问题描述
在参考文档“使用 GitHub Actions 部署 ARM 模板”一文中,由于是在中国区Azure上操作,所以生产的部署凭证为中国区凭证。当创建工作流时,在登录到Azure这一步骤中,模板中使用指令为“ - uses: azure/login@v1”在执行时,遇见了登录到global的错误。
错误消息为:Error: Az CLI Login failed.
问题解决
从错误消息就可以发现,这是因为默认情况下,Github Action中设定的指令“- uses: azure/login@v1”是登录到Global,所以我们需要修改登录参数,让它指向中国区。
第一次尝试解决时,因不懂得 - uses的命令所以使用的时az指令 “- uses: az cloud set --name AzureChinaCloud” 发现这时完全错误的。
第二次尝试解决时,知道了可以为 - uses添加parameter参数,所以自己乱定义了参数:“parameters: environment=AzureChinaCloud”。结果依旧错误。
第三次尝试解决时,认真读了命令的错误提示,并查看了with中参数设置。使用“environment: AzureChinaCloud”,成功解决问题。
修改次数 | .yml文件修改内容(黄色高亮部分) | 错误/成功消息
|
第一次添加内容 | # Log into Azure - uses: az cloud set --name AzureChinaCloud - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} |
The workflow is not valid. .github/workflows/deployStorageAccount.yml (Line: 12, Col: 13): Expected format {org}/{repo}[/path]@ref. Actual 'az cloud set --name AzureChinaCloud' Input string was not in a correct format. |
第二次修改内容 | # Log into Azure - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} parameters: environment=AzureChinaCloud |
Warning: Unexpected input(s) 'parameters', valid inputs are ['creds', 'enable-AzPSSession', 'environment', 'allow-no-subscriptions'] Run azure/login@v1 with: creds: *** parameters: environment=AzureChinaCloud enable-AzPSSession: false environment: azurecloud allow-no-subscriptions: false /usr/bin/az cloud set -n azurecloud Done setting cloud: "azurecloud" Error: Az CLI Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows Error: Error: Error: The process '/usr/bin/az' failed with exit code 1 |
第三次修改内容 | # Log into Azure - uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: AzureChinaCloud |
Run azure/login@v1 with: creds: *** environment: AzureChinaCloud enable-AzPSSession: false allow-no-subscriptions: false /usr/bin/az cloud set -n azurechinacloud WARNING: Switched active cloud to 'AzureChinaCloud'. WARNING: Use 'az login' to log in to this cloud. WARNING: Use 'az account set' to set the active subscription. Done setting cloud: "azurechinacloud" Login successful. |
所以正确的解决办法就是添加environment参数。所以当使用部署一个存储账号作为入门测试,在中国区Azure能够正常使用的yaml文件内容为:
on: [push] name: Azure ARM jobs: build-and-deploy: runs-on: ubuntu-latest steps: # Checkout code - uses: actions/checkout # Log into Azure - uses: azure/login with: creds: ${{ secrets.AZURE_CREDENTIALS }} environment: AzureChinaCloud # Deploy ARM template - name: Run ARM deploy uses: azure/arm-deploy with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION }} resourceGroupName: ${{ secrets.AZURE_RG }} template: ./azuredeploy.json parameters: storageAccountType=Standard_LRS # output containerName variable from template - run: echo ${{ steps.deploy.outputs.containerName }}
参考资料
使用 GitHub Actions 部署 ARM 模板:https://docs.azure.cn/zh-cn/azure-resource-manager/templates/deploy-github-actions