Azure Arm template deployment of a web app zip package programmatically using build artifact

Question

Short question:

I was wondering if packageUri parameter in MSDeploy resource (Deploy azure app service) below can point to the location of VSTS build Server drop location that is used by Release pipeline.

How to programmatically get acccess to build drop location? To use vsts api? Which ones? Maybe this link can shed some lights:

understanding artifacts

grab-your-build-artifacts-from-visual-studio-online

Basic authentication for the REST APIs

"resources": [
  {
    "name": "MSDeploy",
    "type": "extensions",
    "location": "[parameters('location')]",
    "apiVersion": "2014-06-01",
    "dependsOn": [
      "[concat('Microsoft.Web/sites/', parameters('siteName'))]"
    ],
    "tags": {
      "displayName": "ContentDeploy"
    },
    "properties": {
      "packageUri": "[concat(parameters('packageUrl'), parameters('sasToken'))]",
      "dbType": "None",
      "connectionString": "",
      "setParameters": {
          "IIS Web Application Name": "[parameters('siteName')]"
      }
    }
  }
]

Longer question and explanation: I am using VSTS release definition to deploy my web app infrastructure during development. The web app will be build and packaged by my VSTS build and uploaded to Server drop location. I am using on-premise (my PC) agent for both my build and release pipeline.

While I can do web app deployments using vsts Deploy Azure App Service release task (that knows how to find build artifacts), I want to do an automated deployment of multiple web app programmatically from a web app I intend to build.

I want to know if this .zip web app package can be somehow made available to my ARM deployment template. Everybody recommends copying .zip package to a storage blob with SAS token and that way Release "Deploy azure app service" can find it. I want to avoid this copying. Actually I want at least to programmatically download this package and eventually copy it it a storage blob container if I cannot manage to do it as asked.

Here is my little research I did:

I turned on agent logging for both build and release

Some Build variables:
BUILD_SOURCESDIRECTORY=F:\agent\_work\1\s
BUILD_STAGINGDIRECTORY=F:\agent\_work\1\a


Some release variables:
[SYSTEM_ARTIFACTSDIRECTORY] --> [F:\agent\_work\r3\a]
[RELEASE_ARTIFACTS_ECOMMERCESITECI_SOURCEVERSION] --> [91]
[BUILD_BUILDNUMBER] --> [20161230.12]
[BUILD_BUILDID] --> [85]
[SYSTEM_TEAMPROJECTID] --> [7ab6c2a4-208d-411d-81e5-5e88b26f2252]
[RELEASE_RELEASEWEBURL] --> [https://vstsaccount.visualstudio.com/7ab6c2a4-208d-411d-81e5-5e88b26f2252/_apps/hub/ms.vss-releaseManagement-web.hub-explorer?releaseId=103&_a=release-summary]

RELEASE_RELEASEWEBURL is an interesting page where I can press Artifacts which show all linked sources (in my case I have one Primary source coming from my CI build.). I can then follow the link and reach a specific build EcommerceSiteCI / Build 20161230.12 and I can press download button (from the link below) to download .zip package which I am after. I would like to find out about it but programmatically from my Arm template. I would like to create a Web app or Api app that can programmatically discover this .zip package and using it to deploy the app using "Web Deploy for Web Apps" resource.

https://vstsaccount.visualstudio.com/vstsproject/_build/index?buildId=85&_a=summary&tab=artifacts

Looking at fiddler I managed to see what is the url of asset download:

GET https://vstsaccount.visualstudio.com/7ab6c2a4-208d-411d-81e5-5e88b26f2252/_apis/build/builds/85/artifacts?artifactName=drop&%24format=zip

So I can see based on [BUILD_BUILDID] --> [85] and [SYSTEM_TEAMPROJECTID] --> [7ab6c2a4-208d-411d-81e5-5e88b26f2252] I can assemble this URL. The only thing is how to authenticate this request. When I entered above address I was prompted to sign in using Microsoft account and I saw it is oauth 2.0 authentication. The url is something like this: https://login.live.com/oauth20_authorize.srf?response_type=code&client_id=51483342-012c-4d86-bf138-cf50c7252078&scope=openid+profile+email+offline_access&response_mode=form_pos etc...(some encrypted string - probably representing .zip package location is omitted).

Even if I cannot make this download url available to MSDeploy arm resource it would be great if I could programmatically download it and upload to a Storage blob container and generate SAS token for MSDeploy to find it.

So how to programmatically get acccess to build drop location? Thanks Rad

Answer 1

I recently blogged about using PowerShell to queue a build and pull the artifacts using the the TFS API. Works great for us.

$artifacts = Invoke-RestMethod -Method Get -Credential $creds -ContentType application/json -Uri "$TFSUri/$project/_apis/build/builds/$buildId/artifacts?api-version=2.0"
foreach($artifact in $artifacts.value)
{
    $filePath = $artifact.resource.downloadUrl.Replace("file:", "").Replace("/", "\").Replace("%20", " ");          
    $path  = $filePath + "\*Package\*"
    if (Test-Path $path)
    {        
        $packagePath = "MSDeployPackages\$project-$buildName\"; 
        if ((Test-Path $packagePath) -eq $false) {
            New-Item $packagePath -ItemType directory
        }
        Copy-Item -Path $path -Destination $packagePath -Recurse -Force
    }
}

http://www.dotnetcatch.com/2016/10/14/queue-tfsvsts-builds-via-powershell/