I'm trying to provision some Azure Websites using Powershell and am not sure how to configure Bitbucket deployment. Is this possible? Using the Service Management cmdlets I see that there is explicit support for Github deployment, but not Bitbucket. Perhaps there's a way using the new Resource Manager cmdlets, but there's very little documentation that I can find.
This feature isn't yet present in the PowerShell New-AzureWebsite Cmdlet and can only be configured when provisioning a new Website via the Management Portal.
Related
I need to deploy an azure function app via Azure DevOps.
If I deploy via visual studio, it asks me to create a publish profile, where storage is specified.
I'm unsure how this works however with DevOps.
I have a build pipeline that builds the (.net core) function app, but on the release, I'm unsure how to proceed.
The Microsoft documentation is quite poor in my opinion, so would appreciate any expertise.
Thanks!
You have to create the underlying infrastructure prior to deploying the Azure Function to it.
There are steps you could user here and have an inline script job/stage within your pipeline:
https://learn.microsoft.com/en-us/azure/azure-functions/create-first-function-cli-csharp?tabs=azure-cli%2Cin-process#create-supporting-azure-resources-for-your-function
Alternatively you could use an ARM template or terraform to provision the app service and storage account as required.
I've got a sample github actions deployment of a function which uses the inline script method here:
https://github.com/brettmillerb/testfunctionapp/blob/master/.github/workflows/main.yml
My firm has the Azure DevOps online version where we have all our projects and repo's. We were not able to configure CI/CD for the repo's because our internal server network doesn't have access to the internet.
To overcome this issue, we built a new server that has access to the internet and also to the internal network. On the new server, we installed and configured Azure DevOps Server 2019. We don't want to migrate our repo's from the cloud version to the online version.
I am trying to link the OnPrem repo to the cloud repo but it was not working. I issued a PAT on the cloud version and added it as a service connection under Pipelines in the OnPrem version but still, I am not able to see and link the cloud repo's.
I can clone the repo from the cloud to the OnPrem server but that will not get the latest code as the code is being checked in the cloud repo's
Can anyone please guide me on how to link both of them, please.
Thanks!!!
I don't think there's a meaningful way to integrate Azure DevOps Services and Azure DevOps Server, as they are essentially the same product. I assume (but don't know) that you're looking to integrate Azure DevOps Services to on-premise builds and deployments, as you state that you want to keep the repos in Azure DevOps Services. So, in essence, you want to run build and deployment group agents in on-premise environment.
Take a look at the agent-documentation and especially the communication subsection:
https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops
Or this old blog post, from which the communication section originates:
https://devblogs.microsoft.com/devops/deploying-to-on-premises-environments-with-visual-studio-team-services-or-team-foundation-server/
The ideal solution would probably be that you run self-hosted build agents in your server that's open to internet, and configure an agent pool for them in Azure DevOps Services. For deployments, you'll want to use Deployment Groups and install deployment group agents to target servers, where they'll just need outbound 443 access for communicating with Azure DevOps Services.
If that's not possible, you'd have to install deployment agents to the build machine, which then sees your other on-premise servers, but this is rather unsatisfactory solution since you'd either have to rely on WinRm capabilities for deployments, or expose too much network between your build server and other on-premise servers.
When creating a new release definition in VSTS using the Azure Website Deployment template you get two tasks added automatically.
One of those tasks is the "Deploy Website to Azure". In that task there is a setting called "Additional Arguments". What is this setting for? And what does the defaults do?
-connectionString #{"$(ConnectionStringName)"="Server=tcp:$(ServerName).database.windows.net,1433;Database=$(DatabaseName);User ID=$(AdministratorLogin)#$(ServerName);Password=$(AdministratorLoginPassword);Trusted_Connection=False;Encrypt=True;"}
I have checked the docs at https://www.visualstudio.com/docs/overview but I can't find a single paragraph where someone talks about this feature. Google hasn't been of any help either unfortunately. I would appreciate it if someone could explain.
The Azure Web App Deployment task uses Publish-AzureWebsiteProject command to publish the web deployment package just as starain mentioned. With this command, you can specify the "-ConnectionString" argument to configure the connection strings in the deployment. The setting in the task is used to do this.
As soon as you create a release definition with "Azure Website Deployment", you will see this setting, and you will also see the related variables created if you select "Configure variables...":
You can then update the connection strings by update the value of these variables.
Based on this article: https://github.com/Microsoft/vsts-tasks/blob/master/Tasks/AzureWebPowerShellDeployment/Publish-AzureWebDeployment.ps1, it uses Publish-AzureWebsiteProject command. https://msdn.microsoft.com/en-us/library/dn722468.aspx
The Additional Arguments is used for extra arguments that not included, for example, the -connectionstring argument, which is to use for the deployment.
You may want to consider utilizing the Deploy Azure RM Web App task instead as it provides more capabilities and leverages the Azure Resource Manager (ARM) APIs instead of the legacy Azure Service Management infrastructure. Both use Web Deploy for actual deployment of the application. Please note that to use the ARM-based tasks, you need to configure a Azure Resource Manager Service endpoint (link is in the documentation referenced)
I am automating deployment of a solution to Azure for CI purposes in powershell. I will be using WebDeploy to deploy websites and webjobs. I plan to create the CI user in Azure AD once for all environments, attach him to the subscription, download appropriate publishprofile file and put this file in the repository. Then use Import-AzurePublishSettingsFile while deployment is running on CI. Is this the optimal way to do it? Can I assume that the credentials stored in this file won't expire?
Since the .publishsettings file mechanism is no longer been worked on, you should create an Azure Active Directory Service Principal to grant access for your CI environment to Azure.
Import-AzurePublishSettingsFile is using a .publishsettings file that has been downloaded using the Get-AzurePublishSettingsFile. This command will create a certificate in your subscription.
You can login the Azure Classic Portal.
Click Settings > Management certificates, and search with the downloaded .publishsettings file name.
You will be able to get the expire date of the certificate. It's usually one year long. I am not sure if it's long enough for you.
If your need a longer term, I suggest you to upload your own certificate, and use certificate instead. For more information, see Upload an Azure Management API Management Certificate
For more detail about how to use the uploaded certificates, see Getting Started with Azure PowerShell Cmdlets–Subscription Management
Can we expose ports on a Azure VMRole after we have published the project onto Azure?
Probably using Azure Powershell cmdlets or some other way.
At present, I am deleting the VMRole and adding new endpoints on my project (Visual Studio Azure Project) and re-publish it.
I'm pretty sure the answer is no for cloud apps. (VM Role is one type of role for a cloud app.) Endpoints have to be declared before publishing.