HashicorpVault: Remove connection check for read-only

UiPath · Apr 15, 2021 · 4baec7b · 4baec7b
1 parent d390a21
commit 4baec7b
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 19 deletions.
diff --git a/src/SecureStore.HashicorpVault/HashicorpVaultClient.cs b/src/SecureStore.HashicorpVault/HashicorpVaultClient.cs
@@ -2,7 +2,6 @@
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using UiPath.Orchestrator.Extensibility.SecureStores;
-using UiPath.Orchestrator.Extensions.SecureStores.HashicorpVault.Resources;
 using VaultSharp;
 using VaultSharp.V1.AuthMethods;
 using VaultSharp.V1.AuthMethods.AppRole;
@@ -24,18 +23,6 @@ public HashicorpVaultClient(HashicorpVaultContext context)
             _context = context;
         }
 
-        public async Task TestConnection()
-        {
-            var vaultClient = GetVaultClient();
-            var health = await vaultClient.V1.System.GetHealthStatusAsync();
-            if (!health.Initialized || !health.HttpStatusCode.Equals(200))
-            {
-                throw new SecureStoreException(
-                    SecureStoreException.Type.InvalidConfiguration,
-                    nameof(Resource.HashicorpVaultConnectionFailed));
-            }
-        }
-
         public async Task<string> GetSecretAsync(string secretName)
         {
             var vaultClient = GetVaultClient();

diff --git a/src/SecureStore.HashicorpVault/HashicorpVaultReadOnlySecureStore.cs b/src/SecureStore.HashicorpVault/HashicorpVaultReadOnlySecureStore.cs
@@ -19,12 +19,13 @@ public HashicorpVaultReadOnlySecureStore()
         {
         }
 
-        public override async Task ValidateContextAsync(string context)
+        public override Task ValidateContextAsync(string context)
         {
-            var ctx = ConvertJsonToContext(context);
+            _ = ConvertJsonToContext(context);
 
-            var keyVaultClient = _clientFactory.CreateClient(ctx);
-            await keyVaultClient.TestConnection();
+            // Doing a health check would require a policy to read `sys/health`.
+            // We don't want to require more than strictly necessary, so we only do 
+            return Task.CompletedTask;
         }
 
         public override SecureStoreInfo GetStoreInfo()

diff --git a/src/SecureStore.HashicorpVault/IHashicorpVaultClient.cs b/src/SecureStore.HashicorpVault/IHashicorpVaultClient.cs
@@ -5,8 +5,6 @@ namespace UiPath.Orchestrator.Extensions.SecureStores.HashicorpVault
 {
     public interface IHashicorpVaultClient
     {
-        Task TestConnection();
-
         Task<string> GetSecretAsync(string secretName);
 
         Task<string> SetSecretAsync(string secretName, string secretValue);