Develop Reference

How to nest yaml variable expressions?

I want to nest yaml variable expressions in a Azure Devops Pipeline as one step uses the project name separated by spaces and another uses periods ie 'My Project' vs 'My.Project'.
This is what I have currently but the echo is outputting 'My Project' instead of 'My.Project'
- script: echo "projectKey2 is ${{replace(${{ variables.projectName }},' ','.')}}"

You have extra brackets around variables.projectName that should not be there:
- script: echo "projectKey2 is ${{ replace(variables.projectName,' ','.') }}"

variable set in azure pipeline gets corrupted when read in template

variable big_var_01 defined with value '3q4w#V$X3q4w#V$X' by following azure pipeline yaml file gets corrupted to become value '3q4w#V#V' when read back in azure pipeline template
cat parent_scott.yaml
variables:
- name: big_var_01
value: ${{ parameters.big_var_01 }}
parameters:
- name: big_var_01
displayName: "this var wants to get written to then read by templates"
type: string
default: '3q4w#V$X3q4w#V$X'
# CI Triggers
trigger:
branches:
exclude:
- '*'
pool:
vmImage: 'ubuntu-latest'
# Release Stages
stages:
- template: child_scott_one.yaml
following azure pipeline template variable big_var_01 is read back however its value is corrupted and does not match above assignment
cat child_scott_one.yaml
# Release Stages
stages:
- stage: A
jobs:
- job: JA
steps:
- script: |
echo "here is big_var_01 -->$(big_var_01)<-- "
local_var_01=$(big_var_01)
echo
echo "here is local_var_01 -->$local_var_01<-- "
echo
echo "length of local_var_01 is ${#local_var_01}"
echo
name: DetermineResult
see run of above pipeline
https://dev.azure.com/sekhemrekhutawysobekhotep/public_project/_build/results?buildId=525&view=logs&j=54e3124b-25ae-54f7-b0df-b26e1988012b&t=52fad91f-d6ac-51fb-b63d-00fda7898bb6&l=13
see code at https://github.com/sekhemrekhutawysobekhotep/shared_variables_across_templates
How to make the string variable big_var_01 get treated as a literal evidently its somehow getting evaluated and thus corrupted ... above code is a simplification of my actual azure pipeline where I get same variable corruption issue even when setting up a Key Value secret with value 3q4w#V$X3q4w#V$X which gets corrupted when read back in a pipeline template
here is another pipeline run which explicitly shows this issue https://dev.azure.com/sekhemrekhutawysobekhotep/public_project/_build/results?buildId=530&view=logs&j=ed5db508-d8c1-5154-7d4e-a21cef45e99c&t=a9f49566-82d0-5c0a-2e98-46af3de0d6e9&l=38 on this run I check marked ON pipeline run option: "Enable system diagnostics" ... next I will try to single quote my shell assignment from the azure variable

At some step Azure DevOps or Ubuntu replaced part of your string. So you have:
3q4w#V$X3q4w#V$X = 3q4w#V + $X3q4w + #V + $X
and this part $X3q4w and this $X was replaced with empty string giving you 3q4w#V + #V.
If you run this with \ before $ like here 3q4w#V\$X3q4w#V\$X
This is job Foo.
here is big_var_01 -->3q4w#V$X3q4w#V$X<--
here is local_var_01 -->3q4w#V$X3q4w#V$X<--
length of local_var_01 is 16
I got an error running this on windows-latest however I got correct string:
"This is job Foo."
"here is big_var_01 -->3q4w#V$X3q4w#V$X<-- "
'local_var_01' is not recognized as an internal or external command,
operable program or batch file.
ECHO is off.
"here is local_var_01 -->$local_var_01<-- "
ECHO is off.
"length of local_var_01 is ${#local_var_01}"
ECHO is off.
##[error]Cmd.exe exited with code '9009'.
so it looks like ubuntu replaces it with env variables however, since there is not variables like $X3q4w and $X it replaces with empty string.

Found a solution ... it works if I single quote around the azure variable during bash shell assignment
local_var_01=$(big_var_01) # bad results with value 3q4w#V#V
local_var_02="$(big_var_01)" # bad results with value 3q4w#V#V
local_var_03='$(big_var_01)' # good this gives value 3q4w#V$X3q4w#V$X
my instincts said to not use single quotes knowing its not the bash shell way however once I accepted the fact azure performs some magic ~~helping~~ interstigal layer pre processing in between pipeline source code and fully resolved bash shell execution I took a chance and tried this ... come to find out this is how bash shell blocks variable expansion

Can't set variable using Azure CLI within DevOps Release Pipeline

I'm trying to save a key value to pass on to the next step in my release pipeline, but no matter what I do I can't save the result of my command to a variable. I've already checked many of the articles here dealing with this with no success. Here is what I am trying:
$KEY=(az storage account show-connection-string --key primary -n myStorageAccount -g myResourceGroup --query "connectionString" -o tsv)
echo "Attempting to set variable"
echo $KEY
echo ##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]$KEY
echo $AZURE_STORAGE_CONNECTION_STRING
Running on Windows Agent by the way. I've tried all kinds of variations: SET KEY=, SET $KEY=, SET $(KEY)=, $KEY=, $(KEY)=, KEY=, none of it works. Likewise I've tried referencing the variable differently in the echo statements with no luck. If I just run the az storage account command, I do get back the connection string. But either I get that $KEY is not a recognizeable command or if I'm using SET, echo simply gives me back $KEY and the vso line gives me nothing.
I can accomplish most of this, including saving to variable, in Azure Cloud Shell (via syntax $KEY= and echo $KEY). But of course that doesn't help my pipeline. Any idea the proper syntax to get this value into my next release pipeline step, or is the another method to accomplish this?

Can't set variable using Azure CLI within DevOps Release Pipeline
If you are using Azure CLI version 1.*, try to use following scripts:
for /f "tokens=1 USEBACKQ" %%F in (`Yourcommand`) do echo ##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]%%F
If you are using Azure CLI version 2.*, you can also use a powershell command:
$KEY= & YourCommand
Write-Output("##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]$KEY")
Check this thread for some more details.
Hope this helps.

Howto: Escape $(var) in Azure DevOps YAML

variables:
buildSelected: '1.0.0.1234'
steps:
- powershell: |
Write-Host "Build Selected $(buildSelected)"
Write-Host "Escaped '$(buildSelected)'"
displayName: "Escape variable"
I would like the value 1.0.0.1234 & '$(buildSelected)' to be printed instead of what it's printing now:
Build Selected 1.0.0.1234
Escaped '1.0.0.1234'

Sorry but I'm afraid Azure Devops doesn't provide the feature to escape a pipeline variable. If the variable is used in this format $(var), it will always be replaced with its value when using Write-Host to output it.
As I know in Powershell syntax, only the ` can be used to escape variables. See:
Write-Host "Build Selected `$`(buildSelected)"
Its output : Build Selected $(buildSelected)
Not sure if it's what you need, but escaping pipeline variables with complete $(var) is not supported. Azure Devops will always replace it with its value if it matches the $(var) format.

I had the same problem but in bash and solved it by adding the invisible character named "ZERO WIDTH SPACE" between "$" and "(". This way I can print out "$(Build.SourceVersion)" without it being replaced with the actual value.
I copied the character from https://invisible-characters.com/
---
trigger: none
steps:
- script: |
echo "$​(Build.SourceVersion): $(Build.SourceVersion)"
displayName: Test Pipeline Variable Escaping

Azure pipelines Secret Variables don't work on PR triggers

I have a an azure pipelines with a secret variable that triggers on Pull requests. When triggered the secret variable is not available to the pipeline.
Secret Variable works when triggered by commits to a branch.
pipeline
pr:
branches:
include:
- '*'
trigger:
branches:
exclude:
- '*'
jobs:
- job:
pool:
vmImage: 'ubuntu-latest'
timeoutInMinutes: 360
displayName: 'Running test'
steps:
- bash: |
if [ -z "$(system.pullRequest.sourceRepositoryUri)" ]
then
python3 runTest.py \
--config "blessedImageConfig-temp.json" \
--code $(SecretCode)
else
python3 runTest.py \
--config "blessedImageConfig-temp.json" \
--pullRepo $(system.pullRequest.sourceRepositoryUri) \
--pullId $(system.pullRequest.pullRequestNumber) \
--code $(SecretCode)
fi
Secret variable added via the webUI
output and error
Generating script.
========================== Starting Command Output ===========================
[command]/bin/bash --noprofile --norc /home/vsts/work/_temp/95f6ae7c-d2e1-4ebd-891c-2d998eb4b1d9.sh
/home/vsts/work/_temp/95f6ae7c-d2e1-4ebd-891c-2d998eb4b1d9.sh: line 7: SecretCode: command not found
usage: runTest.py [-h] [--config CONFIG] [--code CODE] [--pullId PULLID]
[--pullRepo PULLREPO]
runTest.py: error: argument --code: expected one argument
##[error]Bash exited with code '2'.

SecretCode: command not found
This error caused by it's a secret variable, and it was passed in command line with the incorrect way.
You may feel confused about this. But, in fact, Microsoft ever warning about this with doc : Never pass secrets on the command line. That's by designed.
I ever meet this similar issue on my docker build. I solved it with mapping the secrets variable value into an environment variable, which also mentioned on the doc of Variable.
For your Bash task, there also has the solution about secret variable: Use the environment variables input to pass secret variables to this script' and set targetType == Inline is necessary.
So, you can add the script below into your Bash task script, to map the secret variable into the environment variable:
inputs:
targetType: 'inline'
- script:
echo $code
env:
code: $(SecretCode)