read keyvault options from config

Soluto · Jun 17, 2018 · f89bc07 · f89bc07
1 parent b1be9fe
commit f89bc07
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 6 deletions.
diff --git a/Hamuste.sln b/Hamuste.sln
@@ -8,7 +8,7 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "blackbox", "tests\blackbox\
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "unit", "tests\unit\unit.csproj", "{3F737829-7340-49FA-893D-4845C5F882AD}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "HamusteApi", "src\Hamuste.csproj", "{A12BBF7B-19E2-43CD-B230-DC6D4CABAAC1}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Hamuste", "src\Hamuste.csproj", "{A12BBF7B-19E2-43CD-B230-DC6D4CABAAC1}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

diff --git a/src/Controllers/EncryptController.cs b/src/Controllers/EncryptController.cs
@@ -9,6 +9,7 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Azure.KeyVault;
 using Microsoft.Azure.KeyVault.Models;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Rest;
 
 namespace Hamuste.Controllers
@@ -19,15 +20,21 @@ public class EncryptController : Controller
         private readonly IKubernetes mKubernetes;
         private readonly IKeyVaultClient mKeyVaultClient;
         private readonly IAuthorizationService mAuthorizationService;
+        private readonly string mKeyVaultName;
+        private readonly string mKeyType;
 
         public EncryptController(
             IKubernetes kubernetes, 
             IKeyVaultClient keyVaultClient,
-            IAuthorizationService authorizationService)
+            IAuthorizationService authorizationService,
+            IConfiguration configuration)
         {
             mKubernetes = kubernetes;
             mKeyVaultClient = keyVaultClient;
-            mAuthorizationService = authorizationService;
+            mAuthorizationService = authorizationService;
+            mKeyVaultName = configuration["KeyVault:Name"];
+            mKeyType = configuration["KeyVault:KeyType"];
+
         }
 
         [HttpPost]
@@ -48,13 +55,13 @@ public async Task<ActionResult> Encrypt([FromBody]EncryptRequest body)
                 return StatusCode(500);
             }
 
-            var keyId = $"https://k8spoc.vault.azure.net/keys/{serviceAccount.Metadata.Uid}";
+            var keyId = $"https://{mKeyVaultName}.vault.azure.net/keys/{serviceAccount.Metadata.Uid}";
 
             try
             {
                 var key = await mKeyVaultClient.GetKeyAsync(keyId);
             }catch (KeyVaultErrorException e) when (e.Response.StatusCode == HttpStatusCode.NotFound){
-                await mKeyVaultClient.CreateKeyAsync("https://k8spoc.vault.azure.net", serviceAccount.Metadata.Uid, "RSA", 2048);
+                await mKeyVaultClient.CreateKeyAsync($"https://{mKeyVaultName}.vault.azure.net", serviceAccount.Metadata.Uid, mKeyType, 2048);
             }
             var encryptionResult = await mKeyVaultClient.EncryptAsync(keyId, "RSA-OAEP", Encoding.UTF8.GetBytes(body.Data));
 

diff --git a/src/Startup.cs b/src/Startup.cs
@@ -31,7 +31,15 @@ public void ConfigureServices (IServiceCollection services) {
 
             services.AddSingleton<IKubernetes>(s =>
             {
-                var config = new KubernetesClientConfiguration { Host = "http://127.0.0.1:8001" };
+                KubernetesClientConfiguration config;
+                if (!string.IsNullOrEmpty(Configuration["Kubernetes:ProxyUrl"]))
+                {
+                    config = new KubernetesClientConfiguration { Host = Configuration["Kubernetes:ProxyUrl"] };
+                }
+                else {
+                    config = KubernetesClientConfiguration.InClusterConfig();
+                }
+
                 return new Kubernetes(config);
                 //return new Kubernetes(KubernetesClientConfiguration.InClusterConfig());
             });