Asos.UserSecretsRetriever
1.0.2
Prefix Reserved
See the version list below for details.
dotnet tool install --global Asos.UserSecretsRetriever --version 1.0.2
dotnet new tool-manifest # if you are setting up this repo dotnet tool install --local Asos.UserSecretsRetriever --version 1.0.2
#tool dotnet:?package=Asos.UserSecretsRetriever&version=1.0.2
nuke :add-package Asos.UserSecretsRetriever --version 1.0.2
User secrets retriever
The user secrets retriever is a .NET tool that can be used to retrieve secrets from Azure Key Vault and add them via Secret Manager (user-secrets) for a project. The tool supports retrieving multiple secrets across multiple key vaults.
Why use this tool?
The .NET Secret Manager (dotnet user-secrets) is a recommended approach for storing secrets when developing on your local machine. However these secrets often have to be retrieved manually, resulting in additional overhead when getting started on an existing project and additional documentation to keep track of required secrets. This tool allows the definition (but not value) of required secrets to be stored in source control, and for the retrieval of the secrets to be automated through a single CLI command.
Why not just use the Key Vault configuration provider?
Using the Key Vault configuration provider is a valid approach to retrieving secrets in your local environment but adds additional constraints as it will query Key Vault every time you restart the application. Loading them into user-secrets prevents this and allows for a fully offline development experience.
Installation
The tool can be installed via the .NET cli:
dotnet tool install -g Asos.UserSecretsRetriever
Usage
To retrieve secrets for a project, add a appsettings.usersecrets.json
configuration file in the same directory as your project file. The user secrets configuration file should define the secrets you want to retrieve and uses the following format:
{
"Vaults": [
{
"Uri": "https://my-keyvault.vault.azure.net/",
"Secrets": [
{
"SourceName": "MyKeyVaultSecretName",
"DestinationName": "MyUserSecretName"
},
{
"SourceName": "MySecondKeyVaultSecretName",
"DestinationName": "MySecondUserSecretName"
}
]
},
{
"Uri": "https://my-second-keyvault.vault.azure.net/",
"Secrets": [
{
"SourceName": "MyKeyVaultSecretName",
"DestinationName": "MyUserSecretName"
}
]
}
]
}
Once the configuration file is present in the repository, any engineer with access to the key vault can retrieve the secrets using the following command:
dotnet user-secrets-retriever retrieve
Options
The tool supports the following options:
Option | Mandatory | Description |
---|---|---|
--project | false | The path to the directory containing the project you wish to retrieve secrets for. Defaults to the current directory. |
--secrets-configuration | false | The name of the file containing the configuration for the secrets you want to retrieve. Defaults to appsettings.usersecrets.json |
Authentication with Key Vault
The tool uses the Azure.Identity client library to authenticate with the specified Key Vaults using the DefaultAzureCredential. See the documentation on DefaultAzureCredential to understand which authentication mechanisms will be used. You will need read access to secrets within the key vaults you are accessing.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
This package has no dependencies.
Version | Downloads | Last updated |
---|---|---|
1.1.13 | 80 | 11/8/2024 |
1.1.12 | 126 | 6/24/2024 |
1.1.11 | 90 | 6/12/2024 |
1.1.10 | 99 | 5/28/2024 |
1.1.9 | 90 | 5/13/2024 |
1.1.8 | 117 | 4/29/2024 |
1.1.7 | 116 | 4/22/2024 |
1.1.6 | 153 | 4/12/2024 |
1.0.8 | 293 | 3/30/2023 |
1.0.6 | 336 | 1/31/2023 |
1.0.5 | 427 | 10/25/2022 |
1.0.2 | 376 | 10/25/2022 |
1.0.2-documentation.4 | 125 | 10/21/2022 |