持續部署至 Azure App ServiceContinuous deployment to Azure App Service

Azure App Service 藉由提取最新的更新,讓您從 GitHubBitBucketAzure Repos 存放庫持續部署。Azure App Service enables continuous deployment from GitHub, BitBucket, and Azure Repos repositories by pulling in the latest updates.

注意

Azure 入口網站中的「 開發中心」 (傳統) 頁面(這是舊的部署體驗)將于2021年3月淘汰。The Development Center (Classic) page in the Azure portal, which is the old deployment experience, will be deprecated in March, 2021. 這項變更不會影響您應用程式中任何現有的部署設定,而且您可以在 [ 部署中心 ] 頁面中繼續管理應用程式部署。This change will not affect any existing deployment settings in your app, and you can continue to manage app deployment in the Deployment Center page.

準備您的存放庫Prepare your repository

若要從 Azure App Service 組建伺服器取得自動組建,請確定您的存放庫根目錄在專案中有正確的檔案。To get automated builds from Azure App Service build server, make sure that your repository root has the correct files in your project.

執行階段Runtime 根目錄檔案Root directory files
ASP.NET (僅限 Windows)ASP.NET (Windows only) *.sln*.csprojdefault.aspx*.sln, *.csproj, or default.aspx
ASP.NET CoreASP.NET Core *.sln*.csproj*.sln or *.csproj
PHPPHP index.phpindex.php
Ruby (僅限 Linux)Ruby (Linux only) GemfileGemfile
Node.jsNode.js 含啟動指令碼的 server.jsapp.js, 或 package.jsonserver.js, app.js, or package.json with a start script
PythonPython *.pyrequirements.txtruntime.txt*.py, requirements.txt, or runtime.txt
HTMLHTML default.htmdefault.htmldefault.aspindex.htmindex.htmliisstart.htmdefault.htm, default.html, default.asp, index.htm, index.html, or iisstart.htm
WebJobsWebJobsWebJobs <job_name>/run.<extension><job_name>/run.<extension> App_Data/jobs/continuous 底下 (適用於持續的 WebJobs) 或在 App_Data/jobs/triggered 底下 (適用於觸發的 WebJobs)。under App_Data/jobs/continuous for continuous WebJobs, or App_Data/jobs/triggered for triggered WebJobs. 如需詳細資訊,請參閱 Kudu WebJobs 文件For more information, see Kudu WebJobs documentation.
函式Functions 請參閱 Azure Functions 的持續部署See Continuous deployment for Azure Functions.

若要自訂部署,您可以在儲存機制根路徑中包含 .deployment 檔案。To customize your deployment, include a .deployment file in the repository root. 如需詳細資訊,請參閱自訂部署自訂部署指令碼For more information, see Customize deployments and Custom deployment script.

注意

如果您是在 Visual Studio 中開發,可讓 Visual Studio 為您建立存放庫If you develop in Visual Studio, let Visual Studio create a repository for you. 專案立即可透過使用 Git 進行部署。The project is immediately ready to be deployed by using Git.

設定部署來源Configure deployment source

  1. Azure 入口網站中,流覽至 App Service 應用程式的管理頁面。In the Azure portal, navigate to the management page for your App Service app.

  2. 從左側功能表中,按一下 [部署中心 > 設定]。From the left menu, click Deployment Center > Settings.

  3. 在 [ 來源] 中,選取其中一個 CI/CD 選項。In Source, select one of the CI/CD options.

    示範如何在部署中心為 Azure App Service 選擇部署來源

選擇與您的步驟選項對應的索引標籤。Choose the tab that corresponds to your selection for the steps.

  1. GitHub Actions 是預設的組建提供者。GitHub Actions is the default build provider. 若要變更它,請按一下 [變更提供者 > App Service 組建服務] (Kudu) > [確定]To change it, click Change provider > App Service Build Service (Kudu) > OK.

    注意

    若要使用 Azure Pipelines 作為 App Service 應用程式的組建提供者,請勿在 App Service 中進行設定。To use Azure Pipelines as the build provider for your App Service app, don't configure it in App Service. 相反地,請直接從 Azure Pipelines 設定 CI/CD。Instead, configure CI/CD directly from Azure Pipelines. Azure Pipelines 選項只會將您指向正確的方向。The Azure Pipelines option just points you in the right direction.

  2. 如果您是第一次從 GitHub 部署,請按一下 [ 授權 ],然後依照授權提示進行。If you're deploying from GitHub for the first time, click Authorize and follow the authorization prompts. 如果您想要從不同的使用者存放庫進行部署,請按一下 [ 變更帳戶]。If you want to deploy from a different user's repository, click Change Account.

  3. 當您使用 GitHub 授權 Azure 帳戶之後,請選取要為其設定 CI/CD 的 組織、存放 分支Once you authorize your Azure account with GitHub, select the Organization, Repository, and Branch to configure CI/CD for.

  4. 當 GitHub Actions 是選擇的組建提供者時,您可以使用 執行時間堆疊版本 下拉式清單來選取您想要的工作流程檔案。When GitHub Actions is the chosen build provider, you can select the workflow file you want with the Runtime stack and Version dropdowns. Azure 會將此工作流程檔案認可至您選取的 GitHub 存放庫,以處理組建和部署工作。Azure commits this workflow file into your selected GitHub repository to handle build and deploy tasks. 若要在儲存變更之前查看檔案,請按一下 [ 預覽 檔案]。To see the file before saving your changes, click Preview file.

    注意

    App Service 會偵測應用程式的 語言堆疊設定 ,並選取最適當的工作流程範本。App Service detects the language stack setting of your app and selects the most appropriate workflow template. 如果您選擇不同的範本,它可能會部署未正確執行的應用程式。If you choose a different template, it may deploy an app that doesn't run properly. 如需詳細資訊,請參閱 GitHub Actions 組建提供者的運作方式For more information, see How the GitHub Actions build provider works.

  5. 按一下 [儲存]。Click Save.

    所選取存放庫和分支中的新認可,現在會持續部署到 App Service 應用程式。New commits in the selected repository and branch now deploy continuously into your App Service app. 您可以在 [ 記錄 檔] 索引標籤中追蹤認可和部署。You can track the commits and deployments in the Logs tab.

停用連續部署Disable continuous deployment

  1. Azure 入口網站中,流覽至 App Service 應用程式的管理頁面。In the Azure portal, navigate to the management page for your App Service app.

  2. 從左側功能表中,按一下 [部署中心 > 設定 > 中斷連線]From the left menu, click Deployment Center > Settings > Disconnect.

    說明如何將您的雲端資料夾同步與 Azure 入口網站中的 App Service 應用程式中斷連線。

  3. 根據預設,GitHub Actions 工作流程檔會保留在您的存放庫中,但它會繼續觸發部署至您的應用程式。By default, the GitHub Actions workflow file is preserved in your repository, but it will continue to trigger deployment to your app. 若要從存放庫中刪除它,請選取 [ 刪除工作流程 檔案]。To delete it from your repository, select Delete workflow file.

  4. 按一下 [確定] 。Click OK.

在部署期間我的應用程式會發生什麼事?What happens to my app during deployment?

所有正式支援的部署方法都會變更 /home/site/wwwroot 您應用程式資料夾中的檔案。All the officially supported deployment methods make changes to the files in the /home/site/wwwroot folder of your app. 這些檔案會用來執行您的應用程式。These files are used to run your app. 因此,部署可能會因為鎖定的檔案而失敗。Therefore, the deployment can fail because of locked files. 在部署期間,應用程式也可能會無法預期地運作,因為並非所有檔案都會同時更新。The app may also behave unpredictably during deployment, because not all the files updated at the same time. 這對面向客戶的應用程式是不必要的。This is undesirable for a customer-facing app. 有幾種不同的方式可以避免這些問題:There are a few different ways to avoid these issues:

GitHub Actions 組建提供者的運作方式How the GitHub Actions build provider works

GitHub Actions 組建提供者是 從 GitHub 進行 ci/cd的選項,並會執行下列設定 CI/cd:The GitHub Actions build provider is an option for CI/CD from GitHub, and does the following to set up CI/CD:

  • 將 GitHub Actions 的工作流程檔案放入您的 GitHub 存放庫,以處理 App Service 的組建和部署工作。Deposits a GitHub Actions workflow file into your GitHub repository to handle build and deploy tasks to App Service.
  • 將您應用程式的發行設定檔新增為 GitHub 秘密。Adds the publishing profile for your app as a GitHub secret. 工作流程檔案使用此秘密向 App Service 進行驗證。The workflow file uses this secret to authenticate with App Service.
  • 工作流程執行記錄檔中捕捉資訊,並將其顯示在應用程式 部署中心 的 [記錄] 索引標籤中。Captures information from the workflow run logs and displays it in the Logs tab in your app's Deployment Center.

您可以透過下列方式自訂 GitHub Actions 組建提供者:You can customize the GitHub Actions build provider in the following ways:

  • 自訂在 GitHub 存放庫中產生的工作流程檔案。Customize the workflow file after it's generated in your GitHub repository. 如需詳細資訊,請參閱 GitHub Actions 的工作流程語法For more information, see Workflow syntax for GitHub Actions. 您只需確定工作流程會部署到 App Service 使用 azure/webapps-部署 動作。Just make sure that the workflow deploys to App Service with the azure/webapps-deploy action.
  • 如果選取的分支受到保護,您仍然可以預覽工作流程檔案而不儲存設定,然後手動將它新增至您的存放庫。If the selected branch is protected, you can still preview the workflow file without saving the configuration, then manually add it into your repository. 這個方法不會讓您與 Azure 入口網站的記錄整合。This method doesn't give you the log integration with the Azure portal.
  • 使用 Azure Active Directory 中的 服務主體 來部署,而不是發行設定檔。Instead of a publishing profile, deploy using a service principal in Azure Active Directory.

使用服務主體進行驗證Authenticate with a service principal

此選用設定會以產生的工作流程檔案中的發行設定檔取代預設驗證。This optional configuration replaces the default authentication with publishing profiles in the generated workflow file.

  1. 使用Azure CLI中的az ad sp create-rbac命令來產生服務主體。Generate a service principal with the az ad sp create-for-rbac command in the Azure CLI. 在下列範例中,請 <subscription-id> <group-name> 將、和取代 <app-name> 為您自己的值:In the following example, replace <subscription-id>, <group-name>, and <app-name> with your own values:

    az ad sp create-for-rbac --name "myAppDeployAuth" --role contributor \
                                --scopes /subscriptions/<subscription-id>/resourceGroups/<group-name>/providers/Microsoft.Web/sites/<app-name> \
                                --sdk-auth
    

    重要

    針對安全性,請將最低需求存取權授與服務主體。For security, grant the minimum required access to the service principal. 上一個範例中的範圍僅限於特定的 App Service 應用程式,而非整個資源群組。The scope in the previous example is limited to the specific App Service app and not the entire resource group.

  2. 儲存整個 JSON 輸出以進行下一個步驟,包括最上層 {}Save the entire JSON output for the next step, including the top-level {}.

  3. GitHub中,流覽您的存放庫,選取 > 秘密 > 新增密碼的設定In GitHub, browse your repository, select Settings > Secrets > Add a new secret.

  4. 將得自 Azure CLI 命令的整個 JSON 輸出貼到祕密的 [值] 欄位中。Paste the entire JSON output from the Azure CLI command into the secret's value field. 為秘密命名,如下所示 AZURE_CREDENTIALSGive the secret a name like AZURE_CREDENTIALS.

  5. 部署中心 產生的工作流程檔案中, azure/webapps-deploy 使用類似下列範例的程式碼修改步驟, (從 Node.js 工作流程檔案進行修改) :In the workflow file generated by the Deployment Center, revise the azure/webapps-deploy step with code like the following example (which is modified from a Node.js workflow file):

    - name: Sign in to Azure 
    # Use the GitHub secret you added
    - uses: azure/login@v1
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}
    - name: Deploy to Azure Web App
    # Remove publish-profile
    - uses: azure/webapps-deploy@v2
      with:
        app-name: '<app-name>'
        slot-name: 'production'
        package: .
    - name: Sign out of Azure
      run: |
        az logout
    

從其他存放庫部署Deploy from other repositories

針對 Windows 應用程式,您可以從入口網站不直接支援的雲端 Git 或 Mercurial 存放庫(例如 GitLab)手動設定持續部署。For Windows apps, you can manually configure continuous deployment from a cloud Git or Mercurial repository that the portal doesn't directly support, such as GitLab. 做法是在 [ 來源 ] 下拉式清單中選擇 [外部 Git]。You do it by choosing External Git in the Source dropdown. 如需詳細資訊,請參閱 使用手動步驟設定持續部署For more information, see Set up continuous deployment using manual steps.

其他資源More resources