Set HTTP/HTTPS_PORTS on projects in publish mode (dotnet#4404)

davidebbo · web-flow · commit a1f0a598e7c5 · 2024-06-09T23:59:09.000-07:00
* Set HTTP/HTTPS_PORTS on projects in publish mode - Only do this for explicit endpoints, not from profile Fixes dotnet#3749
diff --git a/playground/TestShop/AppHost/aspire-manifest.json b/playground/TestShop/AppHost/aspire-manifest.json
@@ -27,7 +27,7 @@
     "basketcache": {
       "type": "container.v0",
       "connectionString": "{basketcache.bindings.tcp.host}:{basketcache.bindings.tcp.port}",
-      "image": "docker.io/library/redis:7.2.4",
+      "image": "docker.io/library/redis:7.2",
       "args": [
         "--save",
         "60",
@@ -57,6 +57,7 @@
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
         "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+        "HTTP_PORTS": "{catalogservice.bindings.http.targetPort}",
         "ConnectionStrings__catalogdb": "{catalogdb.connectionString}"
       },
       "bindings": {
@@ -75,7 +76,7 @@
     "messaging": {
       "type": "container.v0",
       "connectionString": "amqp://guest:{rabbitmq-password.value}@{messaging.bindings.tcp.host}:{messaging.bindings.tcp.port}",
-      "image": "docker.io/library/rabbitmq:3-management",
+      "image": "docker.io/library/rabbitmq:3.13-management",
       "volumes": [
         {
           "name": "TestShop.AppHost-messaging-data",
@@ -110,6 +111,7 @@
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
         "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+        "HTTP_PORTS": "{basketservice.bindings.http.targetPort}",
         "ConnectionStrings__basketcache": "{basketcache.connectionString}",
         "ConnectionStrings__messaging": "{messaging.connectionString}"
       },
@@ -134,6 +136,7 @@
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
         "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+        "HTTP_PORTS": "{frontend.bindings.http.targetPort}",
         "services__basketservice__http__0": "{basketservice.bindings.http.url}",
         "services__basketservice__https__0": "{basketservice.bindings.https.url}",
         "services__catalogservice__http__0": "{catalogservice.bindings.http.url}",
@@ -172,6 +175,7 @@
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
         "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+        "HTTP_PORTS": "{apigateway.bindings.http.targetPort}",
         "services__basketservice__http__0": "{basketservice.bindings.http.url}",
         "services__basketservice__https__0": "{basketservice.bindings.https.url}",
         "services__catalogservice__http__0": "{catalogservice.bindings.http.url}",
@@ -198,6 +202,7 @@
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
         "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
         "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+        "HTTP_PORTS": "{catalogdbapp.bindings.http.targetPort}",
         "ConnectionStrings__catalogdb": "{catalogdb.connectionString}"
       },
       "bindings": {
@@ -245,4 +250,4 @@
       }
     }
   }
-}
+}
diff --git a/src/Aspire.Hosting/ApplicationModel/EndpointAnnotation.cs b/src/Aspire.Hosting/ApplicationModel/EndpointAnnotation.cs
@@ -130,6 +130,11 @@ public string Transport
     /// </summary>
     internal bool FromLaunchProfile { get; set; }
 
+    /// <summary>
+    /// Gets or sets a value indicating whether to skip adding the endpoint from HTTPS_PORTS env var
+    /// </summary>
+    internal bool ExcludeFromPortEnvironment { get; set; }
+
     /// <summary>
     /// The environment variable that contains the target port. Setting prevents a variable from flowing into ASPNETCORE_URLS for project resources.
     /// </summary>
diff --git a/src/Aspire.Hosting/ProjectResourceBuilderExtensions.cs b/src/Aspire.Hosting/ProjectResourceBuilderExtensions.cs
@@ -1,6 +1,7 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
+using System.Diagnostics;
 using Aspire.Hosting.ApplicationModel;
 using Aspire.Hosting.Dashboard;
 using Aspire.Hosting.Utils;
@@ -324,30 +325,40 @@ private static IResourceBuilder<ProjectResource> WithProjectDefaults(this IResou
         }
         else
         {
+            // Set HTTP_PORTS/HTTPS_PORTS in publish mode, to override the default port set in the base image. Note that:
+            // - We don't set them if we have Kestrel endpoints configured, as Kestrel will get everything from its config.
+            // - We only do that for endpoint set explicitly (.WithHttpEndpoint), not for the ones coming from launch profile.
+            //   This is because launch profile endpoints are not meant to be used in production.
+            if (!kestrelEndpointsByScheme.Any())
+            {
+                builder.SetBothPortsEnvVariables();
+            }
+
             // If we aren't a web project (looking at both launch profile and Kestrel config) we don't automatically add bindings.
             if (launchProfile?.ApplicationUrl == null && !kestrelEndpointsByScheme.Any())
             {
                 return builder;
             }
 
-            if (!projectResource.Annotations.OfType<EndpointAnnotation>().Any(sb => sb.UriScheme == "http" || string.Equals(sb.Name, "http", StringComparisons.EndpointAnnotationName)))
+            string[] schemes = ["http", "https"];
+            foreach (var scheme in schemes)
             {
-                builder.WithEndpoint("http", e =>
+                if (!projectResource.Annotations.OfType<EndpointAnnotation>().Any(sb => sb.UriScheme == scheme || string.Equals(sb.Name, scheme, StringComparisons.EndpointAnnotationName)))
                 {
-                    e.UriScheme = "http";
-                    e.Transport = adjustTransport(e);
-                },
-                createIfNotExists: true);
-            }
+                    builder.WithEndpoint(scheme, e =>
+                    {
+                        e.UriScheme = scheme;
+                        e.Transport = adjustTransport(e);
 
-            if (!projectResource.Annotations.OfType<EndpointAnnotation>().Any(sb => sb.UriScheme == "https" || string.Equals(sb.Name, "https", StringComparisons.EndpointAnnotationName)))
-            {
-                builder.WithEndpoint("https", e =>
-                {
-                    e.UriScheme = "https";
-                    e.Transport = adjustTransport(e);
-                },
-                createIfNotExists: true);
+                        // In the https case, we don't want this default endpoint to end up in the HTTPS_PORTS env var,
+                        // because the container likely won't be set up to listen on https (e.g. ACA case)
+                        if (scheme == "https")
+                        {
+                            e.ExcludeFromPortEnvironment = true;
+                        }
+                    },
+                    createIfNotExists: true);
+                }
             }
         }
 
@@ -440,13 +451,11 @@ private static IConfiguration GetConfiguration(ProjectResource projectResource)
         return configBuilder.Build();
     }
 
+    static bool IsValidAspNetCoreUrl(EndpointAnnotation e) =>
+        e.UriScheme is "http" or "https" && e.TargetPortEnvironmentVariable is null;
+
     private static void SetAspNetCoreUrls(this IResourceBuilder<ProjectResource> builder)
     {
-        if (builder.ApplicationBuilder.ExecutionContext.IsPublishMode)
-        {
-            return;
-        }
-
         builder.WithEnvironment(context =>
         {
             if (context.EnvironmentVariables.ContainsKey("ASPNETCORE_URLS"))
@@ -460,9 +469,6 @@ private static void SetAspNetCoreUrls(this IResourceBuilder<ProjectResource> bui
             var processedHttpsPort = false;
             var first = true;
 
-            static bool IsValidAspNetCoreUrl(EndpointAnnotation e) =>
-                e.UriScheme is "http" or "https" && e.TargetPortEnvironmentVariable is null;
-
             // Turn http and https endpoints into a single ASPNETCORE_URLS environment variable.
             foreach (var e in builder.Resource.GetEndpoints().Where(e => IsValidAspNetCoreUrl(e.EndpointAnnotation)))
             {
@@ -491,4 +497,47 @@ static bool IsValidAspNetCoreUrl(EndpointAnnotation e) =>
             }
         });
     }
+
+    private static void SetBothPortsEnvVariables(this IResourceBuilder<ProjectResource> builder)
+    {
+        builder.WithEnvironment(context =>
+        {
+            builder.SetOnePortsEnvVariable(context, "HTTP_PORTS", "http");
+            builder.SetOnePortsEnvVariable(context, "HTTPS_PORTS", "https");
+        });
+    }
+
+    private static void SetOnePortsEnvVariable(this IResourceBuilder<ProjectResource> builder, EnvironmentCallbackContext context, string portEnvVariable, string scheme)
+    {
+        if (context.EnvironmentVariables.ContainsKey(portEnvVariable))
+        {
+            // If the user has already set that variable, we don't want to override it.
+            return;
+        }
+
+        var ports = new ReferenceExpressionBuilder();
+        var firstPort = true;
+
+        // Turn endpoint ports into a single environment variable
+        foreach (var e in builder.Resource.GetEndpoints().Where(e => IsValidAspNetCoreUrl(e.EndpointAnnotation)))
+        {
+            if (e.EndpointAnnotation.UriScheme == scheme && !e.EndpointAnnotation.ExcludeFromPortEnvironment)
+            {
+                Debug.Assert(!e.EndpointAnnotation.FromLaunchProfile, "Endpoints from launch profile should never make it here");
+
+                if (!firstPort)
+                {
+                    ports.AppendLiteral(";");
+                }
+
+                ports.Append($"{e.Property(EndpointProperty.TargetPort)}");
+                firstPort = false;
+            }
+        }
+
+        if (!firstPort)
+        {
+            context.EnvironmentVariables[portEnvVariable] = ports.Build();
+        }
+    }
 }
diff --git a/tests/Aspire.Hosting.Tests/ManifestGenerationTests.cs b/tests/Aspire.Hosting.Tests/ManifestGenerationTests.cs
@@ -424,7 +424,8 @@ public void VerifyTestProgramFullManifest()
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
-                    "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true"
+                    "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+                    "HTTP_PORTS": "{servicea.bindings.http.targetPort}"
                   },
                   "bindings": {
                     "http": {
@@ -446,7 +447,8 @@ public void VerifyTestProgramFullManifest()
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
-                    "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true"
+                    "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+                    "HTTP_PORTS": "{serviceb.bindings.http.targetPort}"
                   },
                   "bindings": {
                     "http": {
@@ -500,6 +502,7 @@ public void VerifyTestProgramFullManifest()
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
                     "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
                     "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+                    "HTTP_PORTS": "{integrationservicea.bindings.http.targetPort}",
                     "SKIP_RESOURCES": "None",
                     "ConnectionStrings__tempdb": "{tempdb.connectionString}",
                     "ConnectionStrings__mysqldb": "{mysqldb.connectionString}",
diff --git a/tests/Aspire.Hosting.Tests/ProjectResourceTests.cs b/tests/Aspire.Hosting.Tests/ProjectResourceTests.cs
@@ -273,7 +273,7 @@ public async Task AspNetCoreUrlsNotInjectedInPublishMode()
 
         var resource = Assert.Single(projectResources);
 
-        var config = await EnvironmentVariableEvaluator.GetEnvironmentVariablesAsync(resource);
+        var config = await EnvironmentVariableEvaluator.GetEnvironmentVariablesAsync(resource, DistributedApplicationOperation.Publish);
 
         Assert.False(config.ContainsKey("ASPNETCORE_URLS"));
         Assert.False(config.ContainsKey("ASPNETCORE_HTTPS_PORT"));
@@ -413,7 +413,8 @@ public async Task VerifyManifest(bool disableForwardedHeaders)
               "env": {
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
-                "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory"{{fordwardedHeadersEnvVar}}
+                "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory"{{fordwardedHeadersEnvVar}},
+                "HTTP_PORTS": "{projectName.bindings.http.targetPort}"
               },
               "bindings": {
                 "http": {
@@ -463,7 +464,8 @@ public async Task VerifyManifestWithArgs()
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
-                "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true"
+                "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+                "HTTP_PORTS": "{projectName.bindings.http.targetPort}"
               },
               "bindings": {
                 "http": {
diff --git a/tests/Aspire.Hosting.Tests/WithEndpointTests.cs b/tests/Aspire.Hosting.Tests/WithEndpointTests.cs
@@ -470,7 +470,9 @@ public async Task VerifyManifestProjectWithHttpEndpointDoesNotAllocatePort()
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
                 "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
-                "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true"
+                "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+                "HTTP_PORTS": "{proj.bindings.hp.targetPort}",
+                "HTTPS_PORTS": "{proj.bindings.hps.targetPort}"
               },
               "bindings": {
                 "hp": {
@@ -490,6 +492,39 @@ public async Task VerifyManifestProjectWithHttpEndpointDoesNotAllocatePort()
         Assert.Equal(expectedManifest, manifest.ToString());
     }
 
+    [Fact]
+    public async Task VerifyManifestProjectWithEndpointsSetsPortsEnvVariables()
+    {
+        using var builder = TestDistributedApplicationBuilder.Create(DistributedApplicationOperation.Publish);
+        var project = builder.AddProject<TestProject>("proj")
+            .WithHttpEndpoint()
+            .WithHttpEndpoint(name: "hp1", port: 5001)
+            .WithHttpEndpoint(name: "hp2", port: 5002, targetPort: 5003)
+            .WithHttpEndpoint(name: "hp3", targetPort: 5004)
+            .WithHttpEndpoint(name: "hp4")
+            .WithHttpsEndpoint()
+            .WithHttpsEndpoint(name: "hps1", port: 7001)
+            .WithHttpsEndpoint(name: "hps2", port: 7002, targetPort: 7003)
+            .WithHttpsEndpoint(name: "hps3", targetPort: 7004)
+            .WithHttpsEndpoint(name: "hps4", targetPort: 7005);
+
+        var manifest = await ManifestUtils.GetManifest(project.Resource);
+
+        var expectedEnv =
+            """
+            {
+              "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EXCEPTION_LOG_ATTRIBUTES": "true",
+              "OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES": "true",
+              "OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY": "in_memory",
+              "ASPNETCORE_FORWARDEDHEADERS_ENABLED": "true",
+              "HTTP_PORTS": "{proj.bindings.http.targetPort};{proj.bindings.hp1.targetPort};{proj.bindings.hp2.targetPort};{proj.bindings.hp3.targetPort};{proj.bindings.hp4.targetPort}",
+              "HTTPS_PORTS": "{proj.bindings.https.targetPort};{proj.bindings.hps1.targetPort};{proj.bindings.hps2.targetPort};{proj.bindings.hps3.targetPort};{proj.bindings.hps4.targetPort}"
+            }
+            """;
+
+        Assert.Equal(expectedEnv, manifest["env"]!.ToString());
+    }
+
     [Fact]
     public async Task VerifyManifestPortAllocationIsGlobal()
     {
diff --git a/tests/eventhubns.module.bicep b/tests/eventhubns.module.bicep
@@ -0,0 +1,47 @@
+targetScope = 'resourceGroup'
+
+@description('')
+param location string = resourceGroup().location
+
+@description('')
+param sku string = 'Standard'
+
+@description('')
+param principalId string
+
+@description('')
+param principalType string
+
+
+resource eventHubsNamespace_wORIGuvCQ 'Microsoft.EventHub/namespaces@2021-11-01' = {
+  name: toLower(take('eventhubns${uniqueString(resourceGroup().id)}', 24))
+  location: location
+  tags: {
+    'aspire-resource-name': 'eventhubns'
+  }
+  sku: {
+    name: sku
+  }
+  properties: {
+  }
+}
+
+resource roleAssignment_2so8CKuFt 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  scope: eventHubsNamespace_wORIGuvCQ
+  name: guid(eventHubsNamespace_wORIGuvCQ.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f526a384-b230-433a-b45c-95f59c4a2dec'))
+  properties: {
+    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f526a384-b230-433a-b45c-95f59c4a2dec')
+    principalId: principalId
+    principalType: principalType
+  }
+}
+
+resource eventHub_4BpPMTltx 'Microsoft.EventHub/namespaces/eventhubs@2021-11-01' = {
+  parent: eventHubsNamespace_wORIGuvCQ
+  name: 'hub'
+  location: location
+  properties: {
+  }
+}
+
+output eventHubsEndpoint string = eventHubsNamespace_wORIGuvCQ.properties.serviceBusEndpoint
