Azure Web Apps
Azure Web Apps
If your code in an Azure Web App for Linux needs to determine in which deployment slot it's running, then the incoming
WAS-DEFAULT-HOSTNAME
HTTP header seems to be the only reliable way. Also confirmed here.When you're in the production slot, then the value looks like this:
someappname.azurewebsites.net
. When you created a slot called stage1
, then this header is someappname-stage1.azurewebsites.net
. The absence of the suffix points to the production slot, otherwise the suffix gives the user-chosen name.There's a second header called
X_SITE_DEPLOYMENT_ID
, but this one contains an identifier like someappname__f375
, which isn't too helpful.<h1>Server <?php echo $_SERVER['HTTP_WAS_DEFAULT_HOSTNAME']; ?></h1>
Another, certainly much more clear way, could be using a system-assigned managed identity, assuming you assigned one to all deployment slots. If you fetch an
access_token
, then the xms_mirid
claim in the JWT contains the real instance ID, such as"/subscriptions/.../resourcegroups/.../providers/Microsoft.Web/sites/someappname"
for the production slot, or"/subscriptions/.../resourcegroups/.../providers/Microsoft.Web/sites/someappname/slots/stage1"
for thestage1
slot.
- Inside Azure Web Apps for Linux, you can't simply query the instance metadata endpoint, you need a special endpoint from an environment variable https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet#using-the-rest-protocol
- Also api-version must be a special one
<?php
$resource = 'https://storage.azure.com/';
$endpoint = $_ENV["IDENTITY_ENDPOINT"];
$params = array('api-version' => '2019-08-01', 'resource' => $resource);
$url = $endpoint . '?' . http_build_query($params);
$headers = array(
'Metadata: true',
'X-IDENTITY-HEADER: ' . $_ENV['IDENTITY_HEADER']
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close ($ch);
$response_json = json_decode($response);
$access_token = $response_json->{'access_token'};
?>
<a href="https://jwt.ms/#access_token=<?php echo $access_token; ?>" target="_blank">
See the JWT in https://jwt.ms
</a>
Last modified 1yr ago