Logic App Standard doesn't work out of the box

[joseaznar]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.3.4

AzureRM Provider Version

3.20.0

Affected Resource(s)/Data Source(s)

azurerm_logic_app_standard

Terraform Configuration Files

resource "azurerm_app_service_plan" "logic_app" {
  name                = "asp-${var.general_suffix}-01"
  location            = var.location
  resource_group_name = var.resource_group_name
  kind                = "elastic"
  tags                = var.tags
  zone_redundant      = false
  reserved            = false

  sku {
    capacity = 1
    tier     = "WorkflowStandard"
    size     = "WS1"
  }
}

locals {
  logic_app_name = "logic-${var.general_suffix}-01"
}

resource "azurerm_logic_app_standard" "workflow" {
  name                       = local.logic_app_name
  location                   = var.location
  resource_group_name        = var.resource_group_name
  app_service_plan_id        = azurerm_app_service_plan.logic_app.id
  storage_account_name       = var.storage_account_name
  storage_account_access_key = var.storage_account_key
  enabled                    = true
  https_only                 = true

  lifecycle {
    ignore_changes = [
      tags,
    ]
  }

  site_config {
    always_on              = false
    ftps_state             = "FtpsOnly"
    http2_enabled          = true
    min_tls_version        = "1.2"
    vnet_route_all_enabled = true

    elastic_instance_minimum = 1

    ip_restriction {
      name       = "Self hosted runners NGW IP"
      ip_address = var.github_self_hosted_ngw_ip
      priority   = 501
      action     = "Allow"
    }

    ip_restriction {
      name       = "VPN"
      ip_address = "*"
      priority   = 502
      action     = "Allow"
    }
  }

  app_settings = {
    "FUNCTIONS_WORKER_RUNTIME"              = "dotnet"
    "WEBSITE_CONTENTOVERVNET"               = "1"
    "APPINSIGHTS_INSTRUMENTATIONKEY"        = azurerm_application_insights.texcoco.instrumentation_key
    "APPLICATIONINSIGHTS_CONNECTION_STRING" = azurerm_application_insights.texcoco.connection_string
  }
}

resource "azurerm_app_service_virtual_network_swift_connection" "logic_app" {
  depends_on = [
    azurerm_logic_app_standard.workflow
  ]
  app_service_id = azurerm_logic_app_standard.workflow.id
  subnet_id      = var.logic_app_subnet_id
}

Debug Output/Panic Output

This debug output happens when trying to deploy to the logic app

Successfully parsed SCM credential from publish-profile format.
Using SCM credential for authentication, GitHub Action will not perform resource validation.
Error: Execution Exception (state: ValidateAzureResource) (step: Invocation)
Error:   When request Azure resource at ValidateAzureResource, Get Function App Settings : Failed to acquire app settings from https://<scmsite>/api/settings with publish-profile
Error:     Failed to fetch Kudu App Settings.
Service Unavailable (CODE: 503)
Error:       Error: Failed to fetch Kudu App Settings.
Service Unavailable (CODE: 503)
    at Kudu.<anonymous> (/home/actions/actions-runner/_work/_actions/Azure/functions-action/v1.4.6/node_modules/azure-actions-appservice-rest/Kudu/azure-app-kudu-service.js:62:23)
    at Generator.next (<anonymous>)
    at fulfilled (/home/actions/actions-runner/_work/_actions/Azure/functions-action/v1.4.6/node_modules/azure-actions-appservice-rest/Kudu/azure-app-kudu-service.js:5:58)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
Error: Deployment Failed!

Expected Behaviour

When you create the resource you can use the publish profile to deploy to it.

Actual Behaviour

What happens here is that the Logic App that gets deployed doesn't create the required fileshare in the storage account and you have to manually (or via azurerm_storage_share) create a fileshare that stores the content of the App.

Steps to Reproduce

Create the Logic App Standard Resource pointing to certain storage account.

Try to deploy using the Publish Profile.

Important Factoids

Using GitHub actions Azure/functions-action@v1.4.6 to deploy the content of the Logic App

References

No response

[joseaznar]

We found the same behaviour with the azurerm_linux_function_app resource.

Basically, what’s happening is that when we use the azurerm_linux_function_app resource it fails to create the File Share needed in the linked Storage Account, so what we had to do is create the File Share using the azurerm_storage_share resource and then add the WEBSITE_CONTENTSHARE app setting in the Function App with the name of the File Share created.

In this case we are using the version 3.18.0 of the hashicorp/azurerm Terraform provider.

Thanks for your support!