Skip to content

Key vault secret refresh #175

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 67 commits into from
Jul 10, 2025
Merged

Key vault secret refresh #175

merged 67 commits into from
Jul 10, 2025

Conversation

@zhiyuanliang-ms
Copy link
Member

@zhiyuanliang-ms zhiyuanliang-ms commented Feb 24, 2025
edited
Loading

Why this PR?

Usage:

const settings = await load("connection-string", {
  keyvaultOptions: {
    credential: credential,
    secretRefreshIntervalInMs: 120_000 // cannot less than 60 seconds
  }
});

Allow periodic reload of key vault secrets. In this case, even if there is no change on App Configuration key-values. This feature is targeted on the scenario where user is using latest version of a secret. In this case, the key vault reference url will not change, but the secret value will change if user rotates their secret.

Secret cache

Secret with version will be cached after the initial load and whenever a secret reference of that secret is resolved, the value will always be served from the cache.

Secret with no version (which means latest), will be cached after the initial load, and it will be served from cache if the secret refresh interval is configured and not expired. Otherwise, the provider will reload it from the Key Vault.

reference: #249

@zhiyuanliang-ms
support startup retry and timeout
2720628
@zhiyuanliang-ms
update
c15cf1b
@zhiyuanliang-ms
update
15c7e54
@zhiyuanliang-ms
update
90c4159
@zhiyuanliang-ms
add testcase
a0e6543
@zhiyuanliang-ms
clarify error type
435ff08
@zhiyuanliang-ms
Merge branch 'main' of https://github.com/Azure/AppConfiguration-Java…
326bf46 
…ScriptProvider into zhiyuanliang/startup-timeout
@zhiyuanliang-ms
update
6a8ceb7
@zhiyuanliang-ms
update
fc1aa5b
@zhiyuanliang-ms
update
7de8a0d
@zhiyuanliang-ms
fix lint
5d23399
@zhiyuanliang-ms
handle keyvault error
233af51
@zhiyuanliang-ms
update
a0e0792
@zhiyuanliang-ms
update
9e32db4
@zhiyuanliang-ms
update
3a33738
@zhiyuanliang-ms
update
c637682
@zhiyuanliang-ms
add secretRefreshIntervalInMs to KeyVaultOptions
f079081
@zhiyuanliang-ms
update
a9bcea4
@zhiyuanliang-ms
update
00e2e6b
@zhiyuanliang-ms
Merge branch 'zhiyuanliang/startup-timeout' of https://github.com/Azu…
be55e5a 
…re/AppConfiguration-JavaScriptProvider into zhiyuanliang/secret-refresh
@zhiyuanliang-ms
handle keyvault reference error
1478e94
@zhiyuanliang-ms
Merge branch 'zhiyuanliang/startup-timeout' of https://github.com/Azu…
d618684 
…re/AppConfiguration-JavaScriptProvider into zhiyuanliang/secret-refresh
@zhiyuanliang-ms
update
9b50135
@zhiyuanliang-ms
Merge branch 'zhiyuanliang/startup-timeout' of https://github.com/Azu…
9657748 
…re/AppConfiguration-JavaScriptProvider into zhiyuanliang/secret-refresh
@zhiyuanliang-ms
wip
190f7b1
@zhiyuanliang-ms
fix lint
39d9a3d
@zhiyuanliang-ms
add secret provider
ddc4a50
@zhiyuanliang-ms
add testcases
540ec3a
linglingye001
linglingye001 reviewed May 8, 2025
View reviewed changes
zhiyuanliang-ms
zhiyuanliang-ms commented May 9, 2025
View reviewed changes
zhiyuanliang-ms
zhiyuanliang-ms commented May 9, 2025
View reviewed changes
zhiyuanliang-ms and others added 8 commits May 11, 2025 14:07
avanigupta
avanigupta reviewed Jul 3, 2025
View reviewed changes
avanigupta
avanigupta reviewed Jul 4, 2025
View reviewed changes
avanigupta
avanigupta reviewed Jul 4, 2025
View reviewed changes
avanigupta
avanigupta reviewed Jul 4, 2025
View reviewed changes
@zhiyuanliang-ms zhiyuanliang-ms mentioned this pull request Jul 7, 2025
Closed
This was referenced Jul 7, 2025
Closed
Closed
avanigupta
avanigupta reviewed Jul 9, 2025
View reviewed changes
avanigupta
avanigupta reviewed Jul 9, 2025
View reviewed changes
avanigupta
avanigupta reviewed Jul 9, 2025
View reviewed changes
@zhiyuanliang-ms zhiyuanliang-ms merged commit d59f8cf into main Jul 10, 2025
5 checks passed
@zhiyuanliang-ms zhiyuanliang-ms deleted the zhiyuanliang/secret-refresh branch July 10, 2025 02:55
@jimmyca15
Copy link
Member

jimmyca15 commented Jul 10, 2025

🥳 🎉

@zhiyuanliang-ms zhiyuanliang-ms mentioned this pull request Oct 9, 2025
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CsCherrYY CsCherrYY CsCherrYY left review comments

@linglingye001 linglingye001 linglingye001 left review comments

Copilot code review Copilot Copilot left review comments

@avanigupta avanigupta avanigupta approved these changes

@rossgrambo rossgrambo rossgrambo approved these changes

@RichardChen820 RichardChen820 RichardChen820 approved these changes

@mrm9084 mrm9084 Awaiting requested review from mrm9084

@Eskibear Eskibear Awaiting requested review from Eskibear

@jimmyca15 jimmyca15 Awaiting requested review from jimmyca15

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@zhiyuanliang-ms @jimmyca15 @avanigupta @rossgrambo @CsCherrYY @RichardChen820 @linglingye001