Secrets

Azure · Feb 6, 2024 · 3a4c9c2 · 3a4c9c2
1 parent bfe90d9
commit 3a4c9c2
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 1 deletion.
diff --git a/deploy/docker/docker-compose.yaml b/deploy/docker/docker-compose.yaml
@@ -47,8 +47,13 @@ services:
       "--npd=${NODES_PER_DATASET:-10000}"
       ]
     environment:
-      EdgeHubConnectionString:
+      ADDITIONAL_CONFIGURATION: /run/secrets/publisher-secrets
+    secrets:
+      - publisher-secrets
     volumes:
       - shared:/shared:rw
 volumes:
   shared:
+secrets:
+  publisher-secrets:
+    file: ./publisher_secrets.txt
diff --git a/deploy/docker/publisher_secrets.txt b/deploy/docker/publisher_secrets.txt
@@ -0,0 +1 @@
+ApiKey=myKey1
diff --git a/src/Azure.IIoT.OpcUa.Publisher.Module/src/Program.cs b/src/Azure.IIoT.OpcUa.Publisher.Module/src/Program.cs
@@ -16,6 +16,7 @@ namespace Azure.IIoT.OpcUa.Publisher.Module
     using System.Linq;
     using System.Threading;
     using System.Threading.Tasks;
+    using Furly.Extensions.Configuration;
 
     /// <summary>
     /// Module
@@ -85,6 +86,7 @@ public static IHostBuilder CreateHostBuilder(string[] args)
                     .AddJsonFile("appsettings.json", true)
                     .AddEnvironmentVariables()
                     .AddFromDotEnvFile()
+                    .AddSecrets()
                     .AddInMemoryCollection(new CommandLine(args)))
                 .ConfigureWebHostDefaults(builder => builder
                     //.UseUrls("http://*:9702", "https://*:9703")

diff --git a/src/Azure.IIoT.OpcUa.Publisher.Module/src/Runtime/Configuration.cs b/src/Azure.IIoT.OpcUa.Publisher.Module/src/Runtime/Configuration.cs
@@ -336,6 +336,25 @@ private static IServiceCollection ConfigureOtlpExporter(this IServiceCollection
                 .AddSingleton<IConfigureNamedOptions<MetricReaderOptions>, Otlp>();
         }
 
+        /// <summary>
+        /// Adds secrets from a env file that is located at $ADDITIONAL_CONFIGURATION
+        /// Defaults to .env file in docker /run/secrets folder.
+        /// </summary>
+        /// <param name="builder"></param>
+        public static IConfigurationBuilder AddSecrets(this IConfigurationBuilder builder)
+        {
+            try
+            {
+                return builder.Add(new DotEnvFileSource(
+                    Environment.GetEnvironmentVariable("ADDITIONAL_CONFIGURATION")
+                        ?? "/run/secrets/.env"));
+            }
+            catch (UnauthorizedAccessException)
+            {
+                return builder;
+            }
+        }
+
         /// <summary>
         /// Otlp configuration from environment
         /// </summary>