in src/WebJobs.Script.WebHost/Management/AtlasInstanceManager.cs [53:116]
public override async Task<string> SpecializeMSISidecar(HostAssignmentContext context)
{
// No cold start optimization needed for side car scenarios
if (context.IsWarmupRequest)
{
return null;
}
var msiEnabled = context.IsMSIEnabled(out var endpoint);
_logger.LogInformation($"MSI enabled status: {msiEnabled}");
if (msiEnabled)
{
if (context.MSIContext == null && context.EncryptedTokenServiceSpecializationPayload == null)
{
_logger.LogWarning("Skipping specialization of MSI sidecar since MSIContext and EncryptedTokenServiceSpecializationPayload were absent");
await _meshServiceClient.NotifyHealthEvent(ContainerHealthEventType.Fatal, this.GetType(),
"Could not specialize MSI sidecar since MSIContext and EncryptedTokenServiceSpecializationPayload were empty");
}
else
{
using (_metricsLogger.LatencyEvent(MetricEventNames.LinuxContainerSpecializationMSIInit))
{
var uri = new Uri(endpoint);
var addressStem = GetMsiSpecializationRequestAddressStem(context);
var address = $"http://{uri.Host}:{uri.Port}{addressStem}";
_logger.LogDebug($"Specializing sidecar at {address}");
StringContent payload;
if (string.IsNullOrEmpty(context.EncryptedTokenServiceSpecializationPayload))
{
payload = new StringContent(JsonConvert.SerializeObject(context.MSIContext),
Encoding.UTF8, "application/json");
}
else
{
payload = new StringContent(context.EncryptedTokenServiceSpecializationPayload, Encoding.UTF8);
}
var requestMessage = new HttpRequestMessage(HttpMethod.Post, address)
{
Content = payload
};
var response = await _client.SendAsync(requestMessage);
_logger.LogInformation($"Specialize MSI sidecar returned {response.StatusCode}");
if (!response.IsSuccessStatusCode)
{
var message = $"Specialize MSI sidecar call failed. StatusCode={response.StatusCode}";
_logger.LogError(message);
await _meshServiceClient.NotifyHealthEvent(ContainerHealthEventType.Fatal, this.GetType(),
"Failed to specialize MSI sidecar");
return message;
}
}
}
}
return null;
}