ewassef
commented
4 years ago Any update on this? having the same error and cant find a solution
Open devopsidiot opened 5 years ago
ewassef
commented
4 years ago Any update on this? having the same error and cant find a solution
cwiederspan
commented
4 years ago I'm also seeing this problem when attempting to create an Azure Web App service that uses a Windows Container from a private registry. The problem seems to be the value of the windows_fx_version property.
My guess is that the provider is trying to create the App Service first, with the site_config setting, but not with the app_settings. And since the username and password for the private registry are within the app_settings, the App Service seems like it won't provision because it doesn't have the username/password, and the whole script dies.
cwiederspan
commented
4 years ago Ultimately, the azurerm provider is sending an API call with a body like this...
{
"location": "westus",
"properties": {
"enabled": true,
"serverFarmId": "/subscriptions/b9c770d1-cde9-4da3-ae40-95ce1a4fac0c/resourceGroups/cdw-winappcnt-20200410/providers/Microsoft.Web/serverfarms/cdw-winappcnt-20200410-plan",
"siteConfig": {
"defaultDocuments": [],
"netFrameworkVersion": "v4.0",
"phpVersion": "",
"pythonVersion": "",
"linuxFxVersion": "",
"windowsFxVersion": "DOCKER|cdwms.azurecr.io/aspnethelloworld:latest",
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "",
"scmType": "None",
"use32BitWorkerProcess": false,
"webSocketsEnabled": false,
"alwaysOn": true,
"javaVersion": "",
"javaContainer": "",
"javaContainerVersion": "",
"appCommandLine": "",
"cors": {},
"autoSwapSlotName": "",
"localMySqlEnabled": false,
"ipSecurityRestrictions": [],
"http20Enabled": false
},
"httpsOnly": false
},
"tags": {}
}... which fails. However, if it were to pass this...
{
"location": "westus",
"properties": {
"enabled": true,
"serverFarmId": "/subscriptions/b9c770d1-cde9-4da3-ae40-95ce1a4fac0c/resourceGroups/cdw-winappcnt-20200410/providers/Microsoft.Web/serverfarms/cdw-winappcnt-20200410-plan",
"siteConfig": {
"defaultDocuments": [],
"netFrameworkVersion": "v4.0",
"phpVersion": "",
"pythonVersion": "",
"linuxFxVersion": "",
"windowsFxVersion": "DOCKER|cdwms.azurecr.io/aspnethelloworld:latest",
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "",
"scmType": "None",
"use32BitWorkerProcess": false,
"webSocketsEnabled": false,
"alwaysOn": true,
"javaVersion": "",
"javaContainer": "",
"javaContainerVersion": "",
"appCommandLine": "",
"cors": {},
"autoSwapSlotName": "",
"localMySqlEnabled": false,
"ipSecurityRestrictions": [],
"http20Enabled": false,
"appSettings": [
{
"name": "DOCKER_REGISTRY_SERVER_URL",
"value": "https://something.azurecr.io"
},
{
"name": "DOCKER_REGISTRY_SERVER_USERNAME",
"value": "something"
},
{
"name": "DOCKER_REGISTRY_SERVER_PASSWORD",
"value": "REDACTED"
},
{
"name": "WEBSITES_ENABLE_APP_SERVICE_STORAGE",
"value": "false"
}
],
},
"httpsOnly": false
},
"tags": {}
}... with the appsettings, then it works as expected.
ewassef
commented
4 years ago @cwiederspan you're on to something because the Schema for Site_config doesnt include the appsettings, its a sibling https://github.com/terraform-providers/terraform-provider-azurerm/blob/1c3b771dac54b42bb48a587ba28118e087650b29/azurerm/helpers/azure/app_service.go#L637 I wonder if we add it in there in the .tf file if that would work
ewassef
commented
4 years ago Nope, validation stops it : An argument named "app_settings" is not expected here.
pragadeeshraju
commented
4 years ago im facing the same issue. Do we have any solution/workaround for this?
cwiederspan
commented
4 years ago I haven't kept up with this, but would love to hear if there's been any update from the resource provider side of things.
KennyEliasson
commented
3 years ago Im also facing this issue. As a temporary workaround I set the windows_fx_version to a public image and changes it with azure cli or manually from the UI.
christopherecusack
commented
3 years ago Any updates on this issue? I am also facing the same.
pramodkataria
commented
3 years ago Any solution so far? I am having the same issue.
aldrichang
commented
3 years ago I'm having the same issue... is there any work around at the moment? @KennyEliasson doesn't it reset back to the public image when you reapply?
KennyEliasson
commented
3 years ago @aldrichang I've ignored windows_fx_version and I set the image via Azure CLI
ahmddp
commented
3 years ago We had the exact same issue and followed @KennyEliasson's method as the workaround. I used the nanoserver:1809 public image to initialize the appservice. Also, ignored some app_settings to avoid subsequent deployment overwrites.
resource "azurerm_app_service" "app" {
<<<<<<<<<truncated for readability>>>>>>>>>>>>
app_settings = {
"DOCKER_REGISTRY_SERVER_URL" = "https://index.docker.io"
"DOCKER_REGISTRY_SERVER_PASSWORD" = null
"DOCKER_REGISTRY_SERVER_USERNAME" = null
}
site_config {
windows_fx_version = join("", ["DOCKER|","mcr.microsoft.com/windows/nanoserver:1809"])
}
lifecycle {
ignore_changes = [
app_settings["DOCKER_REGISTRY_SERVER_URL"],
app_settings["DOCKER_REGISTRY_SERVER_PASSWORD"],
app_settings["DOCKER_REGISTRY_SERVER_USERNAME"],
site_config["windows_fx_version"]
]
}
}
tombuildsstuff
commented
2 years ago :wave:
We recently announced version 3.0 of the Azure Provider which introduces several new features, including new resources for App Service to better represent the service, including the azurerm_linux_web_app and azurerm_windows_web_app resources.
Since these resources better represent App Service in Terraform - we're introducing new functionality to those resources and encourage you to opt-into the Beta, try the new resources and provide feedback - as in version 3.0 these new resources will become GA and will supersede the existing resources. More information on the Beta can be found here.
Thanks!
Community Note
Terraform (and AzureRM Provider) Version
Affected Resource(s)
azurerm_app_serviceTerraform Configuration Files
Expected Behavior
Web App for container w/ Windows Container deployed into larger resource group
Actual Behavior
Error: web.AppsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest" Message="The parameter WindowsFxVersion has an invalid value. Could not find the specified image name and tag combination. For private registries, make sure you are prepending the image name with the server hostname. https://mcr.microsoft.com" Details=[{"Message":"The parameter WindowsFxVersion has an invalid value. Could not find t he specified image name and tag combination. For private registries, make sure you are prepending the image name with the server hostname. https://mcr.microsoft.com"},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest" ,"ExtendedCode":"01007","Message":"The parameter WindowsFxVersion has an invalid value. Could not find the specified image name and tag combination. For private registries, make sure you are prepending the image name with th e server hostname. https://mcr.microsoft.com","MessageTemplate":"The parameter {0} has an invalid value.","Parameters":["WindowsFxVersion"]}}]
Error: Error creating App Service "rdbuilder02" (Resource Group "rdbuilder02"): web.AppsClient#CreateOrUpdate: Failure sending request: StatusCode=401 -- Original Error: Code="Unauthorized" Message="Access is denied. Not auth orized. latest" Details=[{"Message":"Access is denied. Not authorized. latest"},{"Code":"Unauthorized"},{"ErrorEntity":{"Code":"Unauthorized","ExtendedCode":"01001","Message":"Access is denied. Not authorized. latest","Messag eTemplate":"Access is denied.","Parameters":[]}}]
Steps to Reproduce
terraform initterraform applyImportant Factoids
The snippit is part of a much larger script, all of which deploys without issue. Can deploy the web app windows container via AzureRM powershell and through console. If I use a public app, it deploys successfully.
References
0000