部署到具有专用端点的 Azure Web 应用程序
[英]Deploy to an Azure Web App with a private endpoint
问题描述
I have configured an Azure Web App with a private endpoint and want to deploy to it using Azure DevOps.
我已经配置了一个带有私有端点的 Azure Web 应用程序,并希望使用 Azure DevOps 部署到它。 I have found this possibility using Azure Blob storage and Azure CLI: https://azure.github.io/AppService/2021/03/01/deploying-to-network-secured-sites-2.html I have found this possibility using Azure Blob storage and Azure CLI: https://azure.github.io/AppService/2021/03/01/deploying-to-network-secured-sites-2.html
The following Azure CLI webapp deploy command:以下 Azure CLI webapp 部署命令:
az webapp deploy --name $WEBAPP --resource-group $GROUP --type zip --src-url $ZIP_URL --async false
However gives the following Http 403 error: The web app you have attempted to reach has blocked your access.但是给出了以下 Http 403 错误: The web app you have attempted to reach has blocked your access.
I am using a service principal to login.我正在使用服务主体登录。
Any clues what I am missing here?任何线索我在这里缺少什么?
2 个解决方案
解决方案1
0 2022-07-21 14:37:41
I had the same problem and opened a Microsoft Support ticket.我遇到了同样的问题并打开了 Microsoft 支持票。 There is a problem with "az webapp deploy --src-url": It actually doesn't go via ARM API, but directly to the scm endpoint of the web-app (which is blocked due to private endpoints). “az webapp deploy --src-url”有一个问题:它实际上不通过ARM API,而是直接到web-app的scm端点(由于私有端点而被阻止)。 There is a bug reported to fix this: https://github.com/Azure/azure-cli/issues/21168报告了一个错误来解决此问题: https ://github.com/Azure/azure-cli/issues/21168
The solution is not to use Azure cli command "az webapp deploy", but to call the ARM API directly with something like this:解决方案不是使用 Azure cli 命令“az webapp deploy”,而是直接调用 ARM API,如下所示:
az rest --method PUT --uri https://management.azure.com/subscriptions/${SUBSCRIPTIONID}/resourceGroups/${RESOURCEGROUP}/providers/Microsoft.Web/sites/${WEBAPP}/extensions/onedeploy?api-version=2022-03-01 --body '{"properties": {"type": "zip", "packageUri": ${ARTIFACTURL} }}'
This call will go via ARM and will not be blocked by your Webapp此调用将通过 ARM 进行,不会被您的 Webapp 阻止
解决方案2
0 2022-08-31 04:41:47
Using the earlier suggested solution, I ran into the following error:使用之前建议的解决方案,我遇到了以下错误:
"ERROR: Bad Request({"error":{"code":"BadRequest","message":"System.NullReferenceException: Object reference not set to an instance of an object.\r\n at Kudu.Services.Deployment.PushDeploymentController.<OneDeploy>d__13.MoveNext() in C:\\Kudu Files\\Private\\src\\master\\Kudu.Services\\Deployment\\PushDeploymentController.cs:line 187"}}"
I solved this by adjusting "packageUri": ${ARTIFACTURL} to "packageUri": "'"${ARTIFACTURL}"'" .我通过将"packageUri": ${ARTIFACTURL}调整为"packageUri": "'"${ARTIFACTURL}"'"解决了这个问题。
The full working task for me looks like following:我的完整工作任务如下所示:
- task: AzureCLI@2
displayName: Azure CLI
inputs:
azureSubscription: 'customer a'
scriptType: bash
scriptLocation: inlineScript
inlineScript: |
EXPIRY=$(date -u -d "$EXPIRY_TIME" '+%Y-%m-%dT%H:%MZ')
az storage blob upload -f $(Pipeline.Workspace)/**/*.zip --account-name $ACCOUNT -c $CONTAINER
ZIP_URL=$(az storage blob generate-sas --full-uri --permissions r --expiry $EXPIRY --account-name $ACCOUNT -c $CONTAINER -n s.zip | xargs)
az rest --method PUT --uri https://management.azure.com/subscriptions/${SUBSCRIPTIONID}/resourceGroups/${GROUP}/providers/Microsoft.Web/sites/${WEBAPP}/extensions/onedeploy?api-version=2022-03-01 --body '{"properties": {"type": "zip", "packageUri": "'"${ZIP_URL}"'" }}'
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.