Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatically persist generated password for all containers with user names and passwords #1151

Closed
DamianEdwards opened this issue Nov 30, 2023 · 6 comments · Fixed by #4507
Closed

Automatically persist generated password for all containers with user names and passwords #1151

DamianEdwards opened this issue Nov 30, 2023 · 6 comments · Fixed by #4507
Assignees
@DamianEdwards
Labels
area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication

Comments

@DamianEdwards
Copy link
Member

By default today, we auto-generate a password for the SQL Server container when AddSqlServerContainer is called in an AppHost project. A random password on each app start isn't a great experience though as anything created in one session cannot be used in the next if a persistent volume is configured.

We should consider how we might instead automatically manage preservation of the generated password and reuse in subsequent runs, e.g. in user secrets. One challenge of user secrets is it requires initializing the project with an ID (via an MSBuild property in the project file) and modifying the project file while the app is running is probably not a great idea.
@DamianEdwards DamianEdwards added area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication enhancement and removed area-dashboard labels Nov 30, 2023
@DamianEdwards DamianEdwards mentioned this issue Nov 30, 2023
Merged
@mitchdenny mitchdenny mentioned this issue Jan 1, 2024
Merged
@mitchdenny
Copy link
Member

@DamianEdwards I've got this PR where I am looking to add secret support to Aspire:

#1487

This PR is the first phase which adds the underlying resource types, but in the comments I've added a note on how this could evolve to provide some increased management around managing container password secrets (as an example). The difference here is that we don't store a generated password, instead we get a password from configuration (locally) which could be in user secrets.

I think that this is a reasonable pay for play compromise? Even if we did want to go further and do generation and storage we'd probably layer it on top of this generic secrets mechanism rather than building it bespoke for each resource?

@mitchdenny mitchdenny self-assigned this Jan 1, 2024
@mitchdenny mitchdenny added this to the preview 3 (Feb) milestone Jan 11, 2024
@mitchdenny
Copy link
Member

Punting to preview 4 because we won't have time to react to some of the discussions from our app model offsite and it will dictate what we do here.

@davidfowl davidfowl mentioned this issue Jan 29, 2024
Closed
11 tasks
@mitchdenny
Copy link
Member

We discussed this at one of the AppHost syncs. We still want to do this an it's an important building block for container persistence.

@davidfowl davidfowl changed the title Automatically persist generated password for SQL container Automatically persist generated password for all containers with user names and passwords Feb 28, 2024
@davidfowl
Copy link
Member

Related to #2438

@DamianEdwards DamianEdwards mentioned this issue Mar 23, 2024
Closed
@davidfowl davidfowl modified the milestones: preview 5 (Apr), Backlog Mar 26, 2024
@DamianEdwards DamianEdwards mentioned this issue Apr 5, 2024
Merged
@davidfowl davidfowl modified the milestones: Backlog, 8.1 Apr 12, 2024
@davidfowl
Copy link
Member

Putting this in 8.1. It's important for the volume experience.

@davidfowl davidfowl mentioned this issue Apr 12, 2024
Closed
@DamianEdwards DamianEdwards mentioned this issue Apr 16, 2024
Closed
@DamianEdwards DamianEdwards mentioned this issue Jun 11, 2024
Closed
@DamianEdwards DamianEdwards mentioned this issue Jun 12, 2024
Merged
DamianEdwards added a commit that referenced this issue Jun 14, 2024
@DamianEdwards
Save password parameter default values to user secrets
03ffc39 
#1151
This was referenced Jun 14, 2024
Merged
Closed
DamianEdwards added a commit that referenced this issue Jun 19, 2024
@DamianEdwards @mitchdenny
Save password parameter default values to user secrets (#4507)
4e06e32 
* Save password parameter default values to user secrets

#1151

* Fix copy pasta

* Don't throw if parameter default can't be saved in user secrets

* Revert adding constant

* Update PublicAPI.Unshipped.txt

* Flow AppHost assembly from options to IDistributedApplicationBuilder

* Add tests

* Fix PublicAPI.Unshipped

* More tests

* Save the file with formatting.

* Remove environment check

* PR feedback

* PR feedback

* PR feedback

* Add test for comments in user secrets file case

* Remove the Lazy

---------

Co-authored-by: Mitch Denny <midenn@microsoft.com>
@davidfowl
Copy link
Member

Sweet!

@github-actions github-actions bot locked and limited conversation to collaborators Jul 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@DamianEdwards DamianEdwards

Labels
area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Save password parameter default values to user secrets dotnet/aspire
3 participants
@davidfowl @DamianEdwards @mitchdenny