0

I am currently working on azure durable function. My Deployment strategy is local kubernetes cluster. Config files looks like this: local.settings.json

{
  "IsEncrypted": false,
  "Values": {
    "AzureWebJobsStorage": "UseDevelopmentStorage=true",
    "FUNCTIONS_WORKER_RUNTIME": "dotnet-isolated",
    "SQLDB_Connection": "Server=localhost,1433;Database=DurableDB;User Id=sa;Password=ungabunga@Qtpie;",
    "KeyVaultUrl": "https://kvurl.vault.azure.net/"
  }
}

host.json

{
    "version": "2.0",
    "extensions": {
        "durableTask": {
            "storageProvider": {
                "type": "mssql",
                "connectionStringName": "SQLDB_Connection",
                "createDatabaseIfNotExists": true
            }
        }
    },
    "logging": {
        "applicationInsights": {
            "samplingSettings": {
                "isEnabled": true,
                "excludedTypes": "Request"
            },
            "enableLiveMetricsFilters": true
        }
    }
}

I have a Program.cs in the root of the directory where i configure and run application as

var host = hostBuilder
    .ConfigureServices(services =>
    {
        services.AddApplicationInsightsTelemetryWorkerService();
        services.ConfigureFunctionsApplicationInsights();
        var keyVaultUrl = Environment.GetEnvironmentVariable("KeyVaultUrl");
        if (keyVaultUrl == null)
        {
            throw new InvalidConstraintException("KeyVaultUrl cannot be null");
        }

        services.ConfigureKeyVault(keyVaultUrl);
        services.AddHttpClient();
    })
    .Build();

await host.RunAsync();

Is there any way that I can fetch sqldb connection string from kv and run the application? I am not able to find where the dependency is implemented and injected. SO on which function call on the hostBuilder i can invoke keyvault fetch changes and then initialize durable function db related dependencies manually and continue normal flow of the application.

Or my approach may be completely wrong and I should deploy this on Azure Portal itself. Please help me here. Dependencies are as below:

<PackageReference Include="Azure.Identity" Version="1.12.0" />
<PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.6.0" />
<PackageReference Include="Microsoft.Azure.Functions.Worker" Version="1.22.0" />
<PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.DurableTask" Version="1.1.4" />
<PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.DurableTask.SqlServer" Version="1.3.0" />
<PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Http" Version="3.2.0" />
<PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Http.AspNetCore" Version="1.3.2" />
<PackageReference Include="Microsoft.Azure.Functions.Worker.Sdk" Version="1.17.2" />
<PackageReference Include="Microsoft.ApplicationInsights.WorkerService" Version="2.22.0"/>
<PackageReference Include="Microsoft.Azure.Functions.Worker.ApplicationInsights" Version="1.2.0"/>
Improve this question
2
  • Can you share your durable function code? Commented Aug 23, 2024 at 7:43
  • 1
    @VivekVaibhavShandilya you mean functions? they are normal function with orchestrator as the initiator and other activity triggers Commented Aug 23, 2024 at 8:50

1 Answer 1

Reset to default
0

To fetch connection string from Key Vault, Key Vault reference can be used.

For reference check this Document.

It worked for me.

host.json:

{
    "version": "2.0",
  "logging": {
    "applicationInsights": {
      "samplingSettings": {
        "isEnabled": true,
        "excludedTypes": "Request"
      },
      "enableLiveMetricsFilters": true
    }
  },
  "extensions": {
    "durableTask": {
      "storageProvider": {
        "type": "mssql",
        "connectionStringName": "SQL_DB_CONN",
        "createDatabaseIfNotExists": true
      }
    }
  }
}

To use Key Vault reference follow the steps:

  • Deploy your function to azure enable system assigned identity/ add user assigned identity

  • Create a secrete in Key vault and add connection_string value in secret
  • Assign role to identity in Key Vault.

  • Add Environment Variable Key of connection string with value @Microsoft.KeyVault(SecretUri=https://<vault-name>.vault.azure.net/secrets/<secrete-name>/)

OUTPUT:

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for the detailed response @vivek, let me take a look and comeback, btw what if i am using it locally and not on azure?
@silentsudo Unfortunately, Key Vault reference is not supported in locally AFAIK

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.