search

Azure-Samples / contoso-real-estate

Intelligent enterprise-grade reference architecture for JavaScript, featuring OpenAI integration, Azure Developer CLI template and Playwright tests.
MIT License
869 stars 523 forks source link

[Chore] Recommend updating appservice.bicep to latest azure-dev files #460

Open pamelafox opened 6 months ago

pamelafox commented 6 months ago

In the original version of appservice.bicep, appSettings was not wrapped with an @secure decorator, so if a developer put any secrets in their app settings, it would leak into deployment outputs and cause a security alert. The latest version now has the secure decorator.

I noticed this repo is using the old version, so I recommend upgrading if you can.

You can git clone https://github.com/azure/azure-dev and then cp like this:

cp ../azure-dev/templates/common/infra/bicep/core/host/* infra/core/host/.

Or only cp app service files if you don't use other hosts:

cp ../azure-dev/templates/common/infra/bicep/core/host/appservice* infra/core/host/.

Then run azd up to make sure all still works.

manekinekko commented 6 months ago

Thanks @pamelafox for reporting this. The team will look into it asap.