shibayan / containerapps-acmebot Goto Github PK
View Code? Open in Web Editor NEWAutomated ACME SSL/TLS certificates issuer for Azure Container Apps (Custom domain / Custom DNS Suffix)
License: Apache License 2.0
Automated ACME SSL/TLS certificates issuer for Azure Container Apps (Custom domain / Custom DNS Suffix)
License: Apache License 2.0
Describe the bug
Installed the function app, gave the permissions and try to create certificate. I get error saying:
Orchestrator function 'AddCertificate_Orchestrator' failed: The activity function 'UploadCertificate' failed: "The method or operation is not implemented.". See the function execution logs for additional details.
Environment (please complete the following information):
Additional context
Add any other context about the problem here.
Orchestrator function 'AddCertificate_Orchestrator' failed: The activity function 'UploadCertificate' failed: "The method or operation is not implemented.". See the function execution logs for additional details.
Describe the bug
I deployed a container app acmebot instance and then deployed one wildcard certificate to a container app environment. The certificate expired and did not auto-renew. Upon checking the logs, it seems the RenewCertificate_Orchestrator runs, but says "Certificates not found".
To Reproduce
Steps to reproduce the behavior:
Environment (please complete the following information):
Additional context
This has occured on all containerapps-acmebot instances I have deployed, for wildcard certs, different domains, in different Azure subscriptions.
Describe the bug
When trying to add a certificate I get this error:
Orchestrator function 'AddCertificate_Orchestrator' failed: The orchestrator function 'BindToContainerApp' failed: "The activity function 'BindDomains' failed: "Service request failed.
Status: 400 (Bad Request)
Content:
{"code":"ContainerAppSecretNull","message":"Invalid Request: Container app secret(s) with name(s) 'reg-pswd-4e853129-a6fb' cannot have a value of null."}
Headers:
Cache-Control: no-cache
Pragma: no-cache
x-ms-ratelimit-remaining-subscription-resource-requests: REDACTED
api-supported-versions: REDACTED
Server: Microsoft-IIS/10.0
X-Powered-By: REDACTED
x-ms-request-id: 4b5a805d-73b2-4c0d-92bd-1b1376a3518a
x-ms-correlation-request-id: REDACTED
x-ms-routing-request-id: REDACTED
Strict-Transport-Security: REDACTED
X-Content-Type-Options: REDACTED
Date: Wed, 07 Sep 2022 18:49:39 GMT
Content-Length: 153
Content-Type: application/json; charset=utf-8
Expires: -1
". See the function execution logs for additional details.". See the function execution logs for additional details.
Seems to be a bug with az cli?
microsoft/azure-container-apps#259
microsoft/azure-container-apps#299
Appearntly fixed in CLI version 2.39.0. Not sure if the cli is used in this project, or maybe the equivalent needs to be upgraded?
To Reproduce
Steps to reproduce the behavior:
Environment (please complete the following information):
Additional context
I do have a secret in the App Container.
Is your feature request related to a problem? Please describe.
I love this project and what it helps provide! In my case, I use Dreamhost as my DNS provider/manager. Is it possible to enable this to NOT do a DNS Zone/Name?
Describe the solution you'd like
Add the ability to specify "Azure Managed / Not-Azure Managed" for the Function.
Describe alternatives you've considered
I tried not specifying a DNS Zone/Name, but the submit button doesn't work w/o it.
Additional context
I'm willing to work on the PR if you can point me in the right direction.
Thanks!
Describe the bug
Trying to add a certificate, but it keeps giving a null reference exception:
Orchestrator function 'AddCertificate_Orchestrator' failed: The orchestrator function 'BindToContainerApp' failed: "The activity function 'ValidateDomain' failed: "Object reference not set to an instance of an object.". See the function execution logs for additional details.". See the function execution logs for additional details.
Through app insights, I can see that it is failing at ValidateDomain at line 540
. The POST request to GetCustomHostNameAnalysis returns 200 as well. This may be something to do with Azure's SDK's GetCustomHostNameAnalysisAsync
method perhaps?
To Reproduce
Steps to reproduce the behavior:
Environment (please complete the following information):
Additional context
I've recently did 3 entries last week (18/19th August) and it worked well.
I've noticed you've also changed the Nuget package for some of the SDKs, I'm wondering if the breaking namespace change may have caused it to error?
Describe the bug
It seems that DNS Zones and Container Apps can't be found, if they are located in a different subscription.
Is there any option to configure the Subscription?
To Reproduce
Steps to reproduce the behavior:
Describe the bug
Similar to #62 I get an Upload failed error; however, the certs end up being issued and installed in the Container App Env.
Access control is configured correctly and I have issues certs to the same environment.
To Reproduce
Steps to reproduce the behavior:
Add new cert to environment.
Environment (please complete the following information):
Additional context
Error details:
Is your feature request related to a problem? Please describe.
I hope I didn't miss anything but currently, as far as I can see, there is no support to set the container environment dns suffix via lets encrypt. While the bot supports creating wildcard certificates it's not yet able to assign them to the custom dns suffix.
The azure portal doesn't allow setting a custom dns suffix without providing a certificate.
It would be nice if the bot could add the dns suffix and upload the wildcard certificate for it aswell as auto update that certificate when needed without the need for each app to bind to that certificate.
Describe the solution you'd like
Maybe a checkbox if a "*.domain" wildcard certificate is created, if the certificate (and dns suffix) should be added to the container app env.
Describe the bug
When i try to create the deployment this error message gets kicked back by azure:
{
"code": "InvalidTemplateDeployment",
"details": [
{
"message": "Object reference not set to an instance of an object."
}
],
"message": "The template deployment 'Microsoft.Template-20220817155227' is not valid according to the validation procedure. The tracking id is '654a7dd2-bfcf-421c-9c62-bd65fa38de7c'. See inner errors for details."
}
To Reproduce
Steps to reproduce the behavior:
1: Click Deploy to Azure(Public)
2: Fill out fields
3: Review and Create
Describe the bug
I'm currently trying to deploy this. My first problem was that I already have reached the limit os service plans in my subscription.
So I changed the template to reference an existing service plan.
While this worked I now got the error:
{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"message":"AppSetting with name 'Acmebot:SubscriptionId' is not allowed."}]}
I then changed all "Acmebot:" to "Acmebot__" and it successfully deployed. I've set up authentication but now I'm stuck with "The service is unavailable." and the portal says "Azure Functions runtime is unreachable"
To Reproduce
Steps to reproduce the behavior:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.