【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

路邊兩盞燈發表於2023-01-17

問題描述

使用Github Action,透過 Azure/functions-container-action@v1 外掛來完成 yaml 檔案的配置,併成功部署Function Image 的過程記錄。

【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

 

操作步驟

第一步: 準備Function的映象檔案

如在VS Code中,透過Terminal(命令列視窗),根據所使用的語言,建立或初始化DockerFile

func init --worker-runtime python --docker

# --docker 選項生成該專案的 Dockerfile,其中定義了適合用於 Azure Functions 和所選執行時的自定義容器 Python

執行後的效果為在Function 專案中新增Dockerfile檔案。

【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

參考文件 -- 在 Linux 上使用自定義容器建立函式:https://docs.azure.cn/zh-cn/azure-functions/functions-create-function-linux-custom-image?tabs=in-process%2Cbash%2Cazure-cli&pivots=programming-language-python

第二步:上傳映象到ACR

首先,在本地啟動Docker Desktop後,使用Docker build 生產映象檔案。

然後,登入ACR(Azure Container Registry :Azure 容器登錄檔)。 

命令示例如下:

## 本地生產Image檔案
docker build --tag azurefunctionsimage:v1 .

## 登入Azure映象庫
docker login <your-registry-name>.azurecr.cn --username <your-registry-username>


## 設定tag,推送到ACR
docker tag azurefunctionsimage <your-registry-name>.azurecr.cn/azurefunctionsimage:v1

docker push <your-registry-name>.azurecr.cn/azurefunctionsimage:v1

第三步:配置使用者標識

啟用使用者標識,主要就是為了能夠讓它有許可權去訪問ACR並且拉取映象檔案

1:建立使用者標識:Create User Assigned Managed Identity - Microsoft Azure 由世紀互聯運營

【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

2:在ACR中為使用者標識賦予許可權(Contributor or Reader):分配 Azure 角色的步驟 https://docs.azure.cn/zh-cn/role-based-access-control/role-assignments-steps

【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

 

第四步:配置Github Action的 workflow yaml檔案

Action的workflow檔案中,有兩段內容需要配置,一是設定 使用者標識,二是設定映象路徑。

第一段,修改Function App的設定

    - name: Azure App Service Settings
      uses: Azure/appservice-settings@v1
      with:
        # Name of the Azure Web App
        app-name: fun-name 
        general-settings-json: '{"acrUseManagedIdentityCreds": "true", "acrUserManagedIdentityID": "user managed identity id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}'
		

第二段,配置Image 路徑

    - name: 'Run Azure Functions Container Action'
      uses: Azure/functions-container-action@v1
      id: fa
      with:
        app-name: fun-name
        image: youracrname.azurecr.cn/imagename:version

以上配置與 Azure Funciton 門戶上 Development Center 的設定對比關係如下:

【Azure Developer】在Github Action中使用Azure/functions-container-action@v1配置Function App併成功部署Function Image

參考的github上yaml檔案內容:https://github.com/Azure/actions-workflow-samples/tree/master/FunctionApphttps://github.com/Azure/actions-workflow-samples/blob/master/FunctionApp/linux-container-functionapp-on-azure.yml

修改後的yaml內容:

# Action Requires
# 1. Setup the AZURE_CREDENTIALS secrets in your GitHub Repository
# 2. Setup the REGISTRY_USERNAME secrets in your GitHub Repository
# 3. Setup the REGISTRY_PASSWORD secrets in your GitHub Repository
# 4. Replace REGISTRY, NAMESPACE, IMAGE, TAG in the following template with proper values
# 5. Add this yaml file to your project's .github/workflows/
# 6. Push your local project to your GitHub Repository

name: Linux_Container_Workflow

on: [push]

#on:
#  push:
#    branches:
#    - master

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    environment: dev
    steps:
    - name: 'Checkout GitHub Action'
      uses: actions/checkout@v3

    #- name: 'Login via Azure CLI'
    #  uses: Azure/login@v1.4.6
    #  with:
    #    creds: ${{ secrets.AZURE_CREDENTIALS }}
    #    environment: AzureChinaCloud
    #    #allow-no-subscriptions: true
    
    - name: 'set subscriptions'
      run: |
          az cloud set --name AzureChinaCloud
          az login -u your azure user name -p "password" 
          az account set --subscription "your subscription id"

    - name: 'Docker Login'
      uses: azure/docker-login@v1
      with:
        login-server: youracrname.azurecr.cn
        username: ${{ secrets.REGISTRY_USERNAME }}
        password: ${{ secrets.REGISTRY_PASSWORD }}
      

    # - name: 'Compose Customized Docker Image'
    #   shell: bash
    #   run: |
    #     # If your function app project is not located in your repository's root
    #     # Please change the path to your directory for docker build
    #     docker build . -t REGISTRY/NAMESPACE/IMAGE:TAG
    #     docker push REGISTRY/NAMESPACE/IMAGE:TAG


    - name: Azure App Service Settings
      uses: Azure/appservice-settings@v1
      with:
        # Name of the Azure Web App
        app-name: functionappname
        general-settings-json: '{"acrUseManagedIdentityCreds": "true", "acrUserManagedIdentityID": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}'

    - name: 'Run Azure Functions Container Action'
      uses: Azure/functions-container-action@v1
      id: fa
      with:
        app-name: functionappname
		#image: REGISTRY/NAMESPACE/IMAGE:TAG
        image: youracrname.azurecr.cn/azurefunctionimage:v1

    #- name: 'use the published functionapp url in upcoming steps'
    #  run: |
    #    echo "${{ steps.fa.outputs.app-url }}"

    - name: Azure logout
      run: |
        az logout
# For more information on GitHub Actions:
#   https://help.github.com/en/categories/automating-your-workflow-with-github-actions

以上操作完成後,即可上傳workflow yaml檔案到 .github/workflows/ 目錄下。因為條件設定為 on: [push],所以任何對程式碼庫的push操作就會觸發該workflow。

 

成功的效果圖如本文最開始“問題描述”中的圖片一致。

 

在Azure Function的log中,也能發現類似的Container啟動日誌:

2023-01-13T03:09:36.682Z INFO  - Logging is not enabled for this container.
Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here.
2023-01-13T03:09:45.209Z INFO  - Initiating warmup request to container funtest01_1_b4054967_msiProxy for site funtest01
2023-01-13T03:09:45.261Z INFO  - Container funtest01_1_b4054967_msiProxy for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T03:09:45.268Z INFO  - Initiating warmup request to container funtest01_1_b4054967 for site funtest01
2023-01-13T03:10:01.707Z INFO  - Waiting for response to warmup request for container funtest01_1_b4054967. Elapsed time = 16.4981389 sec
2023-01-13T03:10:13.069Z INFO  - Container funtest01_1_b4054967 for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T03:10:13.089Z INFO  - Initiating warmup request to container funtest01_1_b4054967_middleware for site funtest01
2023-01-13T03:10:17.032Z INFO  - Container funtest01_1_b4054967_middleware for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T03:22:40.065Z INFO  - Recycling container because of AppSettingsChange and isMainSite = True
2023-01-13T03:22:55.207Z INFO  - Pulling image: mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart
2023-01-13T03:22:56.079Z INFO  - 3.0-appservice-quickstart Pulling from azure-functions/dotnet
2023-01-13T03:22:56.080Z INFO  -  Digest: sha256:99f2de1ba2d097fe7fca8098351bd7d9d2e1cabbc32e3c3506321f7f1811bd1b
2023-01-13T03:22:56.081Z INFO  -  Status: Image is up to date for mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart
2023-01-13T03:22:56.084Z INFO  - Pull Image successful, Time taken: 0 Minutes and 0 Seconds
2023-01-13T03:22:56.157Z INFO  - Starting container for site
2023-01-13T03:22:56.165Z INFO  - docker run -d --expose=80 --name funtest01_2_24a23a85 -e WEBSITE_CORS_ALLOWED_ORIGINS=https://portal.azure.cn -e WEBSITE_CORS_SUPPORT_CREDENTIALS=False -e WEBSITES_ENABLE_APP_SERVICE_STORAGE=false -e WEBSITE_SITE_NAME=funtest01 -e WEBSITE_AUTH_ENABLED=False -e PORT=80 -e WEBSITE_ROLE_INSTANCE_ID=0 -e WEBSITE_HOSTNAME=funtest01.chinacloudsites.cn -e WEBSITE_INSTANCE_ID=50a285a49ae3758d44951d408c7ec6cb3077821b90868ed2bf52d6c32be391fa -e WEBSITE_USE_DIAGNOSTIC_SERVER=False mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart  

2023-01-13T03:22:56.166Z INFO  - Logging is not enabled for this container.
Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here.
2023-01-13T03:23:10.342Z INFO  - Initiating warmup request to container funtest01_2_24a23a85_msiProxy for site funtest01
2023-01-13T03:23:10.745Z INFO  - Container funtest01_2_24a23a85_msiProxy for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T03:23:10.753Z INFO  - Initiating warmup request to container funtest01_2_24a23a85 for site funtest01
2023-01-13T03:23:27.483Z INFO  - Waiting for response to warmup request for container funtest01_2_24a23a85. Elapsed time = 17.1407378 sec
2023-01-13T03:23:38.014Z INFO  - Container funtest01_2_24a23a85 for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T03:23:38.023Z INFO  - Initiating warmup request to container funtest01_2_24a23a85_middleware for site funtest01
2023-01-13T03:23:54.109Z INFO  - Container funtest01_2_24a23a85_middleware for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T06:14:26.600Z INFO  - Recycling container because of AppFrameworkVersionChange and appFrameworkVersion = <youracrname>.azurecr.cn/azurefunctionimage:v1
2023-01-13T06:14:50.804Z INFO  - Pulling image: <youracrname>.azurecr.cn/azurefunctionimage:v1
2023-01-13T06:14:51.203Z INFO  - v1 Pulling from azurefunctionimage
2023-01-13T06:14:51.228Z INFO  - 3f4ca61aafcd Pulling fs layer
2023-01-13T06:14:51.233Z INFO  - 3f487a3359db Pulling fs layer
2023-01-13T06:14:51.233Z INFO  - cf20d7997674 Pulling fs layer
2023-01-13T06:14:51.234Z INFO  - 8fa944797ac7 Pulling fs layer
2023-01-13T06:14:51.234Z INFO  - 268581bec5af Pulling fs layer
2023-01-13T06:14:51.235Z INFO  - 320a9b97d2ed Pulling fs layer
2023-01-13T06:14:51.235Z INFO  - 14bf15bf0e2a Pulling fs layer
2023-01-13T06:14:51.235Z INFO  - 888c871585b1 Pulling fs layer
2023-01-13T06:14:51.243Z INFO  - dc54e8c78a21 Pulling fs layer
2023-01-13T06:14:51.244Z INFO  - 0b8d318d756a Pulling fs layer
2023-01-13T06:14:51.244Z INFO  - 686f382362d7 Pulling fs layer
2023-01-13T06:14:51.252Z INFO  - a108b4c555c7 Pulling fs layer
2023-01-13T06:14:51.253Z INFO  - 07a70c22a7c4 Pulling fs layer
2023-01-13T06:14:52.512Z INFO  - 3f487a3359db Downloading 799KB / 1MB
...
2023-01-13T06:17:09.734Z INFO  - 07a70c22a7c4 Extracting 9MB / 9MB
2023-01-13T06:17:09.938Z INFO  - 07a70c22a7c4 Pull complete
2023-01-13T06:17:09.955Z INFO  -  Digest: sha256:26a409b16044e27bdd97627a14118e33e84f840052d9fe4711f1ca471b09d22b
2023-01-13T06:17:09.957Z INFO  -  Status: Downloaded newer image for <youracrname>.azurecr.cn/azurefunctionimage:v1
2023-01-13T06:17:10.056Z INFO  - Pull Image successful, Time taken: 2 Minutes and 19 Seconds
2023-01-13T06:17:10.688Z INFO  - Starting container for site
2023-01-13T06:17:10.699Z INFO  - docker run -d --expose=80 --name funtest01_3_e9514d82 -e WEBSITE_CORS_ALLOWED_ORIGINS=https://portal.azure.cn -e WEBSITE_CORS_SUPPORT_CREDENTIALS=False -e WEBSITES_ENABLE_APP_SERVICE_STORAGE=false -e WEBSITE_SITE_NAME=funtest01 -e WEBSITE_AUTH_ENABLED=False -e PORT=80 -e WEBSITE_ROLE_INSTANCE_ID=0 -e WEBSITE_HOSTNAME=funtest01.chinacloudsites.cn -e WEBSITE_INSTANCE_ID=50a285a49ae3758d44951d408c7ec6cb3077821b90868ed2bf52d6c32be391fa -e WEBSITE_USE_DIAGNOSTIC_SERVER=False <youracrname>.azurecr.cn/azurefunctionimage:v1  

2023-01-13T06:17:10.707Z INFO  - Logging is not enabled for this container.
Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here.
2023-01-13T06:17:20.451Z INFO  - Initiating warmup request to container funtest01_3_e9514d82_msiProxy for site funtest01
2023-01-13T06:17:20.721Z INFO  - Container funtest01_3_e9514d82_msiProxy for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T06:17:20.722Z INFO  - Initiating warmup request to container funtest01_3_e9514d82 for site funtest01
2023-01-13T06:17:36.951Z INFO  - Waiting for response to warmup request for container funtest01_3_e9514d82. Elapsed time = 16.4996091 sec
2023-01-13T06:17:44.426Z INFO  - Container funtest01_3_e9514d82 for site funtest01 initialized successfully and is ready to serve requests.
2023-01-13T06:17:44.427Z INFO  - Initiating warmup request to container funtest01_3_e9514d82_middleware for site funtest01
2023-01-13T06:17:45.431Z INFO  - Container funtest01_3_e9514d82_middleware for site funtest01 initialized successfully and is ready to serve requests.

 

 

參考資料

Action Samples for deploying to Azure Functions :https://github.com/Azure/actions-workflow-samples/tree/master/FunctionApp

 
 
【END】

相關文章