allowedPattern is mentioned in System Manager documentation as parameter value:
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-doc-syntax.html
But I'm failing to add it to my existing doc:
InvalidDocumentContent: Unknown property "AllowedPattern".
schemaVersion: '2.2'
description: Cat file from temp
parameters:
path:
type: String
description: path to file
AllowedPattern: ^\/tmp\/ssm-...$
mainSteps:
- action: aws:runShellScript
name: runShellScript
inputs:
timeoutSeconds: '30'
runCommand:
- if [ -f {{ path }} ]; then cat {{ path }}; else echo None; fi
Related
I would like to add a server to an ausostaling-group using SSM document, if the group has n instances running - i want to have (n+1).
Since this stack is managed by cloudformation, i just need to increase the 'DesiredCapacity' variable and update the stack. so i created a document with 2 steps:
get the current value of 'DesiredCapacity'
update stack with value of 'DesiredCapacity' + 1
I didnt find a way to express this simple operation, i guess im doing something wrong ...
SSM Document:
schemaVersion: '0.3'
parameters:
cfnStack:
description: 'The cloudformation stack to be updated'
type: String
mainSteps:
- name: GetDesiredCount
action: 'aws:executeAwsApi'
inputs:
Service: cloudformation
Api: DescribeStacks
StackName: '{{ cfnStack }}'
outputs:
- Selector: '$.Stacks[0].Outputs.DesiredCapacity'
Type: String
Name: DesiredCapacity
- name: UpdateCloudFormationStack
action: 'aws:executeAwsApi'
inputs:
Service: cloudformation
Api: UpdateStack
StackName: '{{ cfnStack }}'
UsePreviousTemplate: true
Parameters:
- ParameterKey: WebServerCapacity
ParameterValue: 'GetDesiredCount.DesiredCapacity' + 1 ### ERROR
# ParameterValue: '{{GetDesiredCount.DesiredCapacity}}' + 1 ### ERROR (trying to concat STR to INT)
# ParameterValue: '{{ GetDesiredCount.DesiredCapacity + 1}}' ### ERROR
There is a way to do calculation inside an SSM document using python runtime.
The additional python step do the following:
Python runtime get variables via the the 'InputPayload' property
The 'current' (str) key added to the event object
The python function script_handler called
The 'current' extracted using event['current']
Converting string to int and adding 1
return a dictionary with the 'desired_capacity' key and value as string
expose the output ($.Payload.desired_capacity referred to the 'desired_capacity' of the returned dictionary)
schemaVersion: '0.3'
parameters:
cfnStack:
description: 'The cloudformation stack to be updated'
type: String
mainSteps:
- name: GetDesiredCount
action: 'aws:executeAwsApi'
inputs:
Service: cloudformation
Api: DescribeStacks
StackName: '{{ cfnStack }}'
outputs:
- Selector: '$.Stacks[0].Outputs.DesiredCapacity'
Type: String
Name: DesiredCapacity
- name: Calculate
action: 'aws:executeScript'
inputs:
Runtime: python3.6
Handler: script_handler
Script: |-
def script_handler(events, context):
desired_capacity = int(events['current']) + 1
return {'desired_capacity': str(desired_capacity)}
InputPayload:
current: '{{ GetDesiredCount.DesiredCapacity }}'
outputs:
- Selector: $.Payload.desired_capacity
Type: String
Name: NewDesiredCapacity
- name: UpdateCloudFormationStack
action: 'aws:executeAwsApi'
inputs:
Service: cloudformation
Api: UpdateStack
StackName: '{{ cfnStack }}'
UsePreviousTemplate: true
Parameters:
- ParameterKey: WebServerCapacity
ParameterValue: '{{ Calculate.NewDesiredCapacity}}'
I have the following setup, a template file, and a pipeline that extends the template. I am wondering is it possible to dynamically add all parameters to extends' parameter?
Template.yml
parameters:
- name: Location
type: string
default: 'eastus'
Washington.yml
parameters:
- name: Location
type: string
default: 'westus'
extends:
template: Template.yml
parameters:
Location: ${{ parameters.Location }}
I can do something like this but I think it doesn't work because the shadowed parameters variable will be used instead of root level parameters.
parameters:
- name: Location
type: string
default: 'westus'
extends:
template: Template.yml
parameters:
- ${{ each param in parameters }}
${{ param.Name }}: ${{ param.Value }}
This works for me:
parameters:
- name: Location
type: string
default: 'westus'
extends:
template: Template.yml
parameters:
${{ each param in parameters }}:
${{ param.Key }}: ${{ param.Value }}
So you had small syntax issues.
It printed:
Assuming that template is:
parameters:
- name: Location
type: string
default: 'eastus'
steps:
- script: echo ${{ parameters.Location }}
I want to parameterize the task of setting a variable from a keyvault.. so it's easier to use it across my jobs with a different value than the secret itself..
I cannot seem to get the output variable to set correctly at all
parameters:
- name: az_subscription
type: string
- name: az_keyvault
type: string
- name: secrets_filter
type: string
- name: run_pre_job_bool
type: boolean
default: false
steps:
- task: AzureKeyVault#1
inputs:
azureSubscription: ${{ parameters.az_subscription }}
keyVaultName: ${{ parameters.az_keyvault }}
secretsFilter: ${{ parameters.secrets_filter }}
runAsPreJob: ${{ parameters.run_pre_job_bool }}
displayName: "Retrieve and set Service Principle (SP) Key"
- bash: |
echo Start showing...
echo '$(${{parameters.secrets_filter}})'
echo $('${{parameters.secrets_filter}}')
echo 1
echo "$(${{parameters.secrets_filter}})"
echo $("${{parameters.secrets_filter}}")
echo 2
echo 3
echo 4
echo $(hard-coded-secret-filter) ***this masks properly and is only one that works***
echo 5
echo '$(${{parameters.secrets_filter}})'
echo 6
echo $(${{parameters.secrets_filter}})
echo 7
echo "$(MY_MAPPED_ENV_VAR)"
My_Value=
echo ##vso[task.setvariable variable=MY_VAR;isOutput=true]${{parameters.secrets_filter}}
name: use_keyvault
displayName: "Set MY_VAR variable"
env:
MY_MAPPED_ENV_VAR: ${{ parameters.secrets_filter }}
how can I get away from hardcoding the $(hard-coded-secret-filter) ? so I can get to use $()
I have template
dockerbuild.yml
steps:
- task: Bash#3
displayName: Build an image to container registry
inputs:
script : echo $(PATH)
then a variable file
var.build.yml
- name: PATH
value: 'docker/path'
- name: PATH1
value: 'docker/oldpath'
- name: PATH2
value: 'docker/newpath'
azurepipeline1.yml
resources:
repositories:
- repository: templates
type: git
name: components/pipeline_templates
trigger:
- none
pool:
name: PoolA
variables:
- template: variabletemplates/var.build.yml#templates
jobs:
steps:
- template: CI-CD/dockerbuild.yml#templates # Template reference
parameters:
PATH: ${{ variables.PATH }}
- template: CI-CD/dockerbuild.yml#templates # Template reference
parameters:
PATH: ${{ variables.PATH1 }}
- template: CI-CD/dockerbuild.yml#templates # Template reference
parameters:
PATH: ${{ variables.PATH2 }}
The above code works
But if I change the parameter to
parameters:
PATH: ${{ variables.PATH1 }}
OR
parameters:
PATH: ${{ variables.PATH2 }}
In the output it shows
Output:
docker/path
$(PATH1)
$(PATH2)
I need to reuse the template with many times within the pipeline with different paths. Please help in resolving the issue
Your template needs a parameters block.
parameters:
- name: PATH
type: string
steps:
- task: Bash#3
displayName: Build an image to container registry
inputs:
script : echo ${{ parameters.PATH }}
I wonder if it is possible to mix map arguments in Azure Pipelines template yaml, and how to do it.
These two scenarios shown bellow do same thing: place template parameter as env argument in a task, but in the second I'm trying to do it through two maps instead of a single one. That could be useful when I have different purposes to those values (at the eyes of someone who is extending the template) but both are going to be used as 'env' under the hood.
This works fine:
Main Pipeline:
...
extends:
template: templates/deploy/v1/deployment.job.yaml#infrastructure-templates
parameters:
name: dev
variableGroup: 'AzureDevopsVariableGroupName'
secretEnvVariables:
SECRET1: ${SECRET1}
SECRET2: ${SECRET2}
Target Template:
parameters:
- name: secretEnvVariables
type: object
jobs:
...
steps:
- bash: |
#!/bin/bash
echo "SECRET1 = ${SECRET1}"
...
displayName: Substitute Env VARS on files
enabled: true
env:
${{ parameters.secretEnvVariables }}
This doesn't work (and I wonder if it is possible to make it work):
Main Pipeline:
...
extends:
template: templates/deploy/v1/deployment.job.yaml#infrastructure-templates
parameters:
name: dev
variableGroup: 'AzureDevopsVariableGroupName'
secretEnvVariables:
SECRET1: ${SECRET1}
SECRET2: ${SECRET2}
moreVariables:
VAR1: ${VAR1}
Target Template:
parameters:
- name: secretEnvVariables
type: object
- name: moreVariables
type: object
jobs:
...
steps:
- bash: |
#!/bin/bash
echo "SECRET1 = ${SECRET1}"
echo "VAR = ${VAR1}"
...
displayName: Substitute Env VARS on files
enabled: true
env:
${{ parameters.secretEnvVariables }}
${{ parameters.moreVariables }}
Can it be done? How to do it?
I am doing something similar and this isn't well documented but can use objects to accomodate for this.
Here it is the combo of environment and region deployment:
- name: environmentObjects
type: object
default:
- environmentName: 'dev'
regionAbrvs: ['eus']
- environmentName: 'uat'
regionAbrvs: ['eus', 'cus']
From there it would be a loop to access each one like:
- ${{ each environmentObject in parameters.environmentObjects }} :
- ${{ each regionAbrv in enviornmentObject.regionAbrvs }} :
This should work for your scenario as well.