bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-28 15:23:38 +00:00
Code Issues Releases Wiki Activity

feat: Add Aspire Apphost and ServiceDefault projects

Browse Source
This commit is contained in:
Stephon Brown
2025-12-10 17:01:07 -06:00
parent fafc61d7b9
commit f570887999
11 changed files with 526 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.aspire/settings.json Normal file
View File

@@ -0,0 +1,3 @@
{
"appHostPath": "../AppHost/AppHost.csproj"
}

59
AppHost/AppHost.cs Normal file
View File

@@ -0,0 +1,59 @@
using Bit.AppHost;
var builder = DistributedApplication.CreateBuilder(args);
var secretsSetup = builder.ConfigureSecrets();
var isSelfHosted = builder.Configuration["globalSettings:selfHosted"]?.ToLowerInvariant() == "true";
// Add Pricing Service - use port from pricingUri in secrets
var pricingService =
builder
.AddProject("pricing-service",
builder.Configuration["pricingServiceRelativePath"]
?? throw new ArgumentNullException("pricingServiceRelativePath", "Missing pricing service relative path"));
// Add Database and run migrations
var db = builder.AddSqlServerDatabaseResource(isSelfHosted);
builder.ConfigureMigrations(isSelfHosted)
.WaitFor(db)
.ExcludeFromManifest()
.WaitForCompletion(secretsSetup);
var azurite = builder.ConfigureAzurite();
// Add MailCatcher
var mail = builder
.AddContainer("mailcatcher", "sj26/mailcatcher:latest")
.WithLifetime(ContainerLifetime.Persistent)
.WithEndpoint(port: 10250, name: "smtp", targetPort: 1025) // SMTP port
.WithHttpEndpoint(port: 1080, name: "web", targetPort: 1080);
// Add Services
builder.AddBitwardenService<Projects.Admin>(db, secretsSetup, mail, "admin");
var api = builder.AddBitwardenService<Projects.Api>(db, secretsSetup, mail, "api")
.WithReference(pricingService)
.WaitFor(azurite);
var billing = builder.AddBitwardenService<Projects.Billing>(db, secretsSetup, mail, "billing");
builder.AddBitwardenService<Projects.Identity>(db, secretsSetup, mail, "identity");
builder.AddBitwardenService<Projects.Notifications>(db, secretsSetup, mail, "notifications")
.WaitFor(azurite);
// Add Client Apps
builder.AddBitwardenNpmApp("web-frontend", "web", api)
.WithHttpsEndpoint(8080, 8080, "angular-http", isProxied: false)
.WithUrl("https://bitwarden.test:8080")
.WithExternalHttpEndpoints();
builder.AddBitwardenNpmApp("desktop-frontend", "desktop", api, "start");
builder.AddBitwardenNpmApp("browser-frontend", "browser", api, "build:bit:watch:chrome");
// Add Ngrok
builder.ConfigureNgrok((billing, "billing-http"));
builder.Build().Run();

29
AppHost/AppHost.csproj Normal file
View File

@@ -0,0 +1,29 @@
<Project Sdk="Microsoft.NET.Sdk">
<Sdk Name="Aspire.AppHost.Sdk" Version="9.3.1" />
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<UserSecretsId>e0dba0c6-d131-43bd-9143-2260f11a14ad</UserSecretsId>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Aspire.Hosting.AppHost" Version="9.3.1" />
<PackageReference Include="Aspire.Hosting.Azure.Storage" Version="9.3.1" />
<PackageReference Include="Aspire.Hosting.NodeJs" Version="9.3.1" />
<PackageReference Include="Aspire.Hosting.SqlServer" Version="9.3.2" />
<PackageReference Include="CommunityToolkit.Aspire.Hosting.Ngrok" Version="9.3.0" />
<PackageReference Include="CommunityToolkit.Aspire.Hosting.NodeJS.Extensions" Version="9.3.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\src\Admin\Admin.csproj" />
<ProjectReference Include="..\src\Api\Api.csproj" />
<ProjectReference Include="..\src\Billing\Billing.csproj" />
<ProjectReference Include="..\src\Identity\Identity.csproj" />
<ProjectReference Include="..\src\Notifications\Notifications.csproj" />
</ItemGroup>
</Project>

156
AppHost/BuilderExtensions.cs Normal file
View File

@@ -0,0 +1,156 @@
using Aspire.Hosting.Azure;
using Azure.Provisioning;
using Azure.Provisioning.Storage;
namespace Bit.AppHost;
public static class BuilderExtensions
{
public static IResourceBuilder<ExecutableResource> ConfigureSecrets(this IDistributedApplicationBuilder builder)
{
// Setup secrets before starting services
var secretsScript = builder.Configuration["scripts:secretsSetup"] ?? throw new ArgumentNullException("setupSecretsScriptPath", "Missing setup secrets script path");
var pricingSecretsPath = builder.Configuration["pricingServiceSecretsPath"] ?? throw new ArgumentNullException("pricingServiceSecretsPath", "Missing secrets path");
//Pricing Secrets
builder
.AddExecutable("pricing-setup-secrets", "pwsh", pricingSecretsPath, "-File", secretsScript, "-clear")
.ExcludeFromManifest();
return builder
.AddExecutable("setup-secrets", "pwsh", "../dev", "-File", secretsScript, "-clear")
.ExcludeFromManifest();
}
public static IResourceBuilder<SqlServerDatabaseResource> AddSqlServerDatabaseResource(this IDistributedApplicationBuilder builder, bool isSelfHosted = false)
{
var password = isSelfHosted
? builder.Configuration["dev:selfHostOverride:globalSettings:sqlServer:password"]
: builder.Configuration["globalSettings:sqlServer:password"];
// Add MSSQL - retrieve password from connection string in secrets
var dbpassword = builder.AddParameter("dbPassword", password!, secret: true);
return builder
.AddSqlServer("mssql", password: dbpassword, 1433)
.WithImage("mssql/server:2022-latest")
.WithLifetime(ContainerLifetime.Persistent)
.WithDataVolume()
.AddDatabase("vault", isSelfHosted ? "self_host_dev" : "vault_dev");
}
public static IResourceBuilder<AzureStorageResource> ConfigureAzurite(this IDistributedApplicationBuilder builder)
{
// https://github.com/dotnet/aspire/discussions/5552
var azurite = builder
.AddAzureStorage("azurite").ConfigureInfrastructure(c =>
{
var blobStorage = c.GetProvisionableResources().OfType<BlobService>().Single();
blobStorage.CorsRules.Add(new BicepValue<StorageCorsRule>(new StorageCorsRule
{
AllowedOrigins = [new BicepValue<string>("*")],
AllowedMethods = [CorsRuleAllowedMethod.Get, CorsRuleAllowedMethod.Put],
AllowedHeaders = [new BicepValue<string>("*")],
ExposedHeaders = [new BicepValue<string>("*")],
MaxAgeInSeconds = new BicepValue<int>("30")
}));
})
.RunAsEmulator(c =>
{
c.WithBlobPort(10000).
WithQueuePort(10001).
WithTablePort(10002);
});
var workingDirectory = builder.Configuration["workingDirectory"] ?? throw new ArgumentNullException("workingDirectory", "Missing working directory");
//Run Azurite setup
var azuriteSetupScript =
builder
.Configuration["scripts:azuriteSetup"]
?? throw new ArgumentNullException("azuriteSetupScriptPath", "Missing azurite setup script path");
builder
.AddExecutable("azurite-setup", "pwsh", workingDirectory, "-File", azuriteSetupScript)
.WaitFor(azurite)
.ExcludeFromManifest();
return azurite;
}
public static IResourceBuilder<NgrokResource> ConfigureNgrok(this IDistributedApplicationBuilder builder, (IResourceBuilder<ProjectResource>, string) tunnelResource)
{
var authToken = builder
.AddParameter("ngrok-auth-token",
builder.Configuration["ngrokAuthToken"]
?? throw new ArgumentNullException("ngrokAuthToken", "Missing ngrok auth token"),
secret: true);
return builder.AddNgrok("billing-webhook-ngrok-endpoint", endpointPort: 59600)
.WithAuthToken(authToken)
.WithTunnelEndpoint(tunnelResource.Item1, tunnelResource.Item2)
.WithExplicitStart();
}
public static IResourceBuilder<ExecutableResource> ConfigureMigrations(this IDistributedApplicationBuilder builder, bool isSelfHosted)
{
var workingDirectory = builder.Configuration["workingDirectory"] ??
throw new ArgumentNullException("workingDirectory", "Missing working directory");
var migrationArgs = new List<string>
{
"-File",
builder.Configuration["scripts:dbMigration"]
?? throw new ArgumentNullException("migrationScriptPath", "Missing migration script path")
};
if (isSelfHosted)
{
migrationArgs.Add("-self-hosted");
}
return builder
.AddExecutable("run-db-migrations", "pwsh", workingDirectory, migrationArgs.ToArray());
}
public static IResourceBuilder<ProjectResource> AddBitwardenService<TProject>(
this IDistributedApplicationBuilder builder, IResourceBuilder<SqlServerDatabaseResource> db,
IResourceBuilder<ExecutableResource> secretsSetup, IResourceBuilder<ContainerResource> mail, string name)
where TProject : IProjectMetadata, new()
{
var service = builder.AddProject<TProject>(name)
.WithHttpEndpoint(port: builder.GetBitwardenServicePort(name), name: $"{name}-http")
.WithReference(db)
.WaitFor(db)
.WaitForCompletion(secretsSetup);
if (name is "admin" or "identity" or "billing")
{
service.WithReference(mail.GetEndpoint("smtp"));
}
return service;
}
public static IResourceBuilder<NodeAppResource> AddBitwardenNpmApp(this IDistributedApplicationBuilder builder,
string name, string path, IResourceBuilder<ProjectResource> api, string scriptName = "build:bit:watch")
{
var clientsRelativePath = builder.Configuration["clientsRelativePath"] ??
throw new ArgumentNullException("clientsRelativePath", "Missing client relative path");
return builder
.AddNpmApp(name, $"{clientsRelativePath}/{path}", scriptName)
.WithReference(api)
.WaitFor(api)
.WithExplicitStart();
}
public static int GetBitwardenServicePort(this IDistributedApplicationBuilder builder, string serviceName)
{
var isSelfHosted = builder.Configuration["isSelfHosted"] == "true";
var configKey = isSelfHosted
? $"dev:selfHostOverride:globalSettings:baseServiceUri:{serviceName}"
: $"globalSettings:baseServiceUri:{serviceName}";
var uriString = builder.Configuration[configKey]
?? throw new InvalidOperationException($"Configuration value for '{configKey}' not found.");
return new Uri(uriString).Port;
}
}

29
AppHost/Properties/launchSettings.json Normal file
View File

@@ -0,0 +1,29 @@
{
"$schema": "https://json.schemastore.org/launchsettings.json",
"profiles": {
"https": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "https://localhost:17271;http://localhost:15055",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"DOTNET_ENVIRONMENT": "Development",
"ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "https://localhost:21022",
"ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "https://localhost:22177"
}
},
"http": {
"commandName": "Project",
"dotnetRunMessages": true,
"launchBrowser": true,
"applicationUrl": "http://localhost:15055",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"DOTNET_ENVIRONMENT": "Development",
"ASPIRE_DASHBOARD_OTLP_ENDPOINT_URL": "http://localhost:19147",
"ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL": "http://localhost:20252"
}
}
}
}

8
AppHost/appsettings.Development.json Normal file
View File

@@ -0,0 +1,8 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
}
}

9
AppHost/appsettings.json Normal file
View File

@@ -0,0 +1,9 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning",
"Aspire.Hosting.Dcp": "Warning"
}
}
}

197
ServiceDefaults/Extensions.cs Normal file
View File

@@ -0,0 +1,197 @@
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Diagnostics.HealthChecks;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Diagnostics.HealthChecks;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
using OpenTelemetry;
using OpenTelemetry.Metrics;
using OpenTelemetry.Trace;
namespace Bit.ServiceDefaults;
// Adds common .NET Aspire services: service discovery, resilience, health checks, and OpenTelemetry.
// This project should be referenced by each service project in your solution.
// To learn more about using this project, see https://aka.ms/dotnet/aspire/service-defaults
public static class Extensions
{
private const string HealthEndpointPath = "/health";
private const string AlivenessEndpointPath = "/alive";
public static TBuilder AddServiceDefaults<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.ConfigureOpenTelemetry();
builder.AddDefaultHealthChecks();
builder.Services.AddServiceDiscovery();
builder.Services.ConfigureHttpClientDefaults(http =>
{
// Turn on resilience by default
http.AddStandardResilienceHandler();
// Turn on service discovery by default
http.AddServiceDiscovery();
});
// Uncomment the following to restrict the allowed schemes for service discovery.
// builder.Services.Configure<ServiceDiscoveryOptions>(options =>
// {
// options.AllowedSchemes = ["https"];
// });
return builder;
}
public static TBuilder ConfigureOpenTelemetry<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.Logging.AddOpenTelemetry(logging =>
{
logging.IncludeFormattedMessage = true;
logging.IncludeScopes = true;
});
builder.Services.AddOpenTelemetry()
.WithMetrics(metrics =>
{
metrics.AddAspNetCoreInstrumentation()
.AddHttpClientInstrumentation()
.AddRuntimeInstrumentation();
})
.WithTracing(tracing =>
{
tracing.AddSource(builder.Environment.ApplicationName)
.AddAspNetCoreInstrumentation(tracing =>
// Exclude health check requests from tracing
tracing.Filter = context =>
!context.Request.Path.StartsWithSegments(HealthEndpointPath)
&& !context.Request.Path.StartsWithSegments(AlivenessEndpointPath)
)
// Uncomment the following line to enable gRPC instrumentation (requires the OpenTelemetry.Instrumentation.GrpcNetClient package)
//.AddGrpcClientInstrumentation()
.AddHttpClientInstrumentation();
});
builder.AddOpenTelemetryExporters();
return builder;
}
private static TBuilder AddOpenTelemetryExporters<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
var useOtlpExporter = !string.IsNullOrWhiteSpace(builder.Configuration["OTEL_EXPORTER_OTLP_ENDPOINT"]);
if (useOtlpExporter)
{
builder.Services.AddOpenTelemetry().UseOtlpExporter();
}
// Uncomment the following lines to enable the Azure Monitor exporter (requires the Azure.Monitor.OpenTelemetry.AspNetCore package)
//if (!string.IsNullOrEmpty(builder.Configuration["APPLICATIONINSIGHTS_CONNECTION_STRING"]))
//{
// builder.Services.AddOpenTelemetry()
// .UseAzureMonitor();
//}
return builder;
}
public static TBuilder AddDefaultHealthChecks<TBuilder>(this TBuilder builder) where TBuilder : IHostApplicationBuilder
{
builder.Services.AddHealthChecks()
// Add a default liveness check to ensure app is responsive
.AddCheck("self", () => HealthCheckResult.Healthy(), ["live"]);
return builder;
}
public static WebApplication MapDefaultEndpoints(this WebApplication app)
{
// Adding health checks endpoints to applications in non-development environments has security implications.
// See https://aka.ms/dotnet/aspire/healthchecks for details before enabling these endpoints in non-development environments.
if (app.Environment.IsDevelopment())
{
// All health checks must pass for app to be considered ready to accept traffic after starting
app.MapHealthChecks(HealthEndpointPath);
// Only health checks tagged with the "live" tag must pass for app to be considered alive
app.MapHealthChecks(AlivenessEndpointPath, new HealthCheckOptions
{
Predicate = r => r.Tags.Contains("live")
});
}
return app;
}
// Overload for IHostBuilder
public static IHostBuilder AddServiceDefaults(this IHostBuilder hostBuilder)
{
hostBuilder.ConfigureServices((context, services) =>
{
if (context.HostingEnvironment.IsDevelopment())
{
services.AddHealthChecks()
.AddCheck("self", () => HealthCheckResult.Healthy(), new[] { "live" });
}
services.AddServiceDiscovery();
services.ConfigureHttpClientDefaults(http =>
{
http.AddStandardResilienceHandler();
http.AddServiceDiscovery();
});
services.AddOpenTelemetry()
.WithMetrics(metrics =>
{
metrics.AddAspNetCoreInstrumentation()
.AddHttpClientInstrumentation()
.AddRuntimeInstrumentation();
})
.WithTracing(tracing =>
{
tracing.AddSource(context.HostingEnvironment.ApplicationName)
.AddAspNetCoreInstrumentation(tracing =>
tracing.Filter = context =>
!context.Request.Path.StartsWithSegments(HealthEndpointPath)
&& !context.Request.Path.StartsWithSegments(AlivenessEndpointPath)
)
.AddHttpClientInstrumentation(httpClient =>
{
httpClient.EnrichWithHttpRequestMessage = (activity, message) =>
{
if (context.HostingEnvironment.IsDevelopment())
{
activity.SetTag("http.request_content_length", message.Content?.Headers.ContentLength);
activity.SetTag("http.request_method", message.Method.Method);
activity.SetTag("http.request_url", message.RequestUri?.ToString());
activity.SetTag("http.request_message_headers", message.Headers.ToString());
activity.SetTag("http.request_body", message.Content?.ReadAsStringAsync().Result);
}
};
httpClient.EnrichWithHttpResponseMessage = (activity, message) =>
{
if (context.HostingEnvironment.IsDevelopment())
{
activity.SetTag("http.response_content_length",
message.Content.Headers.ContentLength);
activity.SetTag("http.response_status_code", (int)message.StatusCode);
activity.SetTag("http.response_status_text", message.ReasonPhrase);
activity.SetTag("http.response_content_type",
message.Content.Headers.ContentType?.MediaType);
activity.SetTag("http.response_message_headers", message.Headers.ToString());
activity.SetTag("http.response_body", message.Content.ReadAsStringAsync().Result);
}
};
});
});
var useOtlpExporter = !string.IsNullOrWhiteSpace(context.Configuration["OTEL_EXPORTER_OTLP_ENDPOINT"]);
if (useOtlpExporter)
{
services.AddOpenTelemetry().UseOtlpExporter();
}
});
return hostBuilder;
}
}

22
ServiceDefaults/ServiceDefaults.csproj Normal file
View File

@@ -0,0 +1,22 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<IsAspireSharedProject>true</IsAspireSharedProject>
</PropertyGroup>
<ItemGroup>
<FrameworkReference Include="Microsoft.AspNetCore.App"/>
<PackageReference Include="Microsoft.Extensions.Http.Resilience" Version="9.3.0"/>
<PackageReference Include="Microsoft.Extensions.ServiceDiscovery" Version="9.3.1"/>
<PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.12.0"/>
<PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.12.0"/>
<PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.12.0"/>
<PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.12.0"/>
<PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.12.0"/>
</ItemGroup>
</Project>

13
bitwarden-server.sln
View File

@@ -134,10 +134,15 @@ EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DbSeederUtility", "util\DbSeederUtility\DbSeederUtility.csproj", "{17A89266-260A-4A03-81AE-C0468C6EE06E}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "RustSdk", "util\RustSdk\RustSdk.csproj", "{D1513D90-E4F5-44A9-9121-5E46E3E4A3F7}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharedWeb.Test", "test\SharedWeb.Test\SharedWeb.Test.csproj", "{AD59537D-5259-4B7A-948F-0CF58E80B359}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SSO.Test", "bitwarden_license\test\SSO.Test\SSO.Test.csproj", "{7D98784C-C253-43FB-9873-25B65C6250D6}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AppHost", "AppHost\AppHost.csproj", "{B4CC25D0-BD09-459E-9885-DF9A56E304F6}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ServiceDefaults", "ServiceDefaults\ServiceDefaults.csproj", "{7D6F3351-9CA6-4B35-956F-1EE346330A41}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@@ -354,6 +359,14 @@ Global
{7D98784C-C253-43FB-9873-25B65C6250D6}.Debug|Any CPU.Build.0 = Debug|Any CPU
{7D98784C-C253-43FB-9873-25B65C6250D6}.Release|Any CPU.ActiveCfg = Release|Any CPU
{7D98784C-C253-43FB-9873-25B65C6250D6}.Release|Any CPU.Build.0 = Release|Any CPU
{B4CC25D0-BD09-459E-9885-DF9A56E304F6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{B4CC25D0-BD09-459E-9885-DF9A56E304F6}.Debug|Any CPU.Build.0 = Debug|Any CPU
{B4CC25D0-BD09-459E-9885-DF9A56E304F6}.Release|Any CPU.ActiveCfg = Release|Any CPU
{B4CC25D0-BD09-459E-9885-DF9A56E304F6}.Release|Any CPU.Build.0 = Release|Any CPU
{7D6F3351-9CA6-4B35-956F-1EE346330A41}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{7D6F3351-9CA6-4B35-956F-1EE346330A41}.Debug|Any CPU.Build.0 = Debug|Any CPU
{7D6F3351-9CA6-4B35-956F-1EE346330A41}.Release|Any CPU.ActiveCfg = Release|Any CPU
{7D6F3351-9CA6-4B35-956F-1EE346330A41}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE

1
dev/setup_secrets.ps1
View File

@@ -27,6 +27,7 @@ $projects = @{
Sso = "../bitwarden_license/src/Sso"
Scim = "../bitwarden_license/src/Scim"
IntegrationTests = "../test/Infrastructure.IntegrationTest"
AppHost = "../AppHost"
}
foreach ($key in $projects.keys) {