Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keyvault not working within application run via Docker in Visual Studio

Tags:

docker

asp.net-core-webapi

I have a .NET Core 3.1 console application which needs access to a KeyVault

When running this application as a console in Visual Studio all is fine, because my Visual Studio is logged in with my Azure credentials, so access is granted

However, in reality the application is run inside Docker

Visual Studio gives the option to run the application inside docker

The startup code is below

public static IHostBuilder CreateHostBuilder(string[] args) =>
        Host.CreateDefaultBuilder(args)
            .ConfigureAppConfiguration((context, config) =>
            {
                var keyVaultEndpoint = new Uri(Environment.GetEnvironmentVariable("VaultUri"));
                config.AddAzureKeyVault(
                keyVaultEndpoint,
                new DefaultAzureCredential());
            })
            .ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.UseStartup<Startup>();
            })
            .ConfigureLogging(logging =>
            {
                logging.ClearProviders();
                logging.SetMinimumLevel(Microsoft.Extensions.Logging.LogLevel.Trace);
            })
            .UseNLog();  // NLog: Setup NLog for Dependency injection
}

When running inside Docker from Visual Studio the above errors with Value cannot be null

Im assuming its because DefaultAzureCredential doesnt work

This is a development environment only issue

How can I get around this?

Paul

like image 252
Paul Avatar asked Oct 14 '25 14:10

Paul

1 Answers

You need to authenticate the container, it looks like there is a bunch of ways of doing this.

From the DefaultAzureCredential docs:

Provides a default TokenCredential authentication flow for applications that will be deployed to Azure. The following credential types if enabled will be tried, in order:

EnvironmentCredential, ManagedIdentityCredential, SharedTokenCacheCredential, VisualStudioCredential, VisualStudioCodeCredential, AzureCliCredential, InteractiveBrowserCredential

Likely you have been using VisualStudioCredential without realizing it when you were working inside VS, now that your environment is isolated in a docker container you will need to manually authenticate. I would probably use EnvironmentCredential for this as you simply need to acquire and expose your credentials to the container through environment variables.

like image 97
Zacx Avatar answered Oct 17 '25 05:10

Zacx

Sign in to Comment

Related questions

Journalctl : add _SYSTEMD_UNIT field into log printout
Does Visual Studio 2022 support dev containers for .net projects?
Symlink command in Dockerfile doesn't create the link in the container
Docker: Localhost didn't send any data [closed]
How to break the streams in Docker awslog driver?
How can I set a memory limit for a docker container created by visual studio code remote devcontainer configuration
Cannot generate django.po files from docker-compose
AWS SAM DockerBuildArgs It does not add them when creating the lambda image
Uwsgi Locking Up After a Few Requests with Nginx/Traefik/Flask App Running over HTTPS/TLS and Docker
Use ehcache for application deployed via docker against the stateless rule
How to install 32-bit docker container
docker journald logging driver cause huge amount of logging also to /var/log/syslog and /var/log/kern.log

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!