Partage via

How to add Github Deployment configuration for Azure App Service Slot with Terraform?

AnthonyV 0 Points de réputation
2025-01-15T10:10:22.5566667+00:00

Hello,

I'm working on automating the creation of App Services (with Slots) with Terraform, but I'm struggling on the Deployment Github configuration. I'm looking at a way to add the Github settings : repository, branch and identity but I'm facing errors.... I tried to use the following configuration : 

resource "azurerm_app_service_source_control_slot" "git_source_control" {
  slot_id             = azurerm_linux_web_app_slot.staging_slot[0].id
  repo_url            = var.github_repo_url
  branch              = var.github_branch
}

resource "azurerm_user_assigned_identity" "linux_identity" {
  name = "identity"
  location = var.rg_location
  resource_group_name = var.rg_name
}

resource "azurerm_federated_identity_credential" "linux_federated_identity" {
  name                = "federated_identity_${var.webapp_name}"
  resource_group_name = local.rgr_name
  audience            = ["api://AzureADTokenExchange"]
  issuer              = "https://token.actions.githubusercontent.com"
  parent_id           = azurerm_user_assigned_identity.linux_identity[0].id
  subject             = var.github_repo_url
}

Unfortunately, it failed with the following error : 

Error: creating Source Control configuration for Slot (Subscription: "***********"
│ Resource Group Name: "******" │ Site Name: "*******" │ Slot Name: "STG"): unexpected status 404 (404 Not Found) with response: {"Code":"NotFound","Message":"Cannot find User with name 
fa123456-123456abcdef
.","Target":null,"Details":[{"Message":"Cannot find User with name 
fa123456-123456abcdef
."},{"Code":"NotFound"},{"ErrorEntity":{"ExtendedCode":"51004","MessageTemplate":"Cannot find {0} with name {1}.","Parameters":["User","fa123456-123456abcdef"],"Code":"NotFound","Message":"Cannot find User with name 
fa123456-123456abcdef."}}],"Innererror":null}

PS : I'm using Federated Credentials between Azure and my Github repository instead of credentials, and it's works well for the Github Actions.

If anyone of you have some ideas, workarounds or another way to implement it, I'll be grateful for that.

Thanks a lot for your help

Regards

Azure
Azure
Plateforme et infrastructure de cloud computing pour la génération, le déploiement et la gestion d’applications et de services à travers un réseau mondial de centres de données gérés par Microsoft.
377 questions
0 commentaires

Votre réponse

Les réponses peuvent être marquées comme réponses acceptées par l’auteur de la question, ce qui aide les utilisateurs à savoir que la réponse a résolu le problème de l’auteur.