Skip to content

Commit 636322b

Browse files
dotnet and go vault mods, etc. (#244)
* remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * remove sqlnet.ora edit work * recovery test work * recovery test work * recovery test work * recovery test work * replace postgres configmap with secret * replace postgres configmap with secret * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * TEQ setup and tracing * mongo, postgres, kafka crash tests * mongo, postgres, kafka crash tests * grafana work * grafana work * grafana work * grafana work * grafana work * grafana work * observability work * observability work * observability work * observability work * observability work * observability work * observability work * observability work * observability work * observability work * observability work * dotnet work * dotnet work * dotnet work * dotnet work * dotnet work * observability, dotnet, go, etc. work - move kafka etc. build to nonjava * observability, dotnet, go, etc. work - move kafka etc. build to nonjava * observability, dotnet, go, etc. work - move kafka etc. build to nonjava * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * enable teq * observability * enable teq * enable teq * enable teq * enable teq * enable teq * observability work * observability work * enable teq * enable teq * enable teq * observ * enable teq * observability dash * observability * osbservability * enable teq * enable teq * enable teq * obs * obs * enable teq * obs * enable teq * observ * obs * converged wording change * fix k6 command * correct workshop link * update workshop link * modifiy python impl to conn.autocommit = False * enable teq * various including security fix in inventory-nodejs * various including security fix in inventory-nodejs * various including security fix in inventory-nodejs * enable teq * inventory-micronaut * inventory-micronaut * inventory-quarkus * inventory-micronaut-native-image * upgrade helidon and db versions * mn and quarkus build wrappers * mn native-image build and deploy fixes * mn native-image build and deploy fixes * mn native-image use JsonObject instead of Jackson * dotnet vault work, etc. * vault work, various languages * Go OCI Vault/Secrets client
1 parent 2ffabed commit 636322b

File tree

12 files changed

+302
-213
lines changed

12 files changed

+302
-213
lines changed

grabdish/inventory-dotnet/Startup.cs

Lines changed: 61 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
using System.Data.OracleClient;
66
using System.Linq;
77
using System.Text;
8+
using System.Threading;
89
using System.Threading.Tasks;
910
using System.Transactions;
1011
using Microsoft.AspNetCore.Builder;
@@ -18,6 +19,16 @@
1819
using Microsoft.OpenApi.Models;
1920
using Newtonsoft.Json;
2021
using Oracle.ManagedDataAccess.Client;
22+
// dotnet add package OCI.DotNetSDK.Common --version 29.0.0
23+
// dotnet add package OCI.DotNetSDK.Secrets --version 29.0.0
24+
using System.IO;
25+
using Oci.SecretsService.Responses;
26+
using Oci.SecretsService;
27+
using Oci.Common;
28+
using Oci.Common.Auth;
29+
using Oci.SecretsService.Models;
30+
31+
2132

2233
namespace inventory_dotnet
2334
{
@@ -79,6 +90,7 @@ public String ListenForMessages()
7990
//Other options include...
8091
// using (TransactionScope scope = new TransactionScope(TransactionScopeOption.Required, TimeSpan.MaxValue))
8192
// DbProviderFactory factory = DbProviderFactories.GetFactory("Oracle.ManagedDataAccess.Client"); DbCommand oracleCommand = factory.CreateCommand();
93+
getSecretFromVault();
8294
String tnsAdmin = Environment.GetEnvironmentVariable("TNS_ADMIN");
8395
OracleConfiguration.WalletLocation = tnsAdmin;
8496
String pw = Environment.GetEnvironmentVariable("DB_PASSWORD");
@@ -157,7 +169,7 @@ public String ListenForMessages()
157169
checkInventoryReturnLocationCommand.Parameters.Add (p_inventorylocationParam);
158170
checkInventoryReturnLocationCommand.ExecuteNonQuery();
159171

160-
// direct query version (ie not using sproc)...
172+
// direct query version (ie not using stored procedure)...
161173
// checkInventoryCommand.CommandText =
162174
// @"update inventory set inventorycount = inventorycount - 1 where inventoryid = " +
163175
// order.itemid +
@@ -183,10 +195,7 @@ public String ListenForMessages()
183195
inventory.suggestiveSale = inventoryLocation.Equals("null") ? "" : "beer";
184196
string inventoryJSON =
185197
JsonConvert.SerializeObject(inventory);
186-
System
187-
.Console
188-
.WriteLine("order.itemid inventoryJSON {0}",
189-
inventoryJSON);
198+
System.Console.WriteLine("order.itemid inventoryJSON {0}", inventoryJSON);
190199
//enqueue to inventory queue (in param)
191200
OracleCommand inventorySendMessageCommand =
192201
new OracleCommand();
@@ -214,5 +223,52 @@ public String ListenForMessages()
214223
}
215224
}
216225
}
226+
227+
public String getSecretFromVault() {
228+
System.Console.WriteLine("getSecretFromVault ");
229+
String vaultSecretOCID = Environment.GetEnvironmentVariable("VAULT_SECRET_OCID");
230+
System.Console.WriteLine("vaultSecretOCID {0}", vaultSecretOCID);
231+
if (vaultSecretOCID == "") {
232+
return "";
233+
}
234+
String ociRegion = Environment.GetEnvironmentVariable("OCI_REGION");
235+
System.Console.WriteLine("ociRegion {0}", ociRegion);
236+
if (ociRegion == "") {
237+
return "";
238+
}
239+
var response = getSecretResponse(vaultSecretOCID,ociRegion).GetAwaiter().GetResult();
240+
System.Console.WriteLine("getSecretFromVault response {0}", response);
241+
System.Console.WriteLine("getSecretFromVault response.SecretBundle.SecretId; {0}", response.SecretBundle.SecretId);
242+
System.Console.WriteLine("getSecretFromVault secretBundle {0}", response.SecretBundle.SecretBundleContent);
243+
byte[] data = System.Convert.FromBase64String(((Base64SecretBundleContentDetails)response.SecretBundle.SecretBundleContent).Content);
244+
System.Console.WriteLine("getSecretFromVault System.Text.ASCIIEncoding.ASCII.GetString(data) {0}", System.Text.ASCIIEncoding.ASCII.GetString(data));
245+
return System.Text.ASCIIEncoding.ASCII.GetString(data);
246+
}
247+
248+
public static async Task<GetSecretBundleResponse> getSecretResponse(string vaultSecretOCID, string ociRegion)
249+
{
250+
var getSecretBundleRequest = new Oci.SecretsService.Requests.GetSecretBundleRequest
251+
{
252+
// SecretId = "ocid1.vaultsecret.oc1.iad.amaaaaaaq33dybya5qo2jtafngz7krbqdt64fygvm4v5ml7dnamg6ct7vaza"
253+
SecretId = vaultSecretOCID
254+
};
255+
var provider = new InstancePrincipalsAuthenticationDetailsProvider();
256+
try
257+
{
258+
using (var client = new SecretsClient(provider, new ClientConfiguration()))
259+
{
260+
// client.SetRegion("us-ashburn-1");
261+
client.SetRegion(ociRegion);
262+
return await client.GetSecretBundle(getSecretBundleRequest);
263+
}
264+
}
265+
catch (Exception e)
266+
{
267+
Console.WriteLine($"GetSecretBundle Failed with {e.Message}");
268+
throw e;
269+
}
270+
}
271+
272+
217273
}
218274
}

grabdish/inventory-dotnet/deploy.sh

Lines changed: 29 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -2,29 +2,44 @@
22
## Copyright (c) 2021 Oracle and/or its affiliates.
33
## Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
44

5-
65
SCRIPT_DIR=$(dirname $0)
76

8-
export DOCKER_REGISTRY="$(state_get DOCKER_REGISTRY)"
9-
export INVENTORY_PDB_NAME="$(state_get INVENTORY_DB_NAME)"
10-
export OCI_REGION="$(state_get REGION)"
11-
export VAULT_SECRET_OCID=""
7+
if [ -z "$DOCKER_REGISTRY" ]; then
8+
echo "DOCKER_REGISTRY not set. Will get it with state_get"
9+
export DOCKER_REGISTRY=$(state_get DOCKER_REGISTRY)
10+
fi
11+
12+
if [ -z "$DOCKER_REGISTRY" ]; then
13+
echo "Error: DOCKER_REGISTRY env variable needs to be set!"
14+
exit 1
15+
fi
16+
17+
if [ -z "$INVENTORY_PDB_NAME" ]; then
18+
echo "INVENTORY_PDB_NAME not set. Will get it with state_get"
19+
export INVENTORY_PDB_NAME=$(state_get INVENTORY_DB_NAME)
20+
fi
21+
22+
if [ -z "$INVENTORY_PDB_NAME" ]; then
23+
echo "Error: INVENTORY_PDB_NAME env variable needs to be set!"
24+
exit 1
25+
fi
1226

1327
echo create inventory-dotnet deployment and service...
1428
export CURRENTTIME=$( date '+%F_%H:%M:%S' )
1529
echo CURRENTTIME is $CURRENTTIME ...this will be appended to generated deployment yaml
1630

1731
cp inventory-dotnet-deployment.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
18-
#
19-
#eval "cat <<EOF
20-
#$(<$SCRIPT_DIR/inventory-dotnet-deployment-$CURRENTTIME.yaml)
21-
#EOF" > inventory-dotnet-deployment-$CURRENTTIME.yaml
22-
2332

24-
sed_i "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-dotnet-deployment-$CURRENTTIME.yaml
25-
sed_i "s|%INVENTORY_PDB_NAME%|${INVENTORY_PDB_NAME}|g" inventory-dotnet-deployment-${CURRENTTIME}.yaml
26-
sed_i "s|%OCI_REGION%|${OCI_REGION}|g" inventory-dotnet-deployment-${CURRENTTIME}.yaml
27-
sed_i "s|%VAULT_SECRET_OCID%|${VAULT_SECRET_OCID}|g" inventory-dotnet-deployment-${CURRENTTIME}.yaml
33+
sed -e "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-dotnet-deployment-$CURRENTTIME.yaml > /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml
34+
mv -- /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
35+
sed -e "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-dotnet-deployment-$CURRENTTIME.yaml > /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml
36+
mv -- /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
37+
sed -e "s|%INVENTORY_PDB_NAME%|${INVENTORY_PDB_NAME}|g" inventory-dotnet-deployment-$CURRENTTIME.yaml > /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml
38+
mv -- /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
39+
sed -e "s|%OCI_REGION%|${OCI_REGION}|g" inventory-dotnet-deployment-${CURRENTTIME}.yaml > /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml
40+
mv -- /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
41+
sed -e "s|%VAULT_SECRET_OCID%|${VAULT_SECRET_OCID}|g" inventory-dotnet-deployment-${CURRENTTIME}.yaml > /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml
42+
mv -- /tmp/inventory-dotnet-deployment-$CURRENTTIME.yaml inventory-dotnet-deployment-$CURRENTTIME.yaml
2843

2944
if [ -z "$1" ]; then
3045
kubectl apply -f $SCRIPT_DIR/inventory-dotnet-deployment-$CURRENTTIME.yaml -n msdataworkshop

grabdish/inventory-dotnet/inventory-dotnet.csproj

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@
77

88
<ItemGroup>
99
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
10+
<PackageReference Include="OCI.DotNetSDK.Common" Version="29.0.0" />
11+
<PackageReference Include="OCI.DotNetSDK.Secrets" Version="29.0.0" />
1012
<PackageReference Include="Oracle.ManagedDataAccess.Core" Version="3.21.1" />
1113
<PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
1214
</ItemGroup>

grabdish/inventory-go/deploy.sh

Lines changed: 29 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -5,26 +5,43 @@
55

66
SCRIPT_DIR=$(dirname $0)
77

8-
export DOCKER_REGISTRY="$(state_get DOCKER_REGISTRY)"
9-
export INVENTORY_PDB_NAME="$(state_get INVENTORY_DB_NAME)"
10-
export OCI_REGION="$(state_get REGION)"
11-
export VAULT_SECRET_OCID=""
8+
if [ -z "$DOCKER_REGISTRY" ]; then
9+
echo "DOCKER_REGISTRY not set. Will get it with state_get"
10+
export DOCKER_REGISTRY=$(state_get DOCKER_REGISTRY)
11+
fi
12+
13+
if [ -z "$DOCKER_REGISTRY" ]; then
14+
echo "Error: DOCKER_REGISTRY env variable needs to be set!"
15+
exit 1
16+
fi
17+
18+
if [ -z "$INVENTORY_PDB_NAME" ]; then
19+
echo "INVENTORY_PDB_NAME not set. Will get it with state_get"
20+
export INVENTORY_PDB_NAME=$(state_get INVENTORY_DB_NAME)
21+
fi
22+
23+
if [ -z "$INVENTORY_PDB_NAME" ]; then
24+
echo "Error: INVENTORY_PDB_NAME env variable needs to be set!"
25+
exit 1
26+
fi
1227

1328
echo create inventory-go deployment and service...
1429
export CURRENTTIME=$( date '+%F_%H:%M:%S' )
1530
echo CURRENTTIME is $CURRENTTIME ...this will be appended to generated deployment yaml
1631

1732
cp inventory-go-deployment.yaml inventory-go-deployment-$CURRENTTIME.yaml
18-
#
19-
#eval "cat <<EOF
20-
#$(<$SCRIPT_DIR/inventory-go-deployment-$CURRENTTIME.yaml)
21-
#EOF" > inventory-go-deployment-$CURRENTTIME.yaml
2233

2334

24-
sed_i "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-go-deployment-$CURRENTTIME.yaml
25-
sed_i "s|%INVENTORY_PDB_NAME%|${INVENTORY_PDB_NAME}|g" inventory-go-deployment-${CURRENTTIME}.yaml
26-
sed_i "s|%OCI_REGION%|${OCI_REGION}|g" inventory-go-deployment-${CURRENTTIME}.yaml
27-
sed_i "s|%VAULT_SECRET_OCID%|${VAULT_SECRET_OCID}|g" inventory-go-deployment-${CURRENTTIME}.yaml
35+
sed -e "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-go-deployment-$CURRENTTIME.yaml > /tmp/inventory-go-deployment-$CURRENTTIME.yaml
36+
mv -- /tmp/inventory-go-deployment-$CURRENTTIME.yaml inventory-go-deployment-$CURRENTTIME.yaml
37+
sed -e "s|%DOCKER_REGISTRY%|${DOCKER_REGISTRY}|g" inventory-go-deployment-$CURRENTTIME.yaml > /tmp/inventory-go-deployment-$CURRENTTIME.yaml
38+
mv -- /tmp/inventory-go-deployment-$CURRENTTIME.yaml inventory-go-deployment-$CURRENTTIME.yaml
39+
sed -e "s|%INVENTORY_PDB_NAME%|${INVENTORY_PDB_NAME}|g" inventory-go-deployment-$CURRENTTIME.yaml > /tmp/inventory-go-deployment-$CURRENTTIME.yaml
40+
mv -- /tmp/inventory-go-deployment-$CURRENTTIME.yaml inventory-go-deployment-$CURRENTTIME.yaml
41+
sed -e "s|%OCI_REGION%|${OCI_REGION}|g" inventory-go-deployment-${CURRENTTIME}.yaml > /tmp/inventory-go-deployment-$CURRENTTIME.yaml
42+
mv -- /tmp/inventory-go-deployment-$CURRENTTIME.yaml inventory-go-deployment-$CURRENTTIME.yaml
43+
sed -e "s|%VAULT_SECRET_OCID%|${VAULT_SECRET_OCID}|g" inventory-go-deployment-${CURRENTTIME}.yaml > /tmp/inventory-go-deployment-$CURRENTTIME.yaml
44+
mv -- /tmp/inventory-go-deployment-$CURRENTTIME.yaml inventory-go-deployment-$CURRENTTIME.yaml
2845

2946
if [ -z "$1" ]; then
3047
kubectl apply -f $SCRIPT_DIR/inventory-go-deployment-$CURRENTTIME.yaml -n msdataworkshop

0 commit comments

Comments
 (0)