New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebApp:az webapp deploy --src-url
should use ARM Proxy
#21168
Comments
Thank you for your feedback. This has been routed to the support team for assistance. |
1 similar comment
Thank you for your feedback. This has been routed to the support team for assistance. |
route to CXP team to help with |
az webapp deploy --src-url
should use ARM Proxyaz webapp deploy --src-url
should use ARM Proxy
@panchagnula can you please take a look and give your inputs on this. |
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp. Issue DetailsThe command
|
We need new SDK drop for us to support this. |
@panchagnula , Satish's request for a new Python SDK build was approved. Is that what you mean? --> https://pypi.org/project/azure-mgmt-web/6.1.0/ |
@JasonFreeberg yes, we need to update CLI to use the new SDK & ensure no breaking changes or handle it correctly, this will take time, before we support the changes in the deploy API. hope this clarifies, the work involved & timelines. Thanks! |
@StrawnSC assigning this to you to take care of next miestone once we have the new SDK |
@JasonFreeberg @StrawnSC Is this the missing piece to enable this workflow to work properly? https://azure.github.io/AppService/2021/03/01/deploying-to-network-secured-sites-2.html Any way we can consume this updated SDK currently from Azure DevOps so we can get our pipeline working with a private endpoint? (Also, I assume this would still work for a functionapp as well, or the equivalent |
Having the same issue as @dpolivy. @JasonFreeberg @StrawnSC |
With #21701 being closed with no ETA, any suggested work around to deploy to a private endpoint in this fashion? |
we're facing this bug also in my company, Is any news on this one? |
Same here. For us, also the workaround using |
Hi, In case anyone is still struggling with this, I managed to deploy a simple nodejs app to an app service using private endpoints via the workaround az rest command. You may reference this deployment yaml file: The example follows the guide here: https://azure.github.io/AppService/2021/03/01/deploying-to-network-secured-sites-2.html |
@jlieow any chance the az rest --method PUT could be done without the storage account? Possibly by specifying the github artifact zip url? |
Hi @mpalmahsf. I have not tried it myself but I don’t see why it wouldn’t work. You could try depositing your artifacts into a location which generates a url download link like Google Drive and run the az run command with that url to see if it works. I tried googling but I don’t think GitHub provides a url to download artifacts during the build process natively which I think is the reason why the guide uses storage accounts. |
@jlieow any chance you have guidance how to update the deployment message as well? When we run: we get the error:
We are fiddling with an appropriate body payload as based on the source code in https://github.com/microsoft/azure-pipelines-tasks/blob/master/common-npm-packages/azure-arm-rest-v2/azure-arm-app-service-kudu.ts |
I am running into this as well. We are running github actions to do two things:
Can someone help me write these as az rest calls ?
|
Hi @cveld I just noticed this. Not sure if this is still useful, but this is the API documentation to reference for the az rest command for webapps (https://learn.microsoft.com/en-us/rest/api/appservice/web-apps). In the example I provided, I used the "Create One Deploy Operation" (https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/create-one-deploy-operation). In your az rest command, you seem to be calling the "Web Apps - Get Deployment" (https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/get-deployment) which uses a GET request instead of a PUT request. Unfortunately the documentation does not mention any body payload parameters and it is probably best to reach out to Azure support for clarification on this. The API call I made has body parameters but it wasn't mentioned in the documentation as can be seen from my example where I used:
I also realised my original example link was broken and have updated it in case it proves useful to you. |
Hi @SteveDevOps you can reference the API documentation for web apps here (https://learn.microsoft.com/en-us/rest/api/appservice/web-apps). Unfortunately you might need to reach out to Azure support as I can't seem to find which of the APIs is equivalent to az webapp deploy. |
ya api docs lacking in the publish calls.. opened support case, thx @jlieow |
@SteveDevOps you can put the |
Unfortunately we got confirmation from support that the onedeploy endpoint is not capable of updating the deployment logs like the Azure Pipelines task does. In the current state of app service we therefore require a private agent to deploy to a private endpoint. |
In our case we were trying to affect the startup setting and supplant a startup script as part of our deploys. For staging slot (our PR slot) we were good -- as those endpoints were out in the open and not part of the native association with private endpoint (from a dns perspective) -- when it came to the production slot we could not affect. What ended up working was employing a SWAP via az cli as part of our 'merge to development branch' CI (which deploys to primary/production slot to our staging env app) -- in the SWAP the setting and file are brought over as part of the SWAP process. |
We are trying to deploy a Function App where private endpoint is enabled. We are using Please help me how can we do zip deployment from GitHub to private endpoint enabled azure resource without the need of storage account or any intermediate resources ? |
@mnadher check your access restriction under network -- are you using that as well? We were for frontdoor and had to whitelist the runner's private ip address. Are you trying to deploy to production slot? If you are using a staging slot, it needs a separate private endpoint -- and does NOT inherit production slot private endpoint settings. Also verify that your .scm. and/or your whatever.azurewebsites.net address has a private address from your runner's perspective. Do a nslookup on the name. Also verify ftp setting for slot you are targeting. We use ftps and toggle on during deploy step, then back off. |
hey @tulika can we check on the current status for this? lets understand what is missing. |
…ough ARM proxy if `--src-url` is provided (Azure#26620)
The command
az webapp deploy
has an optional parameter,--src-url
, where the user can specify a remote URL for the file they want to deploy to their Web App. If this parameter is used, the CLI should use the ARM proxy API for the deployment request so that if the user has any networking restrictions such as Private Endpoints or ILB ASEs, then this deployment request will go through the management plane and circumvent any networking restrictions. Today the CLI sends the request directly to Kudu, and does not use this ARM proxy.The text was updated successfully, but these errors were encountered: