【Azure 应用服务】Azure Function App 执行PowerShell指令[Get-Azsubscription -TenantId cxt]错误

简介: 【Azure 应用服务】Azure Function App 执行PowerShell指令[Get-Azsubscription -TenantId cxt]错误

问题描述

使用PowerShell脚本执行获取Azure订阅列表的指令(Get-Azsubscription -TenantId tenantID−DefaultProfilecxt)。在本地调试后,指令成功运行。

但是当指令并运行在Azure Function时,则出现了异常:详细的异常信息为

完成的错误信息为: "Error getting value from 'Tags' on 'Microsoft.Azure.Commands.Profile.Models.PSAzureSubscription'."

Microsoft.Azure.WebJobs.Script.Workers.Rpc.RpcException : Result: ERROR: Error getting value from 'Tags' on 'Microsoft.Azure.Commands.Profile.Models.PSAzureSubscription'.
Exception             : 
    Type           : Newtonsoft.Json.JsonSerializationException
    TargetSite     : 
        Name          : GetValue
        DeclaringType : Newtonsoft.Json.Serialization.ExpressionValueProvider
        MemberType    : Method
        Module        : Newtonsoft.Json.dll
    StackTrace     : 
   at Newtonsoft.Json.Serialization.ExpressionValueProvider.GetValue(Object target)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.CalculatePropertyValues(JsonWriter writer, Object value, JsonContainerContract contract, JsonProperty member, JsonProperty property, JsonContract& memberContract, Object& memberValue)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeValue(JsonWriter writer, Object value, JsonContract valueContract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeValue(JsonWriter writer, Object value, JsonContract valueContract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeDictionary(JsonWriter writer, IDictionary values, JsonDictionaryContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeValue(JsonWriter writer, Object value, JsonContract valueContract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeValue(JsonWriter writer, Object value, JsonContract valueContract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerProperty)
   at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.Serialize(JsonWriter jsonWriter, Object value, Type objectType)
   at Newtonsoft.Json.JsonSerializer.SerializeInternal(JsonWriter jsonWriter, Object value, Type objectType)
   at Newtonsoft.Json.JsonSerializer.Serialize(JsonWriter jsonWriter, Object value, Type objectType)
   at Newtonsoft.Json.JsonConvert.SerializeObjectInternal(Object value, Type type, JsonSerializer jsonSerializer)
   at Newtonsoft.Json.JsonConvert.SerializeObject(Object value, Type type, Formatting formatting, JsonSerializerSettings settings)
   at Newtonsoft.Json.JsonConvert.SerializeObject(Object value, Formatting formatting, JsonConverter[] converters)
   at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.ToString(Boolean serializeCache)
   at Microsoft.Azure.Commands.Common.Authentication.Models.AzureRmProfile.ToString()
   at System.Management.Automation.ParameterBinderBase.CoerceTypeAsNeeded(CommandParameterInternal argument, String parameterName, Type toType, ParameterCollectionTypeInformation collectionTypeInfo, Object currentValue)
   at System.Management.Automation.ParameterBinderBase.BindParameter(CommandParameterInternal parameter, CompiledCommandParameter parameterMetadata, ParameterBindingFlags flags)
   at System.Management.Automation.CmdletParameterBinderController.BindParameter(CommandParameterInternal argument, MergedCompiledCommandParameter parameter, ParameterBindingFlags flags)
   at System.Management.Automation.CmdletParameterBinderController.BindParameter(UInt32 parameterSets, CommandParameterInternal argument, MergedCompiledCommandParameter parameter, ParameterBindingFlags flags)
   at System.Management.Automation.CmdletParameterBinderController.BindParameters(UInt32 parameterSets, Collection`1 arguments)
   at System.Management.Automation.CmdletParameterBinderController.BindCommandLineParametersNoValidation(Collection`1 arguments)
   at System.Management.Automation.CmdletParameterBinderController.BindCommandLineParameters(Collection`1 arguments)
   at System.Management.Automation.CommandProcessor.BindCommandLineParameters()
   at System.Management.Automation.CommandProcessor.Prepare(IDictionary psDefaultParameterValues)
   at System.Management.Automation.CommandProcessorBase.DoPrepare(IDictionary psDefaultParameterValues)
   at System.Management.Automation.Internal.PipelineProcessor.Start(Boolean incomingStream)
   at System.Management.Automation.Internal.PipelineProcessor.SynchronousExecuteEnumerate(Object input)
   at System.Management.Automation.PipelineOps.InvokePipeline(Object input, Boolean ignoreInput, CommandParameterInternal[][] pipeElements, CommandBaseAst[] pipeElementAsts, CommandRedirection[][] commandRedirections, FunctionContext funcContext)
   at System.Management.Automation.Interpreter.ActionCallInstruction`6.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
    Message        : Error getting value from 'Tags' on 'Microsoft.Azure.Commands.Profile.Models.PSAzureSubscription'.
    Data           : System.Collections.ListDictionaryInternal
    InnerException : 
        Type       : System.ArgumentNullException
        Message    : Value cannot be null. (Parameter 'value')
        ParamName  : value
        TargetSite : 
            Name          : ArgumentNotNull
            DeclaringType : Newtonsoft.Json.Utilities.ValidationUtils, Newtonsoft.Json, Version=12.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed
            MemberType    : Method
            Module        : Newtonsoft.Json.dll
        StackTrace : 
   at Newtonsoft.Json.Utilities.ValidationUtils.ArgumentNotNull(Object value, String parameterName)
   at Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)
   at Newtonsoft.Json.JsonConvert.DeserializeObject[T](String value, JsonSerializerSettings settings)
   at Newtonsoft.Json.JsonConvert.DeserializeObject[T](String value)
   at Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureSubscriptionExtensions.GetTags(IAzureSubscription subscription)
   at lambda_method(Closure , Object )
   at Newtonsoft.Json.Serialization.ExpressionValueProvider.GetValue(Object target)
        Source     : Newtonsoft.Json
        HResult    : -2147467261
    Source         : Newtonsoft.Json
    HResult        : -2146233088
CategoryInfo          : OperationStopped: (:) [], JsonSerializationException
FullyQualifiedErrorId : Newtonsoft.Json.JsonSerializationException
InvocationInfo        : 
    ScriptLineNumber : 26
    OffsetInLine     : 1
    HistoryId        : -1
    ScriptName       : D:\home\site\wwwroot\HttpTrigger1\run.ps1
    Line             : $subs = Get-Azsubscription -TenantId $tenantID -DefaultProfile $cxt
                       
    PositionMessage  : At D:\home\site\wwwroot\HttpTrigger1\run.ps1:26 char:1
                       + $subs = Get-Azsubscription -TenantId $tenantID -DefaultProfile $cxt
                       + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    PSScriptRoot     : D:\home\site\wwwroot\HttpTrigger1
    PSCommandPath    : D:\home\site\wwwroot\HttpTrigger1\run.ps1
    CommandOrigin    : Internal
ScriptStackTrace      : at <ScriptBlock>, D:\home\site\wwwroot\HttpTrigger1\run.ps1: line 26

 

问题分析及临时解决方案

对比以上本地可以成功运行,而在Azure Function中确出现JSON格式解析错误,所以排查PowerShell脚本错误问题。 那么就定位在运行脚本的环境问题。

第一步:排查PowerShell版本,及az 模块的版本

通过 $PSVersionTable 打出PowerShell版本,通过 Get-InstalledModule -name az 和 Get-InstalledModule -name az.* 打印出当前环境的版本号。

 

经过对比,发现本地VM与Azure Function中Powershell和az 模块的版本都不同.  

第二步:寻找临时的解决方案

由于Azure Function中PowerShell的版本从平台级别无法更改(可以修改PS脚本中所使用的az模块版本,修改方式见附件一)。所以主要的寻找发向为:基于现在的版本,从Get-Azsubscription指令本身来寻找Workaround呢?查看Get-Azsubscription指令,发现它使用的是当前登录用户的权限去获取所有的订阅号,指定TenantID是表明只获取当前TenantID下的所有订阅号。而参数DefaultProfile也是只携带用户认证信息,与当前登录的用户所有的认证信息重复。

Get-AzSubscription

Get subscriptions that the current account can access

-TenantId

Specifies the ID of the tenant that contains subscriptions to get

-DefaultProfile

The credentials, tenant and subscription used for communication with azure

如果不添加-DefaultProfile参数,是否同样由异常呢? 经过验证执行成功并返回结果正确。所以作为Workaround的代码为:

# Write to the Azure Functions log stream.
Write-Host "PowerShell HTTP trigger function processed a request."
$User = "XXXXXXXXXXXXXxxxxxxxx"
$PWord = ConvertTo-SecureString -String "XXXXXXXXXXXXXxxxxxxxx" -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential($User, $PWord)
Connect-AzAccount -Environment AzureChinaCloud -Credential $Credential
Write-Host "login successfully"
$tenantID = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$cxt = Set-AzContext -Tenant $tenantID
write-host $cxt
write-host "no defaultprofile"
Write-Host "Get-Azsubscription -TenantId $tenantID"
#$subs = Get-Azsubscription -TenantId $tenantID -DefaultProfile $cxt
Get-Azsubscription -TenantId $tenantID
write-host "========================="
write-host $subs

附件一:在Azure Funciton中修改az的版本号为5.2.0, 问题也得到解决。

在Azure Function 门户页面,点击“App Service Editor (Preview)” 目录,进入Editor页面,在文件requirements.psd1文件中,修改az的版本号为5.2.0. 保存后,回到Azure Function页面。重启Function. 修改页面如下:

 

结论: 解决办法有两种

  1. 修改az的版本号为5.2.0,修改办法见附件一
  2. 修改Get-Azsubscription指令,去掉参数 -DefaultProfile $cxt

 

 

参考资料

Get-AzSubscriptionhttps://docs.microsoft.com/en-us/powershell/module/az.accounts/get-azsubscription?view=azps-6.2.0

相关文章
|
6天前
【Azure App Service】PowerShell脚本批量添加IP地址到Web App允许访问IP列表中
Web App取消公网访问后,只允许特定IP能访问Web App。需要写一下段PowerShell脚本,批量添加IP到Web App的允许访问IP列表里!
|
1月前
|
数据安全/隐私保护
【Azure Entra ID】使用PowerShell脚本导出Entra ID中指定应用下的所有用户信息
在Azure Entra ID中,需要导出一个Application 下的用户信息, 包含User的创建时间。
|
3月前
|
应用服务中间件 Linux 网络安全
【Azure 应用服务】App Service for Linux 环境中为Tomcat页面修改默认的Azure 404页面
【Azure 应用服务】App Service for Linux 环境中为Tomcat页面修改默认的Azure 404页面
|
3月前
【Azure Durable Function】PowerShell Activity 函数遇见 Newtonsoft.Json.JsonReaderException: The reader's MaxDepth of 64 has been exceeded.
【Azure Durable Function】PowerShell Activity 函数遇见 Newtonsoft.Json.JsonReaderException: The reader's MaxDepth of 64 has been exceeded.
|
3月前
【Azure Web Job】Azure Web Job执行Powershell脚本报错 The term 'Select-AzContext' is not recognized as the name
【Azure Web Job】Azure Web Job执行Powershell脚本报错 The term 'Select-AzContext' is not recognized as the name
|
3月前
|
存储 C# Python
【Azure Storage Account】Azure 存储服务计算Blob的数量和大小的PowerShell代码
【Azure Storage Account】Azure 存储服务计算Blob的数量和大小的PowerShell代码
|
3月前
|
Ubuntu Linux 测试技术
【Azure Function App】Python Function调用Powershell脚本在Azure上执行失败的案例
【Azure Function App】Python Function调用Powershell脚本在Azure上执行失败的案例
|
3月前
|
Docker 容器
【Azure 应用服务】App Service for Container 无法拉取Docker Hub中的镜像替代方案
【Azure 应用服务】App Service for Container 无法拉取Docker Hub中的镜像替代方案
|
19天前
|
监控 关系型数据库 MySQL
PowerShell 脚本编写 :自动化Windows 开发工作流程
PowerShell 脚本编写 :自动化Windows 开发工作流程
17 0
|
2月前
|
Windows
Powershell 重新排列去重 Windows环境变量
【9月更文挑战第13天】本文介绍如何使用PowerShell对Windows环境变量进行重新排列和去重。首先通过`$env:`访问环境变量,接着使用`-split`命令分割路径,再利用`Select-Object -Unique`去除重复项。之后可根据需要对路径进行排序,最后将处理后的路径组合并更新环境变量。注意修改环境变量前应备份重要数据并了解潜在影响。
113 10