Arquivo

Posts Tagged ‘pipeline’

Let´s Encrypt + Azure > Certificate missing after Azure Pipeline Release

TLDR; My problem was caused by Zip Deploy in Azure Pipeline task named [ Deploy Azure App Service v 4 ]. The version 4 have by default [ zip deploy ] that runs your website inside a zip file, and turns filesystem readonly. Solution: Inside Azure Pipeline task, marks [ X ] select deployment method and set to [ Web Deploy ].

Recently, configuring let´s encrypt on my azure website (Azure, where´s native support for let´s encrypt please?), i´ve followed the instructions to use a combination of ( ohadschn/letsencrypt-webapp-renewer that runs in a webjob/webfunction and uses internally sjkp/letsencrypt-siteextension ).

I´ve configured a main site, with three subdomains.

  • subdomain1.mysite.com
  • subdomain2.mysite.com
  • subdomain3.mysite.com
  • mysite.com

All of them with ssl bindings to their respective custom domains in a Azure WebApp. It is a ASP NET CORE app.

The steps i´ve followed was:

  1. Created the 4 web apps and left them empty.
  2. Created a dedicated web app for certificate renewal following [letsencrypt-webapp-renewer] best practices.
  3. Configured renewer and ran webjob.
  4. Checked my sites, and all of them was sucessfull configured. ✅

Then the surprise: I´ve created a new Azure Pipeline and released a version to my [subdomain1] web app. When i browsed to my web app, what was not my surprise when i found it with an invalid certificate.

When i tried to re-run my certificate renewal web job, it failed with a message: "Could not write to local resource 'D:\home\site\wwwroot\.well-known\acme-challenge\web.config' due to error 'Could not find file 'D:\home\site\wwwroot\.well-known\acme-challenge'.'.","ExceptionMessage":"Could not find file 'D:\home\site\wwwroot\.well-known\acme-challenge'.","ExceptionType":"System.IO.FileNotFoundException","StackTrace":"

Trying several solution paths to this “could ot write” message, i´ve found this blogpost that saved my day, because i was not searching in the right place: Azure App Service: Cannot create directories and write to filesystem when deployed using Azure DevOps

SOLUTION:

  1. At website configurations, remove the [WEBSITE_RUN_FROM_ZIP] setting.
  2. Change the Azure App Service Deploy task to use the traditional deployment method: WebDeploy. (Image 1)

Azure Pipeline, Additional Deployment Options, Deployment method changed to Web Deploy
Image 1: Azure Pipeline: Deploy Azure App Service task > Changing deployment method

Hot it helped!

References:

https://github.com/sjkp/letsencrypt-siteextension/issues/239

https://tomasherceg.com/blog/post/azure-app-service-cannot-create-directories-and-write-to-filesystem-when-deployed-using-azure-devops

Guia Ecológico

Despertando a consciência que preserva!

Viagem e Voo

Dicas para viagens, férias e voos nacionais e internacionais

Ivan Guimarães Meirelles

Analista Desenvolvedor

Void Podcast

Vazio e sem retorno de valor

Elemar DEV

Negócios, tecnologia e desenvolvimento

2,000 Things You Should Know About WPF

Everything a WPF Developer Needs to Know, in Bite-Sized Chunks

Gabriel RB.net

Blog técnico, com dicas, códigos, novidades e problemas do dia-a-dia programando.

Alexandre Valente's Blog

Experiências em tecnologia e assuntos diversos

%d blogueiros gostam disto: