Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Paul McCarthy 39 posts 160 karma points
    Apr 14, 2023 @ 14:14
    Paul McCarthy
    0

    AzureKeyVault and local builds

    Hello, I've successfully connected my umbraco web app to its db in Azure using AzureKeyVault, following the great instructions here: https://docs.umbraco.com/umbraco-cms/extending/key-vault

    However, I am having problems getting the solution to run locally when I remove the connection string value from AppSettings.json.

    My Program.cs:

    var builder = Host.CreateDefaultBuilder()
    .ConfigureUmbracoDefaults()
    .ConfigureWebHostDefaults(webBuilder =>
    {
        webBuilder.UseStaticWebAssets();
        webBuilder.UseStartup<Startup>();
    })
    .ConfigureLogging(x => x.ClearProviders())
    .ConfigureAppConfiguration((ctx, builder) =>
    {
    
        var keyVaultEndpoint = "https://<<kv-myVaultAddress>>.vault.azure.net";
    
        if (!string.IsNullOrEmpty(keyVaultEndpoint) && Uri.TryCreate(keyVaultEndpoint, UriKind.Absolute, out var validUri))
        {
            builder.AddAzureKeyVault(validUri, new DefaultAzureCredential());
        }
        builder.AddJsonFile("appsettings.json", false, true);
    
    });  var host = builder.Build(); host.Run();
    

    Then in appsettings I add:

      "AzureKeyVaultEndpoint": "https://<<myVaultAddress>>.vault.azure.net",
    

    When I inspect the value of config in Startup.cs it has definitely pulled in the connection string from the azure vault

    enter image description here

    However, when the build completes I get the blank umbraco environment you would get with a fresh install, so it's as if the connection string isn't registered.

    Has anyone come across this? I wondered if it is anything to do with the naming convention? Ie in appsettings you'd normally have:

    "ConnectionStrings" : { "umbracoDbDSN" : "string"}
    

    which gets read as ConnectionStrings.umbracoDbDSN

  • Dennis 75 posts 398 karma points MVP 2x
    Apr 14, 2023 @ 19:11
    Dennis
    100

    Heyo!

    Usually in appsettings, the sections are separated with colons (:). Colons are not a valid character in keyvault keys though. I would expect your secret in keyvault to be named ConnectionStrings--umbracoDbDSN. The double dash should be replaced with colons and therefore work.

    For reference: https://stackoverflow.com/questions/68224000/using-keyvault-secrets-to-override-appsettings-in-azure-app-service-and-locally

  • Paul McCarthy 39 posts 160 karma points
    Apr 17, 2023 @ 14:01
    Paul McCarthy
    0

    Thanks so much Dennis, that worked first time #H5YR

    If anyone from Umbraco Docs sees this it would be worth flagging this specifically in this otherwise excellent article: https://docs.umbraco.com/umbraco-cms/extending/key-vault

    The article mentions the nesting of Azure Blob Storage setting names and how to set those in your secret but doesn't make clear the equivalent for UmbacoDbDSN string.

  • Jay 425 posts 652 karma points
    Jul 11, 2023 @ 10:32
    Jay
    0

    I've got the below issue when I try to load the site locally

    "DefaultAzureCredential failed to retrieve a token from the included credentials.

    Not sure what's causing it. Was wondering if anyone came across the same issue too.

    Thanks

  • Dennis 75 posts 398 karma points MVP 2x
    Jul 11, 2023 @ 10:43
    Dennis
    0

    Hi Jay!

    The default azure credentials is a collection of various different credentials.

    How do you expect to be logged in? Is it through your Visual Studio account? Or perhaps with an environment variable? The error indicates that none of the possible options are configured.

  • Paul McCarthy 39 posts 160 karma points
    Jul 11, 2023 @ 17:04
    Paul McCarthy
    0

    Hi Jay, is the problem on your deployed App or when building locally.

    Some extra steps for local development (sorry if you've already done this)

    Ensure you have these packages enter image description here

    Follow these steps to set up local secrets in your IDE https://learn.microsoft.com/en-us/aspnet/core/security/key-vault-configuration?view=aspnetcore-7.0

    You should see these under your web app: enter image description here

    In particular pay attention to the syntax when adding the connection string if it's nested in config (this killed me!), eg

    dotnet user-secrets set “ConnectionStrings:umbracoDbDSN” “full long connection string value”
    

    And as Dennis said, make sure you're signed in in Visual Studio if your access is authorised by Active Directory or some other RBAC.

    Hope some of that has helped

Please Sign in or register to post replies

Write your reply to:

Draft