First commit for dotnet app stack

oracle-quickstart · Sep 22, 2023 · 963b521 · 963b521
1 parent 2944663
commit 963b521
Show file tree

Hide file tree

Showing 12 changed files with 585 additions and 1 deletion.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -34,7 +34,7 @@ jobs:
           rm interface-application.yaml
           sed -i -e "/###APP_CONFIG###/r interface-app-config.yaml" -e "//d" interface.yaml
           rm interface-app-config.yaml
-          zip -r ./appstackfor${{ inputs.type }}.zip . -x "*.git*" -x "java/*" -x "images/*" -x "listing/*" -x ".github/*" -x "*.md" -x "troubleshooting/*" -x "tutorials/*" -x "screenshots/*" -x "*.md"
+          zip -r ./appstackfor${{ inputs.type }}.zip . -x "*.git*" -x "java/*" -x "dotnet/*" -x "images/*" -x "listing/*" -x ".github/*" -x "*.md" -x "troubleshooting/*" -x "tutorials/*" -x "screenshots/*" -x "*.md"
           ls -lai
       - name: upload-artifact
         uses: actions/upload-artifact@v3

diff --git a/dotnet/Dockerfile-dotnet.template b/dotnet/Dockerfile-dotnet.template
@@ -0,0 +1,61 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# dockerfile for running the .NET application using Oracle Linux 8 image
+FROM container-registry.oracle.com/os/oraclelinux:8
+
+# install asp.net core runtime and its dependencies 
+RUN dnf install -y aspnetcore-runtime-6.0 && \
+  rm -rf /var/cache/dnf
+
+# create a user so to avoid deploying the application in root directory
+RUN useradd -U -d /home/appuser appuser && \
+  mkdir /opt/dotnetapp && \
+  mkdir /opt/dotnetapp/apm && \
+  chown appuser:appuser /opt/dotnetapp /opt/dotnetapp/apm
+
+# switch the user and create a working directory
+USER appuser
+WORKDIR /opt/dotnetapp
+
+# copy application, certificate and wallet folder to working directory
+COPY --chown=appuser:appuser servercert.pfx /https/servercert.pfx
+COPY --chown=appuser:appuser /dotnetapp .
+COPY --chown=appuser:appuser wallet ./wallet
+
+# set environment variables for running the application on HTTPS port
+ENV DOTNET_RUNNING_IN_CONTAINER=true
+ENV ASPNETCORE_URLS="https://+:${exposed_port}"
+ENV ASPNETCORE_Kestrel__Certificates__Default__Password=${keystore_password}
+ENV ASPNETCORE_Kestrel__Certificates__Default__Path=/https/servercert.pfx
+
+# copy apm installer files to working directory
+COPY --chown=appuser:appuser /apm ./apm
+
+# set environment variables for apm
+ENV COR_ENABLE_PROFILING=1
+ENV COR_PROFILER="{918728DD-259F-4A6A-AC2B-B85E1B658318}"
+ENV COR_PROFILER_PATH_64=/opt/dotnetapp/apm/tracer-home/win-x64/OpenTelemetry.AutoInstrumentation.Native.dll
+ENV COR_PROFILER_PATH_32=/opt/dotnetapp/apm/tracer-home/win-x86/OpenTelemetry.AutoInstrumentation.Native.dll
+ENV CORECLR_ENABLE_PROFILING=1
+ENV CORECLR_PROFILER="{918728DD-259F-4A6A-AC2B-B85E1B658318}"
+ENV CORECLR_PROFILER_PATH_64=/opt/dotnetapp/apm/tracer-home/win-x64/OpenTelemetry.AutoInstrumentation.Native.dll
+ENV CORECLR_PROFILER_PATH_32=/opt/dotnetapp/apm/tracer-home/win-x86/OpenTelemetry.AutoInstrumentation.Native.dll
+ENV DOTNET_ADDITIONAL_DEPS=/opt/dotnetapp/apm/tracer-home/AdditionalDeps
+ENV DOTNET_SHARED_STORE=/opt/dotnetapp/apm/tracer-home/store
+ENV DOTNET_STARTUP_HOOKS=/opt/dotnetapp/apm/tracer-home/net/OpenTelemetry.AutoInstrumentation.StartupHook.dll
+ENV OTEL_DOTNET_AUTO_HOME=/apm/tracer-home
+ENV OTEL_DOTNET_AUTO_INTEGRATIONS_FILE=/opt/dotnetapp/apm/tracer-home/integrations.json
+ENV OTEL_DOTNET_AUTO_TRACES_ADDITIONAL_SOURCES="OpenTelemetry.ODP"
+ENV OTEL_SERVICE_NAME="${application_name}"
+ENV OTEL_LOGS_EXPORTER="none"
+ENV OTEL_DOTNET_AUTO_EXCLUDE_PROCESSES="dotnet.exe,dotnet"
+ENV OTEL_EXPORTER_OTLP_ENDPOINT="${endpoint}/20200101/opentelemetry"
+ENV OTEL_EXPORTER_OTLP_HEADERS="Authorization=dataKey ${private_data_key}"
+ENV ENABLE_BACKGROUND_ODP=true
+ENV ENABLE_CONNECTION_ODP=true
+
+EXPOSE ${exposed_port}
+
+# set the entrypoint of the container to run the application
+ENTRYPOINT ["dotnet", "${dll_name}" ${program_arguments}]
diff --git a/dotnet/build-artifact.yaml.template b/dotnet/build-artifact.yaml.template
@@ -0,0 +1,71 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+# This workflow will build and push a .Net application to OCI based on an artifact
+version: 0.1
+component: build
+timeoutInSeconds: 10000
+shell: bash
+env:
+  vaultVariables:
+    OCI_TOKEN : "${oci_token}"
+    DB_USER_PASSWORD : "${db_user_password}"
+    WALLET_PASSWORD : "${wallet_password}"
+inputArtifacts:
+  - name: dotnetapp
+    type: GENERIC_ARTIFACT
+    artifactId: $${artifactId}
+    registryId: ${registryId} 
+    path: ${artifact_path}
+    version: $${artifact_version}
+    location: $${OCI_WORKSPACE_DIR}/${config_repo_name}/${fileName}
+steps: 
+  - type: Command
+    name: Unzip wallet
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      unzip wallet.zip -d wallet
+  - type: Command
+    name: Download oraclepki and add username and password to wallet
+    timeoutInSeconds: 300
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      curl -o oraclepki.jar "https://repo1.maven.org/maven2/com/oracle/database/security/oraclepki/23.2.0.0/oraclepki-23.2.0.0.jar" -L
+      echo -e '#/bin/sh\njava -cp oraclepki.jar oracle.security.pki.OracleSecretStoreTextUI -wrl wallet -createCredential "${db_connection_url}" "${db_username}" "'$${DB_USER_PASSWORD}'" <<EOF\n'$${WALLET_PASSWORD}'\nEOF' >> add-credential-wallet.sh
+      sh add-credential-wallet.sh
+  - type: Command
+    name: Unzip dotnet app
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      unzip ${fileName}
+      cp -r ${artifact_location} dotnetapp
+  - type: Command
+    name: Get dotnet apm agent
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      curl -o apm-dotnet-agent-installer-0.6.0.136.zip -L https://objectstorage.us-phoenix-1.oraclecloud.com/p/Q9f_7e-AG4Gwl0rI7ILNFzKmtI0-zIjNu8lWFcf5Gh5o53vGnNVuEc8hnWG5_WZw/n/oracleonpremjava/b/bucket-apm-installer/o/apm-dotnet-agent-installerapm-dotnet-agent-installer-0.6.0.136.zip
+      unzip apm-dotnet-agent-installer-0.6.0.136.zip -d apm
+  - type: Command
+    name: Build Docker image
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      docker build . --file Dockerfile --tag ${image_remote_tag}:${image_tag}-$${artifact_version} --tag ${image_latest_tag}
+  - type: Command
+    name: Login to repo
+    timeoutInSeconds: 900
+    failImmediatelyOnError: true
+    command: |
+      echo $${OCI_TOKEN} | docker login ${container_registry_repo} --username ${login} --password-stdin
+  - type: Command
+    name: Push image
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      docker push ${image_remote_tag} --all-tags
diff --git a/dotnet/build-repo.yaml.template b/dotnet/build-repo.yaml.template
@@ -0,0 +1,92 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+# This workflow will build and push a .Net application to OCI when a commit is 
+# pushed to your default branch.
+version: 0.1
+component: build
+timeoutInSeconds: 3600
+shell: bash
+env:
+  variables:
+    JAVA_HOME : "/usr/java/latest"
+  vaultVariables:
+    OCI_TOKEN : "${oci_token}"
+    DB_USER_PASSWORD : "${db_user_password}"
+    WALLET_PASSWORD : "${wallet_password}"
+steps: 
+  - type: Command
+    name: Install DotNet SDK
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      rpm -Uvh https://packages.microsoft.com/config/centos/7/packages-microsoft-prod.rpm
+      yum install -y dotnet-sdk-6.0
+    onFailure:
+      - type: Command
+        command: |
+          echo $JAVA_HOME
+        timeoutInSeconds: 400
+  - type: Command
+    name: Build application
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${repo_name}
+      ${build_command}
+    onFailure:
+      - type: Command
+        command: |
+          pwd
+        timeoutInSeconds: 400
+  - type: Command
+    name: Create config files
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      unzip wallet.zip -d wallet
+  - type: Command
+    name: Download oraclepki and add username and password to wallet
+    timeoutInSeconds: 300
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      curl -o oraclepki.jar "https://repo1.maven.org/maven2/com/oracle/database/security/oraclepki/23.2.0.0/oraclepki-23.2.0.0.jar" -L
+      echo -e '#/bin/sh\njava -cp oraclepki.jar oracle.security.pki.OracleSecretStoreTextUI -wrl wallet -createCredential "${db_connection_url}" "${db_username}" "'$${DB_USER_PASSWORD}'" <<EOF\n'$${WALLET_PASSWORD}'\nEOF' >> add-credential-wallet.sh
+      sh add-credential-wallet.sh
+  - type: Command
+    name: Copy DotNet App
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      cp -r $${OCI_WORKSPACE_DIR}/${repo_name}/${artifact_location} dotnetapp      
+  - type: Command
+    name: Get dotnet apm agent
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      curl -o apm-dotnet-agent-installer-0.6.0.136.zip -L https://objectstorage.us-phoenix-1.oraclecloud.com/p/Q9f_7e-AG4Gwl0rI7ILNFzKmtI0-zIjNu8lWFcf5Gh5o53vGnNVuEc8hnWG5_WZw/n/oracleonpremjava/b/bucket-apm-installer/o/apm-dotnet-agent-installerapm-dotnet-agent-installer-0.6.0.136.zip
+      unzip apm-dotnet-agent-installer-0.6.0.136.zip -d apm
+  - type: Command
+    name: Build Docker image
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      cd $${OCI_WORKSPACE_DIR}/${repo_name}
+      export commit=$(git rev-list --all --max-count=1 --abbrev-commit)
+      cd $${OCI_WORKSPACE_DIR}/${config_repo_name}
+      docker build . --file Dockerfile --tag ${image_remote_tag}:${image_tag}-$commit --tag ${image_latest_tag}
+  - type: Command
+    name: Login to repo
+    timeoutInSeconds: 900
+    failImmediatelyOnError: true
+    command: |
+      echo $${OCI_TOKEN} | docker login ${container_registry_repo} --username ${login} --password-stdin
+  - type: Command
+    name: Push image
+    timeoutInSeconds: 600
+    failImmediatelyOnError: true
+    command: |
+      docker push ${image_remote_tag} --all-tags
diff --git a/dotnet/dotnet-config-repo.tf b/dotnet/dotnet-config-repo.tf
@@ -0,0 +1,24 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+resource "null_resource" "language_specific_files" {
+
+ depends_on = [ 
+  null_resource.create_config_repo 
+  ]
+
+  # copy certificate
+  provisioner "local-exec" {
+    command = "cp server.p12 ./${local.config_repo_name}/servercert.pfx"
+    on_failure = fail
+    working_dir = "${path.module}"
+  }
+
+  # add certificate to git
+  provisioner "local-exec" {
+    command = "git add ./servercert.pfx"
+    on_failure = fail
+    working_dir = "${path.module}/${local.config_repo_name}"
+  }
+  count = (local.use-image ? 0 : 1)
+}
diff --git a/dotnet/dotnet-datasources.tf b/dotnet/dotnet-datasources.tf
@@ -0,0 +1,49 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# dockerfile used to create image
+data "template_file" "dockerfile" {
+  template = file("${path.module}/Dockerfile-dotnet.template")
+  vars = {
+    namespace = "${local.namespace}"
+    bucket_name = "${local.bucket_name}"
+    keystore_password = random_password.keystore_password.result
+    application_name = var.application_name
+    private_data_key = data.oci_apm_data_keys.private_key.data_keys[0].value
+    endpoint = oci_apm_apm_domain.app_apm_domain.data_upload_endpoint
+    program_arguments = (var.program_arguments != null && var.program_arguments != "" ? format(", \"%s\" ", replace(trimspace(var.program_arguments), " ", "\", \"")): "")
+    exposed_port = var.exposed_port
+    dll_name = local.dll_name
+  }
+}
+
+# build spec file
+data "template_file" "oci_build_config" {
+  depends_on = [
+    oci_vault_secret.auth_token_secret
+  ]
+  template = "${(local.use-repository ? file("${path.module}/build-repo.yaml.template") : file("${path.module}/build-artifact.yaml.template"))}"
+  vars = {
+    image_remote_tag = "${local.image-remote-tag}"
+    image_latest_tag = "${local.image-latest-tag}"
+    image_tag = "${local.image-name}"
+    container_registry_repo = "${local.container-registry-repo}"
+    login = local.login_container
+    build_command = var.build_command
+    artifact_location = local.output_path
+    artifact_path = (local.use-artifact ? data.oci_artifacts_generic_artifact.app_artifact[0].artifact_path : "")
+    artifact_version = (local.use-artifact ? data.oci_artifacts_generic_artifact.app_artifact[0].version : "")
+    oci_token = local.auth_token_secret
+    repo_name = (local.use-repository ? data.oci_devops_repository.devops_repository[0].name : "")
+    config_repo_name = local.config_repo_name
+    artifactId = (local.use-artifact ? var.artifact_id : "")
+    registryId = (local.use-artifact ? var.registry_id : "")
+    fileName = "app.zip"
+    db_username = local.username
+    db_connection_url = local.escaped_connection_url
+    db_user_password = oci_vault_secret.db_user_password.id
+    wallet_password = oci_vault_secret.db_wallet_password.id
+  }
+}
+
+
diff --git a/dotnet/dotnet-variables.tf b/dotnet/dotnet-variables.tf
@@ -0,0 +1,19 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+## .NET specific variables and locals
+locals {
+  # Get output folder path and dll name
+  output_path = "${dirname(var.artifact_location)}/"
+  dll_name = basename(var.artifact_location)
+  # path to the wallet
+  wallet_path = "/opt/dotnetapp/wallet"
+
+  driver_connection_url = (
+    var.use_existing_database 
+      ? "${replace(data.oci_database_autonomous_database.autonomous_database.connection_strings[0].profiles[local.conn_url_index].value, "description= ", "description=")}"
+      : "${replace(oci_database_autonomous_database.database[0].connection_strings[0].profiles[local.conn_url_index].value, "description= ", "description=")}"
+  )
+  # Connection URL environment variable
+  connection_url_env = "ENV ${var.connection_url_env}=${local.escaped_connection_url}" 
+}
diff --git a/dotnet/interface-app-config-group.yaml b/dotnet/interface-app-config-group.yaml
@@ -0,0 +1,20 @@
+# Copyright (c) 2023, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+      - use_connection_url_env
+      - connection_url_env
+      - use_tns_admin_env
+      - tns_admin_env
+      - use_username_env
+      - username_env
+      - use_password_env
+      - password_env
+  - title: "Other parameters"
+    variables:
+      - other_environment_variables
+      - program_arguments
+  - title: "Application configuration - SSL communication between backends and load balancer"
+    variables:      
+      - cert_pem
+      - private_key_pem
+      - ca_pem