From 98627cabc2839741cd537a854369f9ce109c1530 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 00:39:38 +0200 Subject: [PATCH 1/9] Adding ConfigureAzureHostingDefaultsWithApplicationInsightsTelemetry() --- ...pplicationInsightsInitializerExtensions.cs | 37 +++++++++++++++++++ Readme.md | 2 + 2 files changed, 39 insertions(+) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index fdb2c52..81b81c0 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -8,7 +8,9 @@ using Microsoft.ApplicationInsights.DependencyCollector; using Microsoft.ApplicationInsights.Extensibility; using Microsoft.ApplicationInsights.Extensibility.PerfCounterCollector.QuickPulse; +using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Options; using System.Linq; using ApplicationInsightsFeatureIds = Lombiq.Hosting.Azure.ApplicationInsights.Constants.FeatureIds; @@ -17,6 +19,41 @@ namespace Microsoft.Extensions.DependencyInjection; public static class ApplicationInsightsInitializerExtensions { + /// + /// Recommended default configuration for features of an Orchard Core application hosted in Azure, with Application + /// Insights telemetry. If any of the configuration values exist, they won't be overridden, so e.g. + /// appsettings.json configuration will take precedence. + /// + /// The instance of the app. + public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationInsightsTelemetry( + this OrchardCoreBuilder builder, + WebApplicationBuilder webApplicationBuilder) + { + builder + .ConfigureAzureHostingDefaults(webApplicationBuilder) + .AddOrchardCoreApplicationInsightsTelemetry(webApplicationBuilder.Configuration); + + var logLevelSection = webApplicationBuilder.Configuration.GetSection("Logging:ApplicationInsights:LogLevel"); + + logLevelSection.AddValueIfKeyNotExists("Default", "Warning"); + + var ocAppInsightsSection = webApplicationBuilder.Configuration.GetSection("OrchardCore:Lombiq_Hosting_Azure_ApplicationInsights"); + + ocAppInsightsSection + .AddValueIfKeyNotExists("EnableUserNameCollection", "true") + .AddValueIfKeyNotExists("EnableUserAgentCollection", "true") + .AddValueIfKeyNotExists("EnableIpAddressCollection", "true"); + + if (webApplicationBuilder.Environment.IsDevelopment()) + { + var appInsightsSection = webApplicationBuilder.Configuration.GetSection("ApplicationInsights"); + + appInsightsSection.AddValueIfKeyNotExists("EnableDependencyTrackingTelemetryModule", "false"); + } + + return builder; + } + /// /// Initializes Application Insights for Orchard Core. Should be used in the application Program.cs file. /// diff --git a/Readme.md b/Readme.md index e1fc5d0..b9b4d39 100644 --- a/Readme.md +++ b/Readme.md @@ -67,6 +67,8 @@ builder.Services Note that due to how the Application Insights .NET SDK works, telemetry can only be collected for the whole app at once; collecting telemetry separately for each tenant is not supported. +You can also use `ConfigureAzureHostingDefaultsWithApplicationInsightsTelemetry` instead; this sets up all the recommended hosting configuration with `ConfigureAzureHostingDefaults` from [Lombiq Helpful Libraries - Orchard Core Libraries](https://github.com/Lombiq/Helpful-Libraries/blob/dev/Lombiq.HelpfulLibraries.OrchardCore/Readme.md). + When using the full CMS approach of Orchard Core (i.e. not decoupled or headless) then the client-side tracking script will be automatically injected as a head script. Otherwise, you can create it with `ITrackingScriptFactory`. ### Advanced configuration From d3e496c4871324557d4a721bea41efa456a5d9fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 01:11:02 +0200 Subject: [PATCH 2/9] Passing new parameters to hosting defaults --- .../ApplicationInsightsInitializerExtensions.cs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index 81b81c0..a53c3d7 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -25,12 +25,20 @@ public static class ApplicationInsightsInitializerExtensions /// appsettings.json configuration will take precedence. /// /// The instance of the app. + /// + /// Indicates whether to enable OrchardCore.Media.Azure.Storage and its dependencies when hosted in Azure. + /// + /// + /// Indicates whether to enable OrchardCore.HealthChecks in the Production environment. + /// public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationInsightsTelemetry( this OrchardCoreBuilder builder, - WebApplicationBuilder webApplicationBuilder) + WebApplicationBuilder webApplicationBuilder, + bool enableAzureMediaStorage = true, + bool enableHealthChecksInProduction = true) { builder - .ConfigureAzureHostingDefaults(webApplicationBuilder) + .ConfigureAzureHostingDefaults(webApplicationBuilder, enableAzureMediaStorage, enableHealthChecksInProduction) .AddOrchardCoreApplicationInsightsTelemetry(webApplicationBuilder.Configuration); var logLevelSection = webApplicationBuilder.Configuration.GetSection("Logging:ApplicationInsights:LogLevel"); From 77650919ccb7284b11bbdee714eeecb2a49fbaea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 01:18:00 +0200 Subject: [PATCH 3/9] Setting EnableLoggingTestMiddleware in Development --- .../Extensions/ApplicationInsightsInitializerExtensions.cs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index a53c3d7..2d2744e 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -54,6 +54,8 @@ public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationIns if (webApplicationBuilder.Environment.IsDevelopment()) { + ocAppInsightsSection.AddValueIfKeyNotExists("EnableLoggingTestMiddleware", "true"); + var appInsightsSection = webApplicationBuilder.Configuration.GetSection("ApplicationInsights"); appInsightsSection.AddValueIfKeyNotExists("EnableDependencyTrackingTelemetryModule", "false"); From 02c7fe6eb7bdfe7fdf387f40504fab48db54e908 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 16:52:20 +0200 Subject: [PATCH 4/9] Adapting to ConfigureAzureHostingDefaults changes --- .../ApplicationInsightsInitializerExtensions.cs | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index 2d2744e..7797663 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -10,6 +10,7 @@ using Microsoft.ApplicationInsights.Extensibility.PerfCounterCollector.QuickPulse; using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Options; using System.Linq; @@ -25,20 +26,14 @@ public static class ApplicationInsightsInitializerExtensions /// appsettings.json configuration will take precedence. /// /// The instance of the app. - /// - /// Indicates whether to enable OrchardCore.Media.Azure.Storage and its dependencies when hosted in Azure. - /// - /// - /// Indicates whether to enable OrchardCore.HealthChecks in the Production environment. - /// + /// Configuration for the hosting defaults. public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationInsightsTelemetry( this OrchardCoreBuilder builder, WebApplicationBuilder webApplicationBuilder, - bool enableAzureMediaStorage = true, - bool enableHealthChecksInProduction = true) + AzureHostingConfiguration hostingConfiguration = null) { builder - .ConfigureAzureHostingDefaults(webApplicationBuilder, enableAzureMediaStorage, enableHealthChecksInProduction) + .ConfigureAzureHostingDefaults(webApplicationBuilder, hostingConfiguration) .AddOrchardCoreApplicationInsightsTelemetry(webApplicationBuilder.Configuration); var logLevelSection = webApplicationBuilder.Configuration.GetSection("Logging:ApplicationInsights:LogLevel"); From 9e9130aa44c94a8cc542592f0bd5da89e508aa68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 17:00:26 +0200 Subject: [PATCH 5/9] Docs --- .../Extensions/ApplicationInsightsInitializerExtensions.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index 7797663..63acfd6 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -21,9 +21,9 @@ namespace Microsoft.Extensions.DependencyInjection; public static class ApplicationInsightsInitializerExtensions { /// - /// Recommended default configuration for features of an Orchard Core application hosted in Azure, with Application - /// Insights telemetry. If any of the configuration values exist, they won't be overridden, so e.g. - /// appsettings.json configuration will take precedence. + /// Lombiq-recommended opinionated default configuration for features of an Orchard Core application hosted in + /// Azure, with Application Insights telemetry. If any of the configuration values exist, they won't be overridden, + /// so e.g. appsettings.json configuration will take precedence. /// /// The instance of the app. /// Configuration for the hosting defaults. From 68be9ba8ea4ec2db7a513376b93a06642c46cbbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 19:29:44 +0200 Subject: [PATCH 6/9] Adding EntraAuthenticationType non-Development default --- .../Extensions/ApplicationInsightsInitializerExtensions.cs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index 63acfd6..8fce37b 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -55,6 +55,10 @@ public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationIns appInsightsSection.AddValueIfKeyNotExists("EnableDependencyTrackingTelemetryModule", "false"); } + else + { + ocAppInsightsSection.AddValueIfKeyNotExists("EntraAuthenticationType", "ManagedIdentity"); + } return builder; } From 1fb41c08fbe2a33dbd0c7201a114c4b9ce1a9185 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 30 Jul 2024 23:40:25 +0200 Subject: [PATCH 7/9] Fixing that the AI configuration defaults didn't take effect --- .../Extensions/ApplicationInsightsInitializerExtensions.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs index 8fce37b..91419ce 100644 --- a/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs +++ b/Lombiq.Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs @@ -32,9 +32,7 @@ public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationIns WebApplicationBuilder webApplicationBuilder, AzureHostingConfiguration hostingConfiguration = null) { - builder - .ConfigureAzureHostingDefaults(webApplicationBuilder, hostingConfiguration) - .AddOrchardCoreApplicationInsightsTelemetry(webApplicationBuilder.Configuration); + builder.ConfigureAzureHostingDefaults(webApplicationBuilder, hostingConfiguration); var logLevelSection = webApplicationBuilder.Configuration.GetSection("Logging:ApplicationInsights:LogLevel"); @@ -60,6 +58,8 @@ public static OrchardCoreBuilder ConfigureAzureHostingDefaultsWithApplicationIns ocAppInsightsSection.AddValueIfKeyNotExists("EntraAuthenticationType", "ManagedIdentity"); } + builder.AddOrchardCoreApplicationInsightsTelemetry(webApplicationBuilder.Configuration); + return builder; } From 6fea1c5b90bd302455074ec259374cacf5a8cb2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 6 Aug 2024 15:51:02 +0200 Subject: [PATCH 8/9] Adding note about local auth breaking client-side tracking --- Readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Readme.md b/Readme.md index b9b4d39..c4c1b31 100644 --- a/Readme.md +++ b/Readme.md @@ -124,6 +124,8 @@ If you want to use Entra Authentication for Application Insights, or if you have } ``` +> ⚠ Client-side tracking wil currently fail with 401 Unauthorized if Local Authentication is disabled, see [this bug report](https://github.com/microsoft/ApplicationInsights-dotnet/issues/2893) for the Application Insights .NET SDK. If you need client-side tracking, you will have to keep Local Authentication enabled on your AI resource for now. + To set up Entra Authentication for an application hosted on Azure you will have to set up a Managed Identity for the application and give it the `Monitoring Metrics Publisher` role (see more on assigning Azure roles [here](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal)) to be able to publish metrics to AI. A managed identity will allow your app to authenticate with the Application Insights resource; see how to set it up for specific Azure services [here](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-status). We recommend using the simpler system-assigned identity option, since then you can easily allow your app's identity to get a role under the Application Insights resource. Note that it might take a few minutes for the managed identity to work; until then, Live Metrics won't be available. You can also use a service principal to authenticate. To set this up, you will have to provide the service principal credentials in the configuration. See the [Service principal](#service-principal) section for more information. This is also the only way to authenticate if you are using a non-Azure (or local) environment - or an Azure resource that does not support Managed Identities. From 271518619adedb159dbe240e93ad0d9db06411a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Leh=C3=B3czky?= Date: Tue, 6 Aug 2024 15:54:39 +0200 Subject: [PATCH 9/9] Typo --- Readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Readme.md b/Readme.md index c4c1b31..66719c5 100644 --- a/Readme.md +++ b/Readme.md @@ -124,7 +124,7 @@ If you want to use Entra Authentication for Application Insights, or if you have } ``` -> ⚠ Client-side tracking wil currently fail with 401 Unauthorized if Local Authentication is disabled, see [this bug report](https://github.com/microsoft/ApplicationInsights-dotnet/issues/2893) for the Application Insights .NET SDK. If you need client-side tracking, you will have to keep Local Authentication enabled on your AI resource for now. +> ⚠ Client-side tracking will currently fail with 401 Unauthorized if Local Authentication is disabled, see [this bug report](https://github.com/microsoft/ApplicationInsights-dotnet/issues/2893) for the Application Insights .NET SDK. If you need client-side tracking, you will have to keep Local Authentication enabled on your AI resource for now. To set up Entra Authentication for an application hosted on Azure you will have to set up a Managed Identity for the application and give it the `Monitoring Metrics Publisher` role (see more on assigning Azure roles [here](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal)) to be able to publish metrics to AI. A managed identity will allow your app to authenticate with the Application Insights resource; see how to set it up for specific Azure services [here](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-status). We recommend using the simpler system-assigned identity option, since then you can easily allow your app's identity to get a role under the Application Insights resource. Note that it might take a few minutes for the managed identity to work; until then, Live Metrics won't be available.