[release/9.1] Ensure EH and SB emulator files can be used from non-root containers

[github-actions]

Backport of #7764 to release/9.1

/cc @sebastienros

Customer Impact

Event Hubs emulator (and potentially Service Bus emulator) will fail on Linux if the default Aspire Store location is not patched.

This PR sets the configuration file mode with the correct permissions so that the non-root container can access the file.

Testing

• Functional test
• Unit test

Risk

• Low, it's adding new permission on Linux hosts

Regression?

• New feature in 9.1. Potentially breaking the EH/SB emulators on Linux

[davidfowl]

We decided to punt this for now until we hear more feedback

[danmoseley]

cherrypicked in 0cc7553 also

we want to build a 9.1.1 of this. it crosses several packages, I assume we only update the changed ones.

[sebastienros]

We don't want this PR. I made more changes in main that are better, including with SQL Server. All good

[wtgodbe]

Pushed a commit to update branding to 9.1.1-servicing

[danmoseley]

Blocked on ack from 1P team.

[sebastienros]

Please don't merge yet, looking into a regression on windows after the change in Sql Server. @danmoseley @wtgodbe

[sebastienros]

I pushed a fix that will work on windows and linux until I get an official guidance from the SQL team. This also makes the code behave the same way it was on 9.1 with Windows.

[eerhardt]

@sebastienros - What do you think about not porting this change at all for release/9.1?

I think the risk here isn't worth it. Sql emulator in 9.1 currently "works" as it did in 9.0 right? So we are only adding risk here. I think we should keep this change targeted to the broken scenarios.

[ncelisabet]

I'm sorry if this is the wrong place to comment for a user, but I'm waiting eagerly for a fix for #7764
I currently have copy pasted code in a very ugly manner to make it work somewhat locally, but I can't run EventHub emulator due to its file permissions issue (I'm on ubuntu). I heard I might get around this issue by running Rider as root, but that is not ideal (and I get 1000 other small issues with that workaround).

The error I get is:

Unhandled exception. System.UnauthorizedAccessException: Access to the path '/Eventhubs_Emulator/ConfigFiles/Config.json' is denied.

[sebastienros]

@ncelisabet

You can mitigate the issue with this code:

public static IResourceBuilder<AzureEventHubsResource> FixUnixFilePermissions(this IResourceBuilder<AzureEventHubsResource> builder)
{
    builder.ApplicationBuilder.Eventing.Subscribe<BeforeStartEvent>((@event, ct) =>
    {
        const string EmulatorConfigJsonPath = "/Eventhubs_Emulator/ConfigFiles/Config.json";

        var mountAnnotation = builder.Resource.Annotations.OfType<ContainerMountAnnotation>().FirstOrDefault(v => v.Target == EmulatorConfigJsonPath);

        if (mountAnnotation is null)
        {
            return Task.CompletedTask;
        }

        const UnixFileMode fileMode644 = UnixFileMode.UserRead | UnixFileMode.UserWrite | UnixFileMode.GroupRead | UnixFileMode.OtherRead;

        if (!OperatingSystem.IsWindows())
        {
            File.SetUnixFileMode(mountAnnotation.Source!, fileMode644);
        }

        return Task.CompletedTask;
    });

    return builder;
}

And invoke it "after" calling AddHub()