Add Document Processing Pipeline for AKS#152
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new end-to-end scenario sample (DocumentProcessingOnAKS) that demonstrates a document-processing pipeline using Durable Task Scheduler deployed onto Azure Kubernetes Service (AKS) via azd, including client/worker apps, AKS/ACR/DTS infrastructure, and Kubernetes manifests.
Changes:
- Introduces .NET Client and Worker apps demonstrating activity chaining + fan-out/fan-in orchestration.
- Adds
azd+ infrastructure (Bicep) to provision AKS, ACR, DTS, managed identity, and workload identity federation. - Adds Kubernetes deployment templates and documentation for local run + Azure deployment.
Reviewed changes
Copilot reviewed 28 out of 28 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| samples/scenarios/DocumentProcessingOnAKS/scripts/acr-build.sh | az acr build helper used as an azd predeploy hook to build/push client/worker images. |
| samples/scenarios/DocumentProcessingOnAKS/infra/main.parameters.json | Parameter bindings for azd env values (env name, location, principal). |
| samples/scenarios/DocumentProcessingOnAKS/infra/main.bicep | Subscription-scoped deployment wiring together identity, network, ACR, AKS, workload identity, and DTS. |
| samples/scenarios/DocumentProcessingOnAKS/infra/core/security/role.bicep | Generic role-assignment module used by the scenario infra. |
| samples/scenarios/DocumentProcessingOnAKS/infra/core/security/registry-access.bicep | Role assignment granting AcrPull to a principal on the ACR instance. |
| samples/scenarios/DocumentProcessingOnAKS/infra/core/networking/vnet.bicep | VNet + subnet definition used for AKS networking. |
| samples/scenarios/DocumentProcessingOnAKS/infra/core/host/container-registry.bicep | ACR provisioning module with optional diagnostics. |
| samples/scenarios/DocumentProcessingOnAKS/infra/core/host/aks-cluster.bicep | AKS cluster provisioning module plus conditional ACR access grant. |
| samples/scenarios/DocumentProcessingOnAKS/infra/app/user-assigned-identity.bicep | Creates the user-assigned managed identity used by workloads. |
| samples/scenarios/DocumentProcessingOnAKS/infra/app/federated-identity.bicep | Federated identity credential for AKS workload identity (service account → managed identity). |
| samples/scenarios/DocumentProcessingOnAKS/infra/app/dts.bicep | Provisions DTS scheduler + task hub and outputs endpoint/taskhub. |
| samples/scenarios/DocumentProcessingOnAKS/infra/abbreviations.json | Abbreviations used for generated Azure resource names. |
| samples/scenarios/DocumentProcessingOnAKS/azure.yaml | azd app definition (services + predeploy hook). |
| samples/scenarios/DocumentProcessingOnAKS/Worker/manifests/deployment.tmpl.yaml | Worker Kubernetes ServiceAccount + Deployment template with workload identity and DTS env vars. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Worker.csproj | Worker .NET project definition and package references. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Program.cs | Worker host setup, task registration, and DTS connection string construction. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Orchestrations/DocumentProcessingOrchestration.cs | Orchestration implementing validate + parallel classify fan-out/fan-in pattern. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Models/DocumentModels.cs | Shared worker-side records for orchestration/activity payloads. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Dockerfile | Worker container build/publish image definition. |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Activities/ValidateDocument.cs | Validation activity (stubbed I/O + basic checks). |
| samples/scenarios/DocumentProcessingOnAKS/Worker/Activities/ClassifyDocument.cs | Classification activity (stubbed classification for 3 categories). |
| samples/scenarios/DocumentProcessingOnAKS/README.md | Scenario documentation for local run and azd AKS deployment/verification. |
| samples/scenarios/DocumentProcessingOnAKS/DurableTaskOnAKS.sln | Solution containing Client and Worker projects. |
| samples/scenarios/DocumentProcessingOnAKS/Client/manifests/deployment.tmpl.yaml | Client Kubernetes ServiceAccount + Deployment template with workload identity and DTS env vars. |
| samples/scenarios/DocumentProcessingOnAKS/Client/Program.cs | Client app that schedules orchestrations and waits for results. |
| samples/scenarios/DocumentProcessingOnAKS/Client/Models/DocumentInfo.cs | Client-side record matching worker input schema for JSON round-tripping. |
| samples/scenarios/DocumentProcessingOnAKS/Client/Dockerfile | Client container build/publish image definition. |
| samples/scenarios/DocumentProcessingOnAKS/Client/Client.csproj | Client .NET project definition and package references. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build | ||
| WORKDIR /src | ||
|
|
There was a problem hiding this comment.
The Docker base images are pinned to .NET 9 (mcr.microsoft.com/dotnet/sdk:9.0 / runtime:9.0). This will be incompatible if the sample is moved to net8.0/net10.0 to match repo CI, and also requires builders/runners that have .NET 9 available. Consider aligning the image tags with the chosen TargetFramework.
|
|
||
| Console.WriteLine("Done."); | ||
|
|
||
| // In AKS the pod restarts automatically; locally just exit. |
There was a problem hiding this comment.
The comment says the AKS pod restarts automatically and 'locally just exit', but the code keeps the process alive indefinitely when running non-interactively (which includes typical container/AKS execution). Update the comment to match the behavior (or adjust the behavior if the intent is to let the pod exit).
| // In AKS the pod restarts automatically; locally just exit. | |
| // In non-interactive/container environments (including AKS), keep the process alive for log inspection; locally (interactive) just exit. |
|
|
||
| ## Prerequisites | ||
|
|
||
| - [.NET 9 SDK](https://dotnet.microsoft.com/download/dotnet/9.0) |
There was a problem hiding this comment.
The prerequisites currently require the .NET 9 SDK, but this repo's CI installs only .NET 8 and .NET 10. Unless CI is updated to include .NET 9, consider adjusting the sample to net8.0/net10.0 and updating this prerequisite accordingly.
| - [.NET 9 SDK](https://dotnet.microsoft.com/download/dotnet/9.0) | |
| - [.NET 8 or .NET 10 SDK](https://dotnet.microsoft.com/download/dotnet) |
| name: durable-task-on-aks | ||
| hooks: | ||
| predeploy: | ||
| shell: sh |
There was a problem hiding this comment.
The predeploy hook runs ./scripts/acr-build.sh with shell: sh, but the script uses bash-specific features (set -euo pipefail, local, function syntax). Running it under sh will fail on many systems. Use shell: bash (or rewrite the script to be POSIX-sh compatible).
| shell: sh | |
| shell: bash |
|
|
||
| <PropertyGroup> | ||
| <OutputType>Exe</OutputType> | ||
| <TargetFramework>net9.0</TargetFramework> |
There was a problem hiding this comment.
This project targets net9.0, but the repo CI workflow sets up .NET 8 and .NET 10 only; net9.0 samples won't build unless CI is updated. Consider switching this sample to net8.0 (to match other scenario samples) or net10.0 (to match DTS SDK samples), and align the Dockerfile base images accordingly.
| <TargetFramework>net9.0</TargetFramework> | |
| <TargetFramework>net8.0</TargetFramework> |
|
|
||
| <PropertyGroup> | ||
| <OutputType>Exe</OutputType> | ||
| <TargetFramework>net9.0</TargetFramework> |
There was a problem hiding this comment.
This project targets net9.0, but the repo CI workflow sets up .NET 8 and .NET 10 only; net9.0 samples won't build unless CI is updated. Consider switching this sample to net8.0 (to match other scenario samples) or net10.0 (to match DTS SDK samples), and align the Dockerfile base images accordingly.
| <TargetFramework>net9.0</TargetFramework> | |
| <TargetFramework>net8.0</TargetFramework> |
| FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build | ||
| WORKDIR /src | ||
|
|
There was a problem hiding this comment.
The Docker base images are pinned to .NET 9 (mcr.microsoft.com/dotnet/sdk:9.0 / runtime:9.0). This will be incompatible if the sample is moved to net8.0/net10.0 to match repo CI, and also requires builders/runners that have .NET 9 available. Consider aligning the image tags with the chosen TargetFramework.
- Change TargetFramework from net9.0 to net10.0 in Client and Worker csproj - Update Dockerfile base images from sdk/runtime:9.0 to 10.0 - Fix misleading comment in Client/Program.cs about pod restart behavior - Update README prerequisite from .NET 9 SDK to .NET 10 SDK - Change azure.yaml predeploy hook shell from sh to bash
This pull request introduces a complete sample application for document processing using Durable Task Scheduler on Azure Kubernetes Service (AKS). It adds both client and worker components, infrastructure for AKS deployment, and documentation. The sample demonstrates activity chaining, fan-out/fan-in orchestration patterns, and AKS Work