Skip to content

Deployment Steps - 2025_APR_02

Deployment

Potential Issues

  1. If the deployment admin does not have access to Storage Accounts, the Storage Account deployment part will fail. There are no changes to the storage accounts in this release, so this can be ignored
  2. The Custom Functions Function App (npobp_common) tends to have trouble with deployment and may need to be manually deployed
  3. The Seed Data step may not work if APIM is secured within a vnet. In that instance, the #Manual Steps below will allow the same changes to be added manually

Prerequisites

We will follow the deployment instructions from: Hosted Model Deployment Guide Please read and understand the additional prerequisites below before continuing:

  1. Ensure the logged in user has access to the following storage accounts. If the storage account is part of a VNet, the user's IP address needs to be explicitly added:
    1. Data Store - Master (npobp_mast)
    2. Data Store - Reporting (npobp_custrep)
    3. Data Store - Execution (npobp_custexec)
    4. Data Store - Configuration (npobp_custconfig)
  2. Do the same for the following, for both the Main site and Advanced Tools site:
    1. NPO Portal (npobp_portal)
    2. Portal Backend (npobp_portalbackend)
  3. In your existing customerconfig.json file, ensure the following settings are correct:
    1. prerequisutes.validateEnabled
    2. otherSettings.downloadAdditionalScripts
    3. otherSettings.downloadArtifacts
  4. In your existing customerconfig.json file, add the following settings in the otherSettings object: 
    "AllowCustomerCreate": "Never",
"PlatformAdmins": "SEMI_COLON_SEPARATED_PLATFORM_ADMIN_EMAILS"
  5. The Custom Functions Function App (npobp_common) function app tends to fail when run manually through the script, so it may need to be manually redeployed 
    $resourceGroupName = 'NAME_OF_YOUR_RESOURCE_GROUP'  
$functionAppName = 'NAME_OF_YOUR_COMMON_FUCNTION_APP'  
$deployZipPath = 'PATH_TO_THE_ARTIFACTS_ZIP_FILE_IN_ARTIFACT_FOLDER_34'

az account set --subscription ""

az functionapp deployment source config-zip `  
                --resource-group $resourceGroupName `  
                --name $functionAppName `  
                --src $deployZipPath

Manual Steps:

Portal Backend

  1. On the Portal Backend (npobp_portalbackend) App Service, add/update the Environment Variables:
Name Old Value New Value Comment
API_BASE_URL https://YOUR_APIM.azure-api.net/api https://YOUR_APIM.azure-api.net remove trailing /api and ensure there is no trailing slash.
VALID_INPUT_PATHS /api;/testharnessapi;/demapi This allows the app service to accept input from both base paths rather than just /api
API_KEY_VALUES [APIM_SUB_KEY_Portal];[APIM_SUB_KEY_DEMTestHarnessKey];[APIM_SUB_KEY_DEMKey] This is the subscription keys for APIM.

New value that the plural of the API_KEY_VALUE key. Value is semi colon separated list of keys where the key index matches the position of the VALID_INPUT_PATHS

The following options are available:
- Single key for all the exposed VALID_INPUT_PATHS. In this case, simply use the existing value in API_KEY_VALUE. Ensure this subscription in APIM is Scoped as "All APIs"
- Individual subscription keys for each exposed VALID_INPUT_PATHS. In this case, this value is a semi colon separated list of the keys. Ensure each key is Scoped as a single API and points to the correct API

If you used the NPO Script, the APIM Subscriptions are called: Portal (the /api endpoint), DEMTestHarnessKey (the /testharnessapi endpoint). Assuming the keys are Portal="ABC" and DEMTestHarnessKey = "XYZ", the value for API_KEY_VALUES will be "ABC;XYZ"
API_KEY_VALUE {redacted} Completely delete this key because it is now replaced by the plural key above

TechStack

  1. Open the Data Store - Master (npobp_mast) storage account and open the TechStack table
  2. For each record, add/edit the following attribute:
    1. Name: BaseTestHarnessUrl
    2. Value: The url of the Portal Backend (npobp_portalbackend) function app.

NPOSettings

  1. Open the Data Store - Master (npobp_mast) storage account and open the NPOSettings table
  2. Add/Edit the following:
    1. Name: AllowCustomerCreate
    2. Value: Never
  3. Add/Edit the following:
    1. Name: PlatformAdmins
    2. Value: Semi-colon separated email addresses of platform admins

Smoke Tests

  1. Log on to the NPO Portal (npobp_portal) and browse to the "All Customers" page. The Create Customer button is not visible
  2. Browse to any Form and click Test. Open Browser Dev Tools and inspect the traffic. All the Fetch/XHR should direct through the Portal Backend (npobp_portalbackend) and not through APIM (npobp_apim)