azure-maven-plugins icon indicating copy to clipboard operation
azure-maven-plugins copied to clipboard

Published 20 hours ago verified publisher icon microsoft

[Functions] Set app settings on deployment

Open asavaritayal opened this issue 5 years ago • 3 comments

Problem statement: Currently to set application settings, a user needs to configure them in the pom.xml file. This is insecure if you're using version control without a CI/CD setup.

Options:

  1. Ideally, a user is able to publish the connection strings as app settings along with azure-functions:deploy command. We'll need to come up with the idiomatic mvn experience for this.

  2. Potentially introduce a new target to create the app settings.

/cc @hexiaokai @selvasingh @jeffhollan @JasonFreeberg @brunoborges

asavaritayal avatar Jan 25 '19 21:01 asavaritayal

I think the best way to do this from a CI/CD context is leverage environment variables. I know POM.xml already supports that. However for the non-CI/CD I do think there is always this hiccup between publishing and THEN updating app settings. Maybe we could split this into 2 things:

  1. Allow a flag for mvn azure-functions:deploy like -DincludeLocalSettings=true or whatever that will also sync whatever you have in local.settings.json to whatever environment you push to.
  2. Add samples (or maybe automatically do some of this?) to create App Settings with placements for {EnvironmentVariables}. I'm not sure if Java developers have a preferred way to capture environment variables (node users use .env for example), but maybe we could template or better make a pairing between a .env file, pom.xml, and local.settings.json

jeffhollan avatar Jan 25 '19 21:01 jeffhollan

You are better off with a configuration system that uses keyvault by default.

pom.xml

   <configuration>
      <env>
         FOO=FooBarKeyNameForVaultProperty
      </env>
   </configuration>

Then, user can get values from the ExecutionContext object:

    String foo = executionContext.getConfigValue("FOO");

And the above will return the value that is stored in the vault under property FooBarKeyNameForVaultProperty. For testing purposes, or when there is no vault, getConfigValue will return what is in the environment variable.

The reason for a pom.xml configuration is to create the app setting during deployment.

brunoborges avatar Jan 26 '19 00:01 brunoborges

Bringing this to notice again.

There needs to be a simple way to provide configurations as part of the deployment!

@brunoborges A lot of times these configurations are not required to be pulled from key-vault. To keep it simple.

This is how we are doing currently as part of CICD pipeline:

mvn azure-function:deploy
az functionapp config appsettings set --name function-app --resource-group XXXX --settings "EndPoint=https://XXXX" "Key2=YYYY" "Key3=ZZZZ"

Publishing first and then updating the configuration creates a few problems. Also, it complicates cicd agent to have az cli installed

purijatin avatar Jun 20 '22 08:06 purijatin