...
Ensure that you have Python 3.6 installed on your local machine. Azure Functions currently only supports Python 3.6.
Install the Azure Functions extension for Visual Studio Code.
In Visual Studio Code, click the Azure icon.
Click Create New Project...
Choose a folder in your repository in which to create the new Azure FunctionmFunction, and click Select.
Choose HTTP trigger from the dropdown list.
Specify a name for the HTTP trigger and press 'Enter'.
Choose the Function authorization level for the HTTP trigger. This will ensure that the function can only be invoked if a function key is passed as a parameter.
Code your Python function. Note that the function will be called via the
mainfunction in__init__.py.Add the Python packages on which your code is dependent to the
requirements.txtfile. See the pip documentation for more information on requirements files.
...
In the Azure portal, search for Function App. Click the Function App result.
Click Add.
Specify an App name, Subscription, and Resource Group for the Function App. Choose Linux for OS, Code for Publish, Consumption Plan for Hosting Plan, East US for Location, Pythonfor Runtime Stack, and, optionally, use an existing Storage account.
Click Create.
In the Azure Dashboard, click Refresh, then click the name of the function app that you just created.
Create a Release Pipeline
...
Follow the instructions in Development Pipeline to create a service connection.
In the Azure DevOps portal, click Pipelines.
Click the context menu next to the most recent successful build, and click Release.
In the Select a template panel, type Function in the Search box.
Click Deploy a function app to Azure Functions.
In the Stage 1 box, click 1 job, 1 task.
Choose the target Azure service connection from the Azure subscription dropdown list.
Choose Function App on Linux from the App type dropdown list (Python Function Apps are only supported on Linux).
Choose the Function App that you created in the previous section from the App Service name dropdown list.
Click Save.
Optionally, specify a folder in which to store the pipeline, and add a comment, then click OK.
Click Create release.
Click Create. Azure DevOps will run the release pipeline, which will deploy the Python Function App.
...
In the Azure dashboard, click Refresh next to the Python Function App, and verify that the function has been deployed.
Click the name of the Azure Function.
Click </> Get function URL.
Click Copy.
In Notepad, paste the URL. The URL should include the function's base URL along with the function key.
https://arcgispythonfunctionapp.azurewebsites.net/api/HttpTrigger?code=b5gt2BH3wPzWQt25RsBBqZ3Ejpjvmi/wMZ85lcvWo40emAKFbCWKAg==In Azure DevOps, On the Stage 1 context menu, click Add an agentless job.
Click the plus sign to add a new task to the Agentless job.
Next to Invoke Azure Function, click Add.
Click Azure Function.
Type the base URL to the Azure function in Azure function URL.
Type the function key in Function key.
Click Save.
Click OK.
You've created a CI / CD pipeline that will automatically deploy and run your Python script when you merge it into the master branch in your Azure DevOps repository.
Redeploy Azure Function App
Once Azure Function App is setup, it is in maintenance stage. It might require to do bug fix, or add new functions in. After checking in the code from Visual Studio Code, you need to redeploy the function app. Visual Studio Code cannot be used to deploy Function App, it requires Docker to do so. Once the pipeline is setup, the checked in code should be automatically deployed. Sometimes there are errors with this automation step.
From DevOps, open Release-93, which has the error mark:
...
Open the Logs, and the error is listed:
...
There is a restriction though that Azure is expecting 20 seconds interval between the two deployment, e.g., from DEV to Sandbox. Once time out happens on DEV for example, deployment can still work on Sandbox, while Pilot and PROD require manual intervention before doing deployment.
For the possible errors and solutions, it will be added in RDIMS-#15688753.
Notes on Setup
Folder Structure
...
Define an identity for the Azure function app.
In the Azure portal, navigate to the function app, click the Platform features tab, and click Identity. Click the Status toggle to On, and click Save.
Allow the application's identity to retrive secrets from the Azure key vault.
In the Azure portal, navigate to the key vault, click Access policies, the click Add new. Click Select principal, and type the name of the app in the Search box. Click the name of the app in the search results (this is the identity created in the previous step), and click Select. IN the Secret permissions dropdown list, click Get and List. Click OK.
Click Save to save the changes to the access policies.
Map the key vault secrets to function app settings.
In the Azure portal, navigate to the key vault, click Secrets, then click the secret that you want to use in the Azure app function. Click the current version, then click to copy the Secrete Identifier (a URL) to the clipboard.
In the Azure portal, navigate to the function app, click Function app settings, then click Manage application settings. Under Application Settings, click New application setting. Type the Name of the new setting, and type a value for the new setting in the format:
@Microsoft.KeyVault(SecretUri=<secret identifier url>)where
<secret identifier url>is the URL that you copied above.
Click OK.
Retrieve the application setting in Python.
In your Python code, use the following code to retrieve the secret from the application settings:
Code Block import os password = os.getenv('EGIS_PASSWORD')In this way, you can securely retrieve secrets from the Azure key vault and use them in your Azure Python function apps.
...
Azure Python function apps are currently in Preview, and thus are not available in all regions (including Canada Central). In order for Azure Python function apps to access the eGIS environments' portal URLs, we set up the following temporary solution:
Create an app service plan in the East US region. Note that this app service plan has a fixed monthly cost regardless of usage. For production deployment, we will use a consumption plan (also in Preview) that will cost only per usage.
Create the Azure function app using the app service plan.
Determine the outbound IP addresses used by the Azure function app. Open the 1. Function App in the Azure portal, click on the 2. Platform features tab, and click on 3. Resource Explorer
, Find the key named
outboundIpAddressesin the configuration, and copy the set of IP addresses there.
...
4. Configure the eGIS environment's virtual network to allow HTTPS traffic from these IP addresses. In the Azure portal, navigate to the eGIS environment's web VM, click Networking,the modify hte HTTPS rule (port 443) to allow traffic from these IP addresses.
...
When these steps are completed, the Azure function app will have access to the eGIS environment's portal. Note that this is not the preferred production approach, since this approach requires that traffic be sent out to the Internet. When Azure python functions are made generally available, this approach should be changed so that the function app's service plan is integrated with the eGIS environment's virtual network.