Closed skyaddict closed 2 years ago
@skyaddict Can you please confirm, if WORKFLOWS_SUBSCRIPTION_ID parameter is present in local.settings.json . Also, you can only use appsetting expression only in workflow.json, connection.json and parameters.json files. If you're developing this logic app in portal, you can check if these settings are present in application settings under configuration blade.
@puspraj-repos yes the parameter is present in the local.settings.json file and in the configuration blade. This seems to be an issue when deploying the workflows from vscode
@skyaddict , this is expected. when we are doing local testing then local.settings.json file has their significance. Once we try to deploy our project to azure, this file and its contents will get ignored. For more details you can refer this Doc : https://docs.microsoft.com/en-us/azure/logic-apps/edit-app-settings-host-settings?tabs=visual-studio-code#visual-studio-code-project-structure
@puspraj-repos So how do you suggest working around here? We still need parameterized connection settings and we like to deploy from VSCode
@sven5 you can use parameters.json file to move the same properties which are referenced in local.settings.json file. One change that you need to do in the connection.json file is to replace the appsetting with parameter
@puspraj-repos Thanks for your suggestion. However, I'm still getting an error when trying to deploy to Azure using VSCode
Error: Error in creating access policy for connection in reference - 'azurefile'. Error: Error in getting connection - /subscriptions/@parameters('SubscriptionId')/resourceGroups/@parameters('ResourceGroupName')/providers/Microsoft.Web/connections/azurefile. Error: The provided subscription identifier '@parameters('SubscriptionId')' is malformed or invalid.
I have this in my parameters.json
"SubscriptionId": {
"type": "String",
"value": "@appsetting('WORKFLOWS_SUBSCRIPTION_ID')"
},
@sven5 you need to provide the actual subscriptionid and other details in the parameter file.
{ "SubscriptionId": { "type": "String", "value": "subscription-id-value" } }
@puspraj-repos Thanks for your support.
But still the same error.
Error: Error in creating access policy for connection in reference - 'azurefile'. Error: Error in getting connection - /subscriptions/@parameters('SubscriptionId')/resourceGroups/@parameters('ResourceGroupName')/providers/Microsoft.Web/connections/azurefile. Error: The provided subscription identifier '@parameters('SubscriptionId')' is malformed or invalid.
my parameters.json
"SubscriptionId": {
"type": "String",
"value": "xxxxxxx-xaa6-4fdd-b8f5-0090f37fda5b"
},
my connections.json
"managedApiConnections": {
"azurefile": {
"api": {
"id": "/subscriptions/@parameters('SubscriptionId')/providers/Microsoft.Web/locations/germanywestcentral/managedApis/azurefile"
},
"connection": {
"id": "/subscriptions/@parameters('SubscriptionId')/resourceGroups/@parameters('ResourceGroupName')/providers/Microsoft.Web/connections/azurefile"
},
"connectionRuntimeUrl": "https://xxxxx.03.common.logic-germanywestcentral.azure-apihub.net/apim/azurefile/ac7a0e0dadfa2f4c16a6413282580f91d9",
"authentication": {
"type": "Raw",
"scheme": "Key",
"parameter": "@appsetting('STORAGE1_KEY')"
},
"displayName": "storage1"
}
},
@sven5 You might be getting this error because of access policies. In Standard Logic app, Managed API connection must have access policy which associates the API connection with Logic app. Unlike consumption logic app where you can use any api connection in any logic app, here we need to bind the API connection with logic app, which is done by access policy.
For more details on ARM template of API connection with access policies you can refer this
If you create the same API connection from portal, the access policies are automatically created. To confirm this, you can go on portal and check connections blade in logic app standard resource.
In the above image, the API connection with azureblob-1 is created from local machine while testing and others are created either from the ARM template or from portal.
@puspraj-repos Thanks for guiding. However, the deployment using VSCode still does not work. The error is the same. I only can deploy manually copying the parameterized connection.json to Azure portal. I've recreated the connection using a workflow just for connections as described here
I've found out that it's impossible to parameterize the value of connection id in a managedApiConnection. All other values (ids) can be parameterized as mentioned. Seems like a bug to me.
"managedApiConnections": {
"azurefile": {
"api": {
"id": "/subscriptions/@parameters('SubscriptionId')/providers/Microsoft.Web/locations/germanywestcentral/managedApis/azurefile"
},
"authentication": {
"parameter": "@appsetting('STORAGE1_KEY')",
"scheme": "Key",
"type": "Raw"
},
"connection": {
"id": "**/subscriptions/<subscription id>/resourceGroups/env-stage/providers/Microsoft.Web/connections/azurefile**"
},
"connectionRuntimeUrl": "https://xxxx.03.common.logic-germanywestcentral.azure-apihub.net/apim/azurefile/xxx",
"displayName": "storage1"
}
}
@sven5 Actually it is possible. I tried this and it works. below is the example where I've used this and it works.
"connection": { "id": "/subscriptions/@parameters('subscription-id')/resourcegroups/pujaiswa-v2/providers/microsoft.web/connections/azureblob" }
This is really strange. When I tried your code, it worked at first time. But later, the error comes up again.
@sven5 Were you able to find a solution to your problem? I am facing exactly the same problem...
After parameterizing my connections.json as show in the example found at: https://github.com/Azure/logicapps/blob/master/azure-devops-sample/logic/connections.json the following errors occur when publishing to the logic app from VSCode
Error in creating access policy for connection in reference - 'sql'. Error: Error in getting connection - /subscriptions/@appsetting('WORKFLOWS_SUBSCRIPTION_ID')/resourceGroups/@appsetting('WORKFLOWS_RESOURCE_GROUP_NAME')/providers/Microsoft.Web/connections/sql. Error: The provided subscription identifier '@appsetting('WORKFLOWS_SUBSCRIPTION_ID')' is malformed or invalid. Error: Resource group '@appsetting('WORKFLOWS_RESOURCE_GROUP_NAME')' could not be found.
It appears that the method for creating the access policy is running before the tokens are replaced.