How to connect the Azure DevOps build pipeline to the private endpoint

Question

I am trying to perform a mocha test on the node.js app which is hosted in Azure App Service through Azure DevOps build pipeline. And below is the release pipeline code I am using

    # Node.js
# Build a general Node.js project with npm.
# Add steps that analyze code, save build artifacts, deploy, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/javascript

trigger:
- Test

pool:
  vmImage: 'vs2017-win2016'

steps:
- task: NodeTool@0
  inputs:
    versionSpec: '10.14.1'
  displayName: 'Install Node.js'

- script: |
    npm install
- task: PowerShell@2
  inputs:
    targetType: 'inline'
    script: 'npm run local

- task: PublishTestResults@2
  condition: succeededOrFailed()
  inputs:
    testRunner: JUnit
    testResultsFiles: 'test-results.xml'

- task: ArchiveFiles@2
  displayName: 'Archive $(System.DefaultWorkingDirectory)'
  inputs:
    rootFolderOrFile: '$(System.DefaultWorkingDirectory)'
    includeRootFolder: false
    archiveFile: '$(Build.ArtifactStagingDirectory)/node.zip'

- task: PublishBuildArtifacts@1
  displayName: 'Publish Artifact: drop'

When I run the build I am getting the following error

{"name":"xxxx","hostname":"xxxx","pid":xxxx,"level":50,"msg":"Error while connecting sql database xxxx-dev","time":"2020-11-17T11:37:26.852Z","v":0} 
[0] {"name":"xxxxx","hostname":"xxxxxx","pid":xxxx,"level":50,"err":{"message":"Reason: An instance-specific error occurred while establishing a connection to SQL Server. Connection was denied since Deny Public Network Access is set to Yes (https://docs.microsoft.com/azure/azure-sql/database/connectivity-settings#deny-public-network-access). To connect to this server, use the Private Endpoint from inside your virtual network (https://docs.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).","name":"ConnectionError","stack":"ConnectionError: Reason: An instance-specific error occurred while establishing a connection to SQL Server. Connection was denied since Deny Public Network Access is set to Yes (
[0] {"name":"xxxx-device-controller","hostname":"xxxxx","pid":xxxx,"level":50,"msg":"Error while attempting to complete call","time":"2020-11-17T11:37:26.852Z","v":0} 

Is there a way to run the test directly in App service? or how to establish the connection

Answer 1

In order to connect to the SQL database, the ip should be whitelisted ( Set server firewall in the Overview tab of the database. You therefore need the ip address of the build server. Since this ip can change with every build, it would need to be added from within the pipeline .

How to do that has been discussed in this article . You will need to modify the commands slightly:

• Whitelist the ip with: New-AzureRmSqlServerFirewallRule instead of Add-AzWebAppAccessRestrictionRule . You should be able to get all required parameters, see the documentation .
• The ip address will be removed from the pipeline with Remove-AzureRmSqlServerFirewallRule