Skip to content

Add support for Azure Key Vault and updated deps #204

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 19 commits into from
Apr 18, 2025
Merged

Add support for Azure Key Vault and updated deps #204

merged 19 commits into from
Apr 18, 2025

Conversation

markxnelson
Copy link
Member

@markxnelson markxnelson commented Mar 19, 2025
edited
Loading

Allow the exporter to obtain the database username and password from Azure Key Vault.
Update deps.

@markxnelson
getting ready, rename old vault support, update readme, makefile, etc.
f213a22 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
initial impl
4e832ed 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
first build
90e4ca6 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
working on auth
22a6fc4 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
working
dbbd9a1 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson markxnelson self-assigned this Mar 19, 2025
@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Mar 19, 2025
@markxnelson markxnelson changed the title Add support for Azure Key Vault Add support for Azure Key Vault and updated deps Apr 16, 2025
@markxnelson
update godror
4c66512 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
update toml
b7e4301 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
update prometheus
38ed114 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
update oci sdk
917aeb4 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
update docs to prepare for release
f73f1a4 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
update docs to prepare for release
1bfd5bf 
Signed-off-by: Mark Nelson <[email protected]>
anders-swanson
anders-swanson reviewed Apr 16, 2025
View reviewed changes
README.md

The exporter will read the database username and password from secrets stored in Azure Key Vault if you set these environment variables:

- `AZ_VAULT_ID` should be set to the ID of the Azure Key Vault that you wish to use
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does Azure support the equivalent of OCI workload identity?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see authentication, right below this, it has links to that info

anders-swanson
anders-swanson reviewed Apr 16, 2025
View reviewed changes
main.go
password = ocivault.GetVaultSecret(ociVaultID, os.Getenv("OCI_VAULT_SECRET_NAME"))
}

azVaultID, useAzVault := os.LookupEnv("AZ_VAULT_ID")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typically this would be implemented using a provider pattern, e.g., a database authentication provider that OCI, Azure, and any other authentication providers would implement. Each provider implements the same interface, and there is a enum parameter to select between the chosen provider.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

azure does not have different apis like oci does, it just automagically works it out :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh, scratch that, i see what you mean

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i can create an issue to refactor that later

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to get this done now rather than do it right the first go-round?

andytael
andytael previously approved these changes Apr 17, 2025
View reviewed changes
@markxnelson
review commetns
a793f22 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson
readme updates
ff09e29 
Signed-off-by: Mark Nelson <[email protected]>
@markxnelson markxnelson merged commit e18a71b into main Apr 18, 2025
1 check passed
@markxnelson markxnelson deleted the 200 branch April 18, 2025 15:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anders-swanson anders-swanson anders-swanson approved these changes

@andytael andytael andytael left review comments

Assignees

@markxnelson markxnelson

Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@markxnelson @andytael @anders-swanson