azure-sdk-for-net icon indicating copy to clipboard operation
azure-sdk-for-net copied to clipboard

Published 20 hours ago verified publisher icon Azure

[QUERY] Replacing KeyVaultClient with SecretClient

Open vidya123 opened this issue 2 years ago • 4 comments

Library name and version

Azure.Security.KeyVault.Secrets

Query/Question

Hi,

We are using KeyVaultClient(Singleton) and used it to access multiple endpoints like below.

image

But we are currently migrating to use Azure.Security.KeyVault.Secrets. Looking at the way SecretClient is instantiated, we were supposed to supply endpoint(uri) at the time of instantiation itself and needs to call Defaultcredential(). I do know that I can try to cache a secret client per endpoint, but this raises a bit of complexity in our scenario since the endpoints can be dynamic.

Now: image

Creating SecretClient everytime we access new endpoint may cause performance regression. So is there a way of using SecretClient to avoid such a regression?

Environment

No response

vidya123 avatar Dec 21 '22 17:12 vidya123

Thank you for your feedback. Tagging and routing to the team member best able to assist. Please be aware that due to the US holidays, responses are likely to be delayed.

jsquire avatar Dec 21 '22 20:12 jsquire

Also is there a way to mock CertificateOperation? I see that CertificateModelFactory doesn't support it as of now

vidya123 avatar Dec 29 '22 20:12 vidya123

All our clients are thin clients. There's really not much overhead, so creating and caching one client per endpoint is not expensive, nor should instantiating one be - though more expensive than caching since we do instantiate a number of classes for the HTTP pipeline. If you want to decrease overhead more, you can use a shared HttpClient as described here: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/Configuration.md#user-provided-httpclient-instance

As for mocking CertificateOperation, it's mockable in the same way our clients are. You could use Moq, for example, to mock a CertificateClient and return a Mock<CertificateOperation>. All the methods and properties are virtual so you can override them, like UpdateStatus and UpdateStatusAsync. See https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/Mocking.md for how to return a pageable, for example. Returning a Mock<CertificateOperation> would be similar.

heaths avatar Jan 01 '23 03:01 heaths

Hi @vidya123. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text “/unresolve” to remove the “issue-addressed” label and continue the conversation.

ghost avatar Jan 01 '23 03:01 ghost

Hi @vidya123, since you haven’t asked that we “/unresolve” the issue, we’ll close this out. If you believe further discussion is needed, please add a comment “/unresolve” to reopen the issue.

ghost avatar Jan 08 '23 04:01 ghost