Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deployment of YAML file for Logic Apps from Github fails due to missing line of code required for permissions #254

Open
OmarAbuArisheh opened this issue Nov 4, 2024 · 0 comments
Open

Deployment of YAML file for Logic Apps from Github fails due to missing line of code required for permissions #254

OmarAbuArisheh opened this issue Nov 4, 2024 · 0 comments
Labels
need-to-triage

Comments

@OmarAbuArisheh
Copy link

Investigative information

We have noticed that when trying to Save configuration in the Deployment Center of a Logic App we are getting a Fail in step "Checkout GitHub Actions". After discussion with other Teams in our company, we know that we can fix it by adding 'contents: read' in row 21 of the *.yml file., but we want to know if this can be somehow fixed to avoid that permanently.

https://github.com/Azure/azure-functions-ux/blob/555a525bf52a92d47c1f710456d6a2dc2d4035d0/server/src/workflows/2022-10-01/function-app-configs/dotnetcore-windows.config.yml

Please provide the following:

Timestamp: NA
Function App version: 4
Function App name: NA
Function name(s) (as appropriate): NA
Invocation ID: NA
Region: NA
Repro steps
Provide the steps required to reproduce the problem:

Browse to Logic Apps Standard, go to Deployment Center, try to deploy new Logic App from Github
An error will appear
Image

Image

Expected behavior
Provide a description of the expected behavior.

Deployment should be successful.

Actual behavior
Provide a description of the actual behavior observed.

Getting a permission error as the original YAML file is missing a line of code to address this issue.

Known workarounds
Provide a description of any known workarounds.

Add in line 21: 'contents: read'

Related information
Provide any related information

Programming language used
Links to source
Bindings used
Below is the code without the mentioned part (it should be added after id-token):

name: Build and deploy dotnet core app to Azure Function App - LOGIC APP NAME

on:
push:
branches:
- main
workflow_dispatch:

env:
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
DOTNET_VERSION: '6.0.x' # set this to the dotnet version to use

jobs:
build-and-deploy:
runs-on: windows-latest
permissions:
id-token: write #This is required for requesting the JWT

steps:
  name: 'Checkout GitHub Action'
    uses: actions/checkout@v4

  name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment
    uses: actions/setup-dotnet@v1
    with:
      dotnet-version: ${{ env.DOTNET_VERSION }}

  name: 'Resolve Project Dependencies Using Dotnet'
    shell: pwsh
    run: |
      pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
      dotnet build --configuration Release --output ./output
      popd
  
  name: Login to Azure
    uses: azure/login@v2
    with:
      client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }}
      tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }}
      subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }}

  name: 'Run Azure Functions Action'
    uses: Azure/functions-action@v1
    id: fa
    with:
      app-name: 'LOGIC APP NAME'
      slot-name: 'Production'
      package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
need-to-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@OmarAbuArisheh