From fa32ae517f772ea352d4156e27b58496ffb70a05 Mon Sep 17 00:00:00 2001 From: James Newton-King Date: Mon, 28 Oct 2024 22:09:35 +0800 Subject: [PATCH 1/3] Minor improvements to dist app builder config --- .../DistributedApplicationBuilder.cs | 24 ++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/src/Aspire.Hosting/DistributedApplicationBuilder.cs b/src/Aspire.Hosting/DistributedApplicationBuilder.cs index cf2d5824f12..ddfebf1012e 100644 --- a/src/Aspire.Hosting/DistributedApplicationBuilder.cs +++ b/src/Aspire.Hosting/DistributedApplicationBuilder.cs @@ -179,9 +179,17 @@ public DistributedApplicationBuilder(DistributedApplicationOptions options) // account for the path the AppHost is running from to disambiguate between different projects // with the same name as seen in https://github.com/dotnet/aspire/issues/5413. For publish scenarios, // we want to use a stable hash based only on the project name. - var appHostShaBytes = SHA256.HashData(Encoding.UTF8.GetBytes(AppHostPath)); - var appHostNameShaBytes = SHA256.HashData(Encoding.UTF8.GetBytes(appHostName)); - var appHostSha = ExecutionContext.IsPublishMode ? Convert.ToHexString(appHostNameShaBytes) : Convert.ToHexString(appHostShaBytes); + string appHostSha; + if (ExecutionContext.IsPublishMode) + { + var appHostNameShaBytes = SHA256.HashData(Encoding.UTF8.GetBytes(appHostName)); + appHostSha = Convert.ToHexString(appHostNameShaBytes); + } + else + { + var appHostShaBytes = SHA256.HashData(Encoding.UTF8.GetBytes(AppHostPath)); + appHostSha = Convert.ToHexString(appHostShaBytes); + } _innerBuilder.Configuration.AddInMemoryCollection(new Dictionary { ["AppHost:Sha256"] = appHostSha @@ -244,6 +252,16 @@ public DistributedApplicationBuilder(DistributedApplicationOptions options) } ); } + else + { + // The dashboard is enabled but is unsecured. Set auth mode config setting to reflect this state. + _innerBuilder.Configuration.AddInMemoryCollection( + new Dictionary + { + ["AppHost:ResourceService:AuthMode"] = nameof(ResourceServiceAuthMode.Unsecured) + } + ); + } _innerBuilder.Services.AddSingleton(); _innerBuilder.Services.AddOptions().ValidateOnStart().PostConfigure(MapTransportOptionsFromCustomKeys); From 8b07d9abb85ab2ae479ea7c10a81e715db1fedf3 Mon Sep 17 00:00:00 2001 From: James Newton-King Date: Tue, 29 Oct 2024 13:27:19 +0800 Subject: [PATCH 2/3] Add tests --- .../DistributedApplicationBuilderTests.cs | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs b/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs index 6cd1f984485..c54ce384fc4 100644 --- a/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs +++ b/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs @@ -1,6 +1,7 @@ // Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. +using Aspire.Hosting.Dashboard; using Aspire.Hosting.Dcp; using Aspire.Hosting.Lifecycle; using Aspire.Hosting.Publishing; @@ -95,6 +96,28 @@ public void AppHostDirectoryAvailableViaConfig() Assert.Equal(appHostDirectory, config["AppHost:Directory"]); } + [Fact] + public void ResourceServiceConfig_Secured() + { + var appBuilder = DistributedApplication.CreateBuilder(); + using var app = appBuilder.Build(); + + var config = app.Services.GetRequiredService(); + Assert.Equal(nameof(ResourceServiceAuthMode.Unsecured), config["AppHost:ResourceService:AuthMode"]); + Assert.False(string.IsNullOrEmpty(config["AppHost:ResourceService:ApiKey"])); + } + + [Fact] + public void ResourceServiceConfig_Unsecured() + { + var appBuilder = DistributedApplication.CreateBuilder(args: [$"{KnownConfigNames.DashboardUnsecuredAllowAnonymous}=true"]); + using var app = appBuilder.Build(); + + var config = app.Services.GetRequiredService(); + Assert.Equal(nameof(ResourceServiceAuthMode.Unsecured), config["AppHost:ResourceService:AuthMode"]); + Assert.True(string.IsNullOrEmpty(config["AppHost:ResourceService:ApiKey"])); + } + [Fact] public void AddResource_DuplicateResourceNames_SameCasing_Error() { From 0ceb43d568b88a5bcd7b2221580656ca0f02c9ef Mon Sep 17 00:00:00 2001 From: James Newton-King Date: Tue, 29 Oct 2024 13:28:11 +0800 Subject: [PATCH 3/3] Opps --- .../Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs b/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs index c54ce384fc4..76175fe6d09 100644 --- a/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs +++ b/tests/Aspire.Hosting.Tests/DistributedApplicationBuilderTests.cs @@ -103,7 +103,7 @@ public void ResourceServiceConfig_Secured() using var app = appBuilder.Build(); var config = app.Services.GetRequiredService(); - Assert.Equal(nameof(ResourceServiceAuthMode.Unsecured), config["AppHost:ResourceService:AuthMode"]); + Assert.Equal(nameof(ResourceServiceAuthMode.ApiKey), config["AppHost:ResourceService:AuthMode"]); Assert.False(string.IsNullOrEmpty(config["AppHost:ResourceService:ApiKey"])); }