diff --git a/OneSTools.EventLog.Exporter.Core/ClickHouse/ClickHouseStorage.cs b/OneSTools.EventLog.Exporter.Core/ClickHouse/ClickHouseStorage.cs index 007e843..862f20e 100644 --- a/OneSTools.EventLog.Exporter.Core/ClickHouse/ClickHouseStorage.cs +++ b/OneSTools.EventLog.Exporter.Core/ClickHouse/ClickHouseStorage.cs @@ -23,7 +23,7 @@ public ClickHouseStorage(string connectionsString, ILogger lo { _logger = logger; _connectionString = connectionsString; - + Init(); } @@ -31,7 +31,13 @@ public ClickHouseStorage(ILogger logger, IConfiguration confi { _logger = logger; _connectionString = configuration.GetValue("ClickHouse:ConnectionString", ""); - + var useVault = configuration.GetValue("Vault:UseVault", false); + if (useVault) { + var vault = new Vault(); + var arr = vault.GetSecretWithAppRole(configuration); + var username = arr[0]; + var password = arr[1]; + _connectionString = _connectionString.Replace("Username=test","Username=" + username).Replace("password=","password=" + password); } Init(); } diff --git a/OneSTools.EventLog.Exporter.Core/ClickHouse/Vault.cs b/OneSTools.EventLog.Exporter.Core/ClickHouse/Vault.cs new file mode 100644 index 0000000..b5358fe --- /dev/null +++ b/OneSTools.EventLog.Exporter.Core/ClickHouse/Vault.cs @@ -0,0 +1,37 @@ +using VaultSharp; +using VaultSharp.V1.AuthMethods; +using VaultSharp.V1.AuthMethods.AppRole; +using VaultSharp.V1.Commons; +using Microsoft.Extensions.Configuration; + +namespace OneSTools.EventLog.Exporter.Core.ClickHouse +{ + public class Vault + { + public string[] GetSecretWithAppRole(IConfiguration configuration) + { + string vaultAddr = configuration.GetValue("Vault:VaultAddr",""); + string path = configuration.GetValue("Vault:Path",""); + string mountPoint = configuration.GetValue("Vault:MountPoint",""); + string roleId = configuration.GetValue("Vault:RoleId",""); + string secretId = configuration.GetValue("Vault:SecreteId",""); + string login = configuration.GetValue("Vault:Login",""); + string password = configuration.GetValue("Vault:Password",""); + + IAuthMethodInfo authMethod = new AppRoleAuthMethodInfo(roleId, secretId.ToString()); + var vaultClientSettings = new VaultClientSettings(vaultAddr, authMethod); + + IVaultClient vaultClient = new VaultClient(vaultClientSettings); + + Secret kv2Secret = null; + kv2Secret = vaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync(path:path , mountPoint: mountPoint).Result; + + var arr = new string[2]; + string username = kv2Secret.Data.Data[login].ToString(); + string pass = kv2Secret.Data.Data[password].ToString(); + arr[0] = username; + arr[1] = pass; + return arr; + } + } +} diff --git a/OneSTools.EventLog.Exporter.Core/OneSTools.EventLog.Exporter.Core.csproj b/OneSTools.EventLog.Exporter.Core/OneSTools.EventLog.Exporter.Core.csproj index 09a2daf..090e986 100644 --- a/OneSTools.EventLog.Exporter.Core/OneSTools.EventLog.Exporter.Core.csproj +++ b/OneSTools.EventLog.Exporter.Core/OneSTools.EventLog.Exporter.Core.csproj @@ -29,6 +29,7 @@ + diff --git a/OneSTools.EventLog.Exporter/appsettings.json b/OneSTools.EventLog.Exporter/appsettings.json index 6f28040..53fd798 100644 --- a/OneSTools.EventLog.Exporter/appsettings.json +++ b/OneSTools.EventLog.Exporter/appsettings.json @@ -7,7 +7,7 @@ } }, "Exporter": { - "StorageType": 0, + "StorageType": "ClickHouse", "LogFolder": "", "Portion": 10000, "TimeZone": "Europe/Moscow", @@ -18,7 +18,7 @@ "SkipEventsBeforeDate": "2022-04-01T00:00:00" }, "ClickHouse": { - "ConnectionString": "Host=CH_HOST_NAME;Port=8123;Database=DATABASE_NAME;Username=USER_NAME;password=PASSWORD;" + "ConnectionString": "Host=;Port=8123;Username=test;password=;Database=example2;" }, "ElasticSearch": { "Nodes": [ @@ -31,5 +31,15 @@ "Separation": "M", "MaximumRetries": 2, "MaxRetryTimeout": 30 - } + }, + "Vault": { + "UseVault":"True", + "VaultAddr":"", + "Path":"", + "MountPoint":"", + "SecreteId":"", + "RoleId":"", + "Login":"login", + "Password":"password" +} } \ No newline at end of file diff --git a/README.md b/README.md index c6e7494..c21157b 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ |[OneSTools.EventLog.Exporter.Core](https://github.com/akpaevj/OneSTools.EventLog/tree/master/OneSTools.EventLog.Exporter.Core)|Библиотека-ядро для инструментов экспорта журнала регистрации|| |[EventLogExporter](https://github.com/akpaevj/OneSTools.EventLog/tree/master/OneSTools.EventLog.Exporter)|Служба для экспорта журнала регистрации в [ClickHouse](https://clickhouse.tech/) и [ElasticSearch](https://www.elastic.co/)|![EventLogExporter .NET 5](https://github.com/akpaevj/OneSTools.EventLog/workflows/EventLogExporter%20.NET%205/badge.svg)| |[EventLogExportersManager](https://github.com/akpaevj/OneSTools.EventLog/tree/master/OneSTools.EventLog.Exporter.Manager)|Служба, выполняющая роль менеджера и наблюдающая каталоги серверов на предмет появления/удаления информационных баз с автоматическим подключением/отключением экспорта их журналов регистраций|| +|[Vault](https://github.com/rajanadar/VaultSharp)|HashiCorp Vault — это инструмент с открытым исходным кодом, который обеспечивает безопасный и надежный способ хранения и распространения секретов, таких как ключи API, токены доступа и пароли|| ## Get started: