Azure 自动化帐户 PowerShell Runbook 自行重新启动

问题描述 投票:0回答:1

我在 Azure 中有一个自动化帐户,以及一些 PowerShell Runbook。这些 Runbook 也在 Azure 中的 Windows 混合辅助虚拟机上运行。我的所有操作手册,除了一次运行没有问题之外。有问题的运行手册运行正常,但随后会自行重新启动,并且一遍又一遍地这样做。

运行手册中的相关代码是:

Initialize-Variables

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }

$session_token = Get-Token

.\log-message.ps1 -RunbookVariables $script:CommonVars -Message "Polling ${script:secret_source} for certificates"

$devices = Get-Devices -session_token $session_token

$certificates = @();
$certificate_types = @("local", "remote", "ca", "pki", "ocsp-server");

foreach ($device in $devices) {
    $device_id = $device.vdom[0].devid;
    $device_certs = @();
    foreach ($cert_type in $certificate_types) {
        $type_certs = Get-DeviceCerts -session_token $session_token -device_id $device_id -cert_type $cert_type
        if ($null -eq $type_certs) { Continue }
        try {
            $device_certs += $type_certs.Where({ $null -ne $_._certinfo })
        }
        catch {
            $device_certs += @($type_certs).Where({ $null -ne $_._certinfo })
        }
    }

    .\log-message.ps1 -RunbookVariables $script:CommonVars -Message "Checking '${device_id}' for certificates"
    foreach ($cert in $device_certs) {
        $parsed_cert = Set-Certificate -cert $cert -device_id $device_id;
        # Confirm the cert is not a duplicate
        if (!(Find-Duplicate -certificates $certificates -cert $parsed_cert)) {
            $certificates += @($parsed_cert)
        }
    }
}

Remove-Token -session_token $session_token

.\log-message.ps1 -RunbookVariables $script:CommonVars -Message "${script:secret_source} Certificates polled"
.\log-message.ps1 -RunbookVariables $script:CommonVars -Message "Checking delta table for diffs"

$script:CommonVars["secrets"] = $certificates

.\manage-secret-database.ps1 -RunbookVariables $script:CommonVars
.\log-message.ps1 -RunbookVariables $script:CommonVars -Message "FINISHED POLLING CERTIFICATES FOR FORTIGATE"

# Nullify sensitive vars, letting the garbage collector know they're ready to be collected
$script:db_client_secret = $null
$script:db_password = $null
$script:fortimanager_password = $null

# Nullify secret array, letting the garbage collector know it's ready to be collected
# The secret array doesn't contain any sensitive info per-se, but since it's metadata on secrets/certs, it's best to clear it anyway
$script:secrets = $null
$script:certificates = $null

.\log-message.ps1 -RunbookVariables $script:CommonVars -Message "Starting Garbage Collection"
# Force Garbage collection
[GC]::Collect()

# FIXME: unless we explicitly write output at the end of this specific script, it will call itself infinitely
Start-Sleep 10
Write-Output "Attempting to Exit"
Exit 0

该脚本调用其他一些 Runbook 

log-message
initialize-common-vars
manage-secret-database
。但其他 Runbook 会调用这些相同的 Runbook,而无需重新启动。 我认为问题是脚本需要输出一些东西,所以我添加了逻辑来写入一些输出,然后显式退出,但输出被写入,然后 Runbook 重新启动。

我问了ChatGPT,我在Google上搜索了高低,但找不到解决方案。有什么想法吗?

azure powershell azure-automation
1个回答
0
投票
删除脚本末尾的

Start-Sleep 10Exit 0,因为它可能会导致重新启动,在 Azure 自动化中,当脚本到达末尾时,脚本执行被视为完成。添加睡眠和退出可能会导致 Runbook 重新启动。

相反,您可以在脚本中使用

Start-SleepWait-Event 来确保延迟或等待特定条件。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.