feat: Vault environment vars

author: vnugent <public@vaughnnugent.com> 2024-05-22 00:57:34 -0400
committer: vnugent <public@vaughnnugent.com> 2024-05-22 00:57:34 -0400
commit: 27fb5382d80d9bcfb4c65974bbae20c5e7b8ccbc (patch)
tree: 7c6f1815d9a01bec4a97c2f53c3ec0f608222b45 /lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs
parent: 69f13e43dfdd8069459800ccc3039f45fc884814 (diff)
1 files changed, 27 insertions, 1 deletions
diff --git a/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs b/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs
index 35530c0..885f22f 100644
--- a/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs
+++ b/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs
@@ -124,6 +124,28 @@ namespace VNLib.Plugins.Extensions.Loading
             return new HCVaultClient(serverAddress, token, kvVersion, trustCert, heap);
         }
 
+        /// <summary>
+        /// Creates a new Hashicorp vault client from the default Vault environment 
+        /// variables VAULT_ADDR and VAULT_TOKEN. From client documentation
+        /// </summary>
+        /// <param name="kvVersion">The hc vault Key value store version (must be 1 or 2)</param>
+        /// <param name="trustCert">A value that tells the HTTP client to trust the Vault server's certificate even if it's not valid</param>
+        /// <param name="heap">Heap instance to allocate internal buffers from</param>
+        /// <returns>The new client instance</returns>
+        /// <exception cref="ArgumentException"></exception>
+        /// <exception cref="ArgumentNullException"></exception>
+        /// <exception cref="KeyNotFoundException"></exception>
+        public static HCVaultClient CreateFromEnv(int kvVersion, bool trustCert, IUnmangedHeap heap)
+        {
+            string address = Environment.GetEnvironmentVariable("VAULT_ADDR")
+                ?? throw new KeyNotFoundException("VAULT_ADDR environment variable not found");
+
+            string token = Environment.GetEnvironmentVariable("VAULT_TOKEN") 
+                ?? throw new KeyNotFoundException("VAULT_TOKEN environment variable not found");
+
+            return Create(address, token, kvVersion, trustCert, heap);        
+        }
+
         ///<inheritdoc/>
         protected override void Free()
         {
@@ -164,6 +186,7 @@ namespace VNLib.Plugins.Extensions.Loading
         }
 
         ///<inheritdoc/>
+        ///<exception cref="TimeoutException"></exception>
         public ISecretResult? ReadSecret(string path, string mountPoint, string secretName)
         {
             /*
@@ -174,7 +197,10 @@ namespace VNLib.Plugins.Extensions.Loading
 
             Task<ISecretResult?> asAsync = Task.Run(() => ReadSecretAsync(path, mountPoint, secretName));
            
-            asAsync.Wait(ClientDefaultTimeout);
+            if(!asAsync.Wait(ClientDefaultTimeout))
+            {
+                throw new TimeoutException("Failed to retreive the secret from the vault in the configured timeout period");
+            }
 
             return asAsync.Result;
         }
author	vnugent <public@vaughnnugent.com>	2024-05-22 00:57:34 -0400
committer	vnugent <public@vaughnnugent.com>	2024-05-22 00:57:34 -0400
commit	27fb5382d80d9bcfb4c65974bbae20c5e7b8ccbc (patch)
tree	7c6f1815d9a01bec4a97c2f53c3ec0f608222b45 /lib/VNLib.Plugins.Extensions.Loading/src/Secrets/HCVaultClient.cs
parent	69f13e43dfdd8069459800ccc3039f45fc884814 (diff)