Why Mellon, mellon is the Sindarin (and Noldorin) word for "friend", yes I'm a big fan of LoR, so let's be friends?
The main idea of this project is to create a instance of "Spring Cloud Config" using "Azure Key Vault" and showing how to use it on .NET 6.0 applications.
Here's why:
- Spring Cloud Config is a well know tool for externalized configuration in distributed systems.
- Azure Key Vault is excellent to store secrets and there a lot of companies that uses azure as their cloud provider
- .NET 6.0 is the most advanced and fast framework to develop applications using C#
- It's fun! 🚀🎉
This section should list any major frameworks/libraries used to bootstrap your project. Leave any add-ons/plugins for the acknowledgements section. Here are a few examples.
This is an example of how to list things you need to use the software and how to install them, I used WSL - Debian to build and test locally the config-server, but if you want to jump this step no worries.
- Unzip
sudo apt-get install unzip- Java
sudo apt-get install openjdk-8-jre-
Gradle - fallow How to Install Gradle on Ubuntu, but instead of installing the version 5.0 change it to 7.3.3.
-
Docker (if you want just to run it using docker)
gradle clean build
export GIT_URI = https://github.com/1bberto/Mellon.ConfigServer.Configs
export GIT_DEFAULT_BRANCH = main
export SPRING_PROFILES_ACTIVE = Development
cd build/libs
java -jar Mellon.ConfigServer-1.0.0.jarthe default port is :8888
Use the file docker-compose.yaml which has the fallowing content
version: "3.4"
services:
config-server:
container_name: config-server
image: 1berto/mellon.configserver
environment:
KEYVAULT_URI: [] <-- AZURE KEY VAULT URI
KEYVAULT_CLIENT_ID: [] <-- AZURE CLIENT ID
KEYVAULT_CLIENT_SECRET: [] <-- AZURE CLIENT SECRET
AZ_TENANT_ID: [] <-- AZURE CLIENT TENANT ID
GIT_URI: https://github.com/1bberto/Mellon.ConfigServer.Configs <- you can add your repository here
GIT_DEFAULT_BRANCH: main <- the default value is master, but you can add whichever branch you want here to be used as default
GIT_USERNAME: [] <- if your repository is private add the username here
GIT_PASSWORD: [] <- if your repository is private add the user token/password here
SPRING_PROFILES_ACTIVE: Development <- here you can set the default spring profile active
ports:
- "8888:8888"Keep the Config Server running, using docker-compose for example, the api needs this to be up in order to get the configurations 🤓
There is an WebApi called Sample inside the folder /tests
dotnet run Sample.csprojThe application will be exposed on the endpoint https://localhost:7180
When you access this endpoint you will see something like this
on the file application.
"Spring": {
"Application": {
"Name": "api"
},
"Cloud": {
"Config": {
"Uri": "http://localhost:8888",
"FailFast": true
}
}
} - Spring.Application.Name = application's name needs to be the same as stored on the repository where the config is stored, ill get there in a minute don't worry
- Spring.Cloud.Config.Uri = this is the spring cloud url
- Spring.Cloud.Config.FailFast = if set to true the application will not start up if the config server is not found
As you might have realised the configurations and settings are inside another repository Config-Repository
Within this config you will find the following structure
the spring cloud config works using layers, and this is the hierarchy:
- first it will loads the configuration on the file application.yml
- then [Spring.Application.Name].yml if exists
- then [Spring.Application.Name]-[profile].yml
- profile in this case is set as "Development", you can change it on the file /tests/Properties/launchSettings.json changing the
ASPNETCORE_ENVIRONMENT
if we change the ASPNETCORE_ENVIRONMENT to Production and run the api the new response on the https://localhost:7180 endpoint will be
In order to access Azure Key Vault you will need to setup the service on azure portal Quickstart: Create a key vault using the Azure portal after that you will need to setup the programatically access in order to get the credendials: KEYVAULT_CLIENT_ID and KEYVAULT_CLIENT_SECRET Accessing Azure Key Vault Secret through Azure Key Vault, and dont forget to get the AZ_TENANT_ID How to find your Azure Active Directory tenant ID
After that all set you only need to reference you keyvault key to your config file
Creating key
now you only need to reference this key on your config file
super-secret-key: "{keyvault}secret-key"to reference a key from the key vault you need to use the suffix {keyvault} + the secret name
by defaul the config server refresh the values from the Key Vault after 30 minutes, to speed up this process you can just restart the config server
restart your api aswell once the settings are only loaded when the application is starting up
and then BOOM 💣
- Ran out of Ideas 🤣, feel free to add one
See the open issues for a full list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Humberto Rodrigues - @1bberto - humberto_henrique1@live.com
Project Link: https://github.com/1bberto/Mellon.ConfigServer