Merge pull request #9654 from NuGet/agr-kv-update2

Transition from Microsoft.Azure.KeyVault to Azure.Security.KeyVault

Author: erdembayar

NuGet.config

@@ -18,6 +18,7 @@
       <package pattern="Antlr" />
       <package pattern="Autofac" />
       <package pattern="Autofac.*" />
+      <package pattern="Azure.*" />
       <package pattern="Castle.Core" />
       <package pattern="CommonMark.NET" />
       <package pattern="CsvHelper" />

src/DatabaseMigrationTools/DatabaseMigrationTools.csproj

@@ -65,7 +65,7 @@
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
   </ItemGroup>
   <ItemGroup>

src/GitHubVulnerabilities2Db/GitHubVulnerabilities2Db.csproj

@@ -91,7 +91,7 @@
       <Version>4.3.0-dev-8079991</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Cursor">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
   </ItemGroup>
   <ItemGroup>

src/NuGetGallery.Core/NuGetGallery.Core.csproj

@@ -51,7 +51,7 @@
       <Version>6.4.2</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.FeatureFlags">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="WindowsAzure.Storage">
       <Version>9.3.3</Version>
@@ -60,13 +60,13 @@
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net472'">
     <PackageReference Include="NuGet.Services.Messaging.Email">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation.Issues">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.StrongName.elmah.corelibrary">
       <Version>1.2.2</Version>

src/NuGetGallery.Services/Configuration/SecretReader/SecretReaderFactory.cs

@@ -13,6 +13,7 @@ public class SecretReaderFactory : ISecretReaderFactory
         internal const string KeyVaultConfigurationPrefix = "KeyVault.";
         internal const string UseManagedIdentityConfigurationKey = "UseManagedIdentity";
         internal const string VaultNameConfigurationKey = "VaultName";
+        internal const string TenantIdConfigurationKey = "TenantId";
         internal const string ClientIdConfigurationKey = "ClientId";
         internal const string CertificateThumbprintConfigurationKey = "CertificateThumbprint";
         internal const string CertificateStoreLocation = "StoreLocation";
@@ -50,20 +51,21 @@ public ISecretReader CreateSecretReader()
             if (!string.IsNullOrEmpty(vaultName))
             {
                 var useManagedIdentity = GetOptionalKeyVaultBoolSettingValue(UseManagedIdentityConfigurationKey, defaultValue: false);
+                var clientId = _configurationService.ReadRawSetting(ResolveKeyVaultSettingName(ClientIdConfigurationKey));
 
                 KeyVaultConfiguration keyVaultConfiguration;
                 if (useManagedIdentity)
                 {
-                    keyVaultConfiguration = new KeyVaultConfiguration(vaultName);
+                    keyVaultConfiguration = new KeyVaultConfiguration(vaultName, clientId);
                 }
                 else
                 {
-                    var clientId = _configurationService.ReadRawSetting(ResolveKeyVaultSettingName(ClientIdConfigurationKey));
+                    var tenantId = _configurationService.ReadRawSetting(ResolveKeyVaultSettingName(TenantIdConfigurationKey));
                     var certificateThumbprint = _configurationService.ReadRawSetting(ResolveKeyVaultSettingName(CertificateThumbprintConfigurationKey));
                     var storeName = GetOptionalKeyVaultEnumSettingValue(CertificateStoreName, StoreName.My);
                     var storeLocation = GetOptionalKeyVaultEnumSettingValue(CertificateStoreLocation, StoreLocation.LocalMachine);
                     var certificate = CertificateUtility.FindCertificateByThumbprint(storeName, storeLocation, certificateThumbprint, validationRequired: true);
-                    keyVaultConfiguration = new KeyVaultConfiguration(vaultName, clientId, certificate);
+                    keyVaultConfiguration = new KeyVaultConfiguration(vaultName, tenantId, clientId, certificate);
                 }
 
                 secretReader = new KeyVaultReader(keyVaultConfiguration);

src/NuGetGallery.Services/NuGetGallery.Services.csproj

@@ -88,10 +88,10 @@
       <Version>6.6.1</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Configuration">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Logging">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.StrongName.WebBackgrounder">
       <Version>0.2.0</Version>

src/NuGetGallery/NuGetGallery.csproj

@@ -2256,13 +2256,13 @@
       <Version>1.4.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Licenses">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Owin">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Sql">
-      <Version>2.109.0</Version>
+      <Version>2.111.0</Version>
     </PackageReference>
     <PackageReference Include="Owin">
       <Version>1.0.0</Version>

src/NuGetGallery/Web.config

@@ -584,6 +584,30 @@
   </system.diagnostics>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="System.ValueTuple" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0"/>
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Text.Json" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2"/>
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-4.0.5.1" newVersion="4.0.5.1"/>
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Identity.Client" publicKeyToken="0A613F4DD989E8AE" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-4.46.0.0" newVersion="4.46.0.0"/>
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Bcl.AsyncInterfaces" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-7.0.0.0" newVersion="7.0.0.0"/>
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Azure.Core" publicKeyToken="92742159E12E44C8" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-1.25.0.0" newVersion="1.25.0.0"/>
+      </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
         <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1"/>
@@ -718,4 +742,4 @@
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
-</configuration>
+</configuration>