CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup 1.0.0

dotnet add package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup --version 1.0.0                
NuGet\Install-Package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup -Version 1.0.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup" Version="1.0.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup --version 1.0.0                
#r "nuget: CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup, 1.0.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup as a Cake Addin
#addin nuget:?package=CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup&version=1.0.0

// Install CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup as a Cake Tool
#tool nuget:?package=CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup&version=1.0.0                

Copy Azure KeyVault secrets hosting startup

CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup is a .NET library for copying secrets from Azure Key Vault into local user secrets storage. See: Secret Manager.

Allows development teams to store secrets on shared development Key Vault instance and keeps them locally in sync in local User Secrets store without having to perform manual (and error prone) updates.

Also, avoids paying the performance penalty of fetching secrets from KeyVault on every start of the application when in development. See: Reading a secret from Azure Key Vault takes a long time.

Installation

You will need to add a reference to CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup.dll in your project. The simplest way to do this is to use either the NuGet package manager, or the dotnet CLI.

Install-Package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup

Or using the .net core CLI from a terminal window:

dotnet add package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup

Configuring the Asp Net core web project

Enable user secrets in your Asp Net core web project

Using the .net core CLi from a terminal window run:

dotnet user-secrets init

This will add the UserSecretsId element within a PropertyGroup of the project file. For more information see: Enable secret storage.

Edit launchSettings.json

Set the environment variables for the profiles for which you want this tool to run.

Environment Variables
ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT

This variable is used to set Url to the Azure Key Vault from which you want to read the secrets.

This library uses same Visual Studio's Connected Service authentication mechanism as the Microsoft.AspNetCore.AzureKeyVault.HostingStartup NuGet. (see Add Key Vault to your web application by using Visual Studio Connected Services.

The Microsoft account under which you are logged in to Visual Studio must have granted GET and LIST Secret Management Operations in the corresponding Key Vault Access Policies for the secrets to be read locally. More info Key Vault security features.

"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-dev-vault-here.vault.azure.net"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED

This variable enables or disables the copy functionality. In development environment this should be set to true. In production the variable should be removed or set to false

"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "true"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__COPYINTERVAL

This variable defines the time span after which secrets will be refreshed from the key vault. The format of the value should be a valid TimeSpan string that can be parsed (see TimeSpan.Parse).

"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__COPYINTERVAL": "7.00:00:00"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__FORCECOPYENABLED

This variable when set to true overrides the copy interval variable, and forces copying of the values from the key vault. Useful when a new secrets is available in the key vault and you do not want to wait for the previous fetch interval to expire.

"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__FORCECOPYENABLED": "false"

Update Program.cs and add call to the AddCopyKeyVaultSecretsHostingStartup() extension method

If you are using .NET 6 version of Asp Net Core project add call to the extension method AddCopyKeyVaultSecretsHostingStartup() while configuring the WebApplicationBuilder.

using CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

// Add copy KeyVault secrets hosting startup
builder.WebHost.AddCopyKeyVaultSecretsHostingStartup();

// Add services to the container.
builder.Services.AddControllers();

If you are using .NET 3.1 or .NET 5 version of Asp Net Core project add call to the extension method AddCopyKeyVaultSecretsHostingStartup() while configuring the IWebHostBuilder.

using CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup;

IHostBuilder builder = Host.CreateDefaultBuilder();
            builder.ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.AddCopyKeyVaultSecretsHostingStartup();
            });
How to setup application when in production

In production you should either remove the environment variable ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED or set it to false. The call to the method AddCopyKeyVaultSecretsHostingStartup() can remain since the actual copying is performed only if the value of this environment variable is set to true.

This library can work without any problems along with the NuGet Microsoft.AspNetCore.AzureKeyVault.HostingStartup.

The same environment variable for the KeyVault Url is used in both librarires (i.e. ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT). The environment variable ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED is not being used by the copy Key Vault secrets library, so the two libraries can be independently turned on/off depending on the environment.

In development:

"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "true",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-dev-vault-here.vault.azure.net",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED": "false",

In production

"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "false",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-prod-vault-here.vault.azure.net",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED": "true",
Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.0 3,029 1/9/2022