Aspire Integration

[sbrown-livefront]

🎟️ Tracking

📔 Objective

This PR introduces an Aspire AppHost project to manage the deployment and configuration of the Bitwarden services. Additionally, it incorporates a ServiceDefaults project to standardize common configurations like health checks and OpenTelemetry across services using conditional compilation.

Notes:

• The secrets.json.example has been updated to have configuration for the apphost project and a few missing properties.
• Some of the nuget packages for ServiceDefaults have been downgraded to accommodate the requirement of Microsoft.Extensions.Configuration remaining at version 8.0 due to dependency conflicts in integration tests with projects dependent on IntegrationTestCommon. Once the version 9.0 issues are resolved, we should be able to update these. They include:
  • OpenTelemetry.Exporter.OpenTelemetryProtocol
  • OpenTelemetry.Extensions.Hosting
  • OpenTelemetry.Instrumentation.AspNetCore
  • OpenTelemetry.Instrumentation.Http
  • OpenTelemetry.Instrumentation.Runtime

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 1d3303db-46ec-4200-9668-8cc9fbc1cdb3

---

Fixed Issues (1)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CSRF	/src/Api/Vault/Controllers/CiphersController.cs: 293

[codecov]

Codecov Report

❌ Patch coverage is 39.50617% with 98 lines in your changes missing coverage. Please review.
✅ Project coverage is 56.73%. Comparing base (5b20ee9) to head (415c14f).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
ServiceDefaults/Extensions.cs	41.95%	77 Missing and 6 partials ⚠️
src/Admin/Program.cs	0.00%	4 Missing ⚠️
src/Billing/Program.cs	0.00%	4 Missing ⚠️
src/Notifications/Program.cs	0.00%	4 Missing ⚠️
src/Identity/Program.cs	0.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6775      +/-   ##
==========================================
- Coverage   56.76%   56.73%   -0.03%     
==========================================
  Files        2014     2015       +1     
  Lines       88218    88361     +143     
  Branches     7855     7878      +23     
==========================================
+ Hits        50073    50134      +61     
- Misses      36321    36397      +76     
- Partials     1824     1830       +6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
10 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud