Skip to content

feat: add Azure Key Vault provider support with integration tests #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Copilot wants to merge 33 commits into
base: main
Choose a base branch
from
Draft

feat: add Azure Key Vault provider support with integration tests #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
0f63188
Initial plan
Copilot Nov 14, 2025
6c7542f
Add Azure Key Vault provider support with unit tests
Copilot Nov 14, 2025
665efc8
Add integration tests for Azure provider and fix linting
Copilot Nov 14, 2025
7a843a4
Fix CLI error handling when provider initialization fails
Copilot Nov 14, 2025
77c8e1a
Add e2e tests for Azure and AWS provider flags
Copilot Nov 14, 2025
56eb67d
Add comprehensive Azure e2e tests following AWS pattern
Copilot Nov 15, 2025
ba23f23
Refactor Azure provider to inject SecretClient like AWS pattern
Copilot Nov 15, 2025
6c1bdaa
chore: initial planning for Azure Key Vault support
Copilot Nov 14, 2025
13737e2
chore: initial planning for Azure Key Vault support
Copilot Nov 14, 2025
717d244
docs: add JSDoc comment to Azure provider class
Copilot Nov 15, 2025
caa65cd
chore(tsconfig): Update module and resolution settings to Node16
macalbert Nov 15, 2025
a847299
docs: Update README and add Azure Key Vault setup guide
macalbert Nov 15, 2025
6390dd9
feat: add Azure Key Vault provider support with workflow inputs
Copilot Nov 16, 2025
98de8f8
chore: merge main branch changes with Azure provider support
Copilot Nov 17, 2025
05428f9
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Nov 17, 2025
d50f2ae
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Nov 29, 2025
3a1a67d
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Dec 6, 2025
ffdb9c7
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 2, 2026
4832956
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 10, 2026
9f3001d
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 10, 2026
041d368
test: add Azure Key Vault integration tests with Lowkey Vault
Copilot Jan 10, 2026
5b1f373
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 11, 2026
8150c9d
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 25, 2026
0e0d7a0
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Jan 27, 2026
d799e20
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Feb 1, 2026
f296bde
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Feb 1, 2026
bf0dcfc
Potential fix for code scanning alert no. 8: Disabling certificate va…
macalbert Feb 1, 2026
2822bb0
chore(deps): Update jws to version 4.0.1 and add pnpm overrides
Feb 1, 2026
2789c1f
chore(deps): Update Azure SDK dependencies and remove jws override
Feb 1, 2026
02a4e07
chore(tests): Update AzureKeyVaultSecretProvider tests with new imports
Feb 1, 2026
2e876cc
chore(deps): Add @azure/core-rest-pipeline dependency
Feb 1, 2026
d619f88
1.0.0
Feb 1, 2026
479817e
Merge branch 'main' into copilot/add-azure-key-vault-support
macalbert Feb 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 20 additions & 1 deletion .github/workflows/tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,26 @@ permissions:
contents: read

on:
workflow_dispatch: {}
workflow_dispatch:
inputs:
map_file:
description: 'Path to the JSON file with environment variable mapping'
required: false
default: 'param-map.json'
type: string
env_file:
description: 'Path to the .env file to be generated or imported'
required: false
default: '.env'
type: string
provider:
description: 'Cloud provider to use'
required: false
default: 'aws'
type: choice
options:
- aws
- azure
Comment on lines +11 to +29
Copy link

Copilot AI Feb 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These newly added workflow_dispatch inputs (map_file, env_file, and provider) are not referenced anywhere in the job (e.g., no inputs.* usage in steps), so changing them when manually dispatching the workflow currently has no effect. To keep the workflow configuration meaningful, either wire these inputs into the steps that should use them (for example via env or with blocks) or remove them until they are needed.

Suggested change
inputs:
map_file:
description: 'Path to the JSON file with environment variable mapping'
required: false
default: 'param-map.json'
type: string
env_file:
description: 'Path to the .env file to be generated or imported'
required: false
default: '.env'
type: string
provider:
description: 'Cloud provider to use'
required: false
default: 'aws'
type: choice
options:
- aws
- azure

Copilot uses AI. Check for mistakes.

pull_request:
branches:
Expand Down
1 change: 0 additions & 1 deletion e2e/sample/cli-validation.env
View file
Open in desktop

This file was deleted.

30 changes: 15 additions & 15 deletions github-action/dist/658.index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export const modules = {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveHttpAuthSchemeConfig = exports.defaultSSOOIDCHttpAuthSchemeProvider = exports.defaultSSOOIDCHttpAuthSchemeParametersProvider = void 0;
const core_1 = __webpack_require__(2701);
const util_middleware_1 = __webpack_require__(7256);
const util_middleware_1 = __webpack_require__(5417);
const defaultSSOOIDCHttpAuthSchemeParametersProvider = async (config, context, input) => {
return {
operation: (0, util_middleware_1.getSmithyContext)(context).operation,
Expand Down Expand Up @@ -72,7 +72,7 @@ exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.defaultEndpointResolver = void 0;
const util_endpoints_1 = __webpack_require__(4985);
const util_endpoints_2 = __webpack_require__(3277);
const util_endpoints_2 = __webpack_require__(3298);
const ruleset_1 = __webpack_require__(3192);
const cache = new util_endpoints_2.EndpointCache({
size: 50,
Expand Down Expand Up @@ -117,14 +117,14 @@ var middlewareUserAgent = __webpack_require__(2685);
var configResolver = __webpack_require__(7536);
var core = __webpack_require__(4046);
var schema = __webpack_require__(3854);
var middlewareContentLength = __webpack_require__(9684);
var middlewareEndpoint = __webpack_require__(6878);
var middlewareRetry = __webpack_require__(9229);
var smithyClient = __webpack_require__(4270);
var middlewareContentLength = __webpack_require__(9097);
var middlewareEndpoint = __webpack_require__(8334);
var middlewareRetry = __webpack_require__(6834);
var smithyClient = __webpack_require__(2140);
var httpAuthSchemeProvider = __webpack_require__(7277);
var runtimeConfig = __webpack_require__(3300);
var regionConfigResolver = __webpack_require__(4239);
var protocolHttp = __webpack_require__(6204);
var protocolHttp = __webpack_require__(9953);

const resolveClientEndpointParameters = (options) => {
return Object.assign(options, {
Expand Down Expand Up @@ -622,14 +622,14 @@ const package_json_1 = tslib_1.__importDefault(__webpack_require__(365));
const core_1 = __webpack_require__(2701);
const util_user_agent_node_1 = __webpack_require__(7889);
const config_resolver_1 = __webpack_require__(7536);
const hash_node_1 = __webpack_require__(3180);
const middleware_retry_1 = __webpack_require__(9229);
const hash_node_1 = __webpack_require__(2869);
const middleware_retry_1 = __webpack_require__(6834);
const node_config_provider_1 = __webpack_require__(1755);
const node_http_handler_1 = __webpack_require__(6876);
const smithy_client_1 = __webpack_require__(4270);
const node_http_handler_1 = __webpack_require__(3801);
const smithy_client_1 = __webpack_require__(2140);
const util_body_length_node_1 = __webpack_require__(7062);
const util_defaults_mode_node_1 = __webpack_require__(3889);
const util_retry_1 = __webpack_require__(9274);
const util_defaults_mode_node_1 = __webpack_require__(4715);
const util_retry_1 = __webpack_require__(9093);
const runtimeConfig_shared_1 = __webpack_require__(8997);
const getRuntimeConfig = (config) => {
(0, smithy_client_1.emitWarningIfUnsupportedVersion)(process.version);
Expand Down Expand Up @@ -680,8 +680,8 @@ exports.getRuntimeConfig = void 0;
const core_1 = __webpack_require__(2701);
const protocols_1 = __webpack_require__(1171);
const core_2 = __webpack_require__(4046);
const smithy_client_1 = __webpack_require__(4270);
const url_parser_1 = __webpack_require__(3282);
const smithy_client_1 = __webpack_require__(2140);
const url_parser_1 = __webpack_require__(8149);
const util_base64_1 = __webpack_require__(1532);
const util_utf8_1 = __webpack_require__(5579);
const httpAuthSchemeProvider_1 = __webpack_require__(7277);
Expand Down
30 changes: 15 additions & 15 deletions github-action/dist/87.index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export const modules = {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveHttpAuthSchemeConfig = exports.defaultSigninHttpAuthSchemeProvider = exports.defaultSigninHttpAuthSchemeParametersProvider = void 0;
const core_1 = __webpack_require__(2701);
const util_middleware_1 = __webpack_require__(7256);
const util_middleware_1 = __webpack_require__(5417);
const defaultSigninHttpAuthSchemeParametersProvider = async (config, context, input) => {
return {
operation: (0, util_middleware_1.getSmithyContext)(context).operation,
Expand Down Expand Up @@ -72,7 +72,7 @@ exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.defaultEndpointResolver = void 0;
const util_endpoints_1 = __webpack_require__(4985);
const util_endpoints_2 = __webpack_require__(3277);
const util_endpoints_2 = __webpack_require__(3298);
const ruleset_1 = __webpack_require__(1983);
const cache = new util_endpoints_2.EndpointCache({
size: 50,
Expand Down Expand Up @@ -117,14 +117,14 @@ var middlewareUserAgent = __webpack_require__(2685);
var configResolver = __webpack_require__(7536);
var core = __webpack_require__(4046);
var schema = __webpack_require__(3854);
var middlewareContentLength = __webpack_require__(9684);
var middlewareEndpoint = __webpack_require__(6878);
var middlewareRetry = __webpack_require__(9229);
var smithyClient = __webpack_require__(4270);
var middlewareContentLength = __webpack_require__(9097);
var middlewareEndpoint = __webpack_require__(8334);
var middlewareRetry = __webpack_require__(6834);
var smithyClient = __webpack_require__(2140);
var httpAuthSchemeProvider = __webpack_require__(104);
var runtimeConfig = __webpack_require__(4441);
var regionConfigResolver = __webpack_require__(4239);
var protocolHttp = __webpack_require__(6204);
var protocolHttp = __webpack_require__(9953);

const resolveClientEndpointParameters = (options) => {
return Object.assign(options, {
Expand Down Expand Up @@ -467,14 +467,14 @@ const package_json_1 = tslib_1.__importDefault(__webpack_require__(365));
const core_1 = __webpack_require__(2701);
const util_user_agent_node_1 = __webpack_require__(7889);
const config_resolver_1 = __webpack_require__(7536);
const hash_node_1 = __webpack_require__(3180);
const middleware_retry_1 = __webpack_require__(9229);
const hash_node_1 = __webpack_require__(2869);
const middleware_retry_1 = __webpack_require__(6834);
const node_config_provider_1 = __webpack_require__(1755);
const node_http_handler_1 = __webpack_require__(6876);
const smithy_client_1 = __webpack_require__(4270);
const node_http_handler_1 = __webpack_require__(3801);
const smithy_client_1 = __webpack_require__(2140);
const util_body_length_node_1 = __webpack_require__(7062);
const util_defaults_mode_node_1 = __webpack_require__(3889);
const util_retry_1 = __webpack_require__(9274);
const util_defaults_mode_node_1 = __webpack_require__(4715);
const util_retry_1 = __webpack_require__(9093);
const runtimeConfig_shared_1 = __webpack_require__(1006);
const getRuntimeConfig = (config) => {
(0, smithy_client_1.emitWarningIfUnsupportedVersion)(process.version);
Expand Down Expand Up @@ -525,8 +525,8 @@ exports.getRuntimeConfig = void 0;
const core_1 = __webpack_require__(2701);
const protocols_1 = __webpack_require__(1171);
const core_2 = __webpack_require__(4046);
const smithy_client_1 = __webpack_require__(4270);
const url_parser_1 = __webpack_require__(3282);
const smithy_client_1 = __webpack_require__(2140);
const url_parser_1 = __webpack_require__(8149);
const util_base64_1 = __webpack_require__(1532);
const util_utf8_1 = __webpack_require__(5579);
const httpAuthSchemeProvider_1 = __webpack_require__(104);
Expand Down
2 changes: 1 addition & 1 deletion github-action/dist/apps/cli/Cli.d.ts.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions github-action/dist/apps/cli/Startup.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ export declare class Startup {
configureServices(): this;
/**
* Configures infrastructure services for the application.
* Optionally accepts an AWS profile to use for service configuration.
* @param awsProfile - The AWS profile to use for configuring infrastructure services.
* @param provider - The cloud provider to use (aws or azure), defaults to aws.
* @returns The current instance for method chaining.
*/
configureInfrastructure(awsProfile?: string): this;
configureInfrastructure(awsProfile?: string, provider?: string): this;
create(): Container;
getServiceProvider(): Container;
private configureInfrastructureServices;
Expand Down
2 changes: 1 addition & 1 deletion github-action/dist/apps/cli/Startup.d.ts.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion github-action/dist/envilder/application/pushEnvToSsm/PushEnvToSsmCommandHandler.d.ts.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 4 additions & 0 deletions github-action/dist/envilder/domain/CliOptions.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,5 +30,9 @@ export type CliOptions = {
* Flag to push local .env file back to AWS SSM (renamed from import)
*/
push?: boolean;
/**
* Cloud provider to use (aws or azure), defaults to aws
*/
provider?: string;
};
//# sourceMappingURL=CliOptions.d.ts.map
2 changes: 1 addition & 1 deletion github-action/dist/envilder/domain/CliOptions.d.ts.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions github-action/dist/index.js
View file
Open in desktop

Large diffs are not rendered by default.

5 changes: 4 additions & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "envilder",
"version": "0.7.7",
"version": "1.0.0",
"description": "A CLI that securely centralizes your environment variables from AWS SSM as a single source of truth",
"author": {
"name": "Marçal Albert Castellví",
Expand Down Expand Up @@ -75,6 +75,9 @@
"dependencies": {
"@aws-sdk/client-ssm": "^3.958.0",
"@aws-sdk/credential-providers": "^3.958.0",
"@azure/core-rest-pipeline": "^1.22.2",
"@azure/identity": "^4.13.0",
"@azure/keyvault-secrets": "^4.10.0",
"@types/node": "^25.0.3",
"commander": "^14.0.2",
"dotenv": "^17.2.3",
Expand Down
Loading