I have a .NET Aspire application that uses dapr. I'm currently trying to get the Secret out of the Azure Key Vault using the YAML configuration. Retrieving the secret in ASP.NET Aspire fails for the servicebus, but the keyvault.yaml seems to work, since retrieving the secret with
curl http://localhost:49688/v1.0/secrets/azurekeyvault/some-servicebus-connectionstring retrieves the secret.
However, the servicebus.yaml doesn't properly retrieve the secret. What am I doing wrong?
keyvault.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: azurekeyvault
spec:
type: secretstores.azure.keyvault
metadata:
- name: vaultName
value: some-kv2-we-dev
- name: azureClientId
value: c6911f11-237e-44ad-a704-c8243067a0b1
servicebus.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: servicebus-pubsub
namespace: default
spec:
type: pubsub.azure.servicebus
version: v1
metadata:
- name: connectionString
secretKeyRef:
name: some-servicebus-connectionstring
key: some-servicebus-connectionstring
- name: topic
value: "some-topic"
- name: subscriptionName
value: "some-subscription"
auth:
secretStore: azurekeyvault
servicebus.yaml
configuration has a potential issue with indentation and possibly with the key
field in secretKeyRef
.
keyvault.yaml
seems fine if it reflects the actual Key Vault setup. No changes are needed here unless there's an issue with the vaultName
or azureClientId
.servicebus.yaml:
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: servicebus-pubsub
namespace: default
spec:
type: pubsub.azure.servicebus
version: v1
metadata:
- name: connectionString
secretKeyRef:
name: some-servicebus-connectionstring # This should match the secret name in Key Vault
key: some-servicebus-connectionstring # Optional if key matches the name in Key Vault
- name: topic
value: "some-topic"
- name: subscriptionName
value: "some-subscription"
auth:
secretStore: azurekeyvault
>=1.5.0
) that supports secretKeyRef
and Azure Key Vault integration.Running successfully: