In my current project I use Octopus deployment to deploy my Azure Web App and Function. The Azure Web App calls the Azure Function by its web hook (or Function Url). However, when both components are deployed in the same Octopus deployment process, how can you configure the function Url? In this post I’ll describe what I have used to get it all configured and working.
Function Url and Keys
When you navigate to your function you can grab your Function Url from there.
If the authorization level is set to Function or Admin, this Url contains also a code. This is the API key to access and execute the function. By default, the level is set to Function. This API key is then generated per function.
If your function gets created during deployment (like my scenario while deploying with Octopus), that code is not known. And you need this Url for your web app.
Host Keys
When you create your Azure Function App (basically a container for all your functions), several host keys are available. These keys are shared by ALL functions within your function app.
Since the default Authorization level is set to Function, we should use the default host key.
PowerShell Scripts
In my previous post about Kudu API and PowerShell I described how to get access your web app. For accessing Function Apps it is quite the same.
function Get-KuduApiAuthorisationHeaderValue($resourceGroupName, $webAppName){ $publishingCredentials = Get-PublishingProfileCredentials $resourceGroupName $webAppName return ("Basic {0}" -f [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $publishingCredentials.Properties.PublishingUserName, $publishingCredentials.Properties.PublishingPassword)))) } $accessToken = Get-KuduApiAuthorisationHeaderValue $resourceGroupName $webAppname
With the access token we can now call the Function APIs to get the host keys:
function Get-MasterAPIKey($kuduApiAuthorisationToken, $webAppName ){ $apiUrl = "https://$webAppName.scm.azurewebsites.net/api/functions/admin/masterkey" $result = Invoke-RestMethod -Uri $apiUrl -Headers @{"Authorization"=$kuduApiAuthorisationToken;"If-Match"="*"} return $result` } function Get-HostAPIKeys($kuduApiAuthorisationToken, $webAppName, $masterKey ){ $apiUrl = "https://$webAppName.azurewebsites.net/admin/host/keys?code=$masterKey" $result = Invoke-WebRequest $apiUrl return $result` } $adminCode = Get-MasterAPIKey $accessToken $webAppname Write-Host "masterKey = " $adminCode.Masterkey $result = Get-HostAPIKeys $accessToken $webAppname $adminCode.Masterkey $keysCode = $result.Content | ConvertFrom-Json Write-Host "default Key = " $keysCode.Keys[0].Value
First we need the master key and with that master key we can get the other host keys. Once you have the API key value you can use it in your deployment process. In my case I need to configure this in Octopus in advance.
Kudos to my colleague Frans van Rijn who helped me sorting this out.
Just wanted to say thanks very much for this! Was trying to figure it out with regular AzureRM PowerShell and this is just a perfect solution!
on using
url “https://.azurewebsites.net/admin/host/keys?code=”
it says no route registered for No route registered for ‘/admin/host/keys?code=
, am i missing something
on using
url “https://.azurewebsites.net/admin/host/keys?code=$mymasterkeyvaluePuthere”
it says no route registered for No route registered for ‘/admin/host/keys?code=$mymasterkeyvaluePuthere
, am i missing something
Hi Paras, in the URL I am missing the Azure Function name. It should be something like https://.azurewebsites.net/admin/host/bla-bla.
Can i Post a your Powershell commands in my blog , shall give referral link to your blog in post as thanks credit 🙂 ?