Commit 88ee9475 authored by Shiv Singh's avatar Shiv Singh
Browse files

[+] added checkIfSecretExists in KeyVaultFacade

parent 55e469c5
Pipeline #98772 failed with stage
in 7 seconds
......@@ -14,6 +14,7 @@
package org.opengroup.osdu.azure;
import com.azure.core.exception.ResourceModifiedException;
import com.azure.core.exception.ResourceNotFoundException;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
......@@ -91,6 +92,36 @@ public final class KeyVaultFacade {
return secret.getValue();
}
/**
* Check if given secret exists in the vault.
*
* @param kv Client configured to the correct vault
* @param secretName name of secret
* @return Status of secret existence in the vault.
*/
public static boolean checkIfSecretExists(final SecretClient kv, final String secretName) {
Validators.checkNotNull(secretName, "Secret with name " + secretName);
final long start = System.currentTimeMillis();
int statusCode = HttpStatus.SC_OK;
try {
kv.getSecret(secretName);
CoreLoggerFactory.getInstance().getLogger(LOGGER_NAME).info("Successfully retrieved {}.", secretName);
} catch (ResourceNotFoundException secretNotFound) {
statusCode = HttpStatus.SC_NOT_FOUND;
CoreLoggerFactory.getInstance().getLogger(LOGGER_NAME).warn("Failed to retrieve {}. Not found.", secretName);
return false;
} catch (ResourceModifiedException secretDisabled) {
statusCode = HttpStatus.SC_FORBIDDEN;
CoreLoggerFactory.getInstance().getLogger(LOGGER_NAME).warn("Failed to retrieve {}. Secret disabled.", secretName);
return false;
} finally {
final long timeTaken = System.currentTimeMillis() - start;
logDependency("GET_SECRET", secretName, kv.getVaultUrl(), timeTaken, statusCode);
}
return true;
}
/**
* Log dependency.
*
......
......@@ -72,18 +72,20 @@ public class RedisClientFactory<K, V> implements IRedisClientFactory<K, V> {
* @return redis client
*/
private IRedisCache<K, V> createRedisClient(final Class<K> keyClass, final Class<V> valueClass, final RedisAzureConfiguration redisConfiguration) {
try {
final String host = getSecret("redis-hostname");
final String password = getSecret("redis-password");
ClientOptions clientOptions = ClientOptions.builder()
.socketOptions(SocketOptions.builder().connectTimeout(redisConfiguration.getTimeout(), TimeUnit.SECONDS).build())
.build();
return new RedisCache<K, V>(host, redisConfiguration.getPort(), password, redisConfiguration.getExpiration(), redisConfiguration.getDatabase(), keyClass, valueClass);
} catch (NullPointerException iae) {
// Secret does not exist. Redis may not be available yet.
final String hostKey = "redis-hostname";
final String passwordKey = "redis-password";
if (!secretExists(hostKey) || !secretExists(passwordKey)) {
CoreLoggerFactory.getInstance().getLogger(LOGGER_NAME).warn("Required secrets does not exist. Redis is not available yet.");
return null;
}
final String host = getSecret(hostKey);
final String password = getSecret(passwordKey);
ClientOptions clientOptions = ClientOptions.builder()
.socketOptions(SocketOptions.builder().connectTimeout(redisConfiguration.getTimeout(), TimeUnit.SECONDS).build())
.build();
return new RedisCache<K, V>(host, redisConfiguration.getPort(), password, redisConfiguration.getExpiration(), redisConfiguration.getDatabase(), keyClass, valueClass);
}
/**
......@@ -94,4 +96,12 @@ public class RedisClientFactory<K, V> implements IRedisClientFactory<K, V> {
private String getSecret(final String keyName) {
return KeyVaultFacade.getSecretWithValidation(secretClient, keyName);
}
/**
* @param keyName name of the secret
* @return status if secret exists
*/
private boolean secretExists(final String keyName) {
return KeyVaultFacade.checkIfSecretExists(secretClient, keyName);
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment