UseCredHubInterpolation method probably don't work at all

[szogun1987]

I have statically analyzed this method, but currently don't have access to environment where I can verify my thesis. There are 2 reasons for this method to don't work:

• GetSection("vcap:services").Bind(interpolated) is called on local configuration instance that is not used by the rest of application: It is created by calling Build method that creates new instance of ConfigurationRoot class.
• Even if this instance was shared Bind method with string argument doesn't cause changes. Bind method tries to apply values from configuration onto passed instance.

Even if current implementation was working it would have additional unexpected behavior: It would override other configuration transformations.

I have couple ideas to fix it:

• Reference Steeltoe.Extensions.Configuration.CloudFoundryCore package and create custom ICloudFoundrySettingsReader implementation that uses decorator pattern. It should be easiest to implement.
• Write custom configuration provider that dynamically builds object that is based on vcap:services section, sends it to CredHub, deserializes response and applies it on existing configuration. More complex but doesn't require adding references to package. It is preferred by me because it moves every piece of logic to its own place.
• Do the same in existing UseCredHubInterpolation method. Application can be made by building Dictionary<string, string> and calling config.AddInMemoryCollection() it doesn't break existing clients.

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/159610087

The labels on this github issue will be updated when the story is started.

[TimHess]

Hi @szogun1987,

Thanks for spotting that - you're right, it was not done correctly. I think we will be OK updating the VCAP_SERVICES environment variable directly since the CloudFoundryConfigProvider has a direct link to it and will take the updated values later.

For what it's worth, this code was written before it was known that "Assisted Mode" credential interpolation would be supported by the platform, making this approach less likely to be useful. As such, we would be interested to hear of any real-world usage of this functionality!