User secrets not available for isolated function app

[ggirard07]

When adding user secrets to an isolated function app, it looks like the secrets.json file is not mounted to the location expected by default ~/.microsoft/usersecrets/<user_secrets_id>/secrets.json according to documentation. This is especially a problem on function app images as they override the default HOME location. Here is the code used in function app to setup user secrets:

var host = new HostBuilder()
    .ConfigureFunctionsWorkerDefaults()
    .ConfigureAppConfiguration(builder =>
    {
        builder.AddUserSecrets<Program>(optional: false, reloadOnChange: true);
    })
    .Build();

Currently, I end up with following expected path from configuration provider /home/site/wwwroot/bin/Debug/net6.0/secrets.json, as parent directory for calculated location /home/.microsoft/usersecrets/<user_secrets_id>/secrets.json does not exists.

I think this is partially linked to the fix implemented for #250

[dbreshears]

Thanks. I logged a workitem on our internal backlog to investigate this for 17.8

[NCarlsonMSFT]

@ggirard07 I don't have a timeline for the full fix (talking to the Azure Functions team before making changes to make sure I understand the intent of the base image's configuration) but in the short term you can work-around this in your own project.

For the single tools you can add:

<PropertyGroup>
  <DockerfileRunArguments>-v $(APPDATA)/Microsoft/UserSecrets:/home/.microsoft/usersecrets:ro</DockerfileRunArguments>
</PropertyGroup>

to the project file to add the correct mount.

If you're using compose you can add:

services:
  functionapp10:
    volumes:
    - ${APPDATA}/Microsoft/UserSecrets:/home/.microsoft/usersecrets:ro

to a compose file. I recommend using docker-compose.vs.debug.yml / docker-compose.vs.release.yml as this is only needed for debugging.

[ggirard07]

@NCarlsonMSFT Thanks for feedback, the volume mount in docker compose is what I am currently using :)