Closed iamsamcoder closed 1 year ago
@iamsamcoder Hey Sam -- apologies for the delayed response; this seems like a reasonable ask! As you mentioned, we currently set a default target port for Container Apps with ingress enabled, but it shouldn't be an issue to provide an opt-out scenario for this via another argument on the task. We'll work on this and let you know when it's readily available in the RC task. Thanks!
I also need this task to not enable ingress. I have services that are meant to be accessible only internally, through Dapr. When they become accessible outside the environment, it's a major security problem.
Any ETA on this issue?
@iamsamcoder @danadesrosiers Hey folks, apologies for the delayed response -- we have added an ingress
argument to the task that allows you to provide internal
or disabled
(depending on your scenario) to override the default value of external
, so this should remediate the issue that you're facing with ingress enabled publicly by default.
Please feel free to let me know if this resolves your issue or not. I'm going to close this issue, but I'm happy to continue conversations in this thread and re-open this issue if necessary.
I have a background service worker that I've dockerized and pushed to Azure Container Registry. I've found that I cannot use the container app deploy task in my pipeline because the task has a default for
targetPort
which updates the app to have an ingress. When the app has an ingress, a new revision is unable to finish provisioning. I suspect there is some background probe even though the container settings have all probes disabled.If I disable ingress on the container app for my background worker and deploy to the container app with the Azure CLI containerapp command, then my app will complete it's provisioning and be available.
Perhaps I need to add some custom health check to my background service, but I'm wondering if the container-app-deploy-task can be updated to work with apps which do not have an ingress?