Update variable replacement during deserialization to use replacement settings class and add AKV replacement logic. #2882
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RubenCerna2079
requested changes
Oct 7, 2025
Aniruddh25
requested changes
Oct 30, 2025
| { | ||
| Assert.IsTrue(RuntimeConfigLoader.TryParseConfig( | ||
| GetModifiedJsonString(repValues, @"""postgresql"""), out expectedConfig, replaceEnvVar: replaceEnvVar), | ||
| GetModifiedJsonString(repValues, @"""postgresql"""), out expectedConfig, replacementSettings: new DeserializationVariableReplacementSettings(azureKeyVaultOptions: null, doReplaceEnvVar: replaceEnvVar, doReplaceAKVVar: true)), |
There was a problem hiding this comment.
We should add similar tests for AKV replacement checks
Aniruddh25
reviewed
Oct 31, 2025
Aniruddh25
reviewed
Oct 31, 2025
Aniruddh25
reviewed
Oct 31, 2025
src/Service.Tests/UnitTests/PostgreSqlQueryExecutorUnitTests.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Pull Request Overview
This PR refactors the configuration deserialization system to introduce Azure Key Vault (AKV) variable replacement support alongside environment variable replacement. The key change is replacing individual boolean parameters (replaceEnvVar, replacementFailureMode) with a unified DeserializationVariableReplacementSettings object that encapsulates all variable replacement configuration, including the new AKV functionality.
- Introduces
DeserializationVariableReplacementSettingsclass to centralize variable replacement configuration - Adds Azure Key Vault secret resolution support with configurable retry policies
- Updates all JSON converters and configuration loading methods to use the new settings object
Reviewed Changes
Copilot reviewed 33 out of 33 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
src/Config/DeserializationVariableReplacementSettings.cs |
New class that encapsulates variable replacement logic for both environment variables and Azure Key Vault secrets |
src/Config/RuntimeConfigLoader.cs |
Updated to use new settings object and extract AKV options with two-pass parsing |
src/Config/Converters/StringJsonConverterFactory.cs |
Refactored to use pluggable replacement strategies from settings object |
src/Config/Converters/*ConverterFactory.cs |
Updated multiple converter factories to accept DeserializationVariableReplacementSettings instead of boolean parameters |
src/Config/ObjectModel/AzureKeyVaultOptions.cs |
Added constructor and flags to track user-provided properties |
src/Directory.Packages.props |
Added Azure.Security.KeyVault.Secrets package dependency |
src/Service/Controllers/ConfigurationController.cs |
Updated Initialize call with new settings object |
| Test files | Updated test code to use new settings object instead of boolean parameters |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
src/Config/Converters/DatasourceHealthOptionsConvertorFactory.cs
Outdated
Show resolved
Hide resolved
src/Config/Converters/DatasourceHealthOptionsConvertorFactory.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Aniruddh25
reviewed
Oct 31, 2025
Aniruddh25
reviewed
Oct 31, 2025
Aniruddh25
requested changes
Oct 31, 2025
|
/azp run |
|
Azure Pipelines successfully started running 6 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 6 pipeline(s). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why make this change?
Adds AKV variable replacement and expands our design for doing variable replacements to be more extensible when new variable replacement logic is added.
Closes #2708
Closes #2748
Related to #2863
What is this change?
Change the way that variable replacement is handled to instead of simply using a
boolto indicate that we want env variable replacement, we add a class which holds all of the replacement settings. This will hold whether or not we will do replacement for each kind of variable that we will handle replacement for during deserialization. We also include the replacement failure mode, and put the logic for handling the replacements into a strategy dictionary which pairs the replacement variable type with the strategy for doing that replacement.Because Azure Key Vault secret replacement requires having the retry and connection settings in order to do the AKV replacement, we must do a first pass where we only do non-AKV replacement and get the required settings so that if AKV replacement is used we have the required settings to do that replacement.
We also have to keep in mind that the legacy of the
Configuration Controllerwill ignore all variable replacement, so we construct the replacement settings for this code path to not use any variable replacement at all.How was this tested?
We have updated the logic for the tests to use the new system, however manual testing using an actual AKV is still required.
Sample Request(s)