Key vault secret refresh

[zhiyuanliang-ms]

Why this PR?

Usage:

const settings = await load("connection-string", {
  keyvaultOptions: {
    credential: credential,
    secretRefreshIntervalInMs: 120_000 // cannot less than 60 seconds
  }
});

Allow periodic reload of key vault secrets. In this case, even if there is no change on App Configuration key-values. This feature is targeted on the scenario where user is using latest version of a secret. In this case, the key vault reference url will not change, but the secret value will change if user rotates their secret.

Secret cache

Secret with version will be cached after the initial load and whenever a secret reference of that secret is resolved, the value will always be served from the cache.

Secret with no version (which means latest), will be cached after the initial load, and it will be served from cache if the secret refresh interval is configured and not expired. Otherwise, the provider will reload it from the Key Vault.

reference: #249

[Copilot]

Pull Request Overview

This PR introduces periodic key vault secret refresh functionality along with updates to refresh intervals, error messages, and tracing tags. Key changes include:

• Adjusting timeout and interval constants across tests and production code.
• Incorporating secret refresh support into the key vault secret providers and configuration implementations.
• Updating error messages and tracing tags to include key vault secrets.

Reviewed Changes

Copilot reviewed 18 out of 18 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
test/utils/testHelper.ts	Updated MAX_TIME_OUT constant to support longer waiting time during tests.
test/refresh.test.ts	Updated error messages regarding refresh enabling to include key vault secrets.
test/keyvault.test.ts	Added tests covering the secret refresh interval and behavior when secrets update.
src/requestTracing/utils.ts & constants.ts	Introduced new tag (KEY_VAULT_REFRESH_CONFIGURED_TAG) for secret refresh configuration.
src/refresh/RefreshTimer.ts, refreshOptions.ts, load.ts	Updated naming for time constants and interval handling.
src/keyvault/*	Extended options, providers, and adapters to support secret refresh functionality.
src/ConfigurationClientManager.ts & AzureAppConfigurationImpl.ts	Integrated secret refresh logic into configuration loading and client management.
src/IKeyValueAdapter.ts & JsonKeyValueAdapter.ts	Added and updated onChangeDetected method in the key/value adapters.