Skip to content

Davidfowl/fix emulators#8406

Merged
eerhardt merged 6 commits intomainfrom
davidfowl/fix-emulators
Apr 2, 2025
Merged

Davidfowl/fix emulators#8406
eerhardt merged 6 commits intomainfrom
davidfowl/fix-emulators

Conversation

@davidfowl
Copy link
Member

@davidfowl davidfowl commented Mar 29, 2025
edited
Loading

Description

Don't add the keyvault if the resource is a container.

Fixes #8364

@davidfowl
Follow up keyvault changes
111b82f 
- Pass the IKeyVaultSecretReference to the SecretResolver
- Don't add the default keyvault when using the emulator.
@davidfowl
Enhance Azure Key Vault integration and add access key authentication…
bb09426 
… support for CosmosDB and other resources
@github-actions github-actions bot added the area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication label Mar 29, 2025
@davidfowl davidfowl added area-integrations Issues pertaining to Aspire Integrations packages azure-keyvault azure-cosmosdb Issues related to Azure CosmosDB and removed area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication labels Mar 29, 2025
@eerhardt eerhardt marked this pull request as ready for review April 2, 2025 00:15
Copilot AI review requested due to automatic review settings April 2, 2025 00:15
@eerhardt
Copy link
Member

eerhardt commented Apr 2, 2025

@davidfowl - I think this is ready for review.

Copilot AI reviewed Apr 2, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes the issue where a KeyVault resource is added in scenarios when the resource is either running as a container (for Redis and Postgres) or as an emulator (for CosmosDB). The changes update both test coverage and resource provisioning logic to conditionally remove the KeyVault resource based on the runtime mode and authentication type.

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file
File Description
tests/Aspire.Hosting.Azure.Tests/AzureRedisExtensionsTests.cs Added test to verify that KeyVault is not included when running Redis as a container.
tests/Aspire.Hosting.Azure.Tests/AzurePostgresExtensionsTests.cs Added test to verify that KeyVault is not included when running Postgres as a container.
tests/Aspire.Hosting.Azure.Tests/AzureCosmosDBExtensionsTests.cs Updated tests to validate KeyVault behavior for CosmosDB in both access key and emulator scenarios.
tests/Aspire.Hosting.Azure.Tests/AzureBicepResourceTests.cs Added tests and updated secret resolver usage to support the new signature.
src/Aspire.Hosting.Azure/Provisioning/Provisioners/BicepProvisioner.cs Modified the secret resolver lambda to use IKeyVaultSecretReference.
src/Aspire.Hosting.Azure/IKeyVaultResource.cs Updated the interface signature for SecretResolver to accept IKeyVaultSecretReference.
src/Aspire.Hosting.Azure.Redis/AzureRedisExtensions.cs Added an event subscription to remove the KeyVault when running in container mode.
src/Aspire.Hosting.Azure.PostgreSQL/AzurePostgresExtensions.cs Added an analogous event subscription for Postgres to remove the KeyVault when appropriate.
src/Aspire.Hosting.Azure.KeyVault/AzureKeyVaultSecretReference.cs Changed the secret resolver invocation to pass the secret reference instead of just the secret name.
src/Aspire.Hosting.Azure.KeyVault/AzureKeyVaultResource.cs Updated the internal handling of SecretResolver to reflect the new delegate signature.
src/Aspire.Hosting.Azure.CosmosDB/AzureCosmosDBResource.cs Altered the connection string generation to bypass secret references when running as an emulator.
src/Aspire.Hosting.Azure.CosmosDB/AzureCosmosDBExtensions.cs Updated event subscription to remove the KeyVault resource when the resource is in emulator mode.

@eerhardt eerhardt requested a review from captainsafia April 2, 2025 00:15
@eerhardt eerhardt requested a review from sebastienros April 2, 2025 00:16
davidfowl
davidfowl commented Apr 2, 2025
View reviewed changes
@eerhardt eerhardt merged commit 7dee91c into main Apr 2, 2025
174 checks passed
@eerhardt eerhardt deleted the davidfowl/fix-emulators branch April 2, 2025 15:25
@eerhardt
Copy link
Member

eerhardt commented Apr 2, 2025

/backport to release/9.2

@github-actions
Copy link
Contributor

github-actions bot commented Apr 2, 2025

Started backporting to release/9.2: https://github.com/dotnet/aspire/actions/runs/14223464886

@github-actions github-actions bot mentioned this pull request Apr 2, 2025
Merged
@github-actions github-actions bot locked and limited conversation to collaborators May 3, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@eerhardt eerhardt eerhardt left review comments

Copilot code review Copilot Copilot left review comments

@sebastienros sebastienros sebastienros approved these changes

@captainsafia captainsafia Awaiting requested review from captainsafia

Assignees

No one assigned

Labels

area-integrations Issues pertaining to Aspire Integrations packages azure-cosmosdb Issues related to Azure CosmosDB azure-keyvault

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cosmos, Redis and Postgres show keyvault when using key access or passwords with emulator

4 participants

@davidfowl @eerhardt @sebastienros @captainsafia