我有以下简化的 ARM 模板(我省略了某些部分以使其更具可读性)。我有一个名为
PrivateKeyCertificateThumbprint
的参数。如果填写这个参数,我想将appsettingWEBSITE_LOAD_CERTIFICATES
设置为某个值。如果参数为空,我不想设置该值。因此 appSettings
数组中的元素是基于 PrivateKeyCertificateThumbprint
参数的内容而动态变化的。
我似乎没有在 ARM 中找到解决方案。用例看起来很简单。首先,我尝试仅使用
Microsoft.Web/sites/config/appsettings
键添加额外的 WEBSITE_LOAD_CERTIFICATES
资源。但这样做会从应用程序中删除所有现有的应用程序设置。
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
...
"PrivateKeyCertificateThumbprint": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The thumbprint of the client certificate used by the application"
}
}
},
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"name": "[parameters('AppResourcename')]",
"identity": {
"type": "SystemAssigned"
},
"Location": "[parameters('Location')]",
"kind": "[parameters('SitesKind')]",
"properties": {
"siteConfig": {
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[if(empty(parameters('AppinsResourceName')), '', reference(resourceId('microsoft.insights/components/', parameters('AppinsResourceName')), '2015-05-01').InstrumentationKey)]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "WEBSITE_HEALTHCHECK_MAXPINGFAILURES",
"value": "5"
},
{
"name": "WEBSITE_LOAD_CERTIFICATES",
"value": "[parameters('PrivateKeyCertificateThumbprint')]"
}
],
"healthCheckPath": "[parameters('HealthCheckPath')]"
}
...
}
]
}
为了清楚起见,我使用了二头肌模板。
在这里,我使用默认的应用程序设置定义了一个变量。然后,如果证书指纹不为空,我将添加额外的应用程序设置:
param PrivateKeyCertificateThumbprint string = ''
param AppResourcename string
param Location string
param SitesKind string
param AppinsResourceName string
// Common app settings
var defaultAppSettings = [
{
name: 'APPINSIGHTS_INSTRUMENTATIONKEY'
value: (empty(AppinsResourceName) ? '' : reference(resourceId('microsoft.insights/components/', AppinsResourceName), '2015-05-01').InstrumentationKey)
}
{
name: 'ApplicationInsightsAgent_EXTENSION_VERSION'
value: '~2'
}
{
name: 'WEBSITE_HEALTHCHECK_MAXPINGFAILURES'
value: '5'
}
]
// if the cert thumbprint is not empty, we add it.
var appSettings = concat(defaultAppSettings, empty(PrivateKeyCertificateThumbprint) ? [] : [
{
name: 'WEBSITE_LOAD_CERTIFICATES'
value: PrivateKeyCertificateThumbprint
}
])
// create the webapp
resource webApp 'Microsoft.Web/sites@2018-11-01' = {
name: AppResourcename
identity: {
type: 'SystemAssigned'
}
location: Location
kind: SitesKind
properties: {
siteConfig: {
appSettings: appSettings
}
}
}
使用 Az CLI,您可以生成 ARM 模板:
az bicep build --file .\main.bicep
生成的 ARM 模板如下所示:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"PrivateKeyCertificateThumbprint": {
"type": "string",
"defaultValue": ""
},
"AppResourcename": {
"type": "string"
},
"Location": {
"type": "string"
},
"SitesKind": {
"type": "string"
},
"AppinsResourceName": {
"type": "string"
}
},
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"name": "[parameters('AppResourcename')]",
"identity": {
"type": "SystemAssigned"
},
"location": "[parameters('Location')]",
"kind": "[parameters('SitesKind')]",
"properties": {
"siteConfig": {
"appSettings": "[concat(createArray(createObject('name', 'APPINSIGHTS_INSTRUMENTATIONKEY', 'value', if(empty(parameters('AppinsResourceName')), '', reference(resourceId('microsoft.insights/components/', parameters('AppinsResourceName')), '2015-05-01').InstrumentationKey)), createObject('name', 'ApplicationInsightsAgent_EXTENSION_VERSION', 'value', '~2'), createObject('name', 'WEBSITE_HEALTHCHECK_MAXPINGFAILURES', 'value', '5')), if(empty(parameters('PrivateKeyCertificateThumbprint')), createArray(), createArray(createObject('name', 'WEBSITE_LOAD_CERTIFICATES', 'value', parameters('PrivateKeyCertificateThumbprint')))))]"
}
}
}
]
}
我终于通过使用函数让它在ARM中工作了。我创建了 3 个函数,它们创建了 3 个子数组作为参数,我只能在资源本身中获取值。然后,我将 concat 与 if 结合使用,有条件地将部分添加到资源中的设置数组中。
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters":
// ...
"PrivateKeyCertificateThumbprint": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The thumbprint of the client certificate used by the application"
}
}
},
"variables": {
// ...
},
"functions": [
{
"namespace": "test",
"members": {
"createAppSettings": {
"parameters": [],
"output": {
"value": [
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "WEBSITE_HEALTHCHECK_MAXPINGFAILURES",
"value": "5"
}
],
"type": "array"
}
},
"createAppInsightSettings": {
"parameters": [
{
"name": "instrumentationkey",
"type": "string"
}
],
"output": {
"value": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[parameters('instrumentationkey')]"
}
],
"type": "array"
}
},
"createCertificateAppSettings": {
"parameters": [
{
"name": "certthumbprint",
"type": "string"
}
],
"output": {
"value": [
{
"name": "WEBSITE_LOAD_CERTIFICATES",
"value": "[parameters('certthumbprint')]"
}
],
"type": "array"
}
}
}
}
],
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"name": "[parameters('AppResourcename')]",
"identity": {
"type": "SystemAssigned"
},
"Location": "[parameters('Location')]",
"kind": "[parameters('SitesKind')]",
"properties": {
"siteConfig": {
"appSettings": "[concat(
test.createAppSettings(),
if(empty(parameters('AppinsResourceName')), createArray(), test.createAppInsightSettings(reference(resourceId('microsoft.insights/components/',parameters('AppinsResourceName')), '2015-05-01').InstrumentationKey)),
if(empty(parameters('PrivateKeyCertificateThumbprint')), createArray(), test.createCertificateAppSettings(parameters('PrivateKeyCertificateThumbprint')))
)]",
"healthCheckPath": "[parameters('HealthCheckPath')]"
}
// ...
}
}
]
}