Important
Modified to run Lowkey Vault with a lowkey.vault.azure.net hostname in Docker, which means the Node test cases need to run in Docker as well.
Start the compose file as normal to run Lowkey Vault: docker compose up (the profiles will prevent the tests running until we're ready)
Run the tests with docker compose run node npm test
(You can run them together with docker compose --profile node up but the output gets mixed together and can be difficult to read)
This is an example for Lowkey Vault. It demonstrates a basic scenario where a key is used for encrypt/decrypt operations and database connection specific credentials as well as getting a PKCS12 store with a certificate and matching private key inside.
- Key "repository"
- Secret "repository"
- Certificate "repository"
- Empty credentials for connecting to Lowkey Vault (not needed if Assumed Identity is used)
- Test implementations
- Tests using the empty credentials
- Tests using Managed Identity with DefaultAzureCredential (requires Assumed Identity)
- Start Lowkey Vault and Assumed Identity
- If you are not using the default
169.254.169.254:80address for Assumed Identity (because for example you are running it in the cloud)- Set
AZURE_POD_IDENTITY_AUTHORITY_HOSTenvironment variable to point to the Assumed Identity base URL e.g., http://localhost:8080 as done in every test method of the Managed Identity test cases
- Set
- Run the tests
Note
In order to better understand what is needed in general to make similar examples work, please find a generic overview here.
Tip
Since v2.4.2, Lowkey Vault is providing the same token endpoint on the 8080 port by default. Therefore, you don't need to start another container.