We have on-prem Octopus Server deploying to Azure App Services via an on-prem worker tentacle.
Yesterday morning we upgraded to v2021.1 Build 7379 from v2020.11 or there abouts.
Last night we started getting unhealthy Azure App Service targets across the board with the following in the beginning of the health check task logs.
<HEAD><TITLE>Proxy Authorization Required</TITLE></HEAD> <BODY BGCOLOR="white" FGCOLOR="black"><H1>Proxy Authorization Required</H1><HR> <FONT FACE="Helvetica,Arial"><B> Description: Authorization is required for access to this proxy</B></FONT> <HR> <!-- default "Proxy Authorization Required" response (407) --> </BODY>
This would have been the first health check since the upgrade.
We are however, still able to deploy to Azure.
Our worker tentacles are running as dedicated windows NT accounts, rather than default machine accounts (i.e. local system/network service).
I have been able to upgrade the tentacles today - but still get unhealthy checks to the Azure App services.
Now in all likelyhood it looks like our proxy is causing the issue but my questions are thus:
Why when our targets are unhealthy are we still able to deploy to Azure?
Could the upgrade of Octopus Server affect health check on Azure App Services from the tentacles?
When I have come across this type of thing in the past it has usually been down to the application not providing credentials to the proxy when challenged.
Is there a difference when doing deployments and health checks as to this sort of behaviour in terms of the credentials used?