how can find list of secrets and certificate list from Azure vault via golang?

huangapple
go评论192阅读模式
英文:

how can find list of secrets and certificate list from Azure vault via golang?

问题

我正在尝试使用Golang集成Azure Vault。我使用以下代码获取密钥列表:

  1. func (rcv Resources) KeyList(cred Credentials, subscriptionID, resourceGp, vaultName string) ([]string, error) {
  2.     var (
  3.         res []string
  4.         err error
  5.     )
  6.     logger.Info("create client for connecting to the azure as vault client for getting key list.")
  7.     cli := keyvault.NewKeysClient(subscriptionID)
  9.     if cli.Authorizer, err = azureAD.Authorizer(cred.TenantID, cred.ClientID, cred.ClientSecret); err != nil {
  10.         logger.Error("can not get authorizer for resources, err : ", err.Error())
  11.         return nil, err
  12.     }
  13.     keyList, err := cli.List(context.Background(), resourceGp, "key-vault-zap-auth-scan2")
  14.     if err != nil {
  15.         logger.Error("can not get resources list , error : ", err.Error())
  16.         return nil, err
  17.     }
  18.     for _, key := range keyList.Values() {
  19.         res = append(res, *key.Name)
  20.     }
  21.     return res, nil
  22. }

如你所知,我们在Azure Key Vault中有不同的对象可以存储,例如:密钥、秘密和证书。

我无法通过SDK获取秘密列表,因为它没有秘密客户端。

我该如何解决这个问题?

英文:

I'm trying to integrate azure vault using Golang. I used below code for getting key lists:

  1. func (rcv Resources) KeyList(cred Credentials, subscriptionID, resourceGp, vaultName string) ([]string, error) {
  2. 	var (
  3. 		res []string
  4. 		err error
  5. 	)
  6. 	logger.Info("create client for connecting to the azure as vault client for getting key list.")
  7. 	cli := keyvault.NewKeysClient(subscriptionID)
  9. 	if cli.Authorizer, err = azureAD.Authorizer(cred.TenantID, cred.ClientID, cred.ClientSecret); err != nil {
  10. 		logger.Error("can not get authorizer for resources, err : ", err.Error())
  11. 		return nil, err
  12. 	}
  13. 	keyList, err := cli.List(context.Background(), resourceGp, "key-vault-zap-auth-scan2")
  14. 	if err != nil {
  15. 		logger.Error("can not get resources list , error : ", err.Error())
  16. 		return nil, err
  17. 	}
  18. 	for _, key := range keyList.Values() {
  20. 		res = append(res, *key.Name)
  21. 	}
  22. 	return res, nil
  23. }

As you know, we have different objects to store in azure key-vault such as: keys, secrets and certificates

I'm not able to get secrets list with SDK, because it does not have secret client.

How can I solve this issue ?

答案1

得分: 0

对于密钥,有一个名为azure-keyvault-secrets的单独包。

要列出密钥,您需要调用的方法是ListSecrets。以下是一个示例,取自这里

  1. cred, err := azidentity.NewDefaultAzureCredential(nil)
  2. client, err := azsecrets.NewClient("https://my-key-vault.vault.azure.net/", cred, nil)
  4. pager := client.ListSecrets(nil)
  5. for pager.NextPage(context.Background()) {
  6.     resp := pager.PageResponse()
  7.     for _, secret := range resp.Secrets {
  8.         fmt.Printf("Secret ID: %s", *secret.ID)
  9.     }
  10. }
英文:

For secrets, there's a separate package called azure-keyvault-secrets.

To list secrets, the method you would want to call is ListSecrets. Here's an example for the same taken from here:

  1. cred, err := azidentity.NewDefaultAzureCredential(nil)
  2. client, err := azsecrets.NewClient("https://my-key-vault.vault.azure.net/", cred, nil)
  4. pager := client.ListSecrets(nil)
  5. for pager.NextPage(context.Background()) {
  6.     resp := pager.PageResponse()
  7.     for _, secret := range resp.Secrets {
  8.         fmt.Printf("Secret ID: %s", *secret.ID)
  9.     }
  10. }

答案2

得分: 0

Gaurav提供的答案完全有效,但仅适用于使用版本v0.5.0的软件包。
https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets?tab=versions

从版本v0.6.0开始,方法pager.NextPage()返回2个值(ListSecretsPageResponse, error),因此无法在for循环中使用--您会遇到类似于The non-bool value 'pager.NextPage(context.TODO())' (type (ListSecretsPageResponse, error)) used as a condition的错误。

相反,您应该使用方法pager.More()来循环遍历秘密的页面。

可以按照以下方式进行操作:

  1. 	pager := client.ListSecrets(nil)
  2. 	for pager.More() {
  3. 		page, err := pager.NextPage(context.TODO())
  4. 		if err != nil {
  5. 			panic(err)
  6. 		}
  7. 		for _, v := range page.Secrets {
  8. 			fmt.Printf("Secret Name: %s\n", *v.ID)
  9. 		}
  10. 	}

希望对您有所帮助。祝好!

英文:

Answer provided by Gaurav works perfectly fine.. but only if you use package up to version v0.5.0.
https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets?tab=versions

Starting from version v0.6.0, method pager.NextPage() returns 2 values (ListSecretsPageResponse, error) hence can not be used in for loop -- you'd hit an error that looks something like The non-bool value 'pager.NextPage(context.TODO())' (type (ListSecretsPageResponse, error)) used as a condition.

Instead, you should use method pager.More() to loop through the pages of secrets.

Something along these lines:

  1. 	pager := client.ListSecrets(nil)
  2. 	for pager.More() {
  3. 		page, err := pager.NextPage(context.TODO())
  4. 		if err != nil {
  5. 			panic(err)
  6. 		}
  7. 		for _, v := range page.Secrets {
  8. 			fmt.Printf("Secret Name: %s\n", *v.ID)
  9. 		}
  10. 	}

hope this helps. cheers

huangapple
  • 本文由 发表于 2021年10月20日 00:17:15
  • 转载请务必保留本文链接:https://go.coder-hub.com/69634399.html
  • azure
  • azure-keyvault
  • azure-sdk
  • go
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定