Support file-based apps in user-secrets #63496
Conversation
|
cc @dotnet/run-file |
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for file-based apps in the dotnet-user-secrets tool, addressing issue #63440. The changes enable the tool to work with file-based C# apps that use #:property UserSecretsId=... directives instead of traditional MSBuild project files.
Key changes include:
- Added
--fileoption to specify file-based apps alongside the existing--projectoption - Enhanced test infrastructure to support both project-based and file-based app testing
- Updated error messages and resource strings to accommodate the new functionality
Reviewed Changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Tools/dotnet-user-secrets/test/UserSecretsTestFixture.cs | Added test helper methods for creating and managing file-based app test scenarios |
| src/Tools/dotnet-user-secrets/test/SecretManagerTests.cs | Enhanced existing tests to cover file-based apps and added validation for new error conditions |
| src/Tools/dotnet-user-secrets/src/Resources.resx | Added new error messages for file-based app scenarios and removed unused resource entries |
| src/Tools/dotnet-user-secrets/src/Program.cs | Updated ID resolution logic to handle both project and file options |
| src/Tools/dotnet-user-secrets/src/Internal/InitCommand.cs | Added validation to prevent init command usage with file-based apps |
| src/Tools/dotnet-user-secrets/src/CommandLineOptions.cs | Added --file option parsing and mutual exclusion validation with --project |
| src/Tools/Shared/SecretsHelpers/SecretsHelpersResources.resx | Updated error messages to mention the new --file option for better user guidance |
| src/Tools/Shared/SecretsHelpers/ProjectIdResolver.cs | Changed MSBuild command from msbuild to build with updated arguments |
|
@DamianEdwards any idea who I need reviews from here? |
| ArgumentList = | ||
| { | ||
| "msbuild", | ||
| "build", |
There was a problem hiding this comment.
Are there any gotchas we should be on the lookout for as we move from msbuild to build for this? Also, I assume this exists because there are file-based app behaviors that are not available in msbuild?
There was a problem hiding this comment.
msbuild is the 'raw' interface. it doesn't do multi-processing by default, doesn't do terminal logger (though you're not going to see that one), it doesn't do implicit restores, etc. build will do all of those (and it has the nice CLI args for some of the common properties) in addition to supporting the file-based apps. I'd say in general you should expect more churn in the behavior of build, but we do try to keep the contract pretty clean and consistent.
| [InlineData(false, true)] | ||
| [InlineData(false, false)] | ||
| [InlineData(true, false)] | ||
| public void SetSecrets(bool fromCurrentDirectory, bool fileBasedApp) |
There was a problem hiding this comment.
Should we error if you try to set secrets on a file-based app from a directory that the file is not in? Based on the options here, it seems like calling the below would be invalid?
$ pwd
/user/some/dir
$ dotnet user-secrets set "foo" "bar" --file /user/some/otherdir/file.cs
There was a problem hiding this comment.
That is currently valid, the test verifies that (fromCurrentDirectory: false, fileBasedApp: true). What's invalid is when no --project and no --file is specified - that works if you are in the project's directory, but not for file-based apps (there could be multiple file-based apps in the directory).
There was a problem hiding this comment.
What's invalid is when no
--projectand no--fileis specified - that works if you are in the project's directory, but not for file-based apps (there could be multiple file-based apps in the directory).
Is there test coverage for this case? No project file in the current directory, but there are file-based app(s) in the current directory, and no --project and no --file arg is passed?
There was a problem hiding this comment.
I will add a test for this, thanks.
RikkiGibson
left a comment
RikkiGibson
left a comment
There was a problem hiding this comment.
LGTM with some questions/nits
| <data name="Error_ProjectMissingId" xml:space="preserve"> | ||
| <value>Could not find the global property 'UserSecretsId' in MSBuild project '{project}'. Ensure this property is set in the project or use the '--id' command line option.</value> | ||
| </data> | ||
| <data name="Error_ProjectPath_NotFound" xml:space="preserve"> |
There was a problem hiding this comment.
Should resource name also be changed?
| <value>Cannot use both --file and --project options together.</value> | ||
| </data> | ||
| <data name="Error_InitNotSupportedForFileBasedApps" xml:space="preserve"> | ||
| <value>Init command is currently not supported for file-based apps. Please add '#:property UserSecretsId=...' manually.</value> |
There was a problem hiding this comment.
All this command does is generate a guid and stick it in the UserSecretsId in the user's project? Is that right?
| var parameters = fromCurrentDirectory ? | ||
| new string[] { "set", secret.Key, secret.Value, "--verbose" } : | ||
| new string[] { "set", secret.Key, secret.Value, "-p", projectPath, "--verbose" }; | ||
| [ "set", secret.Key, secret.Value, .. pathArgs, "--verbose" ]; |
There was a problem hiding this comment.
nit: wonder if it would be simplifying if pathArgs was always included, and in the case fromCurrentDirectory is true, we would just ensure pathArgs is empty.
| [InlineData(false, true)] | ||
| [InlineData(false, false)] | ||
| [InlineData(true, false)] | ||
| public void SetSecrets(bool fromCurrentDirectory, bool fileBasedApp) |
There was a problem hiding this comment.
What's invalid is when no
--projectand no--fileis specified - that works if you are in the project's directory, but not for file-based apps (there could be multiple file-based apps in the directory).
Is there test coverage for this case? No project file in the current directory, but there are file-based app(s) in the current directory, and no --project and no --file arg is passed?
|
@captainsafia is this intentionally against the RC2 branch? I assume we'll have a template in due course? |
This is intentionally targeting .NET 10, yes. I'm not sure what template you have in mind with relation to this PR. |
@danmoseley is referring to the template here: https://github.com/dotnet/aspnetcore/blob/main/.github/PULL_REQUEST_TEMPLATE/servicing.md. You can see it in action in this PR. |
|
It's a little wonky because SDK and most other 'tooling' is open through RC2 generally, but since this change is shared with a more 'runtime'-behaving component the process is a little off by comparison. |
|
I've filled the template in the PR's description. |
|
@captainsafia do I need something else to get this merged? Thanks |
|
I have a follow-up PR here ready as well (to implicitly compute UserSecretsId if it's not set in the project/file-based app), so would like to get this merged soon. |
captainsafia
added
area-commandlinetools
danmoseley
added
Servicing-approved
|
@dotnet/aspnet-build Can we get help merging this? There's a follow-up PR that needs to be taken through as well. |
@captainsafia I think we don't need the follow-up PR anymore as the required change is going directly into dotnet/sdk now, but this PR, definitely 😄 |
7 participants
Support file-based apps in user-secrets
Makes the
dotnet user-secretstool work for file-based apps (via a new--fileargument) analogously to how it works for project-based apps today.Description
Supports
dotnet user-secretscommands for file-based apps exceptdotnet user-secrets init(currently you have to set#:property UserSecretsId=...manually but we plan to add support for implicitUserSecretsIds in file-based apps but the technical side of that is still being discussed).Resolves #63440.
Customer Impact
Driven by Aspire needs.
Regression?
Risk
Verification
Packaging changes reviewed?