Key vault writer (#407)

agr · web-flow · commit 18f153acd865 · 2023-04-11T15:08:46.000-07:00
* Key vault writer.

* ISecretWriter descends from ISecretReader
diff --git a/src/NuGet.Services.KeyVault/ISecretWriter.cs b/src/NuGet.Services.KeyVault/ISecretWriter.cs
@@ -0,0 +1,13 @@
+﻿// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Threading.Tasks;
+
+namespace NuGet.Services.KeyVault
+{
+    public interface ISecretWriter : ISecretReader
+    {
+        Task SetSecretAsync(string secretName, string secretValue, DateTimeOffset? expiration = null);
+    }
+}
diff --git a/src/NuGet.Services.KeyVault/KeyVaultReader.cs b/src/NuGet.Services.KeyVault/KeyVaultReader.cs
@@ -21,6 +21,9 @@ public class KeyVaultReader : ISecretReader
         private readonly Lazy<KeyVaultClient> _keyVaultClient;
         private ClientAssertionCertificate _clientAssertionCertificate;
 
+        protected string VaultBaseUrl => _vault;
+        protected KeyVaultClient KeyVaultClient => _keyVaultClient.Value;
+
         public KeyVaultReader(KeyVaultConfiguration configuration)
         {
             if (configuration == null)
diff --git a/src/NuGet.Services.KeyVault/KeyVaultWriter.cs b/src/NuGet.Services.KeyVault/KeyVaultWriter.cs
@@ -0,0 +1,34 @@
+﻿// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Threading.Tasks;
+using Microsoft.Azure.KeyVault;
+using Microsoft.Azure.KeyVault.Models;
+
+namespace NuGet.Services.KeyVault
+{
+    public class KeyVaultWriter : KeyVaultReader, ISecretWriter
+    {
+        public KeyVaultWriter(KeyVaultConfiguration configuration) : base(configuration)
+        {
+        }
+
+        public async Task SetSecretAsync(
+            string secretName,
+            string secretValue,
+            DateTimeOffset? expiration = null)
+        {
+            SecretAttributes attributes = null;
+            if (expiration.HasValue)
+            {
+                attributes = new SecretAttributes
+                {
+                    Expires = expiration.Value.UtcDateTime,
+                };
+            }
+
+            await KeyVaultClient.SetSecretAsync(VaultBaseUrl, secretName, secretValue, secretAttributes: attributes);
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,9 @@ public class KeyVaultReader : ISecretReader`
`21`	`21`	`private readonly Lazy<KeyVaultClient> _keyVaultClient;`
`22`	`22`	`private ClientAssertionCertificate _clientAssertionCertificate;`
`23`	`23`
	`24`	`+ protected string VaultBaseUrl => _vault;`
	`25`	`+ protected KeyVaultClient KeyVaultClient => _keyVaultClient.Value;`
	`26`	`+`
`24`	`27`	`public KeyVaultReader(KeyVaultConfiguration configuration)`
`25`	`28`	`{`
`26`	`29`	`if (configuration == null)`