diff --git a/src/Aspire.Hosting.Azure.AppContainers/AzureContainerAppsInfrastructure.cs b/src/Aspire.Hosting.Azure.AppContainers/AzureContainerAppsInfrastructure.cs index f22f30afd72..1089ad7bb4e 100644 --- a/src/Aspire.Hosting.Azure.AppContainers/AzureContainerAppsInfrastructure.cs +++ b/src/Aspire.Hosting.Azure.AppContainers/AzureContainerAppsInfrastructure.cs @@ -634,6 +634,13 @@ BicepValue GetHostValue(string? prefix = null, string? suffix = null) return (url, secretType); } + if (value is ParameterResource param) + { + var st = param.Secret ? SecretType.Normal : secretType; + + return (AllocateParameter(param, secretType: st), st); + } + if (value is ConnectionStringReference cs) { return await ProcessValueAsync(cs.Resource.ConnectionStringExpression, executionContext, cancellationToken, secretType: secretType, parent: parent).ConfigureAwait(false); @@ -644,13 +651,6 @@ BicepValue GetHostValue(string? prefix = null, string? suffix = null) return await ProcessValueAsync(csrs.ConnectionStringExpression, executionContext, cancellationToken, secretType: secretType, parent: parent).ConfigureAwait(false); } - if (value is ParameterResource param) - { - var st = param.Secret ? SecretType.Normal : secretType; - - return (AllocateParameter(param, secretType: st), st); - } - if (value is BicepOutputReference output) { return (AllocateParameter(output, secretType: secretType), secretType); diff --git a/tests/Aspire.Hosting.Azure.Tests/AzureContainerAppsTests.cs b/tests/Aspire.Hosting.Azure.Tests/AzureContainerAppsTests.cs index e275a8ad27d..7cb599c9f0a 100644 --- a/tests/Aspire.Hosting.Azure.Tests/AzureContainerAppsTests.cs +++ b/tests/Aspire.Hosting.Azure.Tests/AzureContainerAppsTests.cs @@ -785,6 +785,8 @@ public async Task ProjectWithManyReferenceTypes() // Postgres uses secret outputs + a literal connection string var pgdb = builder.AddAzurePostgresFlexibleServer("pg").WithPasswordAuthentication().AddDatabase("db"); + var rawCs = builder.AddConnectionString("cs"); + // Connection string (should be considered a secret) var blob = builder.AddAzureStorage("storage").AddBlobs("blobs"); @@ -803,7 +805,8 @@ public async Task ProjectWithManyReferenceTypes() .WithReference(pgdb) .WithEnvironment("SecretVal", secretValue) .WithEnvironment("secret_value_1", secretValue) - .WithEnvironment("Value", value); + .WithEnvironment("Value", value) + .WithEnvironment("CS", rawCs); project.WithEnvironment(context => { @@ -851,6 +854,7 @@ public async Task ProjectWithManyReferenceTypes() "outputs_azure_container_registry_managed_identity_id": "{.outputs.AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID}", "value0_value": "{value0.value}", "value1_value": "{value1.value}", + "cs_connectionstring": "{cs.connectionString}", "outputs_azure_container_apps_environment_default_domain": "{.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN}", "outputs_managed_identity_client_id": "{.outputs.MANAGED_IDENTITY_CLIENT_ID}", "outputs_azure_container_apps_environment_id": "{.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_ID}", @@ -882,6 +886,9 @@ param value0_value string param value1_value string + @secure() + param cs_connectionstring string + param outputs_azure_container_apps_environment_default_domain string param outputs_managed_identity_client_id string @@ -920,6 +927,10 @@ param api_containerimage string name: 'secret-value-1' value: value0_value } + { + name: 'cs' + value: cs_connectionstring + } ] activeRevisionsMode: 'Single' ingress: { @@ -995,6 +1006,10 @@ param api_containerimage string name: 'Value' value: value1_value } + { + name: 'CS' + secretRef: 'cs' + } { name: 'HTTP_EP' value: 'http://api.internal.${outputs_azure_container_apps_environment_default_domain}'