【Azure Developer】Github Action部署資源(ARM模板)到Azure中國區時,遇見登入問題的解決辦法
問題描述
在參考文件“使用 GitHub Actions 部署 ARM 模板”一文中,由於是在中國區Azure上操作,所以生產的部署憑證為中國區憑證。當建立工作流時,在登入到Azure這一步驟中,模板中使用指令為“ - uses: azure/login@v1”在執行時,遇見了登入到global的錯誤。
錯誤訊息為:Error: Az CLI Login failed.
問題解決
從錯誤訊息就可以發現,這是因為預設情況下,Github Action中設定的指令“- uses: azure/login@v1”是登入到Global,所以我們需要修改登入引數,讓它指向中國區。
第一次嘗試解決時,因不懂得 - uses的命令所以使用的時az指令 “- uses: az cloud set --name AzureChinaCloud” 發現這時完全錯誤的。
第二次嘗試解決時,知道了可以為 - uses新增parameter引數,所以自己亂定義了引數:“parameters: environment=AzureChinaCloud”。結果依舊錯誤。
第三次嘗試解決時,認真讀了命令的錯誤提示,並查看了with中引數設定。使用“environment: AzureChinaCloud”,成功解決問題。
| 修改次數 | .yml檔案修改內容(黃色高亮部分) | 錯誤/成功訊息
|
| 第一次新增內容 |
# Log into Azure |
The workflow is not valid. .github/workflows/deployStorageAccount.yml (Line: 12, Col: 13): Expected format {org}/{repo}[/path]@ref. Actual 'az cloud set --name AzureChinaCloud' Input string was not in a correct format. |
| 第二次修改內容 | # Log into Azure - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} parameters: environment=AzureChinaCloud | Warning: Unexpected input(s) 'parameters', valid inputs are ['creds', 'enable-AzPSSession', 'environment', 'allow-no-subscriptions'] Run azure/login@v1 with: creds: *** parameters: environment=AzureChinaCloud enable-AzPSSession: false environment: azurecloud allow-no-subscriptions: false /usr/bin/az cloud set -n azurecloud Done setting cloud: "azurecloud" Error: Az CLI Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows Error: Error: Error: The process '/usr/bin/az' failed with exit code 1 |
| 第三次修改內容 | # Log into Azure - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: AzureChinaCloud |
Run azure/login@v1 with: creds: *** environment: AzureChinaCloud enable-AzPSSession: false allow-no-subscriptions: false /usr/bin/az cloud set -n azurechinacloud WARNING: Switched active cloud to 'AzureChinaCloud'. WARNING: Use 'az login' to log in to this cloud. WARNING: Use 'az account set' to set the active subscription. Done setting cloud: "azurechinacloud" Login successful. |
所以正確的解決辦法就是新增environment引數。所以當使用部署一個儲存賬號作為入門測試,在中國區Azure能夠正常使用的yaml檔案內容為:
on: [push]
name: Azure ARM
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
# Checkout code
- uses: actions/checkout@main
# Log into Azure
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: AzureChinaCloud
# Deploy ARM template
- name: Run ARM deploy
uses: azure/arm-deploy@v1
with:
subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION }}
resourceGroupName: ${{ secrets.AZURE_RG }}
template: ./azuredeploy.json
parameters: storageAccountType=Standard_LRS
# output containerName variable from template
- run: echo ${{ steps.deploy.outputs.containerName }}
參考資料
使用 GitHub Actions 部署 ARM 模板:https://docs.azure.cn/zh-cn/azure-resource-manager/templates/deploy-github-actions
&n