1. 技术文章
  2. Azure App Service deploy Failed to get resource ID for resource type 'Microsoft.Web/Sites'

Azure App Service deploy Failed to get resource ID for resource type 'Microsoft.Web/Sites'

早过忘川 提交于 2020-06-27 07:47:31

问题


In the last 6 months I have been releasing with a pipeline in Azure DevOps, but today I receive the following error:

2019-09-25T14:24:38.4296875Z ##[section]Starting: Azure App Service Deploy: AS-ServiciosNegocio-API-UAT
2019-09-25T14:24:38.4419797Z ==============================================================================
2019-09-25T14:24:38.4419900Z Task         : Azure App Service deploy
2019-09-25T14:24:38.4419986Z Description  : Deploy to Azure App Service a web, mobile, or API app using Docker, Java, .NET, .NET Core, Node.js, PHP, Python, or Ruby
2019-09-25T14:24:38.4420053Z Version      : 3.4.31
2019-09-25T14:24:38.4420117Z Author       : Microsoft Corporation
2019-09-25T14:24:38.4420182Z Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-rm-web-app-deployment
2019-09-25T14:24:38.4420291Z ==============================================================================
2019-09-25T14:24:39.1630446Z Got connection details for Azure App Service:'AS-ServiciosNegocio-API-UAT'
2019-09-25T14:24:39.3091141Z ##[error]Error: Failed to get resource ID for resource type 'Microsoft.Web/Sites' and resource name 'AS-ServiciosNegocio-API-UAT'. Error: Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.
2019-09-25T14:24:39.3140156Z ##[section]Finishing: Azure App Service Deploy: AS-ServiciosNegocio-API-UAT

回答1:


If you look at the error message: "Verify if the Service Principal used is valid and not expired"

While I would have preferred more information, purely based on the above the likely scenario is the Key Used for the Service Connection has expired.

  • Visit you Azure DevOps org. and open the related Project and click on "Project Settings" at the bottom left of the screen.

  • Click edit on the service connection in Azure DevOps and Click on the link >> "To update using an existing service principal, use the full version of the service connection dialog."

  • Copy the "Service principal client ID"

  • Now in the Azure Portal, Clic on Azure Active Directory and then Click on "App Registrations" to search for your application with the "client ID"

  • Go to "Certificate and Secrets" and check if your client certificate has expired.

  • If the cert is expired generate a new one and copy the key.

  • Go back to Azure DevOps "Service Connections", Click edit on the service connection in Azure DevOps and Click on the link >> "To update using an existing service principal, use the full version of the service connection dialog."

  • Update Service Principal Key with the copied value, Verify connection and click ok.

  • This should solve your issue




回答2:


I followed JamesD's answer but when I got to step 13, there was nowhere for me to put the Service Principle Key that was generated. So I went back to square one and approached it a different way. Instead of trying to reuse the existing service connection that had exired, I created a new service connection and then changed my release pipelines to use that new service connection and things worked fine.

Here were my steps:

  1. click on Project Settings in the lower left corner
  2. On the left nav under the "Pipelines" section, click on "Service connections"
  3. in the upper right corner, click on the button "New service connection"
  4. select "Azure Resource Manager" and then "Next"
  5. select "Service principle (automatic)" (this is the recommended option)
  6. select the subscription from the drop down.
  7. select the resource group from the drop down
  8. give it a good name and hit save
  9. then authenticate with your azure portal creds
  10. Now you have a service connection created, lets go change the pipeline to use it
  11. Go to your pipeline for the release and edit it
  12. click on the Stage you want to edit (aim for the # tasks link)
  13. click on Deploy Azure App Service
  14. under the azure subscription drop down, select your new subscription entry you created above
  15. then you will select the App Service name in that drop down
  16. hit save and you are good to go

Now repeat for any other stages of the pipeline or any other failing release pipelines




回答3:


Although the route to the problem wasn't exactly the same (because devops changed so much again, probably), the answer from Venura was the root cause of my issue, and I was able to solve it thanks to this info.

steps I had to take:

  1. In devops: go to releases
  2. click correct project
  3. edit
  4. click on the stage that was failing
  5. open the run agent task to deploy (should be an azure app service deploy)
  6. click manage azure subscription
  7. click manage service principal
  8. in azure portal click on the expired registration
  9. click on the red error that is has expired
  10. click + new client secret
  11. copy that new key
  12. go back to devops
  13. click edit on the screen of service connections (where we left at step 7) - (the subscript of the title here is Azure Resource Manager using service principal (manual))
  14. paste that copied key in the field 'Service principal key'
  15. click 'Verify and save'

That solved the issue, to confirm it was solved I just triggered a new release, which finally got through.



来源:https://stackoverflow.com/questions/58107017/azure-app-service-deploy-failed-to-get-resource-id-for-resource-type-microsoft

标签
deployment
azure-devops
azure-web-sites
access-token
azure-pipelines-release-pipeline
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!