【Azure Developer】Github Action部署资源(ARM模板)到Azure中国区时,遇见登录问题的解决办法

时间:2021-07-31 08:55:56

问题描述

在参考文档“使用 GitHub Actions 部署 ARM 模板”一文中,由于是在中国区Azure上操作,所以生产的部署凭证为中国区凭证。当创建工作流时,在登录到Azure这一步骤中,模板中使用指令为“ - uses: azure/login@v1”在执行时,遇见了登录到global的错误。

错误消息为:Error: Az CLI Login failed.

【Azure Developer】Github Action部署资源(ARM模板)到Azure中国区时,遇见登录问题的解决办法

问题解决

从错误消息就可以发现,这是因为默认情况下,Github Action中设定的指令“- uses: azure/login@v1”是登录到Global,所以我们需要修改登录参数,让它指向中国区。

第一次尝试解决时,因不懂得 - uses的命令所以使用的时az指令 “- uses: az cloud set --name AzureChinaCloud” 发现这时完全错误的。

第二次尝试解决时,知道了可以为 - uses添加parameter参数,所以自己乱定义了参数:“parameters: environment=AzureChinaCloud”。结果依旧错误。

第三次尝试解决时,认真读了命令的错误提示,并查看了with中参数设置。使用“environment: AzureChinaCloud”,成功解决问题。

 修改次数  .yml文件修改内容(黄色高亮部分) 错误/成功消息
第一次添加内容

# Log into Azure
- uses: az cloud set --name AzureChinaCloud
- uses: azure/login@v1
  with:
    creds: ${{ secrets.AZURE_CREDENTIALS }}

The workflow is not valid.

.github/workflows/deployStorageAccount.yml (Line: 12, Col: 13):

Expected format {org}/{repo}[/path]@ref.

Actual 'az cloud set --name AzureChinaCloud' Input string was not in a correct format.
第二次修改内容 # Log into Azure
- uses: azure/login@v1
  with:
    creds: ${{ secrets.AZURE_CREDENTIALS }}
    parameters: environment=AzureChinaCloud
Warning: Unexpected input(s) 'parameters', valid inputs are ['creds', 'enable-AzPSSession', 'environment', 'allow-no-subscriptions']
Run azure/login@v1
with:
creds: ***
parameters: environment=AzureChinaCloud
enable-AzPSSession: false
environment: azurecloud
allow-no-subscriptions: false
/usr/bin/az cloud set -n azurecloud
Done setting cloud: "azurecloud"
Error: Az CLI Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows
Error: Error: Error: The process '/usr/bin/az' failed with exit code 1
第三次修改内容 # Log into Azure
- uses: azure/login@v1
  with:
    creds: ${{ secrets.AZURE_CREDENTIALS }}
    environment: AzureChinaCloud
Run azure/login@v1
with:
 creds: ***
 environment: AzureChinaCloud
 enable-AzPSSession: false
 allow-no-subscriptions: false
/usr/bin/az cloud set -n azurechinacloud
WARNING: Switched active cloud to 'AzureChinaCloud'.
WARNING: Use 'az login' to log in to this cloud.
WARNING: Use 'az account set' to set the active subscription.
Done setting cloud: "azurechinacloud"
Login successful.

所以正确的解决办法就是添加environment参数。所以当使用部署一个存储账号作为入门测试,在中国区Azure能够正常使用的yaml文件内容为:

on: [push]

name: Azure ARM

jobs:

  build-and-deploy:

    runs-on: ubuntu-latest

    steps:

      # Checkout code

    - uses: actions/checkout@main

      # Log into Azure

    - uses: azure/login@v1

      with:

        creds: ${{ secrets.AZURE_CREDENTIALS }}

        environment: AzureChinaCloud

      # Deploy ARM template

    - name: Run ARM deploy

      uses: azure/arm-deploy@v1

      with:

        subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION }}

        resourceGroupName: ${{ secrets.AZURE_RG }}

        template: ./azuredeploy.json

        parameters: storageAccountType=Standard_LRS

      # output containerName variable from template

    - run: echo ${{ steps.deploy.outputs.containerName }}

参考资料

使用 GitHub Actions 部署 ARM 模板https://docs.azure.cn/zh-cn/azure-resource-manager/templates/deploy-github-actions

相关文章