Added initial support for app service as a compute environment #9090
Conversation
github-actions
bot
added
the
area-integrations
src/Aspire.Hosting.Azure.AppService/AzureAppServiceComputeResourceExtensions.cs
Outdated
Show resolved
Hide resolved
This will allow us to start experimenting with cross compute endpoint references (which doesn't work today). - The mirrors what we have with azure container apps pretty closely with some limitations. - Only support for projects in this pass - On support for public http endpoints (we don't do anything with private networking) - Single app service plan, which means you can't scale compute independently - Added tests
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentExtensions.cs
Show resolved
Hide resolved
…eResourceExtensions and remove unused AzureProvisioningResourceExtensions file
davidfowl
force-pushed
the
davidfowl/app-service
branch
from
8e8dbd6 to
75754d0
Compare
src/Aspire.Hosting.Azure.AppService/AzureAppServiceInfrastructure.cs
Outdated
Show resolved
Hide resolved
davidfowl
added
the
azure
…ation and enhance managed identity setup
… to include tags and improve clarity in resource management
| } | ||
| } | ||
|
|
||
| private (object, SecretType) ProcessValue(object value, SecretType secretType = SecretType.None, object? parent = null) |
There was a problem hiding this comment.
This logic can be largely reused between aca and app service. Endpoint resolution would need to be extracted somehow.
… BeforeStartAsync method
…and improve clarity in Azure provisioning
| Scheme: endpoint.UriScheme, | ||
| Host: HostName, | ||
| Port: endpoint.UriScheme == "https" ? 443 : 80, | ||
| TargetPort: null, // App Service manages internal port mapping |
There was a problem hiding this comment.
We should be able to support overriding this. Right now this PR only supports projects and projects with default http/https endpoints.
|
This looks good overall. I noticed that it blows up if you try to run it through AZD (wasn't expecting it to work really - but the error was a bit odd):
|
|
In terms of cross compute endpoint references it's going to be very interesting to see how we achieve this. Consider a scenario where you have two different compute environments with a circular reference between them. |
We attempt to tolerate cycles for endpoints for pragmatic reasons (https://gist.github.com/davidfowl/b408af870d4b5b54a28bf18bffa127e1#special-case-endpoints), but we assume that they can be resolved without deploying website itself. |
It should work with azd, it looks like you already have an environment somehow? Update azd and try making a new environment. |
| @@ -0,0 +1,3 @@ | |||
| { | |||
| "appHostPath": "../AzureAppService.AppHost/AzureAppService.AppHost.csproj" | |||
There was a problem hiding this comment.
Should we add .aspire to a .gitignore?
I don't understand why this file is even required.
There was a problem hiding this comment.
Nope, it should be checked in
playground/AzureAppService/AzureAppService.AppHost/AzureAppService.AppHost.csproj
Show resolved
Hide resolved
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentExtensions.cs
Outdated
Show resolved
Hide resolved
| var prefix = infra.AspireResource.Name; | ||
| var resource = infra.AspireResource; | ||
|
|
||
| // This tells azd to avoid creating infrastructure |
There was a problem hiding this comment.
Really? That's the contract? If there is a parameter named userPrincipalId?
There was a problem hiding this comment.
Yep @vhvb1989. I think this is because we also support yaml mode where the app uses none of these types and azd still works.
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentExtensions.cs
Show resolved
Hide resolved
| { | ||
| containerRegistry = new ContainerRegistryService(Infrastructure.NormalizeBicepIdentifier($"{prefix}_acr")) | ||
| { | ||
| Sku = new() { Name = ContainerRegistrySkuName.Basic }, |
There was a problem hiding this comment.
I wonder if we should consolidate this across ACA and here, so there is only 1 place to change the defaults of an ACR.
There was a problem hiding this comment.
This, endpoint grouping, and env and arg processing.
… for improved resource management
| <PropertyGroup> | ||
| <TargetFramework>$(DefaultTargetFramework)</TargetFramework> | ||
| <IsPackable>true</IsPackable> | ||
| <PackageTags>aspire integration hosting azure</PackageTags> |
There was a problem hiding this comment.
Do we want any package tags specific for AppService?
| <IsPackable>true</IsPackable> | ||
| <PackageTags>aspire integration hosting azure</PackageTags> | ||
| <Description>Azure app service resource types for .NET Aspire.</Description> | ||
| <PackageIconFullPath>$(SharedDir)Azure_256x.png</PackageIconFullPath> |
There was a problem hiding this comment.
Does app service have its own icon?
| builder.AddAzureProvisioning(); | ||
| builder.Services.Configure<AzureProvisioningOptions>(options => options.SupportsTargetedRoleAssignments = true); | ||
|
|
||
| if (builder.ExecutionContext.IsPublishMode) |
There was a problem hiding this comment.
Is this check necessary? The infrastructure class checks in its hook already.
| /// for Azure App Service and applies the provided configuration action to the App Service WebSite resource. | ||
| /// <example> | ||
| /// <code> | ||
| /// builder.AddNpmApp("name", "image").PublishAsAzureAppServiceWebsite((infrastructure, app) => |
There was a problem hiding this comment.
This doesn't work yet, right? Should this be AddProject?
src/Aspire.Hosting.Azure.AppService/AzureAppServiceComputeResourceExtensions.cs
Outdated
Show resolved
Hide resolved
| var acrClientIdParameter = environmentContext.Environment.ContainerRegistryClientId.AsProvisioningParameter(infra); | ||
| var containerImage = AllocateParameter(ResourceExpression.GetContainerImageExpression(Resource)); | ||
|
|
||
| var webSite = new WebSite("webapp") |
There was a problem hiding this comment.
(nit) why the hard-coded "webapp" instead of being based on the Resource name?
There was a problem hiding this comment.
Does it matter? It's in a module (it's the variable name 😄 )
There was a problem hiding this comment.
It doesn't. Just inconsistent with ACA.
|
|
||
| foreach (var arg in Args) | ||
| { | ||
| var (val, secretType) = ProcessValue(arg); |
There was a problem hiding this comment.
Does this code need to inspect secretType?
There was a problem hiding this comment.
See the PR description. There's no secret store in app service (and secrets also aren't supported in args in ACA). We need to throw here an in app service if secrets are used in args.
We might also need a strategy for App service secrets in general (like an associated keyvault).
Description
This will allow us to start experimenting with cross compute endpoint references (which doesn't work today).
Contributes to #5675
Checklist