Deploy to private app service from azure devops

598 views Asked by At

I am trying to deploy an application to an azure app service which is created inside a virtual network and has no public access
So I have created a virtual machine inside and configured it to be a self hosted agent on azure devops
Howerver when I run the deployment I got a network error

#[error]Failed to deploy web package to App Service. ##[warning]Can't find loc string for key: KuduStackTraceURL ##[error]KuduStackTraceURL https://$myapp:***@myapp.scm.azurewebsites.net/api/vfs/LogFiles/kudu/trace ##[error]Error: Error: Failed to deploy web package to App Service. Ip Forbidden (CODE: 40

I think that I am missing some network configuration on the self hosted so It can resolve the dns, but I am not sure.
I tried to append a line to /etc/hosts "privateAppServiceIp myapp.azurewebsites.net" so that the self hosted understand that the private ip of the app service is mapped to the dns but this did not work. Any ideas of what should I do

1

There are 1 answers

0
wade zhou - MSFT On

As per the error:

Ip Forbidden (CODE: 40...

Your self-hosted agent cannot access the SCM site, please follow below items for a check:

  1. Put your self-hosted machine in the same private endpoint network with Web app service, same for subnet if there is.

  2. Remove access restrictions on web app if there are. Then you can try to access {myapp}.scm.azurewebsites.net on the machine to confirm the connection.

  3. Try to add application setting "WEBSITE_WEBDEPLOY_USE_SCM" as "true" and restart web app, after it's done, retry the deployment to check again.