Continuous Integration, DevOps

Using WebDeploy in a CI/CD pipeline with powershell

2 min read

It’s cool to play around with new Tech and new stuff but sometimes you have to come back to the basics that have been working for years. I’ve been setting up the CI/CD pipeline at my work place for my team and one task consisted of deploying the generated code documentation with DocFX, to our development web server hosted through IIS. Since I had custom logic I wanted to execute, I couldn’t use the built in WebDeploy task that was provided to me. So when you are doing DevOps, PowerShell becomes your best friend.

For those who are struggling to install WebDeploy in IIS (8+), follow the guide Inigo Montoya put together. You should also configure a site using a Non-Administrative user to deploy. Follow the guide provided by Microsoft which can be found here.

Running WebDeploy in Powershell

There’s a log of ways to run executables in PowerShell. However, WebDeploy has some funky arguments at times and is sensitive to that. I’ve tried a few approach but the best that worked for me was to use .NET ProcessStartInfo class. I found the snippet in this StackOverFlow post.

Now the question is, how to generate the arguments that can be used with WebDeploy and that won’t cause use funky problems (because of the quotes mostly!)?

You can use an array to build up your arguments. For arguments that require double quotes (“), I like to use the escaping technique using backticks (`) and string formatting using the -f parameter

Here’s a sample:

Calling WebDeploy with the above looks like this:

WebDeploy woes

When setting up the Non-Administrative access control on the machine, I initially had computerName in the -dest parameter of WebDeploy. When trying out the deployment, in test using whatif, WebDeploy was giving me a 401. Changing computerName to wmsvc worked. Why? Don’t ask me. I did not try no understand further as it worked and I wanted to move on with my implementation.

It seems that when the user is a local administrator on the machine, computerName works (and probably wmsvc as well). If the user is not a local administrator, computerName does not work but wmsvc does. Remember that you need to setup the appropriate permissions on the IIS site (IIS Manager Permissions, as described in the Microsoft docs I’ve posted above) and the proper security permissions (read/write) on the site directory to deploy with Non-Administrative access.

If you want to use WebDeploy towards an IIS < 7 instance, your user needs to be local administrator unfortunately (see https://forums.iis.net/t/1166339.aspx).

If anyone has the answer to the above, I would be glad to hear it!

Happy Deployment!