Description
Bug description
After upgrading to Developer Portal version 2.33.0, the portal publishing process fails because managementApiAccessToken is no longer supported. The new version appears to require an ARM token, but there is no documentation or guidance on how to configure this correctly in a CI/CD pipeline using npm run publish-ado.
As a result, the publishing step fails with a 401 Unauthorized error, despite attempting to pass the ARM token as an environment variable.
Reproduction steps
- Upgrade Developer Portal to version 2.33.0.
- Set up Azure DevOps pipeline using npm run publish-ado and pass ARM token as follows:
-
task: AzureCLI@2
displayName: Publish Developer Portal (ARM Token)
inputs:
azureSubscription:
scriptType: "pscore"
scriptLocation: inlineScript
workingDirectory: $(Pipeline.Workspace)/ApimDeveloperPortalWithPlaceholderFiles/
inlineScript: |
Write-Host "Fetching ARM token..."
$token = az account get-access-token --resource https://management.azure.com/ | ConvertFrom-Json
$env:APIM_DEV_PORTAL_ARM_TOKEN = $token.accessTokenWrite-Host "Running npm run publish-ado with ARM token..." npm run publish-ado
-
Run the pipeline.
-
Observe the following error:
ApiClient {"message":"Error during attempt: 1, for api call: Unauthorized request."}
Token was not provided. Please sign-in.
ClientRequest {"message":"request response","method":"GET","requestUrl":"https://management.azure.com/subscriptions/subscriptionId/resourceGroups/resourceGroup/providers/Microsoft.ApiManagement/service/serviceName/contentTypes/blob/contentItems?$skip=0&$top=50&api-version=2023-03-01-preview","responseCode":"401"}
ApiClient {"message":"Error during attempt: 2, for api call: Unauthorized request."}
Token was not provided. Please sign-in.
ClientRequest {"message":"request response","method":"GET","requestUrl":"https://management.azure.com/subscriptions/subscriptionId/resourceGroups/resourceGroup/providers/Microsoft.ApiManagement/service/serviceName/contentTypes/blob/contentItems?$skip=0&$top=50&api-version=2023-03-01-preview","responseCode":"401"}
Error: Unable to complete publishing. Error: Unable to search media: Error: Could not search object 'uploads'. Error: Unauthorized request.
Expected behavior
Publishing {"message":"Website published successfully."}
DONE.
##[debug]rm -rf /agent/_work/25/npm/945701.npmrc
##[debug]Agent.BuildDirectory=/agent/_work/25
##[debug]rm -rf /agent/_work/25/npm
##[debug]removing directory
Finishing: npm run publish-ado
Is self-hosted portal?
Yes
Release tag or commit SHA (if using self-hosted version)
release 2.33.0
API Management service name
[e.g., contoso-api]
Environment
- Operating system: Ubuntu 22.04 (Azure DevOps pipeline agent)
- Browser: N/A
- Version: N/A
Additional context
Please advise on the correct setup for using ARM tokens in CI/CD for portal publishing.