bartvdbraak/keyweave
1
0
Fork 0
mirror of https://github.com/bartvdbraak/keyweave.git synced 2025-04-30 00:01:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: bartvdbraak:main
Branches Tags
bartvdbraak:main
bartvdbraak:renovate/assert_cmd-2.x-lockfile
bartvdbraak:renovate/clap-4.x-lockfile
bartvdbraak:renovate/anyhow-1.x-lockfile
bartvdbraak:renovate/azure-dependencies
bartvdbraak:renovate/crate-tokio-vulnerability
bartvdbraak:renovate/crate-openssl-vulnerability
bartvdbraak:renovate/microsoft.managedidentity-userassignedidentities-federatedidentitycredentials-20241130.x
bartvdbraak:renovate/microsoft.managedidentity-userassignedidentities-20241130.x
bartvdbraak:renovate/microsoft.keyvault-vaults-20241101.x
bartvdbraak:renovate/predicates-3.x-lockfile
bartvdbraak:renovate-group-azure
bartvdbraak:devcontainer
bartvdbraak:fix-vulns
bartvdbraak:fix/strip-fails
bartvdbraak:fix/upload-artifact-v4
bartvdbraak:v0.3.1
bartvdbraak:deployed
bartvdbraak:v0.2.7
bartvdbraak:v0.2.6
bartvdbraak:v0.2.5
bartvdbraak:v0.2.4
bartvdbraak:bd17b8c
bartvdbraak:v0.2.3
bartvdbraak:v0.2.2
bartvdbraak:v0.2.1
bartvdbraak:v0.2.0
bartvdbraak:v0.1.0
..
compare: bartvdbraak:v0.2.5
Branches Tags
bartvdbraak:renovate/assert_cmd-2.x-lockfile
bartvdbraak:renovate/clap-4.x-lockfile
bartvdbraak:renovate/anyhow-1.x-lockfile
bartvdbraak:renovate/azure-dependencies
bartvdbraak:renovate/crate-tokio-vulnerability
bartvdbraak:renovate/crate-openssl-vulnerability
bartvdbraak:renovate/microsoft.managedidentity-userassignedidentities-federatedidentitycredentials-20241130.x
bartvdbraak:renovate/microsoft.managedidentity-userassignedidentities-20241130.x
bartvdbraak:renovate/microsoft.keyvault-vaults-20241101.x
bartvdbraak:renovate/predicates-3.x-lockfile
bartvdbraak:main
bartvdbraak:renovate-group-azure
bartvdbraak:devcontainer
bartvdbraak:fix-vulns
bartvdbraak:fix/strip-fails
bartvdbraak:fix/upload-artifact-v4
bartvdbraak:v0.3.1
bartvdbraak:deployed
bartvdbraak:v0.2.7
bartvdbraak:v0.2.6
bartvdbraak:v0.2.5
bartvdbraak:v0.2.4
bartvdbraak:bd17b8c
bartvdbraak:v0.2.3
bartvdbraak:v0.2.2
bartvdbraak:v0.2.1
bartvdbraak:v0.2.0
bartvdbraak:v0.1.0

No commits in common. "main" and "v0.2.5" have entirely different histories.
main ... v0.2.5

10 changed files with 491 additions and 640 deletions
Show stats Expand all files Collapse all files

9
.github/renovate.json vendored
View file

@ -1,12 +1,5 @@
{ {
"$schema": "https://docs.renovatebot.com/renovate-schema.json", "$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["config:base"], "extends": ["config:base"],
"reviewers": ["bartvdbraak"], "reviewers": ["bartvdbraak"]
"packageRules": [
{
"matchPackagePrefixes": ["azure"],
"groupName": "Azure Dependencies",
"groupSlug": "azure-dependencies"
}
]
} }

4
.github/workflows/release.yml vendored
View file

@ -70,7 +70,7 @@ jobs:
experimental: false experimental: false
- name: mac-arm64 - name: mac-arm64
os: macos-latest os: macos-11.0
target: aarch64-apple-darwin target: aarch64-apple-darwin
cross: true cross: true
experimental: true experimental: true
@ -167,7 +167,7 @@ jobs:
sha512sum keyweave-* | tee SHA512SUMS sha512sum keyweave-* | tee SHA512SUMS
sha256sum keyweave-* | tee SHA256SUMS sha256sum keyweave-* | tee SHA256SUMS
- uses: softprops/action-gh-release@v2 - uses: softprops/action-gh-release@v1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with: with:

9
.github/workflows/tests.yml vendored
View file

@ -54,14 +54,13 @@ jobs:
DEPLOYMENT_NAME: keyweave-${{ github.run_id }} DEPLOYMENT_NAME: keyweave-${{ github.run_id }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: azure/login@v2 - uses: azure/login@v1
with: with:
client-id: ${{ secrets.AZURE_CLIENT_ID_BICEP }} client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy Bicep template - name: Deploy Bicep template
uses: azure/arm-deploy@v2 uses: azure/arm-deploy@v1
with: with:
scope: subscription scope: subscription
region: ${{ env.LOCATION }} region: ${{ env.LOCATION }}
@ -95,7 +94,7 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: dtolnay/rust-toolchain@stable - uses: dtolnay/rust-toolchain@stable
- name: Azure Login - name: Azure Login
uses: azure/login@v2 uses: azure/login@v1
with: with:
client-id: ${{ secrets[matrix.client-id-ref] }} client-id: ${{ secrets[matrix.client-id-ref] }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }}

1073
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

18
Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "keyweave" name = "keyweave"
version = "0.3.1" version = "0.2.5"
edition = "2021" edition = "2021"
authors = ["Bart van der Braak <bart@vanderbraak.nl>"] authors = ["Bart van der Braak <bart@vanderbraak.nl>"]
keywords = ["azure", "keyvault", "env"] keywords = ["azure", "keyvault", "env"]
@ -10,20 +10,20 @@ documentation = "https://docs.rs/keyweave"
repository = "https://github.com/bartvdbraak/keyweave/" repository = "https://github.com/bartvdbraak/keyweave/"
[dependencies] [dependencies]
anyhow = "1.0.82" anyhow = "1.0.79"
azure_core = "0.21.0" azure_core = "0.19.0"
azure_identity = "0.21.0" azure_identity = "0.19.0"
azure_security_keyvault = "0.21.0" azure_security_keyvault = "0.19.0"
clap = { version = "4.5.4", features = ["derive"] } clap = { version = "4.4.18", features = ["derive"] }
futures = "0.3.30" futures = "0.3.30"
paris = { version = "1.5.15", features = ["macros"] } paris = { version = "1.5.15", features = ["macros"] }
tokio = {version = "1.37.0", features = ["full"]} tokio = {version = "1.35.1", features = ["full"]}
[target.'cfg(all(target_os = "linux", any(target_env = "musl", target_arch = "arm", target_arch = "aarch64")))'.dependencies] [target.'cfg(all(target_os = "linux", any(target_env = "musl", target_arch = "arm", target_arch = "aarch64")))'.dependencies]
openssl = { version = "0.10", features = ["vendored"] } openssl = { version = "0.10", features = ["vendored"] }
[dev-dependencies] [dev-dependencies]
assert_cmd = "2.0.14" assert_cmd = "2.0.13"
assert_fs = "1.1.1" assert_fs = "1.1.1"
predicates = "3.1.0" predicates = "3.1.0"
serial_test = "3.1.0" serial_test = "3.0.0"

3
README.md
View file

@ -3,8 +3,7 @@
[<img alt="github" src="https://img.shields.io/badge/github-bartvdbraak/keyweave-8da0cb?style=for-the-badge&labelColor=555555&logo=github" height="20">](https://github.com/bartvdbraak/keyweave) [<img alt="github" src="https://img.shields.io/badge/github-bartvdbraak/keyweave-8da0cb?style=for-the-badge&labelColor=555555&logo=github" height="20">](https://github.com/bartvdbraak/keyweave)
[<img alt="crates.io" src="https://img.shields.io/crates/v/keyweave.svg?style=for-the-badge&color=fc8d62&logo=rust" height="20">](https://crates.io/crates/keyweave) [<img alt="crates.io" src="https://img.shields.io/crates/v/keyweave.svg?style=for-the-badge&color=fc8d62&logo=rust" height="20">](https://crates.io/crates/keyweave)
[<img alt="docs.rs" src="https://img.shields.io/badge/docs.rs-keyweave-66c2a5?style=for-the-badge&labelColor=555555&logo=docs.rs" height="20">](https://docs.rs/keyweave) [<img alt="docs.rs" src="https://img.shields.io/badge/docs.rs-keyweave-66c2a5?style=for-the-badge&labelColor=555555&logo=docs.rs" height="20">](https://docs.rs/keyweave)
[<img alt="build status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/checks.yml?style=for-the-badge&branch=main" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/checks.yml) [<img alt="build status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/checks.yml?style=for-the-badge" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/checks.yml)
[<img alt="test status" src="https://img.shields.io/github/actions/workflow/status/bartvdbraak/keyweave/tests.yml?style=for-the-badge&label=tests&branch=main" height="20">](https://github.com/bartvdbraak/keyweave/actions/workflows/tests.yml)
<img align="right" src="https://github.com/bartvdbraak/keyweave/assets/3996360/5461f53a-5cef-4bde-908a-b8d3bc1c71c5" alt="Keyweave" width="30%"> <img align="right" src="https://github.com/bartvdbraak/keyweave/assets/3996360/5461f53a-5cef-4bde-908a-b8d3bc1c71c5" alt="Keyweave" width="30%">

2
bicep/main.bicep
View file

@ -31,7 +31,7 @@ var nameFormat = '${name.tenantId}-${name.projectId}-${environment}-${name.regio
Resource Group Resource Group
*/ */
resource ResourceGroup 'Microsoft.Resources/resourceGroups@2024-03-01' = { resource ResourceGroup 'Microsoft.Resources/resourceGroups@2023-07-01' = {
name: format(nameFormat, 'RG', 1) name: format(nameFormat, 'RG', 1)
location: location location: location
tags: tags tags: tags

2
bicep/modules/kv.bicep
View file

@ -16,7 +16,7 @@ var accessPolicies = [for identity in identities: {
Log Analytics Workspace (existing) Log Analytics Workspace (existing)
*/ */
resource _logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' existing = { resource _logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = {
name: format(nameFormat, 'LAW', 1) name: format(nameFormat, 'LAW', 1)
} }

2
bicep/modules/law.bicep
View file

@ -6,7 +6,7 @@ param tags object
Log Analytics Workspace Log Analytics Workspace
*/ */
resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
name: format(nameFormat, 'LAW', 1) name: format(nameFormat, 'LAW', 1)
location: location location: location
tags: tags tags: tags

9
src/main.rs
View file

@ -1,5 +1,5 @@
use anyhow::Result; use anyhow::Result;
use azure_identity::{DefaultAzureCredential, TokenCredentialOptions}; use azure_identity::DefaultAzureCredential;
use azure_security_keyvault::prelude::KeyVaultGetSecretsResponse; use azure_security_keyvault::prelude::KeyVaultGetSecretsResponse;
use azure_security_keyvault::KeyvaultClient; use azure_security_keyvault::KeyvaultClient;
use clap::Parser; use clap::Parser;
@ -237,12 +237,7 @@ async fn main() -> Result<()> {
let vault_url = format!("https://{}.vault.azure.net", opts.vault_name); let vault_url = format!("https://{}.vault.azure.net", opts.vault_name);
log.loading("Detecting credentials."); log.loading("Detecting credentials.");
let credential_options = TokenCredentialOptions::default(); let credential = DefaultAzureCredential::default();
let credential =
DefaultAzureCredential::create(credential_options).map_err(|e| CustomError {
message: format!("Failed to create DefaultAzureCredential: {}", e),
})?;
let client = match KeyvaultClient::new(&vault_url, std::sync::Arc::new(credential)) { let client = match KeyvaultClient::new(&vault_url, std::sync::Arc::new(credential)) {
Ok(c) => c, Ok(c) => c,
Err(err) => { Err(err) => {