2025-04-29 07:41:21 +00:00
10 changed files with 491 additions and 640 deletions
--- a/.github/renovate.json
+++ b/.github/renovate.json
@ -1,12 +1,5 @@
 {
 	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
 	"extends": ["config:base"],
-	"reviewers": ["bartvdbraak"],
- "packageRules": [
-    {
-      "matchPackagePrefixes": ["azure"],
-      "groupName": "Azure Dependencies",
-      "groupSlug": "azure-dependencies"
-    }
- ]
+	"reviewers": ["bartvdbraak"]
 }
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -70,7 +70,7 @@ jobs:
            experimental: false

          - name: mac-arm64
-            os: macos-latest
+            os: macos-11.0
            target: aarch64-apple-darwin
            cross: true
            experimental: true
@ -167,7 +167,7 @@ jobs:
          sha512sum keyweave-* | tee SHA512SUMS
          sha256sum keyweave-* | tee SHA256SUMS

-      - uses: softprops/action-gh-release@v2
+      - uses: softprops/action-gh-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -54,14 +54,13 @@ jobs:
      DEPLOYMENT_NAME: keyweave-${{ github.run_id }}
    steps:
    - uses: actions/checkout@v4
-    - uses: azure/login@v2
+    - uses: azure/login@v1
      with:
-        client-id: ${{ secrets.AZURE_CLIENT_ID_BICEP }}
+        client-id: ${{ secrets.AZURE_CLIENT_ID }}
        tenant-id: ${{ secrets.AZURE_TENANT_ID }}
        subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-
    - name: Deploy Bicep template
-      uses: azure/arm-deploy@v2
+      uses: azure/arm-deploy@v1
      with:
        scope: subscription
        region: ${{ env.LOCATION }}
@ -95,7 +94,7 @@ jobs:
    - uses: actions/checkout@v4
    - uses: dtolnay/rust-toolchain@stable
    - name: Azure Login
-      uses: azure/login@v2
+      uses: azure/login@v1
      with:
        client-id: ${{ secrets[matrix.client-id-ref] }}
        tenant-id: ${{ secrets.AZURE_TENANT_ID }}
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "keyweave"
-version = "0.3.1"
+version = "0.2.5"
 edition = "2021"
 authors = ["Bart van der Braak <bart@vanderbraak.nl>"]
 keywords = ["azure", "keyvault", "env"]
@ -10,20 +10,20 @@ documentation = "https://docs.rs/keyweave"
 repository = "https://github.com/bartvdbraak/keyweave/"

 [dependencies]
-anyhow = "1.0.82"
-azure_core = "0.21.0"
-azure_identity = "0.21.0"
-azure_security_keyvault = "0.21.0"
-clap = { version = "4.5.4", features = ["derive"] }
+anyhow = "1.0.79"
+azure_core = "0.19.0"
+azure_identity = "0.19.0"
+azure_security_keyvault = "0.19.0"
+clap = { version = "4.4.18", features = ["derive"] }
 futures = "0.3.30"
 paris = { version = "1.5.15", features = ["macros"] }
-tokio = {version = "1.37.0", features = ["full"]}
+tokio = {version = "1.35.1", features = ["full"]}

 [target.'cfg(all(target_os = "linux", any(target_env = "musl", target_arch = "arm", target_arch = "aarch64")))'.dependencies]
 openssl = { version = "0.10", features = ["vendored"] }

 [dev-dependencies]
-assert_cmd = "2.0.14"
+assert_cmd = "2.0.13"
 assert_fs = "1.1.1"
 predicates = "3.1.0"
-serial_test = "3.1.0"
+serial_test = "3.0.0"
--- a/README.md
+++ b/README.md
@ -3,8 +3,7 @@
 [<img alt="github" src="https://img.shields.io/badge/github-bartvdbraak/keyweave-8da0cb?style=for-the-badge&labelColor=555555&logo=github" height="20">](https://github.com/bartvdbraak/keyweave)
 [<img alt="crates.io" src="https://img.shields.io/crates/v/keyweave.svg?style=for-the-badge&color=fc8d62&logo=rust" height="20">](https://crates.io/crates/keyweave)
 [<img alt="docs.rs" src="https://img.shields.io/badge/docs.rs-keyweave-66c2a5?style=for-the-badge&labelColor=555555&logo=docs.rs" height="20">](https://docs.rs/keyweave)
-[<img alt="build status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/checks.yml?style=for-the-badge&branch=main" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/checks.yml)
-[<img alt="test status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/tests.yml?style=for-the-badge&label=tests&branch=main" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/tests.yml)
+[<img alt="build status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/checks.yml?style=for-the-badge" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/checks.yml)

 <img align="right" src="https://github.com/bartvdbraak/keyweave/assets/3996360/5461f53a-5cef-4bde-908a-b8d3bc1c71c5" alt="Keyweave" width="30%">

--- a/bicep/main.bicep
+++ b/bicep/main.bicep
@ -31,7 +31,7 @@ var nameFormat = '${name.tenantId}-${name.projectId}-${environment}-${name.regio
  Resource Group
 */

-resource ResourceGroup 'Microsoft.Resources/resourceGroups@2024-03-01' = {
+resource ResourceGroup 'Microsoft.Resources/resourceGroups@2023-07-01' = {
  name: format(nameFormat, 'RG', 1)
  location: location
  tags: tags
--- a/bicep/modules/kv.bicep
+++ b/bicep/modules/kv.bicep
@ -16,7 +16,7 @@ var accessPolicies = [for identity in identities: {
  Log Analytics Workspace (existing)
 */

-resource _logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' existing = {
+resource _logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = {
  name: format(nameFormat, 'LAW', 1)
 }

--- a/bicep/modules/law.bicep
+++ b/bicep/modules/law.bicep
@ -6,7 +6,7 @@ param tags object
  Log Analytics Workspace
 */

-resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = {
+resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
  name: format(nameFormat, 'LAW', 1)
  location: location
  tags: tags
--- a/src/main.rs
+++ b/src/main.rs
@ -1,5 +1,5 @@
 use anyhow::Result;
-use azure_identity::{DefaultAzureCredential, TokenCredentialOptions};
+use azure_identity::DefaultAzureCredential;
 use azure_security_keyvault::prelude::KeyVaultGetSecretsResponse;
 use azure_security_keyvault::KeyvaultClient;
 use clap::Parser;
@ -237,12 +237,7 @@ async fn main() -> Result<()> {
    let vault_url = format!("https://{}.vault.azure.net", opts.vault_name);

    log.loading("Detecting credentials.");
-    let credential_options = TokenCredentialOptions::default();
-    let credential =
-        DefaultAzureCredential::create(credential_options).map_err(|e| CustomError {
-            message: format!("Failed to create DefaultAzureCredential: {}", e),
-        })?;
-
+    let credential = DefaultAzureCredential::default();
    let client = match KeyvaultClient::new(&vault_url, std::sync::Arc::new(credential)) {
        Ok(c) => c,
        Err(err) => {