In my last post, Azure: Trigger a WebJob with Logic Apps and Kudu - Part 1, we built a KeyVault and a WebJob that will retrieve a storage key from KeyVault (using Managed Identity and REST APIs) and then backed up our webapp content and copied it to blob storage using AzCopy.exe.
In this 2nd and final part, we'll build the Logic App that will call that WebJob using the Kudu REST API on a schedule, again retrieving the necessary credentials from the KeyVault
The main idea of a Logic App is that you don’t need to be able to code - its all done graphically in the Azure portal. However, there are two views - designer and code. That means you could actually put a JSON definition of your logic app straight into the code view.
You can also create using Az Powershell cmdlets, or using the Azure Logic Apps extension in VS Code or in Visual Studio. As I started off in the portal, like every post I’ve done so far, I’ll show you how to do it in the portal. In future posts I’ll explore more automated methods (Infrastructure-as-Code or closer to it).
Without further ado...
Using the search bar, search for Logic Apps and click on Logic Apps in the results.
Click on Add
Give your app a name, a resource group (BlogLabRG in this example) and a location.
You’ll be taken straight into the designer view alongside a video clip and useful quickstart resources.
Before we go any further, we need to enable Managed Identity for this app so it can access KeyVault.
Click on Identity in the Settings blade then click on On to enable
Click on Save
Click Yes to confirm
In the Select field, enter the start of the logic app name to find it's Managed Identity, e.g. BL. You'll see two entries, one for the WebApp and one for the Logic App, in this case we called it BL-Backup-Logic, so click on that.
Scroll down and click on the Recurrence trigger
(UTC + 00:00) Dublin, Edinburgh, Lisbon, London
It should look as follows if you've used the values I've used
Click on New Step
Scroll down through the actions until you see the HTTP Built-in section, then click on HTTP action (as opposed to HTTP + Swagger or HTTP Webhook), it should now look as follows:
Now, we're going to lookup the webapp deployment usercode in KeyVault, so we're going to want to set it up as follows:
It should look like the following (note that the secret name and secret version may be different - in fact the version be different for you even if you used the same name, as the version ID is generated randomly).
Click on Run
After a few moments, you should see that it has completed
Click on the HTTP action for more information about the run
So, next we will add a Parse JSON action, so search for JSON as shown below and you'll see the Parse JSON action - click on it to add it.
Click in the Content field and you'll see dynamic content appear on the right - click on the Body item so that it becomes the content to be parsed - this is the Body of the response to the previous HTTP AIP call.
Now, it needs to know the JSON schema to know how to parse the body. Because we have the output from earlier, we can use that and have the schema built for us from the output.
Paste the sample payload into the field, click Done
https://bloglabvault.vault.azure.net/secrets/blapp-p/7adcfcd2c203448f84165281daa735ef(again, your URI won't be exactly the same even if you used the same name, as the version ID generated will be different - you can get the full URI by viewing the secret in your keyvault).
At this point, you should have something resembling the following:
Click on Properties
the "value" field from Parse JSON
the "value" field from Parse JSON 2
It should look like below (remember to Save)
Now - you'll notice that it was easy to perhaps mix up the values from each of the various actions, with their default naming. You can change their label though to make it more meaningful.
So, instead of the following:
The following is better for someone else to read/follow later and is easier when building the logic app if you relablelthem as you go (once an action has another action dependent upon it's output, you can't rename it in the designer, though you can in the code view):
To relabel an action or trigger, click on the ... at the right of the action and choose Rename then enter the new name and press Enter.
Now, to test it, after you have saved the app, click on Run
While it's running, you will see how an orange clock icon on the currently running action, and green tick on those that are complete. All of them will show you how long they took/have taken so far.
Click on the final action (or indeed any action) to see the result of it/output.
So there you have it - simple automation without any code (for the Logic App at least!) and between Kudu, Logic Apps and WebJobs, you can automate a lot of manual actions around the management and deployment of your webapp and without using Azure Batch or Azure Automation.
As ever, thanks for reading and feel free to leave comments below.