Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Our project causes the web browser to make requests directly to the Azure Storage (and therefore the emulator when running in dev mode). As the project is running on https, requests to the Emulator also need to be made over https.
Azurite supports listening over https, which solves this problem. We have this running in our Docker containers already and we're trying to work out how to enable this for Aspire.
Describe the solution you'd like
There are 2 problems that need to be solved to get Azurite working on https
- Getting the certificate into the container
- Adding the command line arguments to configure the start up of the container
The two options (that I can think of) for getting the certificate into the container are
- Add a bind mount with the existing certificates that can be passed to the container manager
- Pass the contents of the certificates in to code and create them in the container (somehow, I'm not sure how this one would work)
If there's a way to use a certificate provided by Aspire or ASPNET then that would be preferable as that's already likely to be trusted, and would remove the need to pass the location of the certificate to use in.
Additional context
I'm thinking something like the following
private const string HttpsCertificateArgument = "--cert /azurite/cert.pem --key /azurite/cert.pem.key";
/// <summary>
/// Ensures the emulator checks that the requested API version is valid.
/// </summary>
/// <param name="builder">Storage emulator resource builder.</param>
/// <param name="certPath">The path of the public key to be used (in PEM format).</param>
/// <param name="keyPath">The path of the private key to be used (in PEM format).</param>
/// <returns>An <see cref="IResourceBuilder{T}"/> for the <see cref="AzureStorageEmulatorResource"/>.</returns>
public static IResourceBuilder<AzureStorageEmulatorResource> WithHttpsCertificate(this IResourceBuilder<AzureStorageEmulatorResource> builder, string certPath, string keyPath)
{
ArgumentNullException.ThrowIfNull(builder);
ArgumentException.ThrowIfNullOrEmpty(certPath);
ArgumentException.ThrowIfNullOrEmpty(keyPath);
if (!File.Exists(certPath))
{
throw new FileNotFoundException($"The certificate file '{certPath}' does not exist.", certPath);
}
if (!File.Exists(keyPath))
{
throw new FileNotFoundException($"The key file '{keyPath}' does not exist.", keyPath);
}
builder
.WithBindMount(certPath, "/azurite/cert.pem", isReadOnly: true)
.WithBindMount(keyPath, "/azurite/cert.pem.key", isReadOnly: true);
builder.WithArgs(context => {
if (!context.Args.Contains(HttpsCertificateArgument))
{
context.Args.Add(HttpsCertificateArgument);
}
});
return builder;
}
Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Our project causes the web browser to make requests directly to the Azure Storage (and therefore the emulator when running in dev mode). As the project is running on https, requests to the Emulator also need to be made over https.
Azurite supports listening over https, which solves this problem. We have this running in our Docker containers already and we're trying to work out how to enable this for Aspire.
Describe the solution you'd like
There are 2 problems that need to be solved to get Azurite working on https
The two options (that I can think of) for getting the certificate into the container are
If there's a way to use a certificate provided by Aspire or ASPNET then that would be preferable as that's already likely to be trusted, and would remove the need to pass the location of the certificate to use in.
Additional context
I'm thinking something like the following