我正在尝试自动化环境vir ARM模板的部署。我可以部署事件网格和功能应用程序,但是现在我需要在部署功能应用程序后将功能应用程序订阅到事件网格。有没有办法获取功能应用程序
的webhook网址有了webhook网址后,我们便可以通过ARM创建订阅-但是要获得正确的网址似乎就是我们的命题。
请帮助
答案 0 :(得分:4)
在上面@Van和@Barrie的回答的帮助下,我设法使它开始工作。
此脚本从azure api返回主密钥和默认密钥,使您能够从发布管道中的functionApp / webApp创建eventgrid订阅。
Van的脚本(7月30日)适用于FA版本1,但不适用于FunctionApps V2(API中有所更改)。在V2中使用此脚本时,错误为:
运行时密钥存储在Blob存储中。该API不支持此配置。请将环境变量AzureWebJobsSecretStorageType的值更改为“文件”。
我修改了此脚本,现在可以在V2中使用
#DEBUG: when debugging (running in powershell on local pc) you need to comment out the next line by starting the line with #
param($resourceGroupName, $webAppname)
function Get-PublishingProfileCredentials($resourceGroupName, $webAppName){
$resourceType = "Microsoft.Web/sites/config"
$resourceName = "$webAppName/publishingcredentials"
$publishingCredentials = Invoke-AzureRmResourceAction -ResourceGroupName $resourceGroupName -ResourceType $resourceType -ResourceName $resourceName -Action list -ApiVersion 2015-08-01 -Force
return $publishingCredentials
}
function Get-KuduApiAuthorisationHeaderValue($resourceGroupName, $webAppName){
$publishingCredentials = Get-PublishingProfileCredentials $resourceGroupName $webAppName
return ("Basic {0}" -f [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $publishingCredentials.Properties.PublishingUserName, $publishingCredentials.Properties.PublishingPassword))))
}
function Get-MasterAPIKey($kuduApiAuthorisationToken, $webAppName ){
$bearerToken = Invoke-RestMethod -Uri https://$webAppName.scm.azurewebsites.net/api/functions/admin/token -Headers @{"Authorization"=$kuduApiAuthorisationToken;"If-Match"="*"}
$masterkeyResponse = Invoke-RestMethod -Method GET -Headers @{Authorization=("Bearer {0}" -f $bearerToken)} -Uri "https://$webAppName.azurewebsites.net/admin/host/systemkeys/_master"
$masterKeyValue = $masterkeyResponse.value
return $masterKeyValue
}
function Get-HostAPIKeys($kuduApiAuthorisationToken, $webAppName, $masterKey ){
$apiUrl = "https://$webAppName.azurewebsites.net/admin/host/keys?code=$masterKey"
$result = Invoke-WebRequest $apiUrl
return $result
}
#DEBUG: when debugging this in powershell on my local pc I use this to authenticate (remove # to uncomment the next line):
#Login-AzureRmAccount -SubscriptionName "Insert_Subscription_Name_Here"
#DEBUG: when debugging you need to set these parameters:
# $resourceGroupName = "Insert_ResourceGroup_Name_Here"
# $webAppname = "Insert_FunctionApp_Name_Here"
#Auth Header
$kuduToken = Get-KuduApiAuthorisationHeaderValue $resourceGroupName $webAppName
#MasterKey
$masterKey = Get-MasterAPIKey $kuduToken $webAppName
Write-Host "masterKey = " $masterKey
#Default Key
$result = Get-HostAPIKeys $kuduToken $webAppName $masterkey
$keysCode = $result.Content | ConvertFrom-Json
Write-Host "default Key = " $keysCode.Keys[0].Value
#Set Return Values:
$faMasterKey = $masterkey
$faDefaultKey = $keysCode.Keys[0].Value
Write-Output ("##vso[task.setvariable variable=fa_MasterKey;]$faMasterKey")
Write-Output ("##vso[task.setvariable variable=fa_DefaultKey;]$faDefaultKey")
此脚本与Van的脚本之间只有很小的区别。主要区别在于此脚本将在Azure CLI Functions V2上运行。更多信息:https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-event-grid
答案 1 :(得分:1)
您应该能够像这样输出webhook URL:
"outputs": {
"Url": {
"type": "string",
"value": "[listsecrets(resourceId('Microsoft.Web/sites/functions', parameters('yourFunctionAppName'), parameters('yourFunctionName')),'2015-08-01').trigger_url]"
}
}
这里是相关的answer。
答案 2 :(得分:1)
我终于设法解决了这个问题。最后,我创建了一个powershell任务,该任务提取了masterkey(和defaultKey),现在我可以创建eventgrid订阅了。
感谢
这是我使用的powershell脚本:
param($resourceGroupName, $webAppname)
function Get-PublishingProfileCredentials($resourceGroupName, $webAppName){
$resourceType = "Microsoft.Web/sites/config"
$resourceName = "$webAppName/publishingcredentials"
$publishingCredentials = Invoke-AzureRmResourceAction -ResourceGroupName
$resourceGroupName -ResourceType $resourceType -ResourceName $resourceName -Action
list -ApiVersion 2015-08-01 -Force
return $publishingCredentials
}
function Get-KuduApiAuthorisationHeaderValue($resourceGroupName, $webAppName){
$publishingCredentials = Get-PublishingProfileCredentials $resourceGroupName $webAppName
return ("Basic {0}" -f [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $publishingCredentials.Properties.PublishingUserName, $publishingCredentials.Properties.PublishingPassword))))
}
function Get-MasterAPIKey($kuduApiAuthorisationToken, $webAppName ){
$apiUrl = "https://$webAppName.scm.azurewebsites.net/api/functions/admin/masterkey"
$result = Invoke-RestMethod -Uri $apiUrl -Headers @{"Authorization"=$kuduApiAuthorisationToken;"If-Match"="*"}
return $result`
}
function Get-HostAPIKeys($kuduApiAuthorisationToken, $webAppName, $masterKey ){
$apiUrl = "https://$webAppName.azurewebsites.net/admin/host/keys?code=$masterKey"
$result = Invoke-WebRequest $apiUrl
return $result`
}
$accessToken = Get-KuduApiAuthorisationHeaderValue $resourceGroupName $webAppname
$adminCode = Get-MasterAPIKey $accessToken $webAppname
Write-Host "masterKey = " $adminCode.Masterkey
$result = Get-HostAPIKeys $accessToken $webAppname $adminCode.Masterkey
$keysCode = $result.Content | ConvertFrom-Json
Write-Host "default Key = " $keysCode.Keys[0].Value
$faMasterKey = $adminCode.Masterkey
$faDefaultKey = $keysCode.Keys[0].Value
Write-Output ("##vso[task.setvariable variable=fa_MasterKey;]$faMasterKey")
Write-Output ("##vso[task.setvariable variable=fa_DefaultKey;]$faDefaultKey")
这将输出:
(我将尝试创建VSTS任务并将其发布到市场上-详细内容将在后面进行)
答案 3 :(得分:1)
我和您同舟共济,最终完成了这项工作,但是花了很多时间才能得出正确的端点等。我试图做的是使用以下方法为我的一个资源组创建事件订阅az eventgrid event-subscription create
。主要问题是--endpoint
参数,因为它上面有一个code
查询字符串参数。通过执行以下操作,我可以在Azure门户中轻松找到它:
但是,我想以编程方式完成所有工作,事实证明这很困难。最后,我使用的bash脚本如下所示:
#!/bin/bash
appName="myfunctionappname"
resourceGroup="myresourcegroupname"
# First do a KUDU login so we can get a JWT bearer token
user=$(az webapp deployment list-publishing-profiles -n $appName -g $resourceGroup --query "[?publishMethod=='MSDeploy'].userName" -o tsv)
pass=$(az webapp deployment list-publishing-profiles -n $appName -g $resourceGroup --query "[?publishMethod=='MSDeploy'].userPWD" -o tsv)
bearerToken=$(curl -s -u $user:$pass https://$appName.scm.azurewebsites.net/api/functions/admin/token | tr -d '"')
# Creating event grid subscription linked against the endpoint is an admin function so requires a master key
masterKeyResponse=$(curl -s -H "Authorization: Bearer $bearerToken" "https://$appName.azurewebsites.net/admin/host/systemkeys/_master")
masterKey=$(echo $masterKeyResponse | jq '.value' | tr -d '"')
functionName="MyFunctionName"
az eventgrid event-subscription create -g $resourceGroup --name "test-event-subscription" --endpoint "https://$appName.azurewebsites.net/runtime/webhooks/EventGridExtensionConfig?functionName=$functionName&code=$masterKey"
答案 4 :(得分:0)
对于 V 2.0 和 3.0 函数应用,您必须将 AzureWebJobsSecretStorageType 设置为文件:
"properties": {
"name": "[variables('functionsName')]",
"siteConfig": {
"appSettings": [
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~3"
},
{
"name": "AzureWebJobsSecretStorageType",
"value": "files"
},
然后您可以使用以下方法获取网址或密钥和网址:
"outputs": {
"mValidateConfigurationUrl": {
"type": "string",
"value": "[listsecrets(resourceId('Microsoft.Web/sites/functions', variables('functionsName'), 'mValidateConfiguration'),'2015-08-01').trigger_url]"
},
"mValidateConfigurationUrlObj": {
"type": "object",
"value": "[listsecrets(resourceId('Microsoft.Web/sites/functions', variables('functionsName'), 'mValidateConfiguration'),'2015-08-01')]"
}