diff options
Diffstat (limited to 'lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs')
| -rw-r--r-- | lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs b/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs index 711ae50..08af485 100644 --- a/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs +++ b/lib/VNLib.Plugins.Extensions.Loading/src/Secrets/VaultSecrets.cs @@ -61,6 +61,7 @@ namespace VNLib.Plugins.Extensions.Loading public const string VAULT_URL_KEY = "url"; public const string VAULT_URL_SCHEME = "vault://"; + public const string ENV_URL_SCHEME = "env://"; /// <summary> @@ -110,12 +111,23 @@ namespace VNLib.Plugins.Extensions.Loading } //Secret is a vault path, or return the raw value - if (!rawSecret.StartsWith(VAULT_URL_SCHEME, StringComparison.OrdinalIgnoreCase)) + if (rawSecret.StartsWith(VAULT_URL_SCHEME, StringComparison.OrdinalIgnoreCase)) + { + return GetSecretFromVaultAsync(plugin, rawSecret); + } + + //See if the secret is an environment variable path + if (rawSecret.StartsWith(ENV_URL_SCHEME, StringComparison.OrdinalIgnoreCase)) { - return Task.FromResult<ISecretResult?>(new SecretResult(rawSecret.AsSpan())); + //try to get the environment variable + string envVar = rawSecret[ENV_URL_SCHEME.Length..]; + string? envVal = Environment.GetEnvironmentVariable(envVar); + + return Task.FromResult<ISecretResult?>(envVal == null ? null : new SecretResult(envVal)); } - return GetSecretFromVaultAsync(plugin, rawSecret); + //Finally, return the raw value + return Task.FromResult<ISecretResult?>(new SecretResult(rawSecret.AsSpan())); } /// <summary> @@ -197,6 +209,7 @@ namespace VNLib.Plugins.Extensions.Loading { return Task.FromResult<X509Certificate?>(new (rawSecret)); } + return GetCertFromVaultAsync(plugin, rawSecret); } |