MAINT: Set PYRIT_CORS_ORIGINS env var in Bicep instead of imperatively#1646
Open
adrian-gavrila wants to merge 2 commits intomicrosoft:mainfrom
Open
MAINT: Set PYRIT_CORS_ORIGINS env var in Bicep instead of imperatively#1646adrian-gavrila wants to merge 2 commits intomicrosoft:mainfrom
adrian-gavrila wants to merge 2 commits intomicrosoft:mainfrom
Conversation
The Container App's CORS origin (its own ingress FQDN) was previously applied via a manual �z containerapp update --set-env-vars step after every deploy, per infra/README.md step 5. That value drifts whenever the ACA app gets re-created (new revision suffix, region change) and is easy to forget on first stand-up. ACA generates a deterministic FQDN (<appName>.<envDefaultDomain>), so we can compute the same value at deploy time from upstream resources without self-referencing the containerApp resource (which would create a cycle). Setting it as an env var on the container guarantees it stays in sync on every Bicep deploy and removes the imperative post-deploy step. Also removes the now-redundant CORS step from infra/README.md. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Removed comments about CORS origin handling.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Folds the manual
az containerapp update --set-env-vars PYRIT_CORS_ORIGINS=...step (currently step 5 ininfra/README.md) intoinfra/main.bicepso deploys are self-correcting and the GUI no longer silently breaks on CORS when someone forgets to re-run the command.The value is computed from
acaEnvironment.properties.defaultDomainrather than the container app's own FQDN to avoid a self-reference cycle; ACA's FQDN is deterministically<appName>.<defaultDomain>, so the result matches what the manual command was setting.Tests and Documentation
az bicep build --file infra/main.bicep --stdout- clean.az deployment group what-if -g copyrit-gui-rg-prod- cleanCreateofcontainers[0].env[11]resolving to the SPA's existing FQDN.pyrit/backend/main.py:73) splits on,; single value parses to a 1-element list as expected.infra/README.md.