Share via

Github deploy code Fails where Func app in Vnet - auth error using OIDC

Sergio Solorzano 26 Reputation points
2024-05-29T06:37:27.05+00:00

Regarding section Deploy a Service Bus trigger and HTTP trigger I get auth error IP forbidden to to deploy the code via github. Since both storage and func app are behind private end points is github expected to successfully be authorized even with a managed identity since it's outside the vnet?

I confirm github repo yml file has the correct secrets, both attempted automatically generated and manually entered.

I am using a service principal federated credentials for deployment with RBAC storage and website contributor roles assigned at resource group level.

Func app env variables:User's image

yaml file

git

Error: Failed to deploy web package to App Service.

Error: ``Failed to deploy web package to App Service.

23``Error: Execution Exception (state: PublishContent) (step: Invocation) 24``Error: When request Azure resource at PublishContent, zipDeploy : Failed to use /home/runner/work/_temp/temp_web_package_045189892229569706.zip as ZipDeploy content 25``Error: Failed to deploy web package to App Service. 26``Ip Forbidden (CODE: 403) 27``Error: Error: Failed to deploy web package to App Service. 28``Ip Forbidden (CODE: 403)

cannot

Suggested alternative zip deploy also fails because it is outside the vnet. Unfortunately I do not have the flexibility to setup my own self-hosted github.

Azure Functions
Azure Functions

An Azure service that provides an event-driven serverless compute platform.

0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.