Blip.Starter.Common.Secrets 0.0.17

There is a newer version of this package available.
See the version list below for details.

dotnet add package Blip.Starter.Common.Secrets --version 0.0.17

NuGet\Install-Package Blip.Starter.Common.Secrets -Version 0.0.17

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Blip.Starter.Common.Secrets" Version="0.0.17" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add Blip.Starter.Common.Secrets --version 0.0.17

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Blip.Starter.Common.Secrets, 0.0.17"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install Blip.Starter.Common.Secrets as a Cake Addin
#addin nuget:?package=Blip.Starter.Common.Secrets&version=0.0.17

// Install Blip.Starter.Common.Secrets as a Cake Tool
#tool nuget:?package=Blip.Starter.Common.Secrets&version=0.0.17

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Blip.Starter.Common.Secrets

First of all, please read all pages of our Secrets documentation.

Secrets are confidential information that should not be exposed in your code. This includes passwords, API keys, tokens, etc.

This library provides a way to retrieve secrets from a secret storage. Currently, we support Hashicorp Vault as our secret storage.

Follow the configuration above to be able to configure. Please also read our documentation about .NET secrets accesses.

Configuring your application

To configure your application you need to add Blip.Starter.Common.Secrets NuGet package to your project.

The NuGet package is published in our private NuGet repository: https://dev.azure.com/curupira/BLiP/_artifacts/feed/BlipNuget/NuGet/Blip.Starter.Common.Secrets/overview

To access it locally you will need to install Azure Artifacts credential provider.

To configure this library you need to provide a ISecretConfiguration. You may create yourself one programatically or use the DefaultSecretConfiguration which uses several environment variables to configure the library:

Environment Variable	Description	Default Value	Available Values
`SECRETS_ENABLED`	Enable or disable the secrets configuration	`true`	`true`, `false`
`SECRETS_ENGINE`	The secret engine to be used. You can also disable by using `Null` or `Noop` engines.	`HashicorpVault`	`HashicorpVault`, `Noop`, `Null`
`SECRETS_PATHS`	Additional paths to be used to retrieve secrets.	`""`	Any valid string
`SECRETS_ENABLE_TENANT_PATH`	To add default's tenant path as a secret path to load.	`false`	`true`, `false`
`SECRETS_ENABLE_HOST_SERVICE_NAME_PATH`	To add default's application service name as a secret path to load.	`false`	`true`, `false`

Here's specific engine configuration:

Environment Variable	Description	Default Value	Available Values
`SECRETS_HASHICORP_VAULT_URL`	The URL of the Vault server.	`http://localhost:8200`	Any valid URL
`SECRETS_HASHICORP_VAULT_ROLE_NAME`	The role name to be used to authenticate in Vault.	The same as the environment's `HostServiceName` which is configured by the environment variable `HOST_SERVICE_NAME`	Any valid string
`SECRETS_HASHICORP_VAULT_MOUNT_POINT`	The mount point to be used to authenticate in Vault.	The same as the environment's `ClusterName` which is configured by the environment variable `CLUSTER_NAME`	Any valid string
`SECRETS_HASHICORP_VAULT_SERVICE_ACCOUNT_PATH`	The path to the service account file to be used to authenticate in Vault.	`/var/run/secrets/kubernetes.io/serviceaccount/token`	Any valid string

ASP.NET Core

To integrate this library with a ASP.NET Core application, go to your Startup.cs file or anywhere you configure the framework and add the following code:

// You can change the configuration if needed, but prefer changing the configuration with environment variables without hardcoding it to your code.
ISecretConfiguration configuration = DefaultSecretConfiguration();

// Creates the environment from environment variables.
var environment = Blip.Starter.Common.Env.Environment.FromEnvironmentVariables();

// Adds the secrets to the configuration builder, using the 'SecretConfigurationExtensions' extension.
// You may ommit all attributes and let the configuration be loaded from environment variables.
// You may also hardcode the engine to be used here, by providing the engine parameter, but prefer using the environment variable. 
builder.Configuration.AddSecrets(
    environment: environment,
    configuration: configuration);

Manual configuration

If you are not using ASP.NET you can configure the library manually and get the secrets dictionary manually, without integrating it with the Microsoft's ConfigurationBuilder:

// You can change the configuration if needed, but prefer changing the configuration with environment variables without hardcoding it to your code.
ISecretConfiguration configuration = DefaultSecretConfiguration();

// Creates the environment from environment variables.
var environment = Blip.Starter.Common.Env.Environment.FromEnvironmentVariables();

// Load the secrets from the secret storage.
// If disabled (default) this will return an empty dictionary.
var dictionary = await SecretStarter.Load(
    engine: SecretEngine.Vault,
    environment: environment,
    configuration: configuration);

// Access the secrets using the returned dictionary.
// Embedded json objects are also supported, but to access them you need to use ':' to separate the keys.
// Example: "secretKey:myEmbeddedSecret"

Adding secrets to the secret storage

To add new secrets in our production secret storage you must create a new service request.

TODO: add SR link and owner team

Product	Compatible and additional computed target framework versions.
.NET	net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.

Product

.NET

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net6.0
- Blip.Starter.Common.Env (>= 0.0.17)
- Microsoft.Extensions.Configuration (>= 6.0.1)
- Microsoft.Extensions.Configuration.Json (>= 6.0.0)
- Microsoft.Extensions.Logging (>= 6.0.0)
- VaultSharp (>= 1.13.0.1)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last updated
0.0.23	5,567	7/25/2024
0.0.20	7,627	2/27/2024
0.0.19	134	2/22/2024
0.0.18	123	1/31/2024
0.0.17	180	12/28/2023
0.0.16	190	11/6/2023
0.0.15	142	10/19/2023
0.0.14	7,250	10/10/2023
0.0.12	167	9/26/2023

Total 21.4K

Current version 180

Per day average 52