CommunityToolkit · afscrome · Dec 17, 2025 · Copilot · Dec 15, 2025 · afscrome
@@ -2,8 +2,9 @@
 
 builder.AddProject<Projects.CommunityToolkit_Aspire_Hosting_OpenTelemetryCollector_Api>("api");
 
-builder.AddOpenTelemetryCollector("opentelemetry-collector")
+var collector = builder.AddOpenTelemetryCollector("opentelemetry-collector")
     .WithAppForwarding()
     .WithConfig("./config.yaml");
 
 builder.Build().Run();
+
@@ -9,8 +9,4 @@
     <PackageReference Include="Aspire.Hosting" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="$(SharedDir)\DevCertHostingExtensions.cs" Link="Utils\DevCertHostingExtensions.cs" />
-  </ItemGroup>
-
 </Project>
@@ -34,42 +34,20 @@ public static IResourceBuilder<OpenTelemetryCollectorResource> AddOpenTelemetryC
         var settings = new OpenTelemetryCollectorSettings();
         configureSettings?.Invoke(settings);
 
-        var isHttpsEnabled = !settings.ForceNonSecureReceiver && url.StartsWith("https", StringComparison.OrdinalIgnoreCase);
-
         var resource = new OpenTelemetryCollectorResource(name);
         var resourceBuilder = builder.AddResource(resource)
             .WithImage(settings.CollectorImage, settings.CollectorTag)
             .WithEnvironment("ASPIRE_ENDPOINT", new HostUrl(url))
             .WithEnvironment("ASPIRE_API_KEY", builder.Configuration[DashboardOtlpApiKeyVariableName])
             .WithIconName("DesktopPulse");
 
-        if (settings.EnableGrpcEndpoint)
-            resourceBuilder.WithEndpoint(targetPort: 4317, name: OpenTelemetryCollectorResource.GrpcEndpointName, scheme: isHttpsEnabled ? "https" : "http");
-        if (settings.EnableHttpEndpoint)
-            resourceBuilder.WithEndpoint(targetPort: 4318, name: OpenTelemetryCollectorResource.HttpEndpointName, scheme: isHttpsEnabled ? "https" : "http");
-
-
-        if (!settings.ForceNonSecureReceiver && isHttpsEnabled && builder.ExecutionContext.IsRunMode)
-        {
-            resourceBuilder.RunWithHttpsDevCertificate();
+        var useHttpsForReceivers = !settings.ForceNonSecureReceiver && url.StartsWith("https", StringComparison.OrdinalIgnoreCase);
 
-            // Not using `Path.Combine` as we MUST use unix style paths in the container
-            var certFilePath = $"{DevCertHostingExtensions.DEV_CERT_BIND_MOUNT_DEST_DIR}/{DevCertHostingExtensions.CERT_FILE_NAME}";
-            var certKeyPath = $"{DevCertHostingExtensions.DEV_CERT_BIND_MOUNT_DEST_DIR}/{DevCertHostingExtensions.CERT_KEY_FILE_NAME}";
+        if (settings.EnableGrpcEndpoint)
+            ConfigureReceiver(4317, OpenTelemetryCollectorResource.GrpcEndpointName);
 
-            if (settings.EnableHttpEndpoint)
-            {
-                resourceBuilder.WithArgs(
-                    $@"--config=yaml:receivers::otlp::protocols::http::tls::cert_file: ""{certFilePath}""",
-                    $@"--config=yaml:receivers::otlp::protocols::http::tls::key_file: ""{certKeyPath}""");
-            }
-            if (settings.EnableGrpcEndpoint)
-            {
-                resourceBuilder.WithArgs(
-                    $@"--config=yaml:receivers::otlp::protocols::grpc::tls::cert_file: ""{certFilePath}""",
-                    $@"--config=yaml:receivers::otlp::protocols::grpc::tls::key_file: ""{certKeyPath}""");
-            }
-        }
+        if (settings.EnableHttpEndpoint)
+            ConfigureReceiver(4318, OpenTelemetryCollectorResource.HttpEndpointName);
 
         if (!settings.DisableHealthcheck)
         {
@@ -83,6 +61,26 @@ public static IResourceBuilder<OpenTelemetryCollectorResource> AddOpenTelemetryC
                     );
         }
         return resourceBuilder;
+
+        void ConfigureReceiver(int port, string protocol)
+        {
+            var scheme = useHttpsForReceivers ? "https" : "http";
+            resourceBuilder.WithEndpoint(targetPort: port, name: protocol, scheme: scheme);
+
+            if (!useHttpsForReceivers)
+            {
+                return;
+            }
+
+#pragma warning disable ASPIRECERTIFICATES001 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed.
+            resourceBuilder.WithHttpsCertificateConfiguration(ctx =>
+            {
+                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""));
+                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""));
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""));
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""));
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""");
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""");
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""));
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""));
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""");
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""");
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""));
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""));
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""");
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""");
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""));
-                ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""));
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""");
+                ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""");
+                return Task.CompletedTask;
+            });
+#pragma warning restore ASPIRECERTIFICATES001 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed.
+        }        
-        }        
+        }
-        }        
+        }
     }
 
     /// <summary>
@@ -123,5 +121,4 @@ public static IResourceBuilder<OpenTelemetryCollectorResource> WithConfig(this I
         return builder.WithBindMount(configPath, $"/config/{configFileInfo.Name}")
             .WithArgs($"--config=/config/{configFileInfo.Name}");
     }
-
 }
diff --git a/src/Shared/DevCertHostingExtensions.cs b/src/Shared/DevCertHostingExtensions.cs