Develop Reference

How to suppress warning "ZipDeploy Validation WARNING: It is recommended to set app setting WEBSITE_RUN_FROM_PACKAGE = 1"

In my Azure DevOps pipeline, I'm deploying a logic app on Azure but I get this warning:
##[warning]"ZipDeploy Validation WARNING: It is recommended to set app setting WEBSITE_RUN_FROM_PACKAGE = 1 unless you are targeting one of the following scenarios:
1. Using portal editing.
2. Running post deployment scripts.
3. Need write permission in wwwroot.
4. Using custom handler with special requirements.
NOTE: If you decide to update app setting WEBSITE_RUN_FROM_PACKAGE = 1, you will have to re-deploy your code."
Is it possible to suppress this warning?

Make sure to add the application settings to allow zip deploy like below:-
- task: AzureCLI#2
inputs:
# TODO: Fill in with the name of your Azure service connection
azureSubscription: ''
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az functionapp config appsettings set --name $(LAname) --resource-group $(resourceGroupName) --settings "BLOB_CONNECTION_RUNTIMEURL=$(blobendpointurl)"
az functionapp config appsettings set --name $(LAname) --resource-group $(resourceGroupName) --settings "WORKFLOWS_RESOURCE_GROUP_NAME=$(resourceGroupName)"
az functionapp config appsettings set --name $(LAname) --resource-group $(resourceGroupName) --settings WEBSITE_RUN_FROM_PACKAGE=1
addSpnToEnvironment: true
useGlobalConfig: true
Powershell task with app service plan
- task: AzurePowerShell#5
inputs:
azureSubscription: 'MyAzureSubscription'
ScriptType: 'InlineScript'
Inline: |
Set-AzWebApp -Name MyWebApp -ResourceGroupName MyResourceGroup -AppSettings #{'WEBSITE_RUN_FROM_PACKAGE'='1'}
azurePowerShellVersion: 'LatestVersion'
Make sure you change the deployment-method in your YAML pipeline to deploymentMethod: ‘runFromPackage’ instead of ‘zipDeploy’ like below:-
To :-
And then run your pipeline to allow zip deployment of Azure Logic app.
Reference:-
AzureFunctionApp#1 Gives a warning about something it removes itself · Issue #17580 · microsoft/azure-pipelines-tasks · GitHub

Azure VM : Add New Property Item to Registry via ARM Template

I create Azure VM (windows) via arm template from Azure Pipeline. But I have to Add New Property Item to Registry without RDP.
Is there a secure way to do that with ARM template or SDK?
Any advice would be appreciated.
Best

You could do that with many different ways. One method is to perform an ARM deployment and use commandToExecute inside it. You could also perform that using a Powershell task without having to login in the VM through Azure portal using az cli.
An example can be found below:
- task: AzureCLI#2
displayName: execute command inside vm
inputs:
azureSubscription: 'subscription'
scriptType: 'ps'
scriptLocation: 'inlineScript'
inlineScript: 'az vm run-command invoke --command-id RunPowerShellScript --name $(vm_name) -g $(vnet_rg_name) --scripts "hostname"'
In the scripts section instead of the hostname you should add a powershell to edit your registry key.
Documented article:
https://medium.com/#geralexgr/execute-powershell-command-without-username-password-on-azure-virtual-machine-8142ade31fd0

How to pass the output from kubectl task to next task in Azure Devops

I am using AKS.I am trying to fetch the IP of the service post my deployment through devops so that I can pass on the IP to the API Management for further configuration. right now my task looks like this
- task: Kubernetes#1
inputs:
connectionType: 'Kubernetes Service Connection'
kubernetesServiceEndpoint: 'string-Conn'
namespace: '<appservices>'
command: 'get'
arguments: 'get services --namespace appservices authsvc --output jsonpath=''{.status.loadBalancer.ingress[0].ip}'''
secretType: 'dockerRegistry'
containerRegistryType: 'Azure Container Registry'
name: 'GetSvc'
when I run the command locally I am getting the IP of the loadbalancer. but how can I pass the output from this task to the next task? previously, when I use azure cli scripts, I can pass the vso set variable as part of the script itself like the one below but not sure how will I add the output of this task to a variable.
inlineScript: |
$something = (az storage container generate-sas --account-name <container> --name armtemplate --permissions r --expiry $(date -u -d "30 minutes" +%Y-%m-%dT%H:%MZ))
Write-Host($something) Write-Output("##vso[task.setvariable variable=SasToken;]$something")

I have followed the approach suggested by Amit Baranes since I am not clear on the script execution assignment without variable name. I have used the Azure cli task and ran it. It was successful
- task: AzureCLI#2
inputs:
azureSubscription: '<Service-Conn>'
scriptType: 'pscore'
scriptLocation: 'inlineScript'
inlineScript: |
az aks get-credentials -n $(clusterName) -g $(clusterRG)
$externalIp = (kubectl get -n $(ns) services $(svc) --output jsonpath='{.status.loadBalancer.ingress[0].ip}' )
Write-Host($externalIp) Write-Output("##vso[task.setvariable variable=AKSURL;]$externalIp")

We could use the logging command ##vso[task.setvariable variable=SasToken;]$something" to set variables in scripts.
But according to your description, we recommend that you use the output variable to pass the variable IP. For example, assume we have a task called MyTask, which sets an output variable called MyVar. We could use outputs in the same job.
steps:
- task: MyTask#1 # this step generates the output variable
name: ProduceVar # because we're going to depend on it, we need to name the step
- script: echo $(ProduceVar.MyVar) # this step uses the output variable

Is it possible to use Azure CLI on DevOps (hosted/self-hosted) while connecting with managed identity

I have a small test project with a crude start of a pipeline at https://github.com/veikkoeeva/dockerservice/blob/main/azure-pipelines.yml. It's currently just to check it's possible to connect to the Azure, so
trigger:
- master
pool:
vmImage: windows-latest
steps:
- task: AzureCLI#2
displayName: Az --version
inputs:
azureSubscription: 'TestManagedIdentityConnection'
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
az --version
- task: AzureCLI#2
inputs:
azureSubscription: 'TestManagedIdentityConnection'
scriptType: 'pscore'
scriptLocation: 'scriptPath'
scriptPath: '$(System.DefaultWorkingDirectory)\devops.ps1'
But this fails on login step like so
The service connection scope is on subscription level. It appears the hosted image tries to connect to an Internal Azure token endpoint. Is there a way to use managed identity that can sign in the CLI using hosted images? What could it look like using self-hosted and managed identity?
This seem to work with "the usual" service principal. But it appears developers are often forbidden to create SPNs to company AD so creating a service connections fails. It appears often it's possible to create a service connection using managed identity, but here we are with this problem. :)
<edit: Reading from https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli?view=azure-cli-latest the options could be either az login --identity or a certificate. With az login --identity it appears there is still the same problem of calling the same endpoint as earlier and it errors with the same reason.
<edit 2: Duh! In the image it's called with --identity switch already!

how can I get the vnet id into a variable using Azure CLI

I want to get the vnet id of an azure vnet into a variable using azure cli.
i then want to use this variable in the azure devops pipeline and populate a variable there?
How can i do this?

You can use the Azure CLI task making use of the az network vnet commands, e.g.
- task: AzureCLI#2
displayName: Azure CLI
inputs:
azureSubscription: <Name of the Azure Resource Manager service connection>
scriptType: ps
scriptLocation: inlineScript
inlineScript: |
az network vnet show -g MyResourceGroup -n MyVNet
In the same task's inline script you're free to use any powershell, so could also set variables in that script for use in subsequent steps. Hope this helps!