I am having a issue with applying a App Service Authentication to my Web App Slots.
The error i am receiving is the following:
"The template resource 'webapptest1a/authconfig' for type 'Microsoft.WindowsAzure.ResourceStack.Frontdoor.Common.Entities.TemplateGenericProperty`1[System.String]' at line '1' and column '8107' has incorrect segment lengths. A nested resource type must have identical number of segments as its resource name. A root resource type must have segment length one greater than its resource name"
Here is my code, which i think is pretty much correct. I am finding it difficult to find references for Web App slots config. I have the Microsoft Documentation and i followed it, but no luck.
Here is my code:
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'),'/authconfig')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "~1",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": "AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": [
"https://webapptest1a-staging.azurewebsites.net"
],
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},
I am really concussed, i have tried many variants but i am not getting close.
I changed the name to few different variants then i was given different errors but in regards to the naming convention.
"name": "[concat(parameters('webAppName'), '/appsettings')]",
I also changed the Depends on twice from:
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
To:
"[concat('Microsoft.Web/sites/', parameters('webAppName'))]",
"[concat(parameters('sqlDatabase'), 'constr')]"
I am really stuck! Would love some guidance.
Thank you
As the error says that "A root level resource must have one less segment in the name than the resource type". Here you are passing the incorrect name for the resource. As the segment length of Type is 4, segment length of Name must be 3. So in the config name you must pass the slot name also something like below (You can change the slot name and config name according to your template)
[concat(parameters('webAppName'), '/staging/web')]
Please check the below example for reference:
{
"type": "Microsoft.Web/sites/slots/config",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('webAppName'), '/staging/web')]",
"location": "East US",
"dependsOn": [
"[resourceId('Microsoft.Web/sites/slots', parameters('webAppName'), 'staging')]",
"[resourceId('Microsoft.Web/sites', parameters('webAppName'))]"
],
"properties": {
"numberOfWorkers": 1,
"defaultDocuments": [
"Default.htm",
"Default.html",
"Default.asp",
"index.htm",
"index.html",
"iisstart.htm",
"default.aspx",
"index.php",
"hostingstart.html"
],
"netFrameworkVersion": "v4.0",
"requestTracingEnabled": false,
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "VS2019",
"httpLoggingEnabled": false,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": false,
"publishingUsername": "$mytestap345__staging",
"scmType": "None",
"use32BitWorkerProcess": true,
"webSocketsEnabled": false,
"alwaysOn": false,
"managedPipelineMode": "Integrated",
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\\wwwroot",
"preloadEnabled": false
}
],
"loadBalancing": "LeastRequests",
"experiments": {
"rampUpRules": []
},
"autoHealEnabled": false,
"localMySqlEnabled": false,
"ipSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictionsUseMain": false,
"http20Enabled": false,
"minTlsVersion": "1.2",
"ftpsState": "AllAllowed",
"reservedInstanceCount": 0
}
}
Related
I am trying to build a custom approval step for my CodePipeline on AWS. The AWS built default approval ActionTypeId does not let you output artifacts. I want my approval step to be able to output artifacts. I found this document on creating custom ActionTypeIds but I am still confused an fuzzy on this. Any help will be really appreciated.
I've posted the code from AWS. can someone help me understand the "settings" and the "configurationProperties" sections?
{
"category": "Approval",
"provider": "My-Custom-ActionIdType",
"version": "1",
"settings": {
"entityUrlTemplate": "https://my-build-instance/job/{Config:CGBoyProject}/",
"executionUrlTemplate": "https://my-build-instance/job/{Config:ProjectName}/lastSuccessfulBuild/{ExternalExecutionId}/"
},
"configurationProperties": [{
"name": "ProjectName",
"required": true,
"key": true,
"secret": false,
"queryable": false,
"description": "The name of the build project must be provided when this action is added to the pipeline.",
"type": "String"
}],
"inputArtifactDetails": {
"maximumCount": integer,
"minimumCount": integer
},
"outputArtifactDetails": {
"maximumCount": integer,
"minimumCount": integer
},
"tags": [{
"key": "Project",
"value": "ProjectA"
}]
}
I successfully deployed my ARM template via ADO last week and realised that i forgot to include App Service Authentication for my Web App slots.
I messed around with the Microsoft.Web/sites/slots/config and ran into some errors that i was able to overcome with the help of few individuals on Stack.
However, now that the code should work it is failing but i am not getting any error codes on Azure DevOps when releasing.
It just says;
2020-07-02T14:20:19.0820320Z ##[error]At least one resource deployment operation failed. Please
list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2020-07-02T14:20:19.0832558Z ##[error]Details:
2020-07-02T14:20:19.0834149Z ##[error]BadRequest:
2020-07-02T14:20:19.0835776Z ##[error]Check out the troubleshooting guide to see if your issue is addressed: https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting
2020-07-02T14:20:19.0837268Z ##[error]Task failed while creating or updating the template deployment.
Here is my code:
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'),'/staging/auth')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "~1",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": "AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": [
"https://webapptest1a-staging.azurewebsites.net"
],
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},
Anything sticking out like a sore thumb?
I released the code without this part in it, and it worked fine, so it is most likely this little section here that is causing an issue, but all the information i believe is correct.
According to: https://learn.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites/config-authsettings
Thank you for your guidance.
So, after a bit i found an answer;
Here is the working code;
What i had previously done was this;
"name": "[concat(parameters('webAppName'), '/staging/auth')]",
What it needs to be is this;
"name": "[concat(parameters('webAppName'), '/staging/authsettings')]",
The "auth" alone will not match anything, and will give back a bad request. Which is right as nothing under "auth" exists meaning it cannot be matched.
So when you put Auth Settings, it actually works as intended as it matches!
Here is what i followed
{
"type": "Microsoft.Web/sites/slots/config",
"name": "[concat(parameters('webAppName'), '/staging/authsettings')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[parameters('webAppName')]",
"[concat(parameters('sqlDatabase'), 'constr')]"
],
"properties": {
"enabled": true,
"runtimeVersion": "1.0.0",
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": false,
"allowedExternalRedirectUrls": null,
"defaultProvider":"AzureActiveDirectory",
"clientId": null,
"clientSecret": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": null,
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
},
I can't make FeathersJs work along RS256. I used the generator, but i receive
error: NotAuthenticated: error:0906D06C:PEM routines:PEM_read_bio:no start line when user logs in with correct JWT access token.
"authentication": {
"secret": "whateverSecret",
"strategies": [
"jwt"
],
"path": "/authentication",
"service": "users",
"jwt": {
"header": {
"typ": "access"
},
"audience": "https://yourdomain.com",
"subject": "anonymous",
"issuer": "feathers",
"algorithm": "RS256", //set to RS256
"expiresIn": "1d"
},
"auth0": {
"clientID": "myClientid",
"clientSecret": "myClientSecret",
"successRedirect": "/",
"domain": "myDomain.auth0.com",
"scopes": [
"profile"
]
},
"cookie": {
"enabled": true,
"name": "feathers-jwt",
"httpOnly": false,
"secure": false
}
}
and inside user.hooks.js is the default generator.
The RS256 requires quite a bit more configuration to work. This issue mentions to make sure that your private key (secret) is a valid certificate and contains the proper newlines.
You will also likely have to customize the JWT verifier to pass the public key as the signing secret when verifying the JWT.
We are upgrading our Data pipeline version from 3.3.2 to 5.8, so those bootstrap actions on old AMI release have changed to be setup using configuration and specifying them under classification / property definition.
So my Json looks like below
{
"enableDebugging": "true",
"taskInstanceBidPrice": "1",
"terminateAfter": "2 Hours",
"name": "ExportCluster",
"taskInstanceType": "m1.xlarge",
"schedule": {
"ref": "Default"
},
"emrLogUri": "s3://emr-script-logs/",
"coreInstanceType": "m1.xlarge",
"coreInstanceCount": "1",
"taskInstanceCount": "4",
"masterInstanceType": "m3.xlarge",
"keyPair": "XXXX",
"applications": ["hadoop","hive", "tez"],
"subnetId": "XXXXX",
"logUri": "s3://pipelinedata/XXX",
"releaseLabel": "emr-5.8.0",
"type": "EmrCluster",
"id": "EmrClusterWithNewEMRVersion",
"configuration": [
{ "ref": "configureEmrHiveSite" }
]
},
{
"myComment": "This object configures hive-site xml.",
"name": "HiveSite Configuration",
"type": "HiveSiteConfiguration",
"id": "configureEmrHiveSite",
"classification": "hive-site",
"property": [
{"ref": "hive-exec-compress-output" }
]
},
{
"myComment": "This object sets a hive-site configuration
property value.",
"name":"hive-exec-compress-output",
"type": "Property",
"id": "hive-exec-compress-output",
"key": "hive.exec.compress.output",
"value": "true"
}
],
"parameters": []
With the above Json file it gets loaded into Data Pipeline but throws an error saying
Object:HiveSite Configuration
ERROR: 'HiveSiteConfiguration'
Object:ExportCluster
ERROR: 'configuration' values must be of type 'null'. Found values of type 'null'
I am not sure what this really means and could you please let me know if i am specifying this correctly which i think i am according to http://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html
The below block should have the name as "EMR Configuration" only then its recognized correctly by the AWS Data pipeline and the Hive-site.xml is being set accordingly.
{
"myComment": "This object configures hive-site xml.",
"name": "EMR Configuration",
"type": "EmrConfiguration",
"id": "configureEmrHiveSite",
"classification": "hive-site",
"property": [
{"ref": "hive-exec-compress-output" }
]
},
I'm trying to migrate an old Plone 3.3 site that uses
FileSystemStorage using Mikko's Simple JSON export script.
Everything runs fine, except for the absence of a value on the image fields, which are returned as empty strings (''):
[
...
{
"allowDiscussion": false,
"contributors": [],
"creation_date": "2009-11-04T15:15:36-02:00",
"creators": [
"johndoe"
],
"description": "",
"effectiveDate": null,
"excludeFromNav": false,
"expirationDate": null,
"id": "banner_vertical.jpg",
"image": "",
"language": "",
"location": "",
"modification_date": "2009-11-04T15:15:37-02:00",
"portal_type": "Image",
"relatedItems": [],
"rights": "",
"subject": [],
"title": "Banner vertical",
"urlLegend": "http://"
},
...
]
Any hint?
(iw.fss version used is 2.8.0rc5).
FSS was not known or used by the site for which the script has been made.
You might want to retrofit convert() and other methods to support your use case.