| | | 1 | | namespace Envilder.Application; |
| | | 2 | | |
| | | 3 | | using global::Envilder.Domain; |
| | | 4 | | using global::Envilder.Domain.Ports; |
| | | 5 | | using System; |
| | | 6 | | using System.Collections.Generic; |
| | | 7 | | using System.Threading; |
| | | 8 | | using System.Threading.Tasks; |
| | | 9 | | |
| | | 10 | | /// <summary> |
| | | 11 | | /// Core client that resolves secrets from a configured provider and optionally |
| | | 12 | | /// injects them into the current process environment. |
| | | 13 | | /// </summary> |
| | | 14 | | public class EnvilderClient |
| | | 15 | | { |
| | | 16 | | private readonly ISecretProvider _secretProvider; |
| | | 17 | | |
| | | 18 | | /// <summary> |
| | | 19 | | /// Initializes a new <see cref="EnvilderClient"/> backed by the given provider. |
| | | 20 | | /// </summary> |
| | | 21 | | /// <param name="secretProvider">The secret store to resolve values from.</param> |
| | 1 | 22 | | public EnvilderClient(ISecretProvider secretProvider) |
| | | 23 | | { |
| | 1 | 24 | | _secretProvider = secretProvider ?? throw new ArgumentNullException(nameof(secretProvider)); |
| | 1 | 25 | | } |
| | | 26 | | |
| | | 27 | | /// <summary> |
| | | 28 | | /// Sets every key/value pair as a process-level environment variable. |
| | | 29 | | /// </summary> |
| | | 30 | | /// <param name="secrets">Resolved secrets to inject.</param> |
| | | 31 | | public static void InjectIntoEnvironment(IEnumerable<KeyValuePair<string, string>> secrets) |
| | | 32 | | { |
| | 1 | 33 | | foreach (var kvp in secrets) |
| | | 34 | | { |
| | 1 | 35 | | Environment.SetEnvironmentVariable(kvp.Key, kvp.Value); |
| | | 36 | | } |
| | 1 | 37 | | } |
| | | 38 | | |
| | | 39 | | /// <summary> |
| | | 40 | | /// Resolves all mappings in <paramref name="mapFile"/> against the configured secret provider. |
| | | 41 | | /// Entries whose secret does not exist in the store are silently omitted from the result. |
| | | 42 | | /// </summary> |
| | | 43 | | /// <param name="mapFile">Parsed map file containing the config and variable mappings.</param> |
| | | 44 | | /// <param name="cancellationToken">Optional cancellation token.</param> |
| | | 45 | | /// <returns>A dictionary of resolved environment variable name → secret value pairs.</returns> |
| | | 46 | | public async Task<IDictionary<string, string>> ResolveSecretsAsync(ParsedMapFile mapFile, |
| | | 47 | | CancellationToken cancellationToken = default) |
| | | 48 | | { |
| | 1 | 49 | | var result = new Dictionary<string, string>(); |
| | | 50 | | |
| | 1 | 51 | | foreach (var entry in mapFile.Mappings) |
| | | 52 | | { |
| | 1 | 53 | | var secretValue = await _secretProvider.GetSecretAsync(entry.Value, cancellationToken).ConfigureAwait(false); |
| | 1 | 54 | | if (secretValue is not null) |
| | | 55 | | { |
| | 1 | 56 | | result[entry.Key] = secretValue; |
| | | 57 | | } |
| | | 58 | | } |
| | | 59 | | |
| | 1 | 60 | | return result; |
| | 1 | 61 | | } |
| | | 62 | | |
| | | 63 | | /// <summary> |
| | | 64 | | /// Resolves all mappings in <paramref name="mapFile"/> against the configured secret provider. |
| | | 65 | | /// Entries whose secret does not exist in the store are silently omitted from the result. |
| | | 66 | | /// </summary> |
| | | 67 | | /// <param name="mapFile">Parsed map file containing the config and variable mappings.</param> |
| | | 68 | | /// <returns>A dictionary of resolved environment variable name → secret value pairs.</returns> |
| | | 69 | | public IDictionary<string, string> ResolveSecrets(ParsedMapFile mapFile) |
| | | 70 | | { |
| | 1 | 71 | | var result = new Dictionary<string, string>(); |
| | | 72 | | |
| | 1 | 73 | | foreach (var entry in mapFile.Mappings) |
| | | 74 | | { |
| | 1 | 75 | | var secretValue = _secretProvider.GetSecret(entry.Value); |
| | 1 | 76 | | if (secretValue is not null) |
| | | 77 | | { |
| | 1 | 78 | | result[entry.Key] = secretValue; |
| | | 79 | | } |
| | | 80 | | } |
| | | 81 | | |
| | 1 | 82 | | return result; |
| | | 83 | | } |
| | | 84 | | } |