search

Azure / azure-dev

A developer CLI that reduces the time it takes for you to get started on Azure. The Azure Developer CLI (azd) provides a set of developer-friendly commands that map to key stages in your workflow - code, build, deploy, monitor, repeat.
https://aka.ms/azd
MIT License
408 stars 196 forks source link

[Issue] Azure Key Vault name generated is too long when generated from an Azure Cosmos DB resource #3496

Closed christiannagel closed 7 months ago

christiannagel commented 7 months ago

Output from azd version Run azd version and copy and paste the output here: azd version 1.7.0-beta.1-pr.3518885 (commit d62cc4c16bda2eefabf48b7d7f8bd616cad1445a)

Describe the bug Using .NET Aspire, when using an Azure Cosmos DB resource, an Azure Key Vault that is generated, the vault's name is too long.

I had this deployment error running azd up:

  (✓) Done: Resource group: rg-codebreaker-12p4
  (x) Failed: Key Vault: codebreakercosmoskvzehizmlsmqemc
  (✓) Done: Log Analytics workspace: law-zehizmlsmqemc
  (✓) Done: Log Analytics workspace: law-appinsights-zehizmlsmqemc
  (✓) Done: Container Registry: acrzehizmlsmqemc
  (✓) Done: Application Insights: appinsights-zehizmlsmqemc
  (✓) Done: Container Apps Environment: cae-zehizmlsmqemc
  (✓) Done: Container App: redis

ERROR: deployment failed: failing invoking action 'provision', error deploying infrastructure: deploying to subscription:

Deployment Error Details:
VaultNameNotValid: The vault name 'codebreakercosmoskvzehizmlsmqemc' is invalid. A vault's name must be between 3-24 alphanumeric characters. The name must begin with a letter, end with a letter or digit, and not contain consecutive hyphens. Follow this link for more information: https://go.microsoft.com/fwlink/?linkid=2147742

TraceID: c1ac58b6641a0c31559f74d2d84f858c

ERROR: error executing step command 'provision': deployment failed: failing invoking action 'provision', error deploying infrastructure: deploying to subscription:

Deployment Error Details:
VaultNameNotValid: The vault name 'codebreakercosmoskvzehizmlsmqemc' is invalid. A vault's name must be between 3-24 alphanumeric characters. The name must begin with a letter, end with a letter or digit, and not contain consecutive hyphens. Follow this link for more information: https://go.microsoft.com/fwlink/?linkid=2147742

Using this app model:

    var insights = builder.AddAzureApplicationInsights("AppInsights");
    var redis = builder.AddRedis("redis");

    var cosmos = builder.AddAzureCosmosDB("codebreakercosmos")
        .AddDatabase("codebreaker");

    var gameAPIs = builder.AddProject<Projects.Codebreaker_GameAPIs>("gameapis")
        .WithReference(cosmos)
        .WithReference(redis)
        .WithReference(insights)
        .WithEnvironment("DataStore", dataStore)
        .WithReplicas(1);

    builder.AddProject<Projects.CodeBreaker_Blazor_Host>("blazor")
        .WithReference(gameAPIs)
        .WithReference(insights);

    builder.AddProject<Projects.CodeBreaker_Bot>("bot")
        .WithReference(gameAPIs)
        .WithReference(insights);

This is the generated manifest:

{
  "resources": {
    "AppInsights": {
      "type": "azure.bicep.v0",
      "connectionString": "{AppInsights.outputs.appInsightsConnectionString}",
      "path": "aspire.hosting.azure.bicep.appinsights.bicep",
      "params": {
        "appInsightsName": "appinsights",
        "logAnalyticsWorkspaceId": ""
      }
    },
    "redis": {
      "type": "container.v0",
      "connectionString": "{redis.bindings.tcp.host}:{redis.bindings.tcp.port}",
      "image": "redis:7.2.4",
      "bindings": {
        "tcp": {
          "scheme": "tcp",
          "protocol": "tcp",
          "transport": "tcp",
          "containerPort": 6379
        }
      }
    },
    "codebreakercosmos": {
      "type": "azure.bicep.v0",
      "connectionString": "{codebreakercosmos.secretOutputs.connectionString}",
      "path": "aspire.hosting.azure.bicep.cosmosdb.bicep",
      "params": {
        "databaseAccountName": "codebreakercosmos",
        "databases": [
          "codebreaker"
        ],
        "keyVaultName": ""
      }
    },
    "gameapis": {
      "type": "project.v0",
      "path": "../Codebreaker.GameAPIs/Codebreaker.GameAPIs.csproj",
      "env": {
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
        "ConnectionStrings__codebreakercosmos": "{codebreakercosmos.connectionString}",
        "ConnectionStrings__redis": "{redis.connectionString}",
        "APPLICATIONINSIGHTS_CONNECTION_STRING": "{AppInsights.connectionString}",
        "DataStore": "Cosmos"
      },
      "bindings": {
        "http": {
          "scheme": "http",
          "protocol": "tcp",
          "transport": "http"
        },
        "https": {
          "scheme": "https",
          "protocol": "tcp",
          "transport": "http"
        }
      }
    },
    "blazor": {
      "type": "project.v0",
      "path": "../CodeBreaker.Blazor.Host/CodeBreaker.Blazor.Host.csproj",
      "env": {
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
        "APPLICATIONINSIGHTS_CONNECTION_STRING": "{AppInsights.connectionString}",
        "services__gameapis__0": "{gameapis.bindings.http.url}",
        "services__gameapis__1": "{gameapis.bindings.https.url}"
      },
      "bindings": {
        "http": {
          "scheme": "http",
          "protocol": "tcp",
          "transport": "http"
        },
        "https": {
          "scheme": "https",
          "protocol": "tcp",
          "transport": "http"
        }
      }
    },
    "bot": {
      "type": "project.v0",
      "path": "../CodeBreaker.Bot/CodeBreaker.Bot.csproj",
      "env": {
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
        "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
        "APPLICATIONINSIGHTS_CONNECTION_STRING": "{AppInsights.connectionString}",
        "services__gameapis__0": "{gameapis.bindings.http.url}",
        "services__gameapis__1": "{gameapis.bindings.https.url}"
      },
      "bindings": {
        "http": {
          "scheme": "http",
          "protocol": "tcp",
          "transport": "http"
        },
        "https": {
          "scheme": "https",
          "protocol": "tcp",
          "transport": "http"
        }
      }
    }
  }
}

The vault name is prefixed from the Azure Cosmos DB resource, this results in a vault name longer than 24 characters.

Expected behavior

I expect to have a key vault name generated that's valid or get a warning before deploying the other resources.

Environment Information on your environment:

Additional context Add any other context about the problem here.

rajeshkamal5050 commented 7 months ago

@vhvb1989 @davidfowl don't think its a blocker for Preview 4 release. Adding it to Preview 5.

vhvb1989 commented 7 months ago

Closing as a known bug for preview4 and as a feature to be changed for preview5.

christiannagel commented 7 months ago

@vhvb1989 can you please reference the issue for the known bug, so I know when I can change the names back? I'm currently using these versions with this issue: aspire 8.0.0-preview.6.24177.4/8.0.100 azd version 1.7.0 (commit 49d6adc2efb178083f61822e6b4715258560803d)

vhvb1989 commented 7 months ago

@christiannagel , I tried to find the issue on dotnet/aspire that is tracking the refactorization I mentioned, but I gave up. Maybe @davidfowl knows the issue better.

However, that change won't make it to Aspire p5, so, I'm opening this issue to fix this on azd until then.

Thank you for bringing this up