Skip to content

Redis key vault auth and 3 bug fixes #767

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Xeelee33 wants to merge 7 commits into
base: Development
Choose a base branch
from
Open

Redis key vault auth and 3 bug fixes #767

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
3368d6e
Added Key Vault auth option for Redis connection since managed identi…
Xeelee33 Feb 25, 2026
5c48426
bugfix - added 'personal' to default converstaion chat_type so conver…
Xeelee33 Mar 4, 2026
9823912
bugfix - changing overflow allows word wrap and horizontal scroll bar…
Xeelee33 Mar 4, 2026
e4157b6
bugfix - icons in new prompt dialog box were not visible due to icon …
Xeelee33 Mar 4, 2026
754b748
Merge pull request #5 from microsoft/Development
Xeelee33 Mar 5, 2026
511dd8b
Updates to address required changes identified by Copilot in pull req…
Xeelee33 Mar 6, 2026
6b9f549
Additional tweaks made based on Copilot feedback
Xeelee33 Mar 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 19 additions & 3 deletions application/single_app/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ def configure_sessions(settings):
redis_client = None
try:
if redis_auth_type == 'managed_identity':
print("Redis enabled using Managed Identity")
log_event("Redis enabled using Managed Identity", level=logging.INFO)
from config import get_redis_cache_infrastructure_endpoint
credential = DefaultAzureCredential()
redis_hostname = redis_url.split('.')[0]
Expand All @@ -175,9 +175,25 @@ def configure_sessions(settings):
socket_connect_timeout=5,
socket_timeout=5
)
elif redis_auth_type == 'key_vault':
log_event("Redis enabled using Key Vault Secret", level=logging.INFO)
from functions_keyvault import retrieve_secret_direct
redis_key_secret_name = settings.get('redis_key', '').strip()
redis_password = retrieve_secret_direct(redis_key_secret_name)
if redis_password:
redis_password = redis_password.strip()
redis_client = Redis(
host=redis_url,
port=6380,
db=0,
password=redis_password,
ssl=True,
socket_connect_timeout=5,
socket_timeout=5
)
else:
redis_key = settings.get('redis_key', '').strip()
print("Redis enabled using Access Key")
log_event("Redis enabled using Access Key", level=logging.INFO)
redis_client = Redis(
host=redis_url,
port=6380,
Expand All @@ -190,7 +206,7 @@ def configure_sessions(settings):

# Test the connection
redis_client.ping()
print("✅ Redis connection successful")
log_event("✅ Redis connection successful", level=logging.INFO)
app.config['SESSION_TYPE'] = 'redis'
app.config['SESSION_REDIS'] = redis_client

Expand Down
35 changes: 32 additions & 3 deletions application/single_app/app_settings_cache.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,14 @@
This supports the dynamic selection of redis or in-memory caching of settings.
"""
import json
import logging
from redis import Redis
from azure.identity import DefaultAzureCredential

# NOTE: functions_keyvault is imported locally inside configure_app_cache to avoid a circular
# import (functions_keyvault -> app_settings_cache -> functions_keyvault).
# functions_appinsights is also imported locally for the same reason.

_settings = None
APP_SETTINGS_CACHE = {}
update_settings_cache = None
Expand All @@ -16,6 +21,8 @@

def configure_app_cache(settings, redis_cache_endpoint=None):
global _settings, update_settings_cache, get_settings_cache, APP_SETTINGS_CACHE, app_cache_is_using_redis
# Local import to avoid circular dependency: functions_keyvault imports app_settings_cache.
from functions_appinsights import log_event
_settings = settings
use_redis = _settings.get('enable_redis_cache', False)

Expand All @@ -24,9 +31,8 @@ def configure_app_cache(settings, redis_cache_endpoint=None):
redis_url = settings.get('redis_url', '').strip()
redis_auth_type = settings.get('redis_auth_type', 'key').strip().lower()
if redis_auth_type == 'managed_identity':
print("[ASC] Redis enabled using Managed Identity")
log_event("[ASC] Redis enabled using Managed Identity", level=logging.INFO)
credential = DefaultAzureCredential()
redis_hostname = redis_url.split('.')[0]
cache_endpoint = redis_cache_endpoint
token = credential.get_token(cache_endpoint)
redis_client = Redis(
Expand All @@ -36,9 +42,32 @@ def configure_app_cache(settings, redis_cache_endpoint=None):
password=token.token,
ssl=True
)
elif redis_auth_type == 'key_vault':
log_event("[ASC] Redis enabled using Key Vault Secret", level=logging.INFO)
# Local import to avoid circular dependency: functions_keyvault imports app_settings_cache.
from functions_keyvault import retrieve_secret_direct
redis_key_secret_name = settings.get('redis_key', '').strip()
try:
# Pass settings directly: get_settings_cache() is still None at this point
# because configure_app_cache has not finished initialising the cache yet.
redis_password = retrieve_secret_direct(redis_key_secret_name, settings=settings)
if redis_password:
redis_password = redis_password.strip()
log_event("[ASC] Redis key retrieved from Key Vault successfully", level=logging.INFO)
except Exception as kv_err:
log_event(f"[ASC] ERROR: Failed to retrieve Redis key from Key Vault: {kv_err}", level=logging.ERROR, exceptionTraceback=True)
raise

redis_client = Redis(
host=redis_url,
port=6380,
db=0,
password=redis_password,
ssl=True
)
else:
redis_key = settings.get('redis_key', '').strip()
print("[ASC] Redis enabled using Access Key")
log_event("[ASC] Redis enabled using Access Key", level=logging.INFO)
redis_client = Redis(
host=redis_url,
port=6380,
Expand Down
2 changes: 1 addition & 1 deletion application/single_app/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@
EXECUTOR_TYPE = 'thread'
EXECUTOR_MAX_WORKERS = 30
SESSION_TYPE = 'filesystem'
VERSION = "0.239.004"
VERSION = "0.239.005"

SECRET_KEY = os.getenv('SECRET_KEY', 'dev-secret-key-change-in-production')

Expand Down
Loading