Open marknadig opened 2 years ago
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Tagging subscribers to this area: @maryamariyan, @safern See info in area-owners.md if you want to be subscribed.
Author: | marknadig |
---|---|
Assignees: | - |
Labels: | `api-suggestion`, `untriaged`, `area-Extensions-Configuration` |
Milestone: | - |
This seems like it should be more general purpose than environment variables.
I would like to be able to store environment variables in an encrypted form.
I don't fully understand the motivation here. If you have secret stored in an environment variable of the process, what's the value in encrypting it elsewhere? The secret is still available in the environment variable.
Perhaps this can be implemented as a wrapper similar to ChainedConfigurationProvider. The IConfigurationProvider.Set(string key, string value) implementation would have to decide whether to encode the value if neither the original key nor the "Enc" suffixed key exists already.
Another use case for this would be, a casing conversion (or at least '_', '-' or '.' replacement) of a key...
Especially with option binding, I would normally want to configure record ExportOptions(string FileFormat)
using {"Export":{"FileFormat":"pdf"}}
from JSON based appsettings, but would like to use MY_APP__EXPORT__FILE_FORMAT=txt
as an env variable.
Background and motivation
I would like to be able to store environment variables in an encrypted form. To facilitate this I need to be able to mutate the values after they are read. I'm proposing the EnvironmentVariablesConfigurationProvider support an optional translator lambda that accepts a DictionaryKey which would mutate the key/value, or perhaps two
ref
strings would be cleaner since DictionaryKey's Key and Value areobject
.For example, environment variable:
SET MyProduct_SecretEnc=RE9UTkVUUk9DS1M=
should result in a key
Secret
with valueDOTNETROCKS
with Translator:I'd like to see if this is something you'd consider in a PR before I submit.
API Proposal
API Usage
Alternative Designs
No response
Risks
Given this would be a new optional parameter, seems risk is low.
@area-Extensions-Configuration
@maryamariyan @michaelgsharp @safern @tarekgh