Merge pull request #8 from csharpfritz/copilot/fix-7

Author: csharpfritz

.github/workflows/azure-dev.yml

@@ -1,13 +1,16 @@
 name: Build and Deploy
 
-# Run when commits are pushed to main
+# Run when commits are pushed to main (excluding Content folder changes)
 on:
   workflow_dispatch:
   push:
     # Run when commits are pushed to mainline branch (main or master)
     # Set this to the mainline branch you are using
     branches:
       - main
+    # Exclude Content folder changes to avoid unnecessary deployments
+    paths-ignore:
+      - 'Content/**'
 
 # Set up permissions for deploying with secretless Azure federated credentials
 # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
@@ -25,6 +28,7 @@ jobs:
       AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
       AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
       AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+      CACHE_REFRESH_API_KEY: ${{ secrets.CACHE_REFRESH_API_KEY }}
 
     steps:
       - name: Checkout

.github/workflows/content-sync.yml

@@ -36,6 +36,30 @@ jobs:
           AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.CONTENT_STORAGE_CONNECTION_STRING }}
         run: dotnet run --project ContentLoader/ContentLoader.csproj --configuration Release -- Content
 
+      - name: Refresh Web App Cache
+        if: success()
+        env:
+          CACHE_REFRESH_API_KEY: ${{ secrets.CACHE_REFRESH_API_KEY }}
+        run: |
+          echo "Refreshing web application cache..."
+          # Wait a moment for the content to be fully uploaded
+          sleep 5
+          
+          # Call the cache refresh endpoint with API key authentication
+          response=$(curl -s -w "%{http_code}" -X POST "https://copilotthatjawn.com/api/cache/refresh" \
+            -H "X-API-Key: $CACHE_REFRESH_API_KEY" \
+            -o /tmp/cache_response.json)
+          
+          if [ "$response" = "200" ]; then
+            echo "Cache refresh successful"
+            cat /tmp/cache_response.json
+          else
+            echo "Cache refresh failed with HTTP status: $response"
+            cat /tmp/cache_response.json || echo "No response body"
+            # Don't fail the workflow if cache refresh fails - it's not critical
+            echo "Continuing workflow despite cache refresh failure..."
+          fi
+      
       - name: Handle Failure
         if: failure()
         run: |

AppHost/infra/web.tmpl.yaml

@@ -30,6 +30,8 @@ properties:
     secrets:
       - name: connectionstrings--tables
         value: '{{ .Env.AZURE_STORAGE_TABLEENDPOINT }}'
+      - name: cacherefresh--apikey
+        value: '{{ .Env.CACHE_REFRESH_API_KEY }}'
   template:
     containers:
       - image: {{ .Image }}
@@ -49,6 +51,8 @@ properties:
             value: in_memory
           - name: ConnectionStrings__tables
             secretRef: connectionstrings--tables
+          - name: CacheRefresh__ApiKey
+            secretRef: cacherefresh--apikey
     scale:
       minReplicas: 1
 tags:

Web/Extensions/EndpointExtensions.cs

@@ -192,4 +192,57 @@ public static class EndpointExtensions
             .SetVaryByHost(true)
             .Tag("rss"));
     }
+
+    public static void MapCacheRefreshEndpoint(this WebApplication app)
+    {
+        app.MapPost("/api/cache/refresh", async (HttpContext context, IContentService contentService, ILogger<Program> logger, IWebHostEnvironment environment, IConfiguration configuration) =>
+        {
+            try
+            {
+                logger.LogInformation("Cache refresh requested via API endpoint");
+                
+                // Validate API key for security
+                var expectedApiKey = configuration["CacheRefresh:ApiKey"];
+                if (!string.IsNullOrEmpty(expectedApiKey))
+                {
+                    var providedApiKey = context.Request.Headers["X-API-Key"].FirstOrDefault();
+                    if (string.IsNullOrEmpty(providedApiKey) || providedApiKey != expectedApiKey)
+                    {
+                        logger.LogWarning("Cache refresh request rejected: Invalid or missing API key");
+                        return Results.Unauthorized();
+                    }
+                }
+                else if (!environment.IsDevelopment())
+                {
+                    logger.LogWarning("Cache refresh API key not configured in production environment");
+                    return Results.Problem("API key not configured", statusCode: 500);
+                }
+                
+                // Only perform cache refresh in non-development environments
+                // In development, the cache isn't as critical and may require Azure Table Storage
+                if (environment.IsDevelopment())
+                {
+                    logger.LogInformation("Development environment detected. Skipping cache refresh.");
+                    return Results.Ok(new { 
+                        message = "Cache refresh skipped in development environment", 
+                        timestamp = DateTime.UtcNow,
+                        environment = "Development" 
+                    });
+                }
+                
+                await contentService.RefreshContentAsync();
+                
+                logger.LogInformation("Cache refresh completed successfully");
+                return Results.Ok(new { message = "Cache refreshed successfully", timestamp = DateTime.UtcNow });
+            }
+            catch (Exception ex)
+            {
+                logger.LogError(ex, "Error refreshing cache via API endpoint");
+                return Results.Problem("Failed to refresh cache", statusCode: 500);
+            }
+        })
+        .WithName("RefreshCache")
+        .WithSummary("Refresh the content cache")
+        .WithDescription("Triggers a refresh of the in-memory content cache from Azure Table Storage. Requires X-API-Key header for authentication.");
+    }
 }

Web/Program.cs

@@ -156,6 +156,9 @@
 app.MapSitemapEndpoint();
 app.MapRssFeedEndpoint();
 
+// Map cache refresh endpoint
+app.MapCacheRefreshEndpoint();
+
 app.MapDefaultEndpoints();
 
 app.Run();

infra/main.bicep

@@ -12,6 +12,10 @@ param location string
 @description('Id of the user or app to assign application roles')
 param principalId string = ''
 
+@description('API key for cache refresh endpoint security')
+@secure()
+param cacheRefreshApiKey string = ''
+
 
 var tags = {
   'azd-env-name': environmentName
@@ -29,6 +33,7 @@ module resources 'resources.bicep' = {
     location: location
     tags: tags
     principalId: principalId
+    cacheRefreshApiKey: cacheRefreshApiKey
   }
 }
 

infra/main.parameters.json

@@ -10,6 +10,9 @@
       },
       "location": {
         "value": "${AZURE_LOCATION}"
+      },
+      "cacheRefreshApiKey": {
+        "value": "${CACHE_REFRESH_API_KEY}"
       }
     }
   }

infra/resources.bicep

@@ -3,6 +3,10 @@ param location string = resourceGroup().location
 @description('Id of the user or app to assign application roles')
 param principalId string = ''
 
+@description('API key for cache refresh endpoint security')
+@secure()
+param cacheRefreshApiKey string = ''
+
 
 @description('Tags that will be applied to all resources')
 param tags object = {}