Scenario/repro
I have multicontainer (tutorial here) azure web app. I assigned System Assigned identity to my web app. There are two containers in my docker compose:
- Net core WebApi container
- Antivirus ClamAv container
Everything had worked fine (my API is using antivirus to scan files) till the moment I add key vault Configuration provider with Managed Identity for Azure resources (link). This works perfectly with my standard web apps on linux.
// Program.cs
.ConfigureAppConfiguration((context, config) =>
{
if (context.HostingEnvironment.IsProduction())
{
var builtConfig = config.Build();
var secretClient = new SecretClient(new Uri($"https://{builtConfig["KeyVaultName"]}.vault.azure.net/"),
new DefaultAzureCredential());
config.AddAzureKeyVault(secretClient, new KeyVaultSecretManager());
}
})
Problem My API returns 503 status code. It seems that I need to do some extra configuration to make it work with Docker compose.
EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
2021-06-14T11:42:46.912167603Z - ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.
2021-06-14T11:42:46.912175503Z - Operating system Linux 5.4.0-1031-azure #32~18.04.1-Ubuntu SMP Tue Oct 6 10:03:22 UTC 2020 isn't supported.
2021-06-14T11:42:46.912183204Z - Stored credentials not found. Need to authenticate user in VSCode Azure Account.
2021-06-14T11:42:46.912190304Z - Azure CLI not installed
2021-06-14T11:42:46.912197204Z - PowerShell is not installed.
2021-06-14T11:42:46.912205004Z ---> System.AggregateException: Multiple exceptions were encountered
...
Azure.Identity.CredentialUnavailableException: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
...
Azure.Identity.CredentialUnavailableException: Operating system Linux 5.4.0-1031-azure #32~18.04.1-Ubuntu SMP Tue Oct 6 10:03:22 UTC 2020 isn't supported.
It seems that this feature is not fully supported. Any idea how to use key vault proivder in such scenario?
