async Task SSL_Enabled_CannotVerifyCert()
 58 |     {
 59 |         // arrange
 60 |         var values =
 61 |             new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
 62 |             {
 63 |                     {
 64 |                         "test", new[]
 65 |                         {
 66 |                             new KeyValuePair<string, object>("option1", "value1"),
 67 |                         }
 68 |                     },
 69 |             };
 70 | 
 71 |         var container = this.PrepareVaultContainer(enableSSL: true);
 72 | 
 73 |         try
 74 |         {
 75 |             await container.StartAsync();
 76 |             await this.LoadDataAsync("https://localhost:8200", values);
 77 | 
 78 |             // act
 79 |             var builder = new ConfigurationBuilder();
 80 |             builder.AddVaultConfiguration(
 81 |                 () => new VaultOptions("https://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, insecureConnection: false),
 82 |                 "test",
 83 |                 "secret",
 84 |                 this.logger);
 85 |             Action act = () => builder.Build();
 86 | 
 87 | 
 88 |             // assert
 89 |             act.Should().Throw<System.Net.Http.HttpRequestException>("The SSL connection could not be established, see inner exception.");
 90 |         }
 91 |         finally
 92 |         {
 93 |             await container.DisposeAsync();
 94 |         }
 95 |     }
 96 | 
 97 |     [Fact]
 98 |     public async Task SSL_Enabled_ManuallyVerifyCert()
 99 |     {
100 |         // arrange
101 |         var values =
102 |             new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
103 |             {
104 |                     {
105 |                         "test", new[]
106 |                         {
107 |                             new KeyValuePair<string, object>("option1", "value1"),
108 |                         }
109 |                     },
110 |             };
111 | 
112 |         var container = this.PrepareVaultContainer(enableSSL: true);
113 | 
114 |         try
115 |         {
116 |             await container.StartAsync();
117 |             await this.LoadDataAsync("https://localhost:8200", values);
118 | 
119 |             // act
120 |             var builder = new ConfigurationBuilder();
121 |             builder.AddVaultConfiguration(
122 |                 () => new VaultOptions("https://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, insecureConnection: false, serverCertificateCustomValidationCallback: (message, cert, chain, errors) => true),
123 |                 "test",
124 |                 "secret",
125 |                 this.logger);
126 |             var configurationRoot = builder.Build();
127 | 
128 |             // assert
129 |             configurationRoot.GetValue<string>("option1").Should().Be("value1");
130 |         }
131 |         finally
132 |         {
133 |             await container.DisposeAsync();
134 |         }
135 |     }
136 | }
137 | 


--------------------------------------------------------------------------------
/Tests/VaultSharp.Extensions.Configuration.Test/VaultSharp.Extensions.Configuration.Test.csproj:
--------------------------------------------------------------------------------
  1 | <Project Sdk="Microsoft.NET.Sdk">
  2 | 
  3 |   <PropertyGroup Label="Build">
  4 |     <Nullable>enable</Nullable>
  5 |     <IsPackable>false</IsPackable>
  6 |     <GenerateErrorForMissingTargetingPacks>false</GenerateErrorForMissingTargetingPacks>
  7 |     <TargetFramework>net8.0</TargetFramework>
  8 |     <NoWarn>VSTHRD200;CS1591;CS8618</NoWarn>
  9 |   </PropertyGroup>
 10 | 
 11 |   <PropertyGroup Condition=" '$(Configuration)' == 'Debug' ">
 12 |     <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
 13 |   </PropertyGroup>
 14 | 
 15 |   <PropertyGroup Condition=" '$(Configuration)' == 'Release' ">
 16 |     <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
 17 |   </PropertyGroup>
 18 | 
 19 |   <ItemGroup Label="Project References">
 20 |     <ProjectReference Include="..\..\Source\VaultSharp.Extensions.Configuration\VaultSharp.Extensions.Configuration.csproj" />
 21 |   </ItemGroup>
 22 | 
 23 |   <ItemGroup>
 24 |     <PackageReference Include="Docker.DotNet" Version="3.125.15" />
 25 |     <PackageReference Include="FluentAssertions" Version="8.2.0" />
 26 |     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.13.0" />    
 27 |     <PackageReference Include="Serilog.Sinks.Console" Version="6.0.0" />
 28 |     <PackageReference Include="coverlet.collector" Version="6.0.4" PrivateAssets="all">
 29 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 30 |     </PackageReference>
 31 |     <PackageReference Include="Moq" Version="4.20.72" />
 32 |     <PackageReference Include="MinVer" Version="5.0.0">
 33 |       <PrivateAssets>all</PrivateAssets>
 34 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 35 |     </PackageReference>
 36 |     <PackageReference Include="Testcontainers" Version="4.3.0" />
 37 |     <PackageReference Include="xunit" Version="2.9.3" />
 38 |     <PackageReference Include="xunit.runner.visualstudio" Version="3.0.2">
 39 |       <PrivateAssets>all</PrivateAssets>
 40 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 41 |     </PackageReference>
 42 |   </ItemGroup>
 43 | 
 44 |   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.1'">
 45 |     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 46 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 47 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 48 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
 49 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 50 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 51 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="7.0.4">
 52 |       <PrivateAssets>all</PrivateAssets>
 53 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 54 |     </PackageReference>
 55 |   </ItemGroup>
 56 | 
 57 |   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
 58 |     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 59 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 60 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 61 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
 62 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 63 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 64 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="6.0.0">
 65 |       <PrivateAssets>all</PrivateAssets>
 66 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 67 |     </PackageReference>
 68 |   </ItemGroup>
 69 | 
 70 |   <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
 71 |     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 72 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 73 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 74 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
 75 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 76 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 77 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="6.0.0">
 78 |       <PrivateAssets>all</PrivateAssets>
 79 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 80 |     </PackageReference>
 81 |   </ItemGroup>
 82 | 
 83 |   <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
 84 |     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 85 |     <PackageReference Include="System.Text.Json" Version="8.0.5" />
 86 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 87 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
 88 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
 89 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
 90 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="7.0.4">
 91 |       <PrivateAssets>all</PrivateAssets>
 92 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
 93 |     </PackageReference>
 94 |   </ItemGroup>
 95 | 
 96 |   <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
 97 |     <PackageReference Include="Serilog.Extensions.Logging" Version="8.0.0" />
 98 |     <PackageReference Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
 99 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.2" />
100 |     <PackageReference Include="Microsoft.Extensions.Hosting.Abstractions" Version="8.0.1" />
101 |     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.3" />
102 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="9.0.0">
103 |       <PrivateAssets>all</PrivateAssets>
104 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
105 |     </PackageReference>
106 |   </ItemGroup>
107 | 
108 |   <ItemGroup Condition="'$(TargetFramework)' == 'net9.0'">
109 |     <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="9.0.4" />
110 |     <PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="9.0.0">
111 |       <PrivateAssets>all</PrivateAssets>
112 |       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
113 |     </PackageReference>
114 |   </ItemGroup>
115 | 
116 |   <ItemGroup>
117 |     <None Update="approle.sh">
118 |       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
119 |     </None>
120 |     <None Update="approle_nolist.sh">
121 |       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
122 |     </None>
123 |   </ItemGroup>
124 | 
125 | </Project>
126 | 


--------------------------------------------------------------------------------
/Tests/VaultSharp.Extensions.Configuration.Test/approle.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | # Setup VAULT_ADDR and VAULT_TOKEN
 4 | export VAULT_ADDR=http://localhost:8200
 5 | export VAULT_TOKEN=root
 6 | 
 7 | vault secrets enable -version=2 kv
 8 | vault auth enable approle
 9 | vault policy write test-policy -<<EOF
10 | path "secret/*" {
11 |   capabilities = [ "read", "list" ]
12 | }
13 | EOF
14 | vault write auth/approle/role/test-role token_policies="test-policy" \
15 |     token_ttl=1h token_max_ttl=4h
16 | 


--------------------------------------------------------------------------------
/Tests/VaultSharp.Extensions.Configuration.Test/approle_nolist.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | # Setup VAULT_ADDR and VAULT_TOKEN
 4 | export VAULT_ADDR=http://localhost:8200
 5 | export VAULT_TOKEN=root
 6 | 
 7 | vault secrets enable -version=2 kv
 8 | vault auth enable approle
 9 | vault policy write test-policy -<<EOF
10 | path "secret/*" {
11 |   capabilities = [ "read" ]
12 | }
13 | EOF
14 | vault write auth/approle/role/test-role token_policies="test-policy" \
15 |     token_ttl=1h token_max_ttl=4h
16 | 


--------------------------------------------------------------------------------
/VaultSharp.Extensions.Configuration.sln:
--------------------------------------------------------------------------------
  1 | 
  2 | Microsoft Visual Studio Solution File, Format Version 12.00
  3 | # Visual Studio Version 17
  4 | VisualStudioVersion = 17.5.33424.131
  5 | MinimumVisualStudioVersion = 10.0.40219.1
  6 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Source", "Source", "{719809C2-A551-4C4A-9EFD-B10FB5E35BC0}"
  7 | 	ProjectSection(SolutionItems) = preProject
  8 | 		Source\Directory.Build.props = Source\Directory.Build.props
  9 | 	EndProjectSection
 10 | EndProject
 11 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{F20E2797-D1E3-4321-91BB-FAE54954D2A0}"
 12 | 	ProjectSection(SolutionItems) = preProject
 13 | 		.editorconfig = .editorconfig
 14 | 		.gitattributes = .gitattributes
 15 | 		.gitignore = .gitignore
 16 | 		build.cake = build.cake
 17 | 		Directory.Build.props = Directory.Build.props
 18 | 		Directory.Build.targets = Directory.Build.targets
 19 | 		Key.snk = Key.snk
 20 | 	EndProjectSection
 21 | EndProject
 22 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Other Files", "Other Files", "{7EDFA103-DB69-4C88-9DE4-97ADBF8253A1}"
 23 | 	ProjectSection(SolutionItems) = preProject
 24 | 		build.cake = build.cake
 25 | 		Directory.Build.props = Directory.Build.props
 26 | 		Directory.Build.targets = Directory.Build.targets
 27 | 		Gitversion.yml = Gitversion.yml
 28 | 		Key.snk = Key.snk
 29 | 		LICENSE.md = LICENSE.md
 30 | 		README.md = README.md
 31 | 		runsettings.xml = runsettings.xml
 32 | 	EndProjectSection
 33 | EndProject
 34 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Tests", "Tests", "{E1B24F25-B8A4-46EE-B7EB-7803DCFC543F}"
 35 | 	ProjectSection(SolutionItems) = preProject
 36 | 		Tests\.editorconfig = Tests\.editorconfig
 37 | 		Tests\Directory.Build.props = Tests\Directory.Build.props
 38 | 	EndProjectSection
 39 | EndProject
 40 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Issue Templates", "Issue Templates", "{566DF0E2-1288-4083-9B55-4C8B69BB1432}"
 41 | 	ProjectSection(SolutionItems) = preProject
 42 | 		.github\ISSUE_TEMPLATE\BUG_REPORT.md = .github\ISSUE_TEMPLATE\BUG_REPORT.md
 43 | 		.github\ISSUE_TEMPLATE\FEATURE_REQUEST.md = .github\ISSUE_TEMPLATE\FEATURE_REQUEST.md
 44 | 		.github\ISSUE_TEMPLATE\QUESTION.md = .github\ISSUE_TEMPLATE\QUESTION.md
 45 | 	EndProjectSection
 46 | EndProject
 47 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{0555C737-CE4B-4C78-87AB-6296E1E32D01}"
 48 | 	ProjectSection(SolutionItems) = preProject
 49 | 		.github\CODE_OF_CONDUCT.md = .github\CODE_OF_CONDUCT.md
 50 | 		.github\CONTRIBUTING.md = .github\CONTRIBUTING.md
 51 | 		.github\PULL_REQUEST_TEMPLATE.md = .github\PULL_REQUEST_TEMPLATE.md
 52 | 		.github\SECURITY.md = .github\SECURITY.md
 53 | 	EndProjectSection
 54 | EndProject
 55 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "VaultSharp.Extensions.Configuration", "Source\VaultSharp.Extensions.Configuration\VaultSharp.Extensions.Configuration.csproj", "{D49F5A02-D549-4EF4-8776-89C35A71EB2D}"
 56 | EndProject
 57 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "VaultSharp.Extensions.Configuration.Test", "Tests\VaultSharp.Extensions.Configuration.Test\VaultSharp.Extensions.Configuration.Test.csproj", "{528E66EB-2232-4534-A20D-9BC8A240BF2F}"
 58 | EndProject
 59 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{EFE1E5ED-D337-4874-82EC-D9FA0BC7D3AB}"
 60 | 	ProjectSection(SolutionItems) = preProject
 61 | 		.github\release-drafter.yml = .github\release-drafter.yml
 62 | 	EndProjectSection
 63 | EndProject
 64 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "workflows", "workflows", "{841C67EF-BBB2-4730-8E29-22FF3FD54306}"
 65 | 	ProjectSection(SolutionItems) = preProject
 66 | 		.github\workflows\build.yml = .github\workflows\build.yml
 67 | 		.github\workflows\release-drafter.yml = .github\workflows\release-drafter.yml
 68 | 	EndProjectSection
 69 | EndProject
 70 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "SampleWebApp", "Source\SampleWebApp\SampleWebApp.csproj", "{26A6804B-2A4B-4629-89DE-C5476072B4E3}"
 71 | EndProject
 72 | Global
 73 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 74 | 		Debug|Any CPU = Debug|Any CPU
 75 | 		Release|Any CPU = Release|Any CPU
 76 | 	EndGlobalSection
 77 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 78 | 		{D49F5A02-D549-4EF4-8776-89C35A71EB2D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 79 | 		{D49F5A02-D549-4EF4-8776-89C35A71EB2D}.Debug|Any CPU.Build.0 = Debug|Any CPU
 80 | 		{D49F5A02-D549-4EF4-8776-89C35A71EB2D}.Release|Any CPU.ActiveCfg = Release|Any CPU
 81 | 		{D49F5A02-D549-4EF4-8776-89C35A71EB2D}.Release|Any CPU.Build.0 = Release|Any CPU
 82 | 		{528E66EB-2232-4534-A20D-9BC8A240BF2F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 83 | 		{528E66EB-2232-4534-A20D-9BC8A240BF2F}.Debug|Any CPU.Build.0 = Debug|Any CPU
 84 | 		{528E66EB-2232-4534-A20D-9BC8A240BF2F}.Release|Any CPU.ActiveCfg = Release|Any CPU
 85 | 		{528E66EB-2232-4534-A20D-9BC8A240BF2F}.Release|Any CPU.Build.0 = Release|Any CPU
 86 | 		{26A6804B-2A4B-4629-89DE-C5476072B4E3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 87 | 		{26A6804B-2A4B-4629-89DE-C5476072B4E3}.Debug|Any CPU.Build.0 = Debug|Any CPU
 88 | 		{26A6804B-2A4B-4629-89DE-C5476072B4E3}.Release|Any CPU.ActiveCfg = Release|Any CPU
 89 | 		{26A6804B-2A4B-4629-89DE-C5476072B4E3}.Release|Any CPU.Build.0 = Release|Any CPU
 90 | 	EndGlobalSection
 91 | 	GlobalSection(SolutionProperties) = preSolution
 92 | 		HideSolutionNode = FALSE
 93 | 	EndGlobalSection
 94 | 	GlobalSection(NestedProjects) = preSolution
 95 | 		{566DF0E2-1288-4083-9B55-4C8B69BB1432} = {0555C737-CE4B-4C78-87AB-6296E1E32D01}
 96 | 		{0555C737-CE4B-4C78-87AB-6296E1E32D01} = {7EDFA103-DB69-4C88-9DE4-97ADBF8253A1}
 97 | 		{D49F5A02-D549-4EF4-8776-89C35A71EB2D} = {719809C2-A551-4C4A-9EFD-B10FB5E35BC0}
 98 | 		{528E66EB-2232-4534-A20D-9BC8A240BF2F} = {E1B24F25-B8A4-46EE-B7EB-7803DCFC543F}
 99 | 		{EFE1E5ED-D337-4874-82EC-D9FA0BC7D3AB} = {F20E2797-D1E3-4321-91BB-FAE54954D2A0}
100 | 		{841C67EF-BBB2-4730-8E29-22FF3FD54306} = {EFE1E5ED-D337-4874-82EC-D9FA0BC7D3AB}
101 | 		{26A6804B-2A4B-4629-89DE-C5476072B4E3} = {719809C2-A551-4C4A-9EFD-B10FB5E35BC0}
102 | 	EndGlobalSection
103 | 	GlobalSection(ExtensibilityGlobals) = postSolution
104 | 		SolutionGuid = {73F36209-F8D6-4066-8951-D97729F773CF}
105 | 	EndGlobalSection
106 | EndGlobal
107 | 


--------------------------------------------------------------------------------
/build.cake:
--------------------------------------------------------------------------------
 1 | var target = Argument("Target", "Default");
 2 | var nugetApiKey = Argument<string>("nuget-key", null);
 3 | 
 4 | var configuration =
 5 |     HasArgument("Configuration") ? Argument<string>("Configuration") :
 6 |     EnvironmentVariable("Configuration") is object ? EnvironmentVariable("Configuration") :
 7 |     "Release";
 8 | 
 9 | var artefactsDirectory = Directory("./Artefacts");
10 | 
11 | Task("Clean")
12 |     .Description("Cleans the artefacts, bin and obj directories.")
13 |     .Does(() =>
14 |     {
15 |         CleanDirectory(artefactsDirectory);
16 |         DeleteDirectories(GetDirectories("**/bin"), new DeleteDirectorySettings() { Force = true, Recursive = true });
17 |         DeleteDirectories(GetDirectories("**/obj"), new DeleteDirectorySettings() { Force = true, Recursive = true });
18 |     });
19 | 
20 | Task("Restore")
21 |     .Description("Restores NuGet packages.")
22 |     .IsDependentOn("Clean")
23 |     .Does(() =>
24 |     {
25 |         DotNetRestore();
26 |     });
27 | 
28 | Task("Build")
29 |     .Description("Builds the solution.")
30 |     .IsDependentOn("Restore")
31 |     .Does(() =>
32 |     {
33 |         DotNetBuild(
34 |             ".",
35 |             new DotNetBuildSettings()
36 |             {
37 |                 Configuration = configuration,
38 |                 NoRestore = true,
39 |             });
40 |     });
41 | 
42 | Task("Test")
43 |     .Description("Runs unit tests and outputs test results to the artefacts directory.")
44 |     .DoesForEach(GetFiles("./Tests/**/*.csproj"), project =>
45 |     {
46 |         DotNetTest(
47 |             project.ToString(),
48 |             new DotNetTestSettings()
49 |             {
50 |                 Configuration = configuration,
51 |                 Loggers = new[] { "trx" },
52 |                 NoBuild = true,
53 |                 NoRestore = true,
54 |                 ResultsDirectory = "coverage",
55 |                 Collectors = new[] { "XPlat Code Coverage;Format=cobertura" },
56 |             });
57 |     });
58 | 
59 | Task("Pack")
60 |     .Description("Creates NuGet packages and outputs them to the artefacts directory.")
61 |     .Does(() =>
62 |     {
63 |         DotNetPack(
64 |             "./Source/VaultSharp.Extensions.Configuration/VaultSharp.Extensions.Configuration.csproj",
65 |             new DotNetPackSettings()
66 |             {
67 |                 Configuration = configuration,
68 |                 IncludeSymbols = true,
69 |                 MSBuildSettings = new DotNetMSBuildSettings().WithProperty("SymbolPackageFormat", "snupkg"),
70 |                 NoBuild = true,
71 |                 NoRestore = true,
72 |                 OutputDirectory = artefactsDirectory,
73 |             });
74 |     });
75 | 
76 | Task("Publish")
77 |     .IsDependentOn("Pack")
78 |     .DoesForEach(GetFiles($"{artefactsDirectory}/*.nupkg"), file =>
79 |     {
80 |         NuGetPush(file.ToString(), new NuGetPushSettings {
81 |             Source = "https://api.nuget.org/v3/index.json",
82 |             ApiKey = nugetApiKey,
83 |         });
84 |     });
85 | 
86 | Task("Default")
87 |     .Description("Cleans, restores NuGet packages, builds the solution, runs unit tests and then creates NuGet packages.")
88 |     .IsDependentOn("Build")
89 |     .IsDependentOn("Test")
90 |     .IsDependentOn("Pack");
91 | 
92 | RunTarget(target);
93 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.8'
 2 | 
 3 | x-common-environment-variables: &environment-variables
 4 |   VAULT_ADDR: http://vault:8200
 5 |   VAULT_TOKEN: root
 6 | 
 7 | services:
 8 |   sampleapp:
 9 |     build:
10 |       context: .
11 |       dockerfile: Source/SampleWebApp/Dockerfile
12 |     ports:
13 |       - 8080:80
14 |     container_name: sample.app
15 |     environment:
16 |       <<: *environment-variables
17 |       WAIT_HOSTS: vault:8200
18 |     depends_on:
19 |       - vault
20 | 
21 |   vault:
22 |     image: mikhailmerkulov/vault-dev-docker:latest
23 |     environment:
24 |       - VAULT_DEV_ROOT_TOKEN_ID=root
25 |       - VAULT_UI=true
26 |     container_name: vault
27 |     volumes:
28 |       - ./Source/SampleWebApp/secrets.json:/opt/secrets.json
29 |     ports:
30 |       - 8200:8200
31 | 
32 | 


--------------------------------------------------------------------------------
/makefile:
--------------------------------------------------------------------------------
  1 | # Makefile equivalent of the Cake script
  2 | 
  3 | # -----------------------------------------------------------------------------
  4 | # Variables
  5 | # -----------------------------------------------------------------------------
  6 | 
  7 | # Configuration (Release/Debug). Can be overridden from command line: make CONFIGURATION=Debug
  8 | CONFIGURATION ?= Release
  9 | 
 10 | # Solution and Project Paths (Adjust as necessary)
 11 | SOLUTION         = ./VaultSharp.Extensions.Configuration.sln
 12 | TEST_PROJECT     = ./Tests/VaultSharp.Extensions.Configuration.Test/VaultSharp.Extensions.Configuration.Test.csproj
 13 | PROJECT_TO_PUBLISH = ./Source/VaultSharp.Extensions.Configuration/VaultSharp.Extensions.Configuration.csproj
 14 | 
 15 | # Output Directories
 16 | PUBLISH_DIR      = .\publish
 17 | 
 18 | # Version Info (Consider making this dynamic, e.g., from git tag or a file)
 19 | VERSION          = 1.0.0
 20 | 
 21 | # NuGet Settings
 22 | NUGET_SOURCE     = https://api.nuget.org/v3/index.json
 23 | # Allow NUGET_API_KEY to be passed via environment or command line
 24 | NUGET_API_KEY    ?= $(NUGET_API_KEY) # Uses env var NUGET_API_KEY if set, otherwise empty
 25 | 
 26 | # Tools (using system dotnet)
 27 | DOTNET           = dotnet
 28 | 
 29 | # Shell settings (use bash for more features if needed)
 30 | SHELL            = /bin/sh
 31 | 
 32 | # -----------------------------------------------------------------------------
 33 | # Cross-platform Shell Helper
 34 | # -----------------------------------------------------------------------------
 35 | # Use 'pwsh' if available, otherwise fallback to 'powershell' on Windows
 36 | ifeq ($(OS),Windows_NT)
 37 | 	SHELL := pwsh.exe
 38 | 	POWERSHELL := pwsh.exe
 39 | 	MD = if (!(Test-Path '$(PUBLISH_DIR)')) { New-Item -ItemType Directory -Path '$(PUBLISH_DIR)' | Out-Null }
 40 | 	RM = if (Test-Path '$(PUBLISH_DIR)') { Remove-Item -Recurse -Force '$(PUBLISH_DIR)' }
 41 | 	LS = Test-Path "$(PUBLISH_DIR)\*.nupkg"
 42 | else
 43 | 	SHELL := /bin/bash
 44 | 	POWERSHELL := pwsh
 45 | 	MD = mkdir -p $(PUBLISH_DIR)
 46 | 	RM = rm -rf $(PUBLISH_DIR)
 47 | 	LS = ls $(PUBLISH_DIR)/*.nupkg 1> /dev/null 2>&1
 48 | endif
 49 | 
 50 | # -----------------------------------------------------------------------------
 51 | # Phony Targets (Targets that don't represent files)
 52 | # -----------------------------------------------------------------------------
 53 | .PHONY: all Default Clean Restore Build Test Pack Push help
 54 | 
 55 | # -----------------------------------------------------------------------------
 56 | # Default Target
 57 | # -----------------------------------------------------------------------------
 58 | # The first target is the default if none is specified on the command line.
 59 | # Maps to Cake's "Default" task which depends on "Publish".
 60 | Default: Pack
 61 | 
 62 | all: Default # Common alias for the main default action
 63 | 
 64 | # -----------------------------------------------------------------------------
 65 | # Build Tasks (Mapped from Cake Tasks)
 66 | # -----------------------------------------------------------------------------
 67 | 
 68 | # Clean build artifacts and publish directory
 69 | Clean:
 70 | 	@echo "--- Cleaning ---"
 71 | 	@echo "Removing Directory: $(PUBLISH_DIR)"
 72 | 	rm -rf $(PUBLISH_DIR)
 73 | 	$(DOTNET) clean $(SOLUTION) --configuration $(CONFIGURATION)
 74 | 	@echo "Clean complete."
 75 | 
 76 | # Restore NuGet packages
 77 | Restore:
 78 | 	@echo "--- Restoring Dependencies ---"
 79 | 	$(DOTNET) restore $(SOLUTION)
 80 | 	@echo "Restore complete."
 81 | 
 82 | # Build the solution
 83 | # Depends on Restore (Make handles dependency order)
 84 | Build: Restore
 85 | 	@echo "--- Building Solution (Version: $(VERSION), Configuration: $(CONFIGURATION)) ---"
 86 | 	$(DOTNET) build $(SOLUTION) --configuration $(CONFIGURATION) --no-restore /p:Version=$(VERSION)
 87 | 	@echo "Build complete."
 88 | 
 89 | # Run tests
 90 | # Depends on Build
 91 | Test: Build
 92 | 	@echo "--- Running Tests ---"
 93 | 	$(DOTNET) test $(TEST_PROJECT) \
 94 | 		--configuration $(CONFIGURATION) \
 95 | 		--no-build --no-restore \
 96 | 		--collect:"XPlat Code Coverage" \
 97 | 		--logger "trx" \
 98 | 		--logger "html;LogFileName=VaultSharp.Extensions.Configuration.Test.html" \
 99 | 		--results-directory ./coverage \
100 | 		/p:CollectCoverage=true \
101 | 		/p:CoverletOutputFormat=opencover \
102 | 		/p:CoverletOutput=coverage.cobertura.xml
103 | 	@echo "Tests complete."
104 | 
105 | # Create NuGet packages
106 | # Depends on Build
107 | Pack: Build
108 | 	@echo "--- Packing NuGet Packages (Version: $(VERSION)) ---"
109 | 	$(DOTNET) --version > /dev/null 2>&1 && (mkdir -p $(PUBLISH_DIR)) || (powershell -Command "if (!(Test-Path '$(PUBLISH_DIR)')) { New-Item -ItemType Directory -Path '$(PUBLISH_DIR)' | Out-Null }")
110 | 	$(DOTNET) pack $(SOLUTION) --configuration $(CONFIGURATION) --no-build --no-restore -o $(PUBLISH_DIR) /p:PackageVersion=$(VERSION) /p:Version=$(VERSION)
111 | 	@echo "Packaging complete. Packages in $(PUBLISH_DIR)"
112 | 
113 | # Push NuGet packages to the source
114 | # Depends on Pack
115 | Push: Pack
116 | 	@echo "--- Pushing NuGet Packages ---"
117 | ifeq ($(OS),Windows_NT)
118 | 	$(DOTNET) nuget push "$(PUBLISH_DIR)\*.nupkg" --source $(NUGET_SOURCE) --api-key $(NUGET_API_KEY);
119 | else
120 | 	$(DOTNET) nuget push $(PUBLISH_DIR)/*.nupkg --source $(NUGET_SOURCE) --api-key $(NUGET_API_KEY);
121 | endif
122 | 	@echo "Push attempt finished."
123 | 	
124 | 
125 | # -----------------------------------------------------------------------------
126 | # Help Target
127 | # -----------------------------------------------------------------------------
128 | help:
129 | 	@echo "Usage: make [TARGET] [VARIABLE=VALUE...]"
130 | 	@echo ""
131 | 	@echo "Targets:"
132 | 	@echo "  all          (Default) Clean, restore, build, test, pack, and publish"
133 | 	@echo "  Clean        Clean build artifacts and publish directory"
134 | 	@echo "  Restore      Restore NuGet packages"
135 | 	@echo "  Build        Build the solution"
136 | 	@echo "  Test         Run unit tests"
137 | 	@echo "  Pack         Create NuGet packages"
138 | 	@echo "  Push         Push NuGet packages to the source (requires NUGET_API_KEY)"
139 | 	@echo ""
140 | 	@echo "Variables:"
141 | 	@echo "  CONFIGURATION  (Default: $(CONFIGURATION)) Build configuration (e.g., Debug, Release)"
142 | 	@echo "  VERSION        (Default: $(VERSION))     Version for build/pack/publish"
143 | 	@echo "  NUGET_API_KEY  (Required for Push)   API key for NuGet source"
144 | 	@echo ""
145 | 	@echo "Example:"
146 | 	@echo "  make Test CONFIGURATION=Debug"
147 | 	@echo "  make Push NUGET_API_KEY=xyz..."


--------------------------------------------------------------------------------
/runsettings.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8" ?>
 2 | <RunSettings>
 3 |   <DataCollectionRunSettings>
 4 |     <DataCollectors>
 5 |       <DataCollector friendlyName="XPlat code coverage">
 6 |         <Configuration>
 7 |           <ExcludeByFile>**/obj/**/*.*</ExcludeByFile>
 8 |           <ExcludeByAttribute>GeneratedCodeAttribute,CompilerGeneratedAttribute</ExcludeByAttribute>
 9 |           <Format>opencover</Format>
10 |           <UseSourceLink>true</UseSourceLink>
11 |           <IncludeTestAssembly>true</IncludeTestAssembly>
12 |           <DeterministicReport>false</DeterministicReport>
13 |         </Configuration>
14 |       </DataCollector>
15 |     </DataCollectors>
16 |   </DataCollectionRunSettings>
17 |   <RunConfiguration>
18 |         <ResultsDirectory>.\Artefacts</ResultsDirectory>
19 |     </RunConfiguration>
20 | </RunSettings>


--------------------------------------------------------------------------------
/tools/nuget.exe:
--------------------------------------------------------------------------------
1 | version https://git-lfs.github.com/spec/v1
2 | oid sha256:dea03b9cd25ef868dd2ffc4fc4c5a04ce92657e3d37bccf0f0b7c09b0172a8e9
3 | size 6512008
4 | 


--------------------------------------------------------------------------------
/tools/packages.config:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <packages>
3 |     <package id="Cake" version="0.38.2" />
4 | </packages>
5 | 


--------------------------------------------------------------------------------