search

dotnet / sdk

Core functionality needed to create .NET Core projects, that is shared between Visual Studio and CLI
https://dot.net/core
MIT License
2.59k stars 1.03k forks source link

How to setup deploy to set 'Write' rights for 'logs' folder in IIS when deploying from VS2017? #12480

Open AdaskoTheBeAsT opened 5 years ago

AdaskoTheBeAsT commented 5 years ago

Hi,

simple webapi project with logs folder. Setting up csproj to generate empty logs folder was easy as described in https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/directory-structure?view=aspnetcore-2.2

but there is no sample how to set proper 'Write" rights to logs folder automatically.

So I tried using .wpp.targets by including them into csproj

<Import Project="$(MSBuildProjectDirectory)\$(MSBuildProjectName).wpp.targets" Condition="Exists('$(MSBuildProjectDirectory)\$(MSBuildProjectName).wpp.targets')" />

and having in wpp.targets

<Target Name="SetupCustomAcls" AfterTargets="AddIisSettingAndFileContentsToSourceManifest">
        <ItemGroup>
            <MsDeploySourceManifest Include="setAcl">
                <Path>$(_MSDeployDirPath_FullPath)\logs</Path>
                <setAclUser>IIS_IUSRS</setAclUser>
                <setAclAccess>Read,Write</setAclAccess>
                <setAclResourceType>Directory</setAclResourceType>
                <AdditionalProviderSettings>setAclUser;setAclResourceType;setAclAccess</AdditionalProviderSettings>
            </MsDeploySourceManifest>
        </ItemGroup>
    </Target>

    <Target Name="DeclareCustomParameters" AfterTargets="AddIisAndContentDeclareParametersItems">
        <ItemGroup>
            <MsDeployDeclareParameters Include="logsSetAclParam">
                <Kind>ProviderPath</Kind>
                <Scope>setAcl</Scope>
                <Match>^$(_EscapeRegEx_MSDeployDirPath)\\logs$</Match>
                <Description>Add write permission to the logs folder.</Description>
                <DefaultValue>{$(_MsDeployParameterNameForContentPath)}/logs</DefaultValue>
                <Value>$(_DestinationContentPath)/logs</Value>
                <Tags>Hidden</Tags>
                <Priority>$(VsSetAclPriority)</Priority>
                <ExcludeFromSetParameter>True</ExcludeFromSetParameter>
            </MsDeployDeclareParameters>
        </ItemGroup>
    </Target>

then having another snippet found 

<PropertyGroup>
       <!-- Extends the AfterAddIisSettingAndFileContentsToSourceManifest action do also set ACLs -->
       <IncludeSetACLProviderOnDestination>True</IncludeSetACLProviderOnDestination>
       <IncludeCustomACLs>true</IncludeCustomACLs>

    <AfterAddIisSettingAndFileContentsToSourceManifest Condition="'$(AfterAddIisSettingAndFileContentsToSourceManifest)'=='true'">
      $(AfterAddIisSettingAndFileContentsToSourceManifest);
      SetCustomACLsDeploy;
    </AfterAddIisSettingAndFileContentsToSourceManifest>
  </PropertyGroup>

  <Target Name="SetCustomACLsDeploy" Condition="'$(IncludeCustomACLs)'=='TRUE'">
    <Message Text="Adding Custom ACls" />
    <ItemGroup>
        <!--Make sure the by default Networkservice/AppPoolIdentity have write permission to the root-->
      <MsDeploySourceManifest Include="setAcl" Condition="$(IncludeSetAclProviderOnDestination)">
        <Path>$(_MSDeployDirPath_FullPath)\logs</Path>
        <setAclUser>IIS_IUSRS</setAclUser>
        <setAclAccess>Read,Write,Modify</setAclAccess>
        <setAclResourceType>Directory</setAclResourceType>
        <AdditionalProviderSettings>setAclUser;setAclResourceType;setAclAccess</AdditionalProviderSettings>
      </MsDeploySourceManifest> 
    </ItemGroup>
  </Target>

then I put 

<Target Name="DisplayMessages" AfterTargets="Publish" >
        <Message Text="Hello from wpp.targets" Importance="high"/>
        <Exec Command="icacls $(PublishDir)logs /grant IIS_IUSRS:F" />
        <Exec Command="icacls $(PublishUrl)logs /grant IIS_IUSRS:F" />
    </Target>

also moved those parts around profile pubxml and csproj and of course nothing worked. So question is simple - how to setup .net core 2.2 project to be able to create logs folder if it doesn't exists, leave existing files there (some previous log files), assing proper write rights for application pool user regardles if webapp will be deployed from VS or command line.

vijayrkn commented 5 years ago

wpp target support is not available for core projects yet - https://github.com/aspnet/websdk/issues/385

MikelThief commented 5 years ago

Why not set a post-build task to command webdeploy to set proper ACLs for a specified IIS app? ;)