{"id":33242413,"url":"https://github.com/gilbertrios/azure-appservice-logging-middleware","last_synced_at":"2026-04-16T05:32:57.606Z","repository":{"id":323689921,"uuid":"1093609954","full_name":"gilbertrios/azure-appservice-logging-middleware","owner":"gilbertrios","description":"Terraform infrastructure and C# middleware for obfuscating sensitive data in Azure App Insights logs","archived":false,"fork":false,"pushed_at":"2025-11-11T14:54:24.000Z","size":28,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-11-11T16:25:43.497Z","etag":null,"topics":["app-insights","appservice","azure","csharp","data-masking","dotnet","logging","middleware","security","terraform"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gilbertrios.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-10T15:48:45.000Z","updated_at":"2025-11-11T14:54:28.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/gilbertrios/azure-appservice-logging-middleware","commit_stats":null,"previous_names":["gilbertrios/azure-appservice-logging-middleware"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/gilbertrios/azure-appservice-logging-middleware","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gilbertrios%2Fazure-appservice-logging-middleware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gilbertrios%2Fazure-appservice-logging-middleware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gilbertrios%2Fazure-appservice-logging-middleware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gilbertrios%2Fazure-appservice-logging-middleware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gilbertrios","download_url":"https://codeload.github.com/gilbertrios/azure-appservice-logging-middleware/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gilbertrios%2Fazure-appservice-logging-middleware/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31872621,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T15:24:51.572Z","status":"online","status_checked_at":"2026-04-16T02:00:06.042Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["app-insights","appservice","azure","csharp","data-masking","dotnet","logging","middleware","security","terraform"],"created_at":"2025-11-16T20:01:26.783Z","updated_at":"2026-04-16T05:32:57.563Z","avatar_url":"https://github.com/gilbertrios.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure App Service Logging Middleware\n\n[![.NET](https://img.shields.io/badge/.NET-9.0-512BD4?logo=dotnet)](https://dotnet.microsoft.com/)\n[![Azure](https://img.shields.io/badge/Azure-App%20Service-0078D4?logo=microsoft-azure)](https://azure.microsoft.com/en-us/services/app-service/)\n[![Application Insights](https://img.shields.io/badge/Application%20Insights-Enabled-00BCF2?logo=microsoft-azure)](https://azure.microsoft.com/en-us/services/monitor/)\n[![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)\n\nA production-ready ASP.NET Core minimal API showcasing **automatic sensitive data obfuscation** in logs with Azure Application Insights integration. Built with clean modular architecture for easy microservice extraction.\n\n## 🎯 Key Features\n\n- **Smart Obfuscation Middleware** - Automatically redacts sensitive data (credit cards, passwords, tokens) from logs before they reach Application Insights\n- **Azure Application Insights Integration** - Seamless telemetry with custom properties and structured logging\n- **Modular Architecture** - Self-contained modules (Orders, Payments) ready for microservice extraction\n- **.NET 9 Minimal APIs** - Fast, lightweight, modern ASP.NET Core\n- **Auto-Discovery** - Modules automatically registered via reflection\n- **Configurable** - Control obfuscation patterns via `appsettings.json`\n- **OpenAPI/Swagger** - Full API documentation out of the box\n- **Production-Ready** - Includes health checks, structured logging, and comprehensive testing\n\n## 🌟 What This Repo Demonstrates\n\n### Infrastructure as Code (IaC)\n- ✅ Terraform modules and environments\n- ✅ Azure resource provisioning\n- ✅ Infrastructure versioning and state management\n\n### DevOps \u0026 CI/CD\n- ✅ 7-stage automated deployment pipeline\n- ✅ Blue-green deployment with dual rollback strategies\n- ✅ Automated testing (regression + smoke tests)\n- ✅ PR validation with Terraform plan preview\n- ✅ Reusable workflows for code reuse\n- ✅ Auto rollback on production failures\n- ✅ Manual rollback for on-demand recovery\n\n### Development Best Practices\n- ✅ Modular architecture (Orders, Payments modules)\n- ✅ Custom middleware (obfuscation)\n- ✅ Clean code and SOLID principles\n- ✅ Modern .NET 9.0 patterns\n\n### Cloud \u0026 Observability\n- ✅ Azure App Service deployment slots\n- ✅ Application Insights integration\n- ✅ Security-first approach (data obfuscation)\n- ✅ Health checks and monitoring\n\n## 🛠️ Tech Stack\n\n### Application\n- **.NET 9.0** - ASP.NET Core minimal APIs\n- **C# 13** - Records, pattern matching, modern features\n- **Application Insights** - Azure monitoring and telemetry\n- **Swagger/OpenAPI** - API documentation\n\n### Infrastructure \u0026 DevOps\n- **Terraform** - Infrastructure as Code\n- **Azure App Service** - Linux-based hosting\n- **GitHub Actions** - CI/CD automation\n- **Bash Scripts** - Deployment utilities\n\n## 🏗️ Repository Architecture\n\n```\nazure-appservice-logging-middleware/\n├── .github/\n│   └── workflows/\n│       ├── deploy-blue-green.yml     # 7-stage deployment pipeline (auto rollback)\n│       ├── manual-rollback.yml       # On-demand rollback workflow\n│       ├── ci-pr-validation.yml      # PR validation (build + terraform)\n│       └── _build-app.yml            # Reusable build workflow\n│\n├── app/                              # .NET 9.0 Application\n│   ├── Infrastructure/               # Module pattern implementation\n│   ├── Middleware/                   # Obfuscation middleware\n│   ├── Modules/                      # Orders \u0026 Payments modules\n│   ├── Properties/                   # launchSettings.json\n│   └── Program.cs\n│\n├── tests/                            # Test Projects\n│   ├── AzureAppServiceLoggingMiddleware.UnitTests/\n│   │   └── Middleware/\n│   │       └── ObfuscationMiddlewareTests.cs\n│   └── AzureAppServiceLoggingMiddleware.IntegrationTests/\n│       └── ObfuscationMiddlewareIntegrationTests.cs\n│\n├── infrastructure/                   # Terraform IaC\n│   ├── terraform/\n│   │   ├── environments/\n│   │   │   └── dev/                  # Dev environment config\n│   │   └── modules/\n│   │       └── app-service/          # App Service with slots\n│   └── scripts/\n│\n└── docs/                            # Documentation\n```\n\nSee [Repository Structure](docs/repository-structure.md) for detailed breakdown.\n\n**Module Pattern Benefits:**\n\nEach module is self-contained and follows these principles:\n- **Self-contained** - All domain code in one folder\n- **Testable** - Clear boundaries and interfaces\n- **Discoverable** - Auto-registered via reflection\n- **Extractable** - Ready for microservice split\n\nSee [Module Pattern Guide](docs/module-pattern.md) for implementation details and best practices.\n\n## 🚀 CI/CD Pipeline\n\nAutomated 7-stage blue-green deployment pipeline with comprehensive rollback strategies.\n\n```\nBuild → Terraform → Deploy to Green → Test Green → Swap → Smoke Test → Auto Rollback (if needed)\n```\n\n**Key Features:**\n- ✅ Zero-downtime deployment with blue-green slots\n- ✅ Automated rollback if production smoke tests fail\n- ✅ Manual rollback workflow for post-deployment issues\n- ✅ PR validation with Terraform plan preview\n- ✅ Comprehensive testing before production swap\n\n**Triggers:**\n- Push to `main` with changes to `app/**`, `infrastructure/**`, or `.github/workflows/**`\n- Pull requests run CI validation only (no deployment)\n\nSee [CI/CD Pipeline Documentation](docs/cicd-pipeline.md) for complete details on deployment stages, rollback strategies, and troubleshooting.\n\n## 💻 Quick Start\n\n### Run Application Locally\n\n```bash\n# Clone the repository\ngit clone https://github.com/gilbertrios/azure-appservice-logging-middleware.git\ncd azure-appservice-logging-middleware/app\n\n# Run the application\ndotnet run\n```\n\nThe API will be available at:\n- **HTTPS**: `https://localhost:5001`\n- **Swagger UI**: `https://localhost:5001/swagger`\n\n**Optional:** Customize obfuscation settings in `app/appsettings.json` - see [Configuration Guide](docs/configuration.md)\n\n### Deploy to Azure\n\n```bash\n# 1. Configure Azure credentials (see docs/setup-guide.md)\n# 2. Push to main branch\ngit push origin main\n\n# The 7-stage pipeline will:\n# ✅ Build application\n# ✅ Provision infrastructure (Terraform)\n# ✅ Deploy to green slot\n# ✅ Run regression tests on green\n# ✅ Swap to production\n# ✅ Run smoke tests on production\n# ✅ Auto rollback if smoke tests fail\n```\n\n## 🔒 Obfuscation Middleware in Action\n\nThe middleware automatically detects and obfuscates sensitive properties in request/response bodies:\n\n### Example Request\n```bash\ncurl -X POST http://localhost:5000/api/payments/process \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\n    \"orderId\": 1,\n    \"amount\": 299.99,\n    \"creditCard\": \"1234-5678-9012-3456\",\n    \"cvv\": \"123\",\n    \"token\": \"secret-api-key\"\n  }'\n```\n\n### Console Output (Obfuscated)\n```json\n{\n  \"orderId\": 1,\n  \"amount\": 299.99,\n  \"creditCard\": \"***REDACTED***\",\n  \"cvv\": \"***REDACTED***\",\n  \"token\": \"***REDACTED***\"\n}\n```\n\n✅ **Actual API response remains unchanged** - only logs are obfuscated!\n\n## 📡 API Endpoints\n\nExplore the API using Swagger UI at `/swagger` when running locally, or view the full endpoint documentation in the [Application README](app/README.md).\n\n**Modules:**\n- **Orders** - Order management and status tracking\n- **Payments** - Payment processing and refunds\n- **Health Check** - API health status\n\n## ⚙️ Configuration\n\nCustomize obfuscation behavior via `app/appsettings.json`:\n\n```json\n{\n  \"ObfuscationMiddleware\": {\n    \"Enabled\": true,\n    \"ObfuscationMask\": \"***REDACTED***\",\n    \"SensitiveProperties\": [\"password\", \"creditCard\", \"cvv\", \"ssn\", \"apiKey\", \"token\"]\n  }\n}\n```\n\n**Key features:**\n- Case-insensitive property matching\n- Recursive JSON traversal (nested objects/arrays)\n- Configurable mask pattern and sensitive property list\n\nSee [Configuration Guide](docs/configuration.md) for complete options, Application Insights setup, environment-specific settings, and user secrets.\n\n## ☁️ Azure Infrastructure\n\nUses Terraform to provision Azure App Service with blue-green deployment slots for zero-downtime releases.\n\n**Resources provisioned:**\n- App Service Plan (Linux, S1) with deployment slots\n- App Service (production + green slot for zero-downtime deployments)\n- Application Insights for telemetry and monitoring\n- Log Analytics Workspace\n\n**Deploy infrastructure:**\n```bash\ncd infrastructure/terraform/environments/dev\nterraform init\nterraform apply\n```\n\nSee [Infrastructure README](infrastructure/README.md) for complete details on resources, configuration, and Terraform modules.\n\n## 🧪 Testing\n\nRun the test suite to verify functionality:\n\n```bash\n# Run all tests\ndotnet test\n\n# Run only unit tests (fast)\ndotnet test --filter \"Category=Unit\"\n\n# Run only integration tests\ndotnet test --filter \"Category=Integration\"\n```\n\n**Test Coverage:**\n- Unit tests for ObfuscationMiddleware logic and edge cases\n- Integration tests for full API and middleware pipeline\n- Automated execution in CI/CD pipeline\n\nSee [Testing Guide](docs/testing-guide.md) for detailed test documentation, manual testing with cURL/Swagger, and coverage reports.\n\n## 📚 Documentation\n\n### Architecture \u0026 Design\n- [Repository Structure](docs/repository-structure.md) - Folder organization\n- [Module Pattern Overview](docs/module-pattern.md) - Modular architecture\n- [Microservice Split Criteria](docs/microservice-split-criteria.md) - When to extract\n- [MVC vs Minimal API Pipeline](docs/mvc-vs-minimal-api-pipeline.md) - Request pipeline internals\n\n### Infrastructure \u0026 DevOps\n- [Infrastructure Guide](infrastructure/README.md) - Terraform and Azure resources\n- [Setup Guide](docs/setup-guide.md) - Deploy to Azure step-by-step\n- [CI/CD Pipeline](docs/cicd-pipeline.md) - Deployment pipeline and rollback strategies\n- [App Service vs Functions](docs/app-service-vs-functions.md) - Service comparison\n\n### Application\n- [Application README](app/README.md) - Run and develop locally\n- [Testing Guide](docs/testing-guide.md) - Test strategy, commands, and coverage\n- [Configuration Guide](docs/configuration.md) - Application settings and options\n\n## 🔄 Migration Path\n\nReady for microservice extraction. See [Microservice Split Criteria](docs/microservice-split-criteria.md) for detailed guidance.\n\n## 📄 License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## 🤝 Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n1. Fork the repository\n2. Create your feature branch (`git checkout -b feature/amazing-feature`)\n3. Commit your changes (`git commit -m 'Add some amazing feature'`)\n4. Push to the branch (`git push origin feature/amazing-feature`)\n5. Open a Pull Request\n\n## 📞 Support \u0026 Connect\n\n- 💼 LinkedIn: [Connect with me](https://linkedin.com/in/gilbert-rios-22586918)\n- 📧 Email: gilbertrios@hotmail.com\n- 💡 GitHub: [@gilbertrios](https://github.com/gilbertrios)\n\n## 🎓 Quick Links\n\n- **[Setup Guide](docs/setup-guide.md)** - Deploy to Azure in 10 steps\n- **[Project Summary](docs/project-summary.md)** - Overview and key decisions\n- **[Repository Structure](docs/repository-structure.md)** - Folder organization\n\n---\n\n⭐ **Star this repo if you find it useful for learning or reference!**","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgilbertrios%2Fazure-appservice-logging-middleware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgilbertrios%2Fazure-appservice-logging-middleware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgilbertrios%2Fazure-appservice-logging-middleware/lists"}