jenkins 如何修复Azure CLI中的ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion错误？

我需要使用Jenkins管道中的AZ CLI更改Azure中WAF策略中某些托管规则的操作，但我无法做到。
在Jenkins中，我使用AZ CLI连接到执行命令的容器。我使用的azure cli版本是2.38，这是最新的稳定版本。
我有正确的命令，因为我在另一个控制台尝试它，它工作，但从Jenkins它返回一个错误。
要使用Jenkins中的AZ CLI在Azure中更改我的WAF策略中的某些托管规则的操作，我使用以下命令：

az network application-gateway waf-policy managed-rule rule-set update --policy-name wp-main --resource-group rg-pre --type OWASP --version 3.2 --group-name REQUEST-930-APPLICATION-ATTACK-LFI --rule rule-id=930100 state=Enabled action=Log --rule rule-id=930110 state=Enabled action=Log

字符串
该命令是正确的，因为我已经在本地机器上测试过了，它工作正常。问题是，当我从Jenkins启动命令时，它返回以下错误：

14:18:19  ERROR: (ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion) Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
14:18:19  Code: ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion
14:18:19  Message: Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.

型
如果我启动带有debug标志的命令，它会返回以下错误：

09:07:06  DEBUG: urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
09:07:06  DEBUG: urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main?api-version=2021-08-01 HTTP/1.1" 400 482
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies: Response status: 400
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies: Response headers:
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Cache-Control': 'no-cache'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Pragma': 'no-cache'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Content-Length': '482'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Content-Type': 'application/json; charset=utf-8'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Expires': '-1'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-request-id': 'aff1d4c4-1227-4220-a8bd-3195865a4d19'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-correlation-request-id': '90e02c91-d9c0-4f61-8127-3adea4d468a0'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-arm-service-request-id': '57bdc048-e44d-46fd-a255-5063097bc367'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-ratelimit-remaining-subscription-writes': '1199'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-routing-request-id': 'NORTHEUROPE:20230801T070706Z:90e02c91-d9c0-4f61-8127-3adea4d468a0'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'X-Content-Type-Options': 'nosniff'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies:     'Date': 'Tue, 01 Aug 2023 07:07:06 GMT'
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies: Response content:
09:07:06  DEBUG: cli.azure.cli.core.sdk.policies: {
09:07:06    "error": {
09:07:06      "code": "ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion",
09:07:06      "message": "Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.",
09:07:06      "details": []
09:07:06    }
09:07:06  }
09:07:06  DEBUG: cli.azure.cli.core.util: azure.cli.core.util.handle_exception is called with an exception:
09:07:06  DEBUG: cli.azure.cli.core.util: Traceback (most recent call last):
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke
09:07:06      cmd_result = self.invocation.execute(args)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 663, in execute
09:07:06      raise ex
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 726, in _run_jobs_serially
09:07:06      results.append(self._run_job(expanded_arg, cmd_copy))
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 697, in _run_job
09:07:06      result = cmd_copy(params)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 333, in __call__
09:07:06      return self.handler(*args, **kwargs)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/command_operation.py", line 240, in handler
09:07:06      result = cached_put(self.cmd, setter, **setterargs)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 452, in cached_put
09:07:06      return _put_operation()
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 446, in _put_operation
09:07:06      result = operation(**kwargs)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/core/tracing/decorator.py", line 73, in wrapper_use_tracer
09:07:06      return func(*args, **kwargs)
09:07:06    File "/usr/lib64/az/lib/python3.6/site-packages/azure/mgmt/network/v2021_08_01/operations/_operations.py", line 75623, in create_or_update
09:07:06      raise HttpResponseError(response=response, error_format=ARMErrorFormat)
09:07:06  azure.core.exceptions.HttpResponseError: (ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion) Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  Code: ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion
09:07:06  Message: Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  
09:07:06  ERROR: cli.azure.cli.core.azclierror: (ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion) Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  Code: ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion
09:07:06  Message: Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  ERROR: az_command_data_logger: (ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion) Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  Code: ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion
09:07:06  Message: Specified api-version 2021-08-01 does not meet the minimum required api-version 2022-05-01 to have 'Enabled' override state in context /subscriptions/13934565-331c-4c7e-8ec2-a33e1f98de4c/resourceGroups/rg-pre-common-euw-dr/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/wp-pre-common-euw-dr-main.
09:07:06  DEBUG: cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f8ff813e840>]
09:07:06  INFO: az_command_data_logger: exit code: 1
09:07:06  INFO: cli.__main__: Command ran in 1.268 seconds (init: 0.183, invoke: 1.085)
09:07:06  INFO: telemetry.save: Save telemetry record of length 3991 in cache
09:07:06  WARNING: telemetry.check: Negative: The /root/.azure/telemetry.txt was modified at 2023-08-01 07:06:38.955288, which in less than 600.000000 s

型
也可以使用以下命令：

az network application-gateway waf-policy managed-rule rule-set update --policy-name wp-main --resource-group rg-pre --type OWASP --version 3.2 --group-name General --rule rule-id=200004 state=Enabled action=Log --rule rule-id=200002 state=Enabled action=Log --rule rule-id=200003 state=Enabled action=Log --debug

型
这个命令也是正确的，因为我已经在本地机器上测试过了，它也可以工作，在Azure Portal中，我可以看到规则和规则组，因此规则和规则组存在。这个错误没有意义，因为规则和规则组存在，问题是当我从Jenkins启动命令时，它返回以下错误：

08:04:54  DEBUG: cli.azure.cli.core.sdk.policies: Response status: 400
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies: Response headers:
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Cache-Control': 'no-cache'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Pragma': 'no-cache'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Content-Length': '241'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Content-Type': 'application/json; charset=utf-8'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Expires': '-1'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-request-id': 'ef9bd208-e07a-41b7-80fb-4d0cbecb5fed'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-correlation-request-id': '2ae123db-63b7-4a69-8f83-9b843a24cb1a'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-arm-service-request-id': '675a862b-817e-4b15-9f1a-28f0eaa3bb96'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Server': 'Microsoft-HTTPAPI/2.0, Microsoft-HTTPAPI/2.0'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-ratelimit-remaining-subscription-writes': '1199'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'x-ms-routing-request-id': 'NORTHEUROPE:20230801T060453Z:2ae123db-63b7-4a69-8f83-9b843a24cb1a'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'X-Content-Type-Options': 'nosniff'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies:     'Date': 'Tue, 01 Aug 2023 06:04:53 GMT'
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies: Response content:
08:04:54  DEBUG: cli.azure.cli.core.sdk.policies: {
08:04:54    "error": {
08:04:54      "code": "ApplicationGatewayFirewallUnknownRuleOverride",
08:04:54      "message": "The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.",
08:04:54      "details": []
08:04:54    }
08:04:54  }
08:04:54  DEBUG: cli.azure.cli.core.util: azure.cli.core.util.handle_exception is called with an exception:
08:04:54  DEBUG: cli.azure.cli.core.util: Traceback (most recent call last):
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/knack/cli.py", line 231, in invoke
08:04:54      cmd_result = self.invocation.execute(args)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 663, in execute
08:04:54      raise ex
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 726, in _run_jobs_serially
08:04:54      results.append(self._run_job(expanded_arg, cmd_copy))
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 697, in _run_job
08:04:54      result = cmd_copy(params)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 333, in __call__
08:04:54      return self.handler(*args, **kwargs)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/command_operation.py", line 240, in handler
08:04:54      result = cached_put(self.cmd, setter, **setterargs)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 452, in cached_put
08:04:54      return _put_operation()
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 446, in _put_operation
08:04:54      result = operation(**kwargs)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/core/tracing/decorator.py", line 73, in wrapper_use_tracer
08:04:54      return func(*args, **kwargs)
08:04:54    File "/usr/lib64/az/lib/python3.6/site-packages/azure/mgmt/network/v2021_08_01/operations/_operations.py", line 75623, in create_or_update
08:04:54      raise HttpResponseError(response=response, error_format=ARMErrorFormat)
08:04:54  azure.core.exceptions.HttpResponseError: (ApplicationGatewayFirewallUnknownRuleOverride) The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  Code: ApplicationGatewayFirewallUnknownRuleOverride
08:04:54  Message: The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  
08:04:54  ERROR: cli.azure.cli.core.azclierror: (ApplicationGatewayFirewallUnknownRuleOverride) The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  Code: ApplicationGatewayFirewallUnknownRuleOverride
08:04:54  Message: The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  ERROR: az_command_data_logger: (ApplicationGatewayFirewallUnknownRuleOverride) The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  Code: ApplicationGatewayFirewallUnknownRuleOverride
08:04:54  Message: The override Rule 'rule-id=200003' is unknown for RuleGroup 'General' for Application Gateway Firewall in context ''.
08:04:54  DEBUG: cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f8b944e0840>]
08:04:54  INFO: az_command_data_logger: exit code: 1
08:04:54  INFO: cli.__main__: Command ran in 2.719 seconds (init: 0.138, invoke: 2.581)
08:04:54  INFO: telemetry.save: Save telemetry record of length 3523 in cache
08:04:54  WARNING: telemetry.check: Negative: The /root/.azure/telemetry.txt was modified at 2023-08-01 06:04:40.399674, which in less than 600.000000 s

型
我需要帮助，因为我不知道如何修复它。我不明白为什么这个命令在我的本地机器上有效，而在Jenkins上无效。

jenkins 如何修复Azure CLI中的ApplicationGatewayFirewallEnabledOverrideStateCannotBeConfiguredForApiVersion错误？

1条答案

相关问题

热门标签

最新问答