Created
August 6, 2019 08:43
-
-
Save hiiru/714dd6413078fd93fa64b2796abd85b6 to your computer and use it in GitHub Desktop.
Azure Functions KeyVault Configuration workaround
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.Azure.KeyVault; | |
using Microsoft.Azure.Services.AppAuthentication; | |
using Microsoft.Azure.WebJobs; | |
using Microsoft.Azure.WebJobs.Hosting; | |
using Microsoft.Extensions.Configuration; | |
using Microsoft.Extensions.Configuration.AzureKeyVault; | |
using Microsoft.Extensions.DependencyInjection; | |
using Microsoft.Extensions.DependencyInjection.Extensions; | |
using System; | |
using System.Linq; | |
[assembly: WebJobsStartup(typeof(Startup))] | |
namespace MyServices.Functions | |
{ | |
public class Startup : IWebJobsStartup | |
{ | |
public static string Environment; | |
public void Configure(IWebJobsBuilder builder) | |
{ | |
var config = ReplaceConfiguration(builder); | |
builder.Services.AddMyServices(config.GetSection("MySection")); | |
} | |
private static IConfiguration ReplaceConfiguration(IWebJobsBuilder builder) | |
{ | |
var baseConfig = builder.Services.FirstOrDefault(d => d.ServiceType == typeof(IConfiguration))?.ImplementationInstance as IConfigurationRoot; | |
Environment = baseConfig?.GetValue<string>("ASPNETCORE_ENVIRONMENT") ?? "Development"; | |
var config = new ConfigurationBuilder(); | |
if (baseConfig != null) | |
config.AddConfiguration(baseConfig); | |
config.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true) | |
.AddJsonFile($"appsettings.{Environment}.json", optional: true, reloadOnChange: true); | |
if (Environment.Equals("Development", StringComparison.OrdinalIgnoreCase)) | |
{ | |
config.AddUserSecrets<Startup>(); | |
} | |
config.AddEnvironmentVariables(); | |
if (!Environment.Equals("Development", StringComparison.OrdinalIgnoreCase)) | |
{ | |
var vaultConfig = config.Build().GetSection("ConfigurationVault"); | |
var url = vaultConfig.GetValue<string>("AzureVaultUrl"); | |
var tokenProvider = new AzureServiceTokenProvider(); | |
var kvClient = new KeyVaultClient((authority, resource, scope) => tokenProvider.KeyVaultTokenCallback(authority, resource, scope)); | |
config.AddAzureKeyVault(url, kvClient, new DefaultKeyVaultSecretManager()); | |
} | |
var newConfig = config.Build(); | |
builder.Services.Replace(ServiceDescriptor.Singleton(typeof(IConfiguration), newConfig)); | |
return newConfig; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment