Skip to content

Revert redis password change #7518

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Feb 11, 2025
Merged

Revert redis password change #7518

merged 5 commits into from
Feb 11, 2025

Conversation

@eerhardt
Copy link
Member

@eerhardt eerhardt commented Feb 10, 2025

Description

Reverts Add Password To Redis (dotnet/aspire#4642).

azd doesn't allow for secret parameters to be used in command line args of containers. See the code comment here.

		// Unlike environment variables, ACA doesn't provide a way to pass secret values without baking them into the args
		// array directly. We don't want folks to accidentally bake the plaintext value of these secrets into the container
		// definition, so for now, we block this.
		//
		// This logic is similar to what we do in buildEnvBlock to detect when we need to take values and treat them as ACA
		// secrets.

For .NET Aspire 9.1, we will revert back to the 9.0 behavior for Redis containers. We will revisit this issue in 9.2 to decide how we can password protect Redis containers in ACA.

Fixes #7429

Checklist

  • Is this feature complete?
    • Yes. Ready to ship.
  • Are you including unit tests for the changes and scenario tests if relevant?
    • Yes
  • Did you add public API?
    • No
  • Does the change make any security assumptions or guarantees?
    • Yes
  • Does the change require an update in our Aspire docs?
    • No

@eerhardt eerhardt requested a review from mitchdenny as a code owner February 10, 2025 22:51
eerhardt
eerhardt commented Feb 10, 2025
View reviewed changes
playground/AspireEventHub/EventHubs.AppHost/aspire-manifest.json
"principalId": ""
}
},
"eventhub": {
Copy link
Member Author

@eerhardt eerhardt Feb 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI - These are caused by other changes that didn't update the playground manifests.

@eerhardt eerhardt enabled auto-merge (squash) February 11, 2025 01:07
@eerhardt eerhardt mentioned this pull request Feb 11, 2025
Closed
@eerhardt eerhardt merged commit 6a9540c into dotnet:main Feb 11, 2025
70 checks passed
@eerhardt eerhardt deleted the RevertRedisPassword branch February 11, 2025 15:59
Alirexaa added a commit to Alirexaa/aspire that referenced this pull request Feb 13, 2025
@Alirexaa
Revert "Revert redis password change (dotnet#7518)"
7c4194d 
This reverts commit 6a9540c.
eerhardt added a commit that referenced this pull request Feb 26, 2025
@Alirexaa @eerhardt
Reapply Redis password (#7599)
1189b16 
This PR addresses the previous issue by changing the container entrypoint and providing the password from an environment variable.

* Revert "Revert redis password change (#7518)"

This reverts commit 6a9540c.

* checkout eventhubns.module.bicep and eventhubs aspire-manifest.json

* Set password from envs

* Add redis-command in single arg instead of multiple args

* Update playground manifest

* Address PR feedback

* Respond to PR feedback

* Change Redis password generation to exclude special characters.

SE.Redis doesn't support commas in the password when parsing the connection string.

* Fix ACA bug with HostAndPort

* Always display the port for HostAndPort

Fix #3838

---------

Co-authored-by: Eric Erhardt <[email protected]>
@github-actions github-actions bot added the area-integrations Issues pertaining to Aspire Integrations packages label Mar 10, 2025
@github-actions github-actions bot locked and limited conversation to collaborators Apr 9, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@davidfowl davidfowl davidfowl approved these changes

@ReubenBond ReubenBond ReubenBond approved these changes

@DamianEdwards DamianEdwards Awaiting requested review from DamianEdwards

@sebastienros sebastienros Awaiting requested review from sebastienros

@mitchdenny mitchdenny Awaiting requested review from mitchdenny mitchdenny is a code owner

Assignees

No one assigned

Labels

area-integrations Issues pertaining to Aspire Integrations packages

Projects

None yet

Milestone

No milestone

3 participants

@eerhardt @davidfowl @ReubenBond