Module azure_rm_webapp add support for "App Service Log on Filesystem" and "Custom Domain Addition + Certificate Binding" option settings

[emanuele-leopardi]

SUMMARY

Module azure_rm_webapp currently does not support setting App Service Log on Filesystem nor Custom Domain Addition + consequent Certificate Binding

ISSUE TYPE

• Feature Idea

COMPONENT NAME

azure_rm_webapp.py

ADDITIONAL INFORMATION

App Service Log on Filesystem document reference is here:

https://docs.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs#enable-application-logging-linuxcontainer

This allows user to see logs from container and application and retain them for X days. (this amount is already configurable using application_settings, using WEBSITE_HTTPLOGGING_RETENTION_DAYS env var ,so no need to develop anything on this side) Basically this would correspond to the following :

https://docs.microsoft.com/en-us/cli/azure/webapp/log?view=azure-cli-latest#az_webapp_log_config

az webapp log config [--application-logging {azureblobstorage, filesystem, off}]
                     ...
                     [--docker-container-logging {filesystem, off}]
                     ...
                     [--web-server-logging {filesystem, off}]

Custom Domain document reference is here:

https://docs.microsoft.com/en-us/azure/dns/dns-web-sites-custom-domain

This allows the user that already has a registered domain to create a CNAME to that record. Basically, this would correspond this cli command

 az webapp config hostname add --hostname  webapp.my_super_duper_domain.com --resource-group  my_resource_group --webapp-name mywebapp_name

Example variables

    subscription: " My Microsoft Azure Subscription"
    # Default Resource Group
    resource_group: my_resource_group
    # WebApp configuration
    web_app:
      name: mywebapp_name
      container_settings:
        name: "container_image:latest"
      # Environment Variables for the container
      app_settings:
        WEBSITE_HTTPLOGGING_RETENTION_DAYS: 30
        OTHER_SETTING: foo
    state: present
    registry:
      name: my_registry_name
      admin_user_enabled: true
      sku: Standard

Example Code:

- name: Deploy "{{ web_app.name }}"
  azure.azcollection.azure_rm_webapp:
    resource_group: "{{ resource_group }}"
    name: "{{ web_app.name }}"
    plan: "{{ service_plan.id }}" | not from variables
    state: "{{ state }}"
    subscription_id: "{{ subscription_id }}" | not from variables
    app_service_logging:
       docker_container_logging: (filesystem  | false)
       application_logging: (filesystem | azureblob | false)
       webserver_logging:  (filesystem | false)
    custom_domain:
       name: webapp.my_super_duper_domain.com 
    container_settings:
        name: "{{ web_app.container_settings.name }}"
        registry_server_url: "{{ registry.name }}.azurecr.io"
        registry_server_password: "{{ registry.credentials.password | default(omit)}}"
        registry_server_user: "{{ registry.name | default(omit)}}"
    app_settings: "{{ web_app.app_settings }}"

Usually, after this point many people also issue a certificate and bind that to the domain, something like the following:

az webapp config ssl create --resource-group  my_resource_group --name  mywebapp_name --hostname webapp.my_super_duper_domain.com

thumbprint=$(az webapp config ssl show --resource-group  my_resource_group --certificate-name webapp.my_super_duper_domain.com --query 'thumbprint' -o tsv)

az webapp config ssl bind --certificate-thumbprint {certificate-thumbprint} --name  mywebapp_name --resource-group  my_resource_group  --ssl-type SNI

but I guess this could be taken care of in a full new module..? something like azure_rm_webapp_certificates, or similar

[Fred-sun]

@emanuele-leopardi Thank you for reporting this problem. We will check and support your demand as soon as possible. Thank you very much!

[czw]

Just checking if this is still something someone intends to implement, or if I should find a workaround.