86 lines
4.1 KiB
C#
86 lines
4.1 KiB
C#
using Microsoft.Extensions.Configuration;
|
|
using Microsoft.Extensions.Hosting;
|
|
using System;
|
|
using DotNetEnv;
|
|
|
|
namespace Inventory.Core
|
|
{
|
|
/// <summary>
|
|
/// Sets up application secrets from .env file in Development or HashiCorp Vault in Production.
|
|
/// </summary>
|
|
public static class EnvironmentBuilder
|
|
{
|
|
// Define the keys for your secrets
|
|
private const string _dbConnectionString = "DB_CONNECTION_STRING";
|
|
private const string _slurpitUrl = "SLURPIT_URL";
|
|
private const string _slurpitApiKey = "SLURPIT_API_KEY";
|
|
private const string _updateIntervalMinutes = "UPDATE_INTERVAL_MINUTES";
|
|
|
|
/// <summary>
|
|
/// Loads secrets into static properties based on the hosting environment.
|
|
/// </summary>
|
|
public static void SetupEnvironment(IHostEnvironment environment)
|
|
{
|
|
if (environment.IsDevelopment())
|
|
{
|
|
// In Development, load secrets from the .env file.
|
|
Env.TraversePath().Load();
|
|
|
|
// Assign to static properties
|
|
Secrets.DbConnectionString = Environment.GetEnvironmentVariable(_dbConnectionString);
|
|
Secrets.SlurpitUrl = Environment.GetEnvironmentVariable(_slurpitUrl);
|
|
Secrets.SlurpitApiKey = Environment.GetEnvironmentVariable(_slurpitApiKey);
|
|
|
|
int.TryParse(Environment.GetEnvironmentVariable(_updateIntervalMinutes), out var interval);
|
|
Secrets.UpdateIntervalMinutes = interval > 0 ? interval : 60; // Default to 60 minutes
|
|
}
|
|
else
|
|
{
|
|
// In Production/Release, fetch secrets from Vault.
|
|
// --- Provide your Vault details here ---
|
|
// WARNING: For production, it's strongly recommended to use environment variables
|
|
// or another secure configuration method instead of hardcoding the Vault URL.
|
|
var vaultUrl = "http://your-vault-address:8200";
|
|
var tokenPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "InventorySuite", "Vault", "vault-agent-token");
|
|
var mountPath = "your-mount-path"; // e.g., "ihris-prod"
|
|
var secretPath = "your-secret-path"; // e.g., "db_credentials"
|
|
|
|
if (vaultUrl.Contains("your-vault-address") ||
|
|
mountPath.Contains("your-mount-path") ||
|
|
secretPath.Contains("your-secret-path"))
|
|
{
|
|
throw new InvalidOperationException("Vault is not configured. Please update the hardcoded values in EnvironmentBuilder.cs before running in a non-development environment.");
|
|
}
|
|
|
|
try
|
|
{
|
|
var vaultService = new VaultService(tokenPath, vaultUrl);
|
|
var secret = vaultService.GetSecret(mountPath, secretPath);
|
|
|
|
// Assign to static properties from Vault
|
|
Secrets.DbConnectionString = vaultService.GetSecretValue(secret, _dbConnectionString);
|
|
Secrets.SlurpitUrl = vaultService.GetSecretValue(secret, _slurpitUrl);
|
|
Secrets.SlurpitApiKey = vaultService.GetSecretValue(secret, _slurpitApiKey);
|
|
|
|
int.TryParse(vaultService.GetSecretValue(secret, _updateIntervalMinutes), out var interval);
|
|
Secrets.UpdateIntervalMinutes = interval > 0 ? interval : 60; // Default to 60 minutes
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
throw new InvalidOperationException("Failed to retrieve secrets from Vault.", ex);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// A static class to hold application secrets.
|
|
/// </summary>
|
|
public static class Secrets
|
|
{
|
|
public static string? DbConnectionString { get; set; }
|
|
public static string? SlurpitUrl { get; set; }
|
|
public static string? SlurpitApiKey { get; set; }
|
|
public static int UpdateIntervalMinutes { get; set; }
|
|
}
|
|
} |