-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathProgram.cs
More file actions
102 lines (86 loc) · 3.69 KB
/
Program.cs
File metadata and controls
102 lines (86 loc) · 3.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
using Microsoft.Azure.Functions.Worker;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.DependencyInjection;
using NHS.MESH.Client;
using Common;
using System.Security.Cryptography.X509Certificates;
using Azure.Security.KeyVault.Certificates;
using Azure.Identity;
using Microsoft.Extensions.Logging;
using NHS.Screening.RetrieveMeshFile;
using HealthChecks.Extensions;
var loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
var logger = loggerFactory.CreateLogger("program.cs");
try
{
var host = new HostBuilder();
X509Certificate2 cert = null;
X509Certificate2Collection caCerts = new X509Certificate2Collection();
var KeyVaultConnectionString = Environment.GetEnvironmentVariable("KeyVaultConnectionString");
host.AddConfiguration<RetrieveMeshFileConfig>(out RetrieveMeshFileConfig config);
if (!string.IsNullOrEmpty(config.KeyVaultConnectionString))
{
logger.LogInformation("Pulling Mesh Certificate from KeyVault");
var client = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential());
var certificate = await client.DownloadCertificateAsync(config.MeshKeyName);
cert = certificate.Value;
}
else if (!string.IsNullOrEmpty(config.MeshKeyName))
{
logger.LogInformation("Pulling Mesh Certificate from local File");
cert = new X509Certificate2(config.MeshKeyName, config.MeshKeyPassphrase);
}
if (!string.IsNullOrEmpty(KeyVaultConnectionString))
{
var client = new CertificateClient(new Uri(KeyVaultConnectionString), new DefaultAzureCredential());
var allCertificates = client.GetPropertiesOfCertificates();
foreach (var certificateProperties in allCertificates)
{
if (certificateProperties.Name.StartsWith("CaCert"))
{
var certificateWithPolicy = await client.DownloadCertificateAsync(certificateProperties.Name);
caCerts.Add(certificateWithPolicy.Value);
}
}
}
else if (!string.IsNullOrEmpty(config.ServerSideCerts))
{
var pemCerts = File.ReadAllText(config.ServerSideCerts)
.Split(new string[] { "-----END CERTIFICATE-----" }, StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
.Select(pem => pem + "\n-----END CERTIFICATE-----")
.Select(pem => new X509Certificate2(Convert.FromBase64String(
pem.Replace("-----BEGIN CERTIFICATE-----", "")
.Replace("-----END CERTIFICATE-----", "")
.Replace("\n", "")
)))
.ToArray();
caCerts.AddRange(pemCerts);
}
host.ConfigureFunctionsWebApplication();
host.ConfigureServices(services =>
{
services.AddApplicationInsightsTelemetryWorkerService();
services.ConfigureFunctionsApplicationInsights();
services
.AddMeshClient(_ => _.MeshApiBaseUrl = config.MeshApiBaseUrl)
.AddMailbox(config.BSSMailBox, new NHS.MESH.Client.Configuration.MailboxConfiguration
{
Password = config.MeshPassword,
SharedKey = config.MeshSharedKey,
Cert = cert,
serverSideCertCollection = caCerts
})
.Build();
services.AddSingleton<IBlobStorageHelper, BlobStorageHelper>();
services.AddTransient<IMeshToBlobTransferHandler, MeshToBlobTransferHandler>();
// Register health checks
services.AddBlobStorageHealthCheck("RetrieveMeshFile");
})
.AddExceptionHandler();
var app = host.Build();
await app.RunAsync();
}
catch (Exception ex)
{
logger.LogCritical(ex, "Failed to start up Function");
}