Add support to enable regional DNL for Azure App Service#14001
Add support to enable regional DNL for Azure App Service#14001ShilpiRach wants to merge 30 commits intomicrosoft:mainfrom
Conversation
|
🚀 Dogfood this PR with:
curl -fsSL https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.sh | bash -s -- 14001Or
iex "& { $(irm https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.ps1) } 14001" |
dotnet-policy-service
bot
added
the
community-contribution
There was a problem hiding this comment.
Pull request overview
This PR adds support for enabling regional Domain Name Label (DNL) for Azure App Service resources in the Aspire hosting model. Regional DNL allows Azure App Services to use region-specific hostnames with tenant reuse capabilities, providing more predictable and stable DNS names.
Changes:
- Adds a new
WithRegionalDNL()extension method to configure regional DNL for Azure App Service environments - Refactors hostname resolution to support both standard and regional DNL naming patterns
- Introduces runtime hostname fetching via Azure ARM API calls to retrieve DNL-generated hostnames
- Updates the provisioning pipeline to fetch and configure hostnames before provisioning resources
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 13 comments.
Show a summary per file
| File | Description |
|---|---|
| AzureAppServiceWebsiteContext.cs | Refactored hostname handling to use provisioning parameters instead of computed Bicep values; added methods to get/set website hostnames |
| AzureAppServiceWebSiteResource.cs | Added pipeline step to fetch DNL hostnames via ARM API; introduced new length constraints for DNL scenarios; refactored hostname construction logic |
| AzureAppServiceEnvironmentUtility.cs | Updated dashboard creation to support regional DNL configuration with comprehensive XML documentation |
| AzureAppServiceEnvironmentResource.cs | Added EnableRegionalDNL property and early return in PrintDashboardUrlAsync when dashboard is disabled |
| AzureAppServiceEnvironmentExtensions.cs | Added public WithRegionalDNL API method; updated dashboard URI generation to use DefaultHostName |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| /// <param name="builder">The AzureAppServiceEnvironmentResource to configure.</param> | ||
| /// <param name="enable">The regional DNL host name for all App Services in the App Service Environment.</param> | ||
| /// <returns><see cref="IResourceBuilder{T}"/></returns> | ||
| public static IResourceBuilder<AzureAppServiceEnvironmentResource> WithRegionalDNL(this IResourceBuilder<AzureAppServiceEnvironmentResource> builder, bool enable = true) |
There was a problem hiding this comment.
The XML documentation for this method is missing required parameter descriptions, return value description, and sufficient detail for public API documentation. According to the coding guidelines, public APIs require comprehensive documentation including detailed remarks and parameter descriptions. The documentation should explain what DNL (Domain Name Label) is, when to use regional DNL, and what behavior changes when it's enabled.
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentResource.cs
Outdated
Show resolved
Hide resolved
src/Aspire.Hosting.Azure.AppService/AzureAppServiceWebSiteResource.cs
Outdated
Show resolved
Hide resolved
src/Aspire.Hosting.Azure.AppService/AzureAppServiceWebSiteResource.cs
Outdated
Show resolved
Hide resolved
src/Aspire.Hosting.Azure.AppService/AzureAppServiceWebSiteResource.cs
Outdated
Show resolved
Hide resolved
| var trimmedSlotName = TruncateToMaxLength(deploymentSlot, MaxDeploymentSlotNameLengthWithDnl); | ||
| websiteName += $"-{trimmedSlotName}"; | ||
|
|
||
| return websiteName; |
There was a problem hiding this comment.
When regionalDnlEnabled is true and there's a deployment slot, the method returns the combined website name without applying a final length check (line 296). Unlike the non-DNL path which applies TruncateToMaxLength on the final combined string (line 308), the DNL path relies on the sum of pre-truncated parts. While the math appears correct (23 + 1 + 18 = 42), it would be more defensive and consistent with the non-DNL path to apply a final truncation to ensure the combined name never exceeds expected limits.
| return websiteName; | |
| return TruncateToMaxLength(websiteName, MaxWebsiteHostNameLengthWithSlotAndDnl); |
…urce.cs Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…to dnlsupport2
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentExtensions.cs
Outdated
Show resolved
Hide resolved
src/Aspire.Hosting.Azure.AppService/AzureAppServiceEnvironmentExtensions.cs
Outdated
Show resolved
Hide resolved
ShilpiRach
changed the title
Fix tests
| @description('The location for the resource(s) to be deployed.') | ||
| param location string = resourceGroup().location | ||
|
|
||
| param container1websiteHostName string = '${take('${toLower('container1')}-${uniqueString(resourceGroup().id)}', 60)}.azurewebsites.net' |
There was a problem hiding this comment.
Can we make it so these parameters are not added if they aren't used?
| var fetchWebsiteHostNameSteps = context.GetSteps("fetch-website-hostname"); | ||
| provisionSteps.DependsOn(fetchWebsiteHostNameSteps); |
There was a problem hiding this comment.
Can we add a test that ensures when one app service references another app service that the steps are ordered correctly? From the code, I see that we are saying all app service provision steps depend on all other apps' fetch-website-hostname steps.
There was a problem hiding this comment.
I see that we are saying all app service provision steps depend on all other apps' fetch-website-hostname steps.
Yes, this is needed to ensure that all hostnames are available before provisioning steps to resolve any references to other app services.
|
|
||
| param project2_containerport string | ||
|
|
||
| param project1websiteHostName string |
There was a problem hiding this comment.
Does this work? Who fills in this parameter?
There was a problem hiding this comment.
It is set by pipeline step that fetches hostname. It also has a default value for azd cli.
Description
Added a feature to enable regional DNL with Scope set to TenantReuse. Regional DNL (Domain Name Label) is the App Service platform feature that generates regionalised, unique default hostnames for Web Apps. Details: https://techcommunity.microsoft.com/blog/azurenetworkingblog/improve-dns-security-by-using-domain-name-label-scope/4093371.
The feature is disabled by default and can be enabled for
AzureAppServiceEnvironmentwith methodWithRegionalDnl().Changes:
WithRegionalDnl()toAzureAppServiceEnvironment.EnableRegionalDnlfor the environment resource.dashboard.AutoGeneratedDomainNameLabelScope = AutoGeneratedDomainNameLabelScope.TenantReusefetch-website-hostnamethat makes ARM call to endpoint/subscriptions/{armContext.SubscriptionId}/providers/Microsoft.Web/locations/{armContext.Location}/CheckNameAvailabilityto fetch the hostname. It sets the provisioning parameters.Fixes # (issue)
Checklist
<remarks />and<code />elements on your triple slash comments?doc-ideatemplatebreaking-changetemplatediagnostictemplate