diff --git a/Samples/Common/Sample.Common/Authentication/AuthenticationProvider.cs b/Samples/Common/Sample.Common/Authentication/AuthenticationProvider.cs index 110520f6..6b532d5d 100644 --- a/Samples/Common/Sample.Common/Authentication/AuthenticationProvider.cs +++ b/Samples/Common/Sample.Common/Authentication/AuthenticationProvider.cs @@ -80,6 +80,8 @@ public AuthenticationProvider(string appName, string appId, string appSecret, IG /// In this case we are using the Microsoft.IdentityModel.Clients.ActiveDirectory library /// to stamp the outbound http request with the OAuth 2.0 token using an AAD application id /// and application secret. Alternatively, this method can support certificate validation. + /// Note that this is only for demonstration purpose. Since acquiring token can be a costly operation, + /// it is recomended to acquire token before hand and cache the token, instead of acquiring it for every incoming request. /// /// The request. /// The tenant. @@ -105,6 +107,7 @@ public async Task AuthenticateOutboundRequestAsync(HttpRequestMessage request, s AuthenticationResult result; try { + // This request can take some time to complete. It's recommended to acquire it beforehand and use the cached version. result = await this.AcquireTokenWithRetryAsync(context, resource, creds, attempts: 3).ConfigureAwait(false); } catch (Exception ex) diff --git a/Samples/PublicSamples/Sample_README_Template.md b/Samples/PublicSamples/Sample_README_Template.md deleted file mode 100644 index 73cb73d0..00000000 --- a/Samples/PublicSamples/Sample_README_Template.md +++ /dev/null @@ -1,28 +0,0 @@ -Please use content below as template in your Sample's READM.md file. -==================================================================== - -> **Note:** -> Public Samples are provided by developers from the Microsoft Graph community. -> Public Samples are not official Microsoft Communication samples, and not supported by the Microsoft Communication engineering team. It is recommended that you contact the sample owner before using code from Public Samples in production systems. - ---- -Title: "Your Sample Name in PascalCase" -Description: "Short description of this sample." -author: "Github username of the author, for contact" ---- - -# Introduction - -## Getting Started (required) - -This section walks you through the process of deploying and testing the sample bot. - -### Bot Registration (required) - -### Prerequisites (required) - -### Deploy (One of Deploy and Local Run is required) - -### Local Run (One of Deploy and Local Run is required) - -### Test (required) diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/README.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/README.md index f7cde205..2ca1fb16 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/README.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/README.md @@ -1,6 +1,24 @@ -# Introduction +--- +page_type: sample +languages: +- csharp +products: +- dotnet +description: "Add 150 character max description" +urlFragment: "update-this-to-unique-url-stub" +--- -The teams-recording-bot sample guides you through building, deploying and testing a Teams recording bot running within a container, deployed into Azure Kubernetes Services. +# Official Microsoft Sample + + + +Give a short description for your sample here. What does it do and why is it important? ## Contents @@ -94,18 +112,11 @@ If you are running the project locally, you will need Ngrok running to forward t 1. Create a new file called `ngrok.yaml` in the [scripts](scripts) folder. 2. Copy the contents of [ngrok.yaml-template](scripts/ngrok.yaml-template) over to `ngrok.yaml`. 3. Update `ngrok.yaml` with - ``` - : Your Ngrok authentication token. - - : The subdomain portion of your Ngrok reserved domain. - For example: if your reserved domain is `bot.ngrok.io`, then this value would be `bot`. - - : LOCALHOST_HTTP_PORT - For example: 9441 - - : LOCALHOST_TCP_PORT - For example 8445 - ``` + * Your Ngrok authentication token. + * The subdomain portion of your Ngrok reserved domain. + * For example: if your reserved domain is `bot.ngrok.io`, then this value would be `bot`. + * Your full TCP reserved Ngrok address. + * For example: `1.tcp.ngrok.io:000000` Once you've done that, run [runngrok.bat](scripts/runngrok.bat) in command prompt and leave it running. diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/build/certs.bat b/Samples/V1.0Samples/AksSamples/teams-recording-bot/build/certs.bat deleted file mode 100644 index d7d8128c..00000000 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/build/certs.bat +++ /dev/null @@ -1,22 +0,0 @@ -REM Set up Environment Variables -./set_env.cmd .env - -set /A CallSignalingPort2 = %AzureSettings__CallSignalingPort% + 1 - -REM Deleting bindings -netsh http delete sslcert ipport=0.0.0.0:%AzureSettings__CallSignalingPort% -netsh http delete sslcert ipport=0.0.0.0:%AzureSettings__InstanceInternalPort% -netsh http delete urlacl url=https://+:%AzureSettings__CallSignalingPort%/ -netsh http delete urlacl url=https://+:%AzureSettings__InstanceInternalPort%/ -netsh http delete urlacl url=http://+:%CallSignalingPort2%/ - -REM Add URLACL bindings -netsh http add urlacl url=https://+:%AzureSettings__CallSignalingPort%/ sddl=D:(A;;GX;;;S-1-1-0) -netsh http add urlacl url=https://+:%AzureSettings__InstanceInternalPort%/ sddl=D:(A;;GX;;;S-1-1-0) -netsh http add urlacl url=http://+:%CallSignalingPort2%/ sddl=D:(A;;GX;;;S-1-1-0) - -REM ensure the app id matches the GUID in AssemblyInfo.cs -REM Ensure the certhash matches the certificate - -netsh http add sslcert ipport=0.0.0.0:%AzureSettings__CallSignalingPort% certhash=YOUR_CERT_THUMBPRINT appid={aeeb866d-e17b-406f-9385-32273d2f8691} -netsh http add sslcert ipport=0.0.0.0:%AzureSettings__InstanceInternalPort% certhash=YOUR_CERT_THUMBPRINT appid={aeeb866d-e17b-406f-9385-32273d2f8691} diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/README.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/README.md deleted file mode 100644 index 0ce9d689..00000000 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/README.md +++ /dev/null @@ -1,37 +0,0 @@ -# teams-recording-bot - -Full setup guide can be found [here](../../docs/deploy/aks.md). - -## Configuration - -The following table lists the configurable parameters of the teams-recording-bot and their default calues. - -Parameter | Description | Default ---- | --- | --- -`host` | Used by the bot and ingress. Specifies where Teams is sending the media and notifications to, as well as instructing `cert-manager` the domain to generate the certificate for. This value is required for the chart to deploy. | `null` -`override.name` | If not set, the default name of `teams-recording-bot` will be used to deploy the chart. | `""` -`override.namespace` | If not set, the default namespace the chart will be deployed into will be `teams-recording-bot`. | `""` -`scale.maxReplicaCount` | Used to deploy a number of services, adds port mappings to the `ConfigMap` and opens additional ports on the `LoadBalancer` in preparation for additional bots to be deployed. | `3` -`scale.replicaCount` | The number of bots to deploy. | `3` -`image.domain` | Where your recording bot container lives (for example `acr.azurecr.io`). This value is required for the chart to deploy. | `null` -`image.pullPolicy` | Sets the pull policy. By default the image will only be pulled if it is not present locally. | `IfNotPresent` -`image.tag` | Override the image tag you want to pull and deploy. If not set, by default, the `.Chart.AppVersion` will be used instead. | `""` -`ingress.tls.secretName`| The secret name `cert-manager` generates after creating the certificate. | `ingress-tls` -`autoscaling.enabled` | Flag for enabling and disabling `replicas` in the `StatefulSet`. | `false` -`internal.port` | HTTP port the bot listens to to receive HTTP based events (like joining calls and notifications) from Teams. | `9441` -`internal.media` | The internal TCP port the bot listens to and receives media from. | `8445` -`public.media` | The port is used to send media traffic from Teams to the bot. `public.media` is added to the `LoadBalancer` with each bot receiving their own public facing TCP port. | `28550` -`public.ip` | This value should be the static IP address you have reserved in your Azure subscription and is what your `host` is pointing to. This value is required for the chart to deploy. | `null` -`node.target` | Name of the node to bound the `StatefulSet` to. By default, the `StatefulSet` expects there to be a Windows node deployed in your node pool with the name `scale`. | `scale` -`terminationGracePeriod` | When scaling down, `terminationGracePeriod` allows pods with ongoing calls to remain active until either the call ends or the `terminationGracePeriod` expires. This number is in seconds and by default is set to `54000` seconds (15 hours). This should give the pod enough time to wait for the call to end before the pod is allowed to terminate and remove itself. | `54000` -`container.env.azureSettings.captureEvents` | Flag to indicate if events should be saved or not. If set to `false` the no events will be saved. | `false` -`container.env.azureSettings.eventsFolder` | Folder where events (like HTTP events) are saved. Folder will be created is it does not exist. Folder can be located under `%TEMP%\teams-recording-bot\`. Events are separated in their own folders using the `callId`. Events are saved as `BSON` files and is used to help generate test data which can be archived as `zip` files and reused in unit tests. | `events` -`container.env.azureSettings.mediaFolder` | Folder where audio archives will be saved. If the folder does not exist, it will be created. Folder can be located under `%TEMP%\teams-recording-bot\`. Media for each call will be saved in their own folder using the `callId`. | `archive` -`container.env.azureSettings.eventhubKey` | API Key of your Azure Event Hub. This is required if you want to send events using Azure Event Hub. If not set, no events will be sent. | `""` -`container.env.azureSettings.eventhubName` | The name of your Azure Event Hub. | `recordingbotevents` -`container.env.azureSettings.eventhubRegion` | Azure region your Azure Event Hub is deployed to. | `""` -`container.env.azureSettings.isStereo` | Flag to indicate the output audio file should be stereo or mono. If set to `false`, the output audio file saved to disk will be mono while if set to `true`, the output audio file saved to disk will be stereo. | `false` -`container.env.azureSettings.wavSampleRate` | When omitted, audio file will be saved a sample rate of 16000 Hz, but this env variable can be used to re-sample the audio stream into a different sample bit rate, i.e. 44.1 KHz for mp3 files. | `0` -`container.env.azureSettings.wavQuality` | From 0 to 100%, when omitted, by default is 100%. | `100` -`container.port` | Internal port the bot listens to for HTTP requests. | `9441` -`resources` | Used to set resource limits on the bot deployed. | `{}` diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/_helpers.tpl b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/_helpers.tpl index aac73828..315a64ca 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/_helpers.tpl +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/_helpers.tpl @@ -19,30 +19,3 @@ {{- printf "%d" (int .Values.scale.maxReplicaCount) -}} {{- end -}} {{- end -}} - -{{/* Check if host is set */}} -{{- define "hostName" -}} - {{- if .Values.host -}} - {{- printf "%s" .Values.host -}} - {{- else -}} - {{- fail "You need to specify a host" -}} - {{- end -}} -{{- end -}} - -{{/* Check if image.domain is set */}} -{{- define "imageDomain" -}} - {{- if .Values.image.domain -}} - {{- printf "%s" .Values.image.domain -}} - {{- else -}} - {{- fail "You need to specify image.domain" -}} - {{- end -}} -{{- end -}} - -{{/* Check if public.ip is set */}} -{{- define "publicIP" -}} - {{- if .Values.public.ip -}} - {{- printf "%s" .Values.public.ip -}} - {{- else -}} - {{- fail "You need to specify public.ip" -}} - {{- end -}} -{{- end -}} diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/deployment.yaml b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/deployment.yaml index c0e1f421..348aec22 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/deployment.yaml +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/deployment.yaml @@ -1,9 +1,10 @@ {{- $fullName := include "fullName" . -}} +{{- $namespace := include "namespace" . -}} apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ $fullName }} - namespace: {{ include "namespace" . }} + namespace: {{ $namespace }} labels: app: {{ $fullName }} helmVersion: {{ .Chart.Version }} @@ -46,7 +47,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} containers: - name: recording-bot - image: "{{ include "imageDomain" . }}/teams-recording-bot:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.image.domain }}/teams-recording-bot:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} lifecycle: preStop: @@ -79,7 +80,7 @@ spec: name: bot-application-secrets key: applicationSecret - name: AzureSettings__ServiceDnsName - value: {{ include "hostName" . }} + value: {{ .Values.host }} - name: AzureSettings__InstancePublicPort value: "{{ .Values.public.media }}" - name: AzureSettings__InstanceInternalPort @@ -88,6 +89,10 @@ spec: value: "{{ .Values.internal.port }}" - name: AzureSettings__PlaceCallEndpointUrl value: https://graph.microsoft.com/v1.0 + - name: AzureSettings__ArchiveDuration + value: "{{ .Values.container.env.azureSetting.archiveDuration }}" + - name: AzureSettings__AudioFrameDuration + value: "{{ .Values.container.env.azureSetting.audioFrameDuration }}" - name: AzureSettings__CaptureEvents value: "{{ .Values.container.env.azureSetting.captureEvents }}" - name: AzureSettings__EventsFolder diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/external.yaml b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/external.yaml index 6bedda84..16404c49 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/external.yaml +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/external.yaml @@ -11,7 +11,7 @@ metadata: spec: type: LoadBalancer externalTrafficPolicy: Cluster - loadBalancerIP: {{ include "publicIP" . }} + loadBalancerIP: {{ .Values.public.ip }} ports: - name: http port: 80 diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/ingress.yaml b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/ingress.yaml index eb7b850b..3a224bbb 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/ingress.yaml +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/templates/ingress.yaml @@ -20,10 +20,10 @@ metadata: spec: tls: - hosts: - - {{ include "hostName" . }} + - {{ .Values.host }} secretName: {{ .Values.ingress.tls.secretName }} rules: - - host: {{ include "hostName" . }} + - host: {{ .Values.host }} http: paths: - backend: diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/values.yaml b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/values.yaml index 977126d7..2eb86ea4 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/values.yaml +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/deploy/teams-recording-bot/values.yaml @@ -6,10 +6,10 @@ scale: maxReplicaCount: 3 replicaCount: 3 -host: null +host: ms.com image: - domain: null + domain: acr.azurecr.io pullPolicy: IfNotPresent tag: "" @@ -26,7 +26,7 @@ internal: public: media: 28550 - ip: null + ip: node: target: scale @@ -36,6 +36,8 @@ terminationGracePeriod: 54000 container: env: azureSetting: + archiveDuration: 300 # 5 minutes + audioFrameDuration: 640 # Default PCM frame size in bytes on a teams call captureEvents: false eventsFolder: events mediaFolder: archive diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Learnings.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Learnings.md index 0d60ecd7..b72211b4 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Learnings.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Learnings.md @@ -7,9 +7,10 @@ - Policies can only be applied to members of your AAD subscription. Guests cannot have a recording policy, it has to be applied in their home Active Directory. - If you need the capability to have a user sometimes recorded and sometimes not, that user either needs two identities or a capability to instruct the bot not to record. This is possible but adds complexity to the overall architecture of a solution and requires a centralised mechanism to query the status and request status changes in the bot. - Scaling of the recording bot is non-trivial - - Due to the bot being stateful and potentially participating in long running transactions (calls can be up to 24 Hours in duration), it is non-trivial to upgrade or scale down the number of bots deployed. A bot has to wait until all calls it is interacting with are complete. There are samples of configuration for Kubernetes in this repository that demonstrate how to do this. + - Due to the bot being stateful and potentially participating in long running transactions (calls can be up to 24 Hours in duration), it is non-trivial to upgrade or scale down the number of bots deployed. A bot has to wait until all calls it is interacting with are complete. There are samples of configuration for Kubernetes in this repo that demonstrate how to do this. - Dependencies on Media Libraries that are Windows only - A full installation of Windows is required for the bot to work. This creates large containers on build (includes the full Windows installation). It also requires consideration and management of the node types in Kubernetes as there will be at least one Windows pod instance in the cluster and therefore Windows nodes. There is nothing difficult about it, it just requires thinking about. - Development is done with the .NET Framework (it cannot be done using .NET Core). - Micro-services architectures that depend on the bot require careful planning - Handing off processing to other services in latency critical applications, while in a call is not simple. This is not specific to the bot or its deployment environment but a consequence of working with audio or any near real-time source and expected output. When working with speech it does not make sense to break segments at arbitrary points. This will significantly impact the accuracy of things like speech recognition. The implications are you either have to re-assemble coherent segments of speech in a downstream service (and then determining what is a coherent segment becomes challenging and dealing with latency) or manage the service from the bot itself. This is easier to develop but results in the bot becoming monolithic. Services that are not latency dependent (e.g. speech recognition after the event) would not be impacted by this. +- diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Overview.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Overview.md index 21ac8c69..6f5b3a87 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Overview.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/Overview.md @@ -57,11 +57,11 @@ The bot itself is developed in C# and has to run on a full Windows machine. This The bot will most likely be deployed to a cloud based server, likely in a container. This however makes development and debugging cumbersome. -For local development purposes it is possible to use Ngrok to act as the signalling and TCP media traffic endpoitn and have it redirected to your local machine. There are notes about how to setup this development environment in the repository. +For local development purposes it is possible to use ngrok to act as the signalling and TCP media traffic endpoitn and have it redirected to your local machine. There are notes about how to setup this development environment in the repository. ## Delivered assets -The main asset delivered in this repository is a media receiving bot and associated documentation. The bot is joined into meetings via a Compliance Policy attached to a user. Once connected to a meeting/call a media stream is delivered to the bot and the bot can then do various things with that stream for example: +The main asset delivered in this repo is a media receiving bot and associated documentation. The bot is joined into meetings via a Compliance Policy attached to a user. Once connected to a meeting/call a media stream is delivered to the bot and the bot can then do various things with that stream for example: - Persisting the stream and associated metadata to act as a meeting recorded @@ -69,9 +69,9 @@ The main asset delivered in this repository is a media receiving bot and associa The bot as delivered here is intended to be a sample that can be a starting point for further development. To this end it is intended to be a base starting point and a 'skeleton' that can be built out on. It is also intended to be as flexible as possible so that it can be deployed in different ways. -The repository includes instructions on how to deploy the bot into Kubernetes. This is to support scaling requirements for when a lot of calls are being connected to. The deployment documentation also deals with how to scale the bot. It is a stateful application with potentially long running processes (meetings and calls can be up to 24 hours in duration) therefore scaling the number of bots down must consider ongoing calls and letting them complete. +The repo includes instructions on how to deploy the bot into Kubernetes. This is to support scaling requirements for when a lot of calls are being connected to. The deployment documentation also deals with how to scale the bot. It is a stateful application with potenitally long running processes (meetings and calls can be up to 24 hours in duration) therefore scaling the number of bots down must consider ongoing calls and letting them complete. -## What is in the repository? +## What is in the repo? The repository contains the following items/code/information diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/debug.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/debug.md index 8a02fc5f..b94bd540 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/debug.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/debug.md @@ -9,7 +9,7 @@ You are running the bot within visual studio (as a console app) and it starts, r Run Visual Studio with Administrative privileges (run in Admin mode - indicator in top right of Visual Studio will confirm) -### Call Status +### Call Status If your Bot Call status is always Establishing and its never Established @@ -18,25 +18,26 @@ The messaginb bot is unable to commmunicate with the media server **Possible solutions:** 1. Check SSL Certificates -2. Rerun certs.bat -3. Ngrok check that running and is redirecting correctly (no errors or missing responses) -4. Ngrok check local firewall (incoming and outgoing) -5. Check Reserved TCP Address in Ngrok site is setup +2. Rerun certs.bat +3. NGrok check that running and is redirecting correctly (no errors or missing responses) +4. NGrok check local firewall (incoming and outgoing) +5. Check Reserved TCP Address in NGrok site is setup -(To be confirmed: there has been some mentions of only 0 and 1 subdomains in Ngrok being useful e.g. +(To be confirmed: there has been some mentions of only 0 and 1 subdomains in NGrok being useful e.g. 1.tcp.ngrok.io:27188) + ### Cannot add participant If your media service cannot connect to your local media processor and returns a *MediaControllerConversationAddParticipantFailed* **Possible solution:** -1. Confirm that Ngrok is running locally -2. Confirm that your ports match the port Ngrok opened up for you (.env file) - `AzureSettings__InstancePublicPort=RESERVED_PORT` -3. your `CName` points to the right instance of the Ngrok tcp proxy. +1. Confirm that NGrok is running locally +2. Confirm that your ports match the port ngrok opened up for you (.env file) - AzureSettings__InstancePublicPort=RESERVED_PORT +3. your CName points to the right instance of the ngrok tcp proxy. -### Other things to try +### Other things to try: Another common issue is not using the right certificate for your bot. -Confirm the certificate is in the correct place, has not expired, the thumbprint is correct and the the certs.bat rules have been run. +Confirm the certificate is in the correct place, has not expired, the thumbprint is correct and the the certs.bat rules have been run. \ No newline at end of file diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/deploy/aks.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/deploy/aks.md index 925374df..06de12a8 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/deploy/aks.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/deploy/aks.md @@ -25,11 +25,10 @@ The following documents the steps required to deploy the bot in Azure Kubernetes ### Create an AKS cluster Before getting started, you need an AKS cluster deployed to Azure. For more detailed steps, see the AKS docs for [deploying an AKS cluster](https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal). Keep the following in mind when creating the cluster: - - You will need a Windows VM Scale Set with more than 2 vCPU. If you deploy the bot to a VM that does not, the bot will not run. `Standard_DS3_v2` should be enough to get the bot running. - By default, the bot deploys to a node pool called `scale`. If you call your node pool something else, note down the name for future use. - By default, the AKS cluster comes with a static IP address. Note down this IP address for future use. - - If you do not have a static IP address, you can [deploy a static IP address](https://docs.microsoft.com/en-us/cli/azure/network/public-ip?view=azure-cli-latest#az-network-public-ip-create) with the `Standard` SKU in the **resource group your AKS deployment generated** (see [Create a static IP address](https://docs.microsoft.com/en-us/azure/aks/static-ip#create-a-static-ip-address)). This static IP needs to be associated to the Load Balancer created by AKS. + - If you do not have a static IP address, you can [deploy a static IP address](https://docs.microsoft.com/en-us/cli/azure/network/public-ip?view=azure-cli-latest#az-network-public-ip-create) with the `Standard` SKU in the **resource group your AKS deployment generated** (see [Create a static IP address](https://docs.microsoft.com/en-us/azure/aks/static-ip#create-a-static-ip-address)). This static IP needs to be associated to the Load Balancer created by AKS. To create a new IP address and then associate it with the AKS Load Balancer, use the following Azure CLI commands: ```powershell @@ -39,7 +38,7 @@ Before getting started, you need an AKS cluster deployed to Azure. For more deta --sku Standard ` --allocation-method static ``` - + Note down the public IP address, as shown in the following condensed example output: ```json @@ -70,9 +69,9 @@ Make sure you also integrate the ACR with AKS. For more detailed steps, see the In your cluster, you need to install `cert-manager` (which will manage TLS certificates for you) and `nginx-ingress`. -1. Modify [`cluster-issuer.yaml`](../../deploy/cluster-issuer.yaml) by adding a contact [email](../../deploy/cluster-issuer.yaml#L8). -2. Run the [`cert-manager.bat`](../../deploy/cert-manager.bat) script. -3. Run the [`ingress-nginx.bat`](../../deploy/ingress-nginx.bat) script. +1. Modify [`cluster-issuer.yaml`](/deploy/cluster-issuer.yaml) by adding a contact [email](/deploy/cluster-issuer.yaml#L8). +2. Run the [`cert-manager.bat`](/deploy/cert-manager.bat) script. +3. Run the [`ingress-nginx.bat`](/deploy/ingress-nginx.bat) script. >Note: After executing the last script `ingress-nginx.bat` and checking the status of the deployed kubernetes pods, you may see that the pod deployed into `ingress-nginx` namespace has either the `Error` or `CrashLoopBackOff` status. Don't worry, it is expected, because there's no default backend installed and the load balancer which will be installed in a later stage doesn't yet exist. Eventually, once you have deployed the bot, that `nginx` pod will work as expected. diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/bot.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/bot.md index 347269fe..76ea1c8c 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/bot.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/bot.md @@ -2,7 +2,7 @@ 1. Follow the steps [Register your bot in the Azure Bot Service](https://microsoftgraph.github.io/microsoft-graph-comms-samples/docs/articles/calls/register-calling-bot.html#register-your-bot-in-the-azure-bot-service). Save the bot name, bot app id and bot secret for configuration. We'll refer to the bot name as `BOT_NAME`, app ID as `BOT_ID` and secret as `BOT_SECRET`. - * For the calling webhook, by default the notification will go to https://{RESERVED_DOMAIN}/api/calling. This URL prefix is configured with the `CallSignalingRoutePrefix` in [HttpRouteConstants.cs](../../src/RecordingBot.Model/Constants/HttpRouteConstants.cs#L21). + * For the calling webhook, by default the notification will go to https://{RESERVED_DOMAIN}/api/calling. This URL prefix is configured with the `CallSignalingRoutePrefix` in [HttpRouteConstants.cs](../../src/RecordingBot.Model/Constants/HttpRouteConstants.cs#L21). * Ignore the guidance to [Register bot in Microsoft Teams](https://microsoftgraph.github.io/microsoft-graph-comms-samples/docs/articles/calls/register-calling-bot.html#register-bot-in-microsoft-teams). The recording bot won't be called directly. These bots are related to the policies discussed below, and are "attached" to users, and will be automatically invited to the call. diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/certificate.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/certificate.md index f48defd6..ea5805a0 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/certificate.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/certificate.md @@ -1,5 +1,27 @@ # Setting up SSL Certificate +## Installing URL ACL and Certificate Bindings + +Once you have finished [Setting up Ngrok](https://github.com/microsoft/netcoreteamsrecordingbot/blob/master/docs/setup/ngrok.md) , lets generate our own signed SSL certificates using our newly reserved domains. + +1. Follow the instructions in [Generate SSL Certificate](##generate-ssl-certificate) on this page to configure and run `host.sh` script. This will produce a SSL certificate we can then use for this project. Make sure when you configure the project to use the `RESERVE_DOMAIN` you created earlier. +2. To install your newly created certificate, hit `WIN+R` on your keyboard and type `mmc`. +3. `File -> Add/Remove Snap In...` +4. Add `Certificates`. You'll see a popup. Make sure you select `Computer account` and `Local computer` is selected before clicking `Finish`. +5. Next, expand `Certificates (Local Computer)` -> `Personal` and click on `Certificates`. +6. You should see a bunch of certificates. Right click -> `All Tasks` -> `Import...` +7. Browse for your `certificate.pfx`. Make sure you change the file extention to `Personal Information Exchange...`. Click next, enter your certificate's password, and click through until the certificate is loaded. +8. Now you should see your certificate. Double click on it -> click on `Details` -> scroll down to the bottom and you'll see `Thumbprint`. Copy and paste it somewhere save. We'll refer to this as `THUMBPRINT`. + +Once you've got your thumbprint... + +1. Create a new file in `build/` called `certs.bat`. +2. Copy the contents of [certs.bat-template](../../scripts/certs.bat-template) to `certs.bat`. +3. Replace `YOUR_CERT_THUMBPRINT` in [certs.bat](../../scripts/certs.bat-template#L20-#L21) with `THUMBPRINT`. +4. Run the bat file in a new command prompt with adminstrator privliages. + +**NOTE:** if your certificate expires, you'll need to regenerate it and repeat all the steps again, including running `certs.bat` with the new `THUMBPRINT`. You'll also need to update `AzureSettings__CertificateThumbprint` in your `.env` file. + ## Generate SSL Certificate ### Requirements @@ -10,51 +32,29 @@ ### Instructions -For this example, I'm using my Ngrok reserved domain of jodogrok. Go get your own! +For this example, I'm using my ngrok reserved domain of jodogrok. Go get your own! -This will connect Ngrok, set up SSL and save it to `/letsencrypt` or the `etc` folder if you run it on Windows. +This will connect ngrok, set up SSL and save it to `/letsencrypt` or the `etc` folder if you run it on Windows. -Please note, there is a limit on how many times you can do LetsEncrypt (like maybe 5 a week!) so save your `letsencrypt` folder. +Please note, there is a limit on how many times you can do letsencrypt (like maybe 5 a week!) so save your `letsencrypt` folder. If the `letsencrypt` folder exists, it will use these certs instead (will copy them to the right place in the container). If you change your ngrok domain name, you will have to delete this folder first as the certs will not work. -- Go to [Ngrok](https://dashboard.ngrok.com/get-started) and login. You will need a pro plan for this +- Go to [ngrok](https://dashboard.ngrok.com/get-started) and login. You will need a pro plan for this - Reserve your name (I did jordogrok) -- Edit `config.ini` and replace with your email and your domain name (`jordogrok.ngrok.io` was mine. Note, the example on Ngrok site has "au" in it - leave this out) +- Edit `config.ini` and replace with your email and your domain name (`jordogrok.ngrok.io` was mine. Note, the example on ngrok site has "au" in it - leave this out) - Edit `config.sh` and replace - - `SUBDOMAIN=jodogrok` - - `AUTHTOKEN=get from Ngrok dash under (3) Connect your account` - - `CERTIFICATEPASSWORD=password used when saving certificate.pfx` -- Edit `ngrok.yaml` and replace `SUBDOMAIN` with your subdomain. + - SUBDOMAIN=jodogrok + - AUTHTOKEN=get from ngrok dash under (3) Connect your account + - CERTIFICATEPASSWORD=password used when saving certificate.pfx +- Edit `ngrok.yaml` and replace SUBDOMAIN with your subdomain. -Open a Windows Terminal, run `./host.sh` and you're off to the races! Access your domain to see the site that you're redirecting to. +Open a Windows Terminal, run './host.sh' and you're off to the races! Access your domain to see the site that you're redirecting to. Make sure your browser tells you the cert is working. You may need to change the host networking type in `.devcontainer/docker-compose.yaml` if you are not seeing results of the forwarding. -## Installing URL ACL and Certificate Bindings - -Once you have finished [Setting up Ngrok](https://github.com/microsoft/netcoreteamsrecordingbot/blob/master/docs/setup/ngrok.md) , lets generate our own signed SSL certificates using our newly reserved domains. - -1. Follow the instructions in [Generate SSL Certificate](##generate-ssl-certificate) on this page to configure and run [`host.sh`](../../scripts/config.sh) script. This will produce a SSL certificate we can then use for this project. Make sure when you configure the project to use the `RESERVE_DOMAIN` you created earlier. -2. To install your newly created certificate, hit `WIN+R` on your keyboard and type `mmc`. -3. `File -> Add/Remove Snap In...` -4. Add `Certificates`. You'll see a popup. Make sure you select `Computer account` and `Local computer` is selected before clicking `Finish`. -5. Next, expand `Certificates (Local Computer)` -> `Personal` and click on `Certificates`. -6. You should see a bunch of certificates. Right click -> `All Tasks` -> `Import...` -7. Browse for your `certificate.pfx`. Make sure you change the file extension to `Personal Information Exchange...`. Click next, enter your certificate's password, and click through until the certificate is loaded. -8. Now you should see your certificate. Double click on it -> click on `Details` -> scroll down to the bottom and you'll see `Thumbprint`. Copy and paste it somewhere save. We'll refer to this as `THUMBPRINT`. - -Once you've got your thumbprint... - -1. Create a new file in `build/` called `certs.bat`. -2. Copy the contents of [certs.bat-template](../../scripts/certs.bat-template) to `certs.bat`. -3. Replace `YOUR_CERT_THUMBPRINT` in [certs.bat](../../scripts/certs.bat-template#L20-#L21) with `THUMBPRINT`. -4. Run the bat file in a new command prompt with administrator privileges. - -**NOTE:** if your certificate expires, you'll need to regenerate it and repeat all the steps again, including running `certs.bat` with the new `THUMBPRINT`. You'll also need to update `AzureSettings__CertificateThumbprint` in your `.env` file. - ### Troubleshooting #### Issues related to bash commands diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/ngrok.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/ngrok.md index 862dc19b..0c342b76 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/ngrok.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/ngrok.md @@ -1,23 +1,23 @@ # Ngrok -From the Ngrok documentation – "`ngrok allows you to expose a web server running on your local machine to the internet.`" +From the ngrok documentation – "`ngrok allows you to expose a web server running on your local machine to the internet.`" ## Local debugging -A benefit of using Ngrok is the ability to [debug your channel locally](https://blog.botframework.com/2017/10/19/debug-channel-locally-using-ngrok/). -Specifically Ngrok can be used to forward messages from external channels on the web directly to our local machine to allow debugging, as opposed to the standard messaging endpoint configured in the Bot Framework portal. +A benefit of using ngrok is the ability to [debug your channel locally](https://blog.botframework.com/2017/10/19/debug-channel-locally-using-ngrok/). +Specifically ngrok can be used to forward messages from external channels on the web directly to our local machine to allow debugging, as opposed to the standard messaging endpoint configured in the Bot Framework portal. -Messaging bots use HTTP, but calls and online meeting bots use the lower-level TCP. Ngrok supports TCP tunnels in addition to HTTP tunnels. Since Ngroks public TCP endpoints have fixed URLs you should have a DNS `CNAME` entry for your service that points to these URLs. +Messaging bots use HTTP, but calls and online meeting bots use the lower-level TCP. Ngrok supports TCP tunnels in addition to HTTP tunnels. Since ngroks public TCP endpoints have fixed URLs you should have a DNS CNAME entry for your service that points to these URLs. This enables the Microsoft media service to connect with the local bot. More information can be found here: -- [How to develop calling and online meeting bots on your local PC](https://docs.microsoft.com/en-us/microsoftteams/platform/bots/calls-and-meetings/debugging-local-testing-calling-meeting-bots). -- [Tips on debugging your local development environment](..\debug.md) +- [How to develop calling and online meeting bots on your local PC](https://docs.microsoft.com/en-us/microsoftteams/platform/bots/calls-and-meetings/debugging-local-testing-calling-meeting-bots). +- [Tips on debugging your local development environment](..\debug.md) Notes: Please note that while local bot debugging can be performed, it is not a method Microsoft officially supports. -Since Ngrok free accounts don't provide end-to-end encryption you will need to consider a paid Ngrok account for which the installation instructions are as follows: +Since ngrok free accounts don't provide end-to-end encryption you will need to conisder a paid ngrok account for which the installation instructions are as follows: ## Ngrok Installation @@ -31,20 +31,20 @@ If you use the Chocolatey package manager (highly recommended), installation sim choco install ngrok.portable ``` -This will install Ngrok in your PATH so you can run it from any directory. +This will install ngrok in your PATH so you can run it from any directory. #### Install Manually -Installing Ngrok manually involves a few more steps: +Installing ngrok manually involves a few more steps: -1. Download the Ngrok ZIP file from this site: https://ngrok.com/download -2. Unzip the `ngrok.exe` file -3. Place the `ngrok.exe` in a folder of your choosing +1. Download the ngrok ZIP file from this site: https://ngrok.com/download +2. Unzip the ngrok.exe file +3. Place the ngrok.exe in a folder of your choosing 4. Make sure the folder is in your PATH environment variable #### Test Your Installation -To test that Ngrok is installed properly, open a new command window (command prompt or PowerShell) and run the following: +To test that ngrok is installed properly, open a new command window (command prompt or PowerShell) and run the following: ```powershell ngrok version @@ -54,8 +54,8 @@ It should print a string like "ngrok version 2.x.x". If you get something like " ### Installing Ngrok on Linux (Ubuntu 18/20) or WSL -Installing Ngrok on Linux or WSL, you will need to download the Ngrok ZIP file from this site: https://ngrok.com/download. Make sure to choose the appropriate to your Linux OS the type of Ngrok file from the `More Options` dropdown menu options. For example, for WSL running Linux 64-bit, choose the `Linux` option which will download you the `ngrok-stable-linux-amd64.zip` file. -Run the following commands in your WSL/Linux terminal to install Ngrok: +Installing ngrok on Linux or WSL, you will need to download the ngrok ZIP file from this site: https://ngrok.com/download. Make sure to choose the appropriate to your Linux OS the type of ngrok file from the `More Options` dropdown menu options. For example, for WSL running Linux 64-bit, choose the `Linux` option which will download you the `ngrok-stable-linux-amd64.zip` file. +Run the following commands in your WSL/Linux terminal to install ngrok: ```bash cd ~ @@ -64,9 +64,9 @@ sudo wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip unzip ngrok-stable-linux-amd64.zip ``` -Copy the Ngrok file into your `~/.local/bin` folder so it can be accessed from any location. +Copy the ngrok file into your `~/.local/bin` folder so it can be accessed from any location. -To test that Ngrok is installed properly, run the following: +To test that ngrok is installed properly, run the following: ```bash ngrok version @@ -77,3 +77,4 @@ ngrok version 1. Navigate to [Reserved Domains](https://dashboard.ngrok.com/endpoints/domains) in your Ngrok account and reserve a domain. Make sure you select the US region. We will configure Azure and the bot to point to this domain. We'll refer to this domain as `RESERVED_DOMAIN` in this doc. 2. Now navigate to [TCP Addresses](https://dashboard.ngrok.com/endpoints/tcp-addresses) and reserve a TCP port. Make sure you select the US region. This will be used to push incoming streams to. We'll refer to this port as `RESERVED_PORT` and the full address will be referred to as `RESERVE_FULL_TCP_PORT_ADDRESS`. + diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/readme.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/readme.md deleted file mode 100644 index e67f986e..00000000 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/setup/readme.md +++ /dev/null @@ -1,6 +0,0 @@ -# Setup - -1. [Setting up Ngrok](ngrok.md) -2. [Generating SSL Certificate and setting up URL ACL and Certificate Bindings](certificate.md) -3. [Configuring Bot Channel Registration and Granting Permission](bot.md) -4. Optional - [Creating and Assigning Compliance Policy](policy.md) diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/test/end-to-end-testing.md b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/test/end-to-end-testing.md index 2c13df5c..94dee2da 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/test/end-to-end-testing.md +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/docs/test/end-to-end-testing.md @@ -1,6 +1,6 @@ # End to end testing -The bot, being deployed to Kubernetes, and interacting with the Teams media services, can be complicated to test, especially when testing multiple callers on the same meeting. Integration testing will also be project specific and the technologies and approaches used can vary. +The bot, being deployed to Kubernetes, and interacting with the Teams media services, can be complicated to test, especially when testing multiple callers on the same meeting. Integration testing will also be project specific and the technologies and approaches used can vary. This document outlines some ideas using manual testing that could be used to test that the bot is working as expected. They can be used as a starting point to automate testing using the project specific testing technologies. @@ -10,7 +10,7 @@ In this context testing means running calls and meetings that the bot is connect #### Single call test to check if the bot is recording -* Run the bot either locally (using Ngrok) or deployed to AKS ensuring the compliance policy has been attached to a user to be used for testing. +* Run the bot either locally (using ngrok) or deployed to AKS ensuring the compliance policy has been attached to a user to be used for testing. * Create a meeting in Teams (simply add a meeting to the calendar using the test user selected) @@ -22,12 +22,16 @@ In this context testing means running calls and meetings that the bot is connect #### Multiple callers on a single bot -This scenario is similar to the single call test except it will require multiple test users although only a single one requires the compliance policy. Multiple users can be joined to a meeting on a development machine using the browser version of Teams. +This scenario is similar to the single call test except it will require multiple test users although only a single one requies the compliance policy. Multiple users can be joined to a meeting on a development machine using the browser version of Teams. -To join multiple users to a call you will either need multiple different browsers using in private windows otherwise logged in sessions between users clash with each other. Microsoft Edge supports user profiles which can be used to create separate profiles for each attending user effectively keeping them separated. +To join multiple users to a call you will either need multiple different browsers using in private windows otherwise logged in sessions between users clash with each other. Microsoft Edge supports user profiles which can be used to create separate profiles for each attending user effectively keeping them separated. -Alternatively use multiple machines / browsers / people to attend the meeting. If unique content per user is needed then a group of willing test users will be needed (or use automated content injection - see below) +Alternatively use multiple machines / browsers / people to attend the meeting. If unique content per user is needend then a group of willing test users will be needed (or use automated content injection - see below) #### Automation (using a media playback bot to inject content) ...need some help with this one... + + + + diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.ini b/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.ini deleted file mode 100644 index a87f2507..00000000 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.ini +++ /dev/null @@ -1,2 +0,0 @@ -email=zhangzihan1993@outlook.com -domain=teams-recording-bot.ngrok.io diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.sh b/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.sh deleted file mode 100644 index b31ade01..00000000 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/scripts/config.sh +++ /dev/null @@ -1,3 +0,0 @@ -SUBDOMAIN=teams-recording-bot -AUTHTOKEN=1k3utdNZvYD4kpBJLUT2LuD5tOf_5iP4GGtojRs9Qfwx892VM -CERTIFICATEPASSWORD= \ No newline at end of file diff --git a/Samples/V1.0Samples/AksSamples/teams-recording-bot/src/RecordingBot.Services/ServiceSetup/AzureSettings.cs b/Samples/V1.0Samples/AksSamples/teams-recording-bot/src/RecordingBot.Services/ServiceSetup/AzureSettings.cs index 48d8ffbc..cebbad34 100644 --- a/Samples/V1.0Samples/AksSamples/teams-recording-bot/src/RecordingBot.Services/ServiceSetup/AzureSettings.cs +++ b/Samples/V1.0Samples/AksSamples/teams-recording-bot/src/RecordingBot.Services/ServiceSetup/AzureSettings.cs @@ -149,6 +149,7 @@ public class AzureSettings : IAzureSettings /// The topic key. public string TopicKey { get; set; } + /// /// Gets or sets the audio settings. /// @@ -160,13 +161,11 @@ public class AzureSettings : IAzureSettings /// /// true if this instance is stereo; otherwise, false. public bool IsStereo { get; set; } - /// /// Gets or sets the wav sample rate. /// /// The wav sample rate. public int WAVSampleRate { get; set; } - /// /// Gets or sets the wav quality. /// diff --git a/Samples/V1.0Samples/LocalMediaSamples/AudioVideoPlaybackBot/WorkerRole/WorkerRole.cs b/Samples/V1.0Samples/LocalMediaSamples/AudioVideoPlaybackBot/WorkerRole/WorkerRole.cs index b88f0c18..a166b6f0 100644 --- a/Samples/V1.0Samples/LocalMediaSamples/AudioVideoPlaybackBot/WorkerRole/WorkerRole.cs +++ b/Samples/V1.0Samples/LocalMediaSamples/AudioVideoPlaybackBot/WorkerRole/WorkerRole.cs @@ -76,6 +76,9 @@ public override bool OnStart() // Set the maximum number of concurrent connections ServicePointManager.DefaultConnectionLimit = 12; + // ECS backend service enforced TLS 1.2 access. + ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; + // Create and start the environment-independent service. Service.Instance.Initialize(new AzureConfiguration(this.logger), this.logger); Service.Instance.Start(); diff --git a/Samples/V1.0Samples/LocalMediaSamples/E-SDK Samples.postman_collection.json b/Samples/V1.0Samples/LocalMediaSamples/E-SDK Samples.postman_collection.json index 79ec24de..a1b4f748 100644 --- a/Samples/V1.0Samples/LocalMediaSamples/E-SDK Samples.postman_collection.json +++ b/Samples/V1.0Samples/LocalMediaSamples/E-SDK Samples.postman_collection.json @@ -43,7 +43,7 @@ ], "body": { "mode": "raw", - "raw": "{\r\n \"MeetingId\": \"000000000\",\r\n \"TenantId\": \"00000000-0000-0000-0000-000000000000\",\r\n \"DisplayName\": \"(optional) xx\"\r\n}" + "raw": "{\r\n \"VideoTeleconferenceId\": \"000000000\",\r\n \"TenantId\": \"00000000-0000-0000-0000-000000000000\",\r\n \"DisplayName\": \"(optional) xx\"\r\n}" }, "url": "https://.cloudapp.net/joinCall" }, diff --git a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/EnableMicrosoftTeamsChannel.png b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/EnableMicrosoftTeamsChannel.png new file mode 100644 index 00000000..70e88b7c Binary files /dev/null and b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/EnableMicrosoftTeamsChannel.png differ diff --git a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/RecordingBanner.png b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/RecordingBanner.png new file mode 100644 index 00000000..56379d4b Binary files /dev/null and b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/Images/RecordingBanner.png differ diff --git a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/README.md b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/README.md index de049c60..3d996296 100644 --- a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/README.md +++ b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/README.md @@ -105,3 +105,10 @@ To verify your policy was assigned correctly: **Solution**: Make sure Microsoft Teams Channel is enabled under Bot Channels Registration. ![Enable Microsoft Teams Channel](Images/EnableMicrosoftTeamsChannel.png) + +2. **Question**: Answering incoming call notification taking too long resulting in call not found error. + + **Solution**: Policy Recording scenario has a rather small timeout window set to receive answer from the bot, in order to make sure user can have time to pick up the call after bot joins the call. + Something to consider to improve the performance of answering incoming call: + 1. Make sure the AAD token used to authenticate outbound request is cached, instead of acquiring one everytime. + 2. Make sure the bot server is located in the same geo-region as the user. \ No newline at end of file diff --git a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/ServiceConfiguration.Cloud.cscfg b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/ServiceConfiguration.Cloud.cscfg index ce90e65a..5e710c6d 100644 --- a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/ServiceConfiguration.Cloud.cscfg +++ b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/ServiceConfiguration.Cloud.cscfg @@ -1,7 +1,7 @@ - + diff --git a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/WorkerRole/WorkerRole.cs b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/WorkerRole/WorkerRole.cs index a5be2701..e7027f4e 100644 --- a/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/WorkerRole/WorkerRole.cs +++ b/Samples/V1.0Samples/LocalMediaSamples/PolicyRecordingBot/WorkerRole/WorkerRole.cs @@ -76,6 +76,9 @@ public override bool OnStart() // Set the maximum number of concurrent connections ServicePointManager.DefaultConnectionLimit = 12; + // ECS backend service enforced TLS 1.2 access. + ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; + // Create and start the environment-independent service. Service.Instance.Initialize(new AzureConfiguration(this.logger), this.logger); Service.Instance.Start(); diff --git a/Samples/V1.0Samples/StatelessSamples/ReminderBot/ReminderBot.csproj b/Samples/V1.0Samples/StatelessSamples/ReminderBot/ReminderBot.csproj index 6d081088..847576cf 100644 --- a/Samples/V1.0Samples/StatelessSamples/ReminderBot/ReminderBot.csproj +++ b/Samples/V1.0Samples/StatelessSamples/ReminderBot/ReminderBot.csproj @@ -11,7 +11,7 @@ - + diff --git a/Samples/V1.0Samples/StatelessSamples/VoiceRecorderAndPlaybackBot/VoiceRecorderAndPlaybackBot.csproj b/Samples/V1.0Samples/StatelessSamples/VoiceRecorderAndPlaybackBot/VoiceRecorderAndPlaybackBot.csproj index c720c5f1..f3df3468 100644 --- a/Samples/V1.0Samples/StatelessSamples/VoiceRecorderAndPlaybackBot/VoiceRecorderAndPlaybackBot.csproj +++ b/Samples/V1.0Samples/StatelessSamples/VoiceRecorderAndPlaybackBot/VoiceRecorderAndPlaybackBot.csproj @@ -11,7 +11,7 @@ - +