I have an inline script using Azure Powershell#5 task
- task: AzurePowerShell#5
inputs:
azureSubscription: azureServiceConnection
scriptType: inlineScript
inline: |
$storageAccountKey = Get-AzStorageAccountKey -ResourceGroupName $(resourceGroupName) -Name $(commonStorageName) | Where-Object {$_.KeyName -eq "key1"}
$sacontext = New-AzStorageContext -StorageAccountName $(commonStorageName) -StorageAccountKey $storageAccountKey.Value
New-AzureStorageContainer -Context $sacontext -Name $(processingDirectory)
This is the error that I get:
Cannot bind parameter 'Context'. Cannot convert the
"Microsoft.WindowsAzure.Commands.Storage.AzureStorageContext" value of
type "Microsoft.WindowsAzure.Commands.Storage.AzureStorageContext" to
type
"Microsoft.WindowsAzure.Commands.Common.Storage.AzureStorageContext".
I know there is another question regarding this same exact error with mismatch Az.Storage versions, but this is an ADO task. I should not need to fiddle around with installing or importing modules. I also tested this on the Azure CLI and it works.
What am I doing wrong?
It appears that New-AzureStorageContainer is part of AzureRM PowerShell. To create a container, you must use New-AzStorageContainer from Az Powershell.
Related
I am trying to run below PowerShell script via azure devops pipeline()to add a new Private endpoint to my azure Vnet. Unfortunately I'm getting below error.
Error : Get-AzWebApp : The term 'Get-AzWebApp' is not recognized as the name of a cmdlet, function, script file, or operable
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again
azure-pipelines.yml
#Starter pipeline
#Start with a minimal pipeline that you can customize to build and deploy your code.
#Add steps that build, run tests, deploy, and more:
#https://aka.ms/yaml
trigger:
- main
pool:
vmImage: 'windows-latest'
steps:
- task: AzureCLI#2
inputs:
azureSubscription: 'Azure subscription 1(XXXXXX)'
scriptType: 'ps'
scriptLocation: 'scriptPath'
scriptPath: 'PrivateEndpointTest.ps1'
PrivateEndpointTest.ps1
$webapp = Get-AzWebApp -ResourceGroupName ENDPOINTTEST -Name anuendpointtest
## Create the private endpoint connection. ##
$pec = #{
Name = 'myConnection'
PrivateLinkServiceId = $webapp.ID
GroupID = 'sites'
}
$privateEndpointConnection = New-AzPrivateLinkServiceConnection #pec
## Place the virtual network you created previously into a variable. ##
$vnet = Get-AzVirtualNetwork -ResourceGroupName 'ENDPOINTTEST' -Name 'VNET_ENDPOINT_TEST'
## Create the private endpoint. ##
$pe = #{
ResourceGroupName = 'VNET_ENDPOINT_TEST'
Name = 'myPrivateEndpoint'
Location = 'North Europe'
Subnet = $vnet.Subnets[0]
PrivateLinkServiceConnection = $privateEndpointConnection
}
New-AzPrivateEndpoint #pe
Please try the Azure PowerShell task and select the latest version.
Azure CLI requires run command below as administrator:
Install-Module Az
Import-Module Az
If you want to use Azure CLI, consider using Self-host agent.
Similar thread for your reference.
I am trying to get a diagnostic setting from within an Azure pipeline with the YAML :
steps:
- task: AzureCLI#2
displayName: Ammend Diagnostic Settings
inputs:
azureSubscription: ${{ parameters.environmentServiceConnection }}
scriptLocation: inlineScript
ScriptType: ps
inlineScript: |
#$Diago = Get-AzDiagnosticSetting -ResourceId ""
If I executed the Get-DiagnosticSetting command with my normal 'admin' account I can see the diagnostic settings fine. I am using an SPN for the pipeline and I get the error:
Get-AzDiagnosticSetting : Exception type: ErrorResponseException, Message:
Microsoft.Azure.Management.Monitor.Models.ErrorResponseException: Operation returned an invalid status code 'Forbidden'
So it is something to do with my permissions on my SPN - but I have no idea where the permission would be where I need to check (in Azure) to make sure I can get this to work.
Please assign Contributor/Monitoring Contributor from Azure Built-in Roles to the SPN that is being used by the Azure Pipeline as a service connection to the Subscription.
I tested similarly by using a SPN in PowerShell with the below code :
$ApplicationId=<ClientId>
$SecuredPassword= ConvertTo-SecureString <ClientSecret> -AsPlainText -Force
$TenantId="<tenantId>"
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $ApplicationId, $SecuredPassword
Connect-AzAccount -ServicePrincipal -TenantId $TenantId -Credential $Credential
Get-AzDiagnosticSetting -ResourceId "/subscriptions/<Subscription>/resourceGroups/ansuman-resourcegroup/providers/Microsoft.Storage/storageAccounts/cloudshellansuman123"
output:
I am trying to install the AzureAD Module with Powershell on an Agent Windows 2019 Maschine in Azure DevOps. The scope is to query Get-AzureADGroupMember and see the members of that Azure AD Group. After running the DevOps Task seems that maschine is remaining in the state below, throwing
no status. Am I missing something?
Install-Module -Name AzureAD -Scope CurrentUser -Force
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Connect-AzureAD
Get-AzureADGroupMember -ObjectId "xxxxx-xxxxx-xxxxxxxx"
The command Connect-AzureAD need to add Credential to connect the AzureAD. By default, the Service Principal ARM Connection couldn't pass the required Credential to this command.
To use the Service Principal ARM Connection to connect Azure Ad, you need to add additional task and script to achieve it.
Here is an example:
steps:
- task: AzureCLI#2
displayName: 'Azure CLI '
inputs:
azureSubscription: kevin0322
scriptType: ps
addSpnToEnvironment: true
scriptLocation: inlineScript
inlineScript: |
echo "##vso[task.setvariable variable=ARM_CLIENT_ID]$env:servicePrincipalId"
echo "##vso[task.setvariable variable=ARM_CLIENT_SECRET]$env:servicePrincipalKey"
echo "##vso[task.setvariable variable=ARM_TENANT_ID]$env:tenantId"
- powershell: |
az login --service-principal --username $(ARM_CLIENT_ID) --password $(ARM_CLIENT_SECRET) --tenant $(ARM_TENANT_ID)
$aadToken = az account get-access-token --resource-type aad-graph | ConvertFrom-Json
Install-Module -Name AzureAD -Scope CurrentUser -Force
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Connect-AzureAD -AccountId $(ARM_CLIENT_ID) -TenantId $(ARM_TENANT_ID) -AadAccessToken $aadToken.accessToken
Get-AzureADGroupMember -ObjectId "xxx"
displayName: 'PowerShell Script'
You could use Service Principal ARM Connection in Azure CLI task, then you could get the variables related Service Principal(enable addSpnToEnvironment: true ).
In Powershell task, you could use the variables from Azure CLI task to run azure cli command to get the aadtoken for Credential.
Finally, the Connect-AzureAD command could be execute successfully without manually input the username and password.
I checked the script.
The Connect-AzureAD prompts a UI for login
This could be the reason, why there is no progress.
You could pass along the credentials - this will prevent the login prompt.
Connect-AzureAD -Credential $Credential
I am trying to create Azure resources with ARM template using Azure PowerShell Pipeline.
My two ARM template JSON files are stored in the same directory where the YAML file and Powershell files are stored
Here is the code of the Powershell file
param (
#Name of the Resource Group of the Image Gallery
[Parameter(Mandatory=$true)]
[string]
$deploymentName,
#Name of the Image Gallery
[Parameter(Mandatory=$true)]
[string]
$rgName
)
New-AzResourceGroupDeployment -Name $deploymentName -ResourceGroupName $rgName `
-TemplateFile '$(System.DefaultWorkingDirectory)/Deploy.json' `
-TemplateParameterFile '$(System.DefaultWorkingDirectory)/DeployParameters.json'
Here is the code of the YAML file
# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger: none
pool: 'Default'
#vmImage: 'ubuntu-latest'
steps:
- script: echo Create, Shared Image Gallery!
displayName: 'Run a multiline-line script'
- script: |
echo Add other tasks to build, test, and deploy your project.
echo See https://aka.ms/yaml
displayName: 'Run a multi-line script'
- task: AzurePowerShell#5
inputs:
azureSubscription: 'Visual Studio Enterprise Subscription – MPN(08f41212-2053-434e-b4b3-ace08XXXXXX)'
ScriptType: 'FilePath'
ScriptPath: '$(System.DefaultWorkingDirectory)/Deploy_New.ps1'
ScriptArguments: -deploymentName "WVD" -rgName "WVDRG"
azurePowerShellVersion: LatestVersion
pwsh: true
Here is the error I am getting, I am using self-hosted agent pool running in Windows Server 2019 and PowerShell Core.
020-09-15T15:41:38.8359249Z ##[section]Starting: AzurePowerShell
2020-09-15T15:41:38.8615322Z ==============================================================================
2020-09-15T15:41:38.8615818Z Task : Azure PowerShell
2020-09-15T15:41:38.8616217Z Description : Run a PowerShell script within an Azure environment
2020-09-15T15:41:38.8616582Z Version : 5.173.1
2020-09-15T15:41:38.8616919Z Author : Microsoft Corporation
2020-09-15T15:41:38.8617547Z Help : https://aka.ms/azurepowershelltroubleshooting
2020-09-15T15:41:38.8617935Z ==============================================================================
2020-09-15T15:41:40.0811736Z Generating script.
2020-09-15T15:41:40.1352322Z ========================== Starting Command Output ===========================
2020-09-15T15:41:40.1634699Z ##[command]"C:\Program Files\PowerShell\7\pwsh.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'C:\agent\_work\_temp\1d73a74d-12ca-470b-bd53-c23358ee4e2d.ps1'"
2020-09-15T15:41:41.5971906Z Added TLS 1.2 in session.
2020-09-15T15:41:41.7815293Z ##[command]Import-Module -Name C:\Program Files\PowerShell\Modules\Az.Accounts\1.9.3\Az.Accounts.psd1 -Global
2020-09-15T15:41:42.3907347Z ##[command]Clear-AzContext -Scope Process
2020-09-15T15:41:42.7014316Z ##[command]Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue
2020-09-15T15:41:43.3364066Z ##[command]Connect-AzAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzureCloud #processScope
2020-09-15T15:41:45.2061727Z ##[command] Set-AzContext -SubscriptionId 08f41212-2053-434e-b4b3-XXXXX -TenantId ***
2020-09-15T15:41:47.5198572Z ##[error]Cannot retrieve the dynamic parameters for the cmdlet. Cannot find path 'C:\agent\_work\3\s\$(System.DefaultWorkingDirectory)\DeployHostPool.json' because it does not exist.
2020-09-15T15:41:47.6342141Z ##[error]PowerShell exited with code '1'.
2020-09-15T15:41:48.1235457Z ##[section]Finishing: AzurePowerShell
Can anyone please help here?
You need to swap those ' single quotes for double-quotes, " in New-AzResourceGroupDeployment.
In PowerShell, double quotes will allow for String Expansion which is what you want, in order to use string expansion syntax like this:
"This computer is called $($env:COMPUTERNAME)"
PS>This computer is called eLope
When you use single quotes, it will always give you a string literal, like so:
'This computer is called $($env:COMPUTERNAME)'
PS>This computer is called $($env:COMPUTERNAME)
I am trying to deploy a self-signed certificate by using the following pipeline task:
- task: AzurePowerShell#5
inputs:
azureSubscription: '${{ parameters.ArmConnection }}'
ScriptType: 'InlineScript'
azurePowerShellVersion: '2.6.0'
Inline: |
$Pwd = ConvertTo-SecureString -String '1234' -Force -AsPlainText
$Base64 = 'MI..............3000.characters.here............M+wICB9A='
Import-AzKeyVaultCertificate -VaultName '${{ parameters.resourceGroupName }}''-my-keyvault' -Name ccg-self-signed-cert -CertificateString $Base64 -Password $Pwd
The 3 Powershell commands listed above work well for me at the PowerShell command prompt.
But when I try run the above pipeline, I get the syntax error:
/pipelines/shared.yml: (Line: 164, Col: 11, Idx: 7111) - (Line: 164,
Col: 11, Idx: 7111): While scanning a simple key, could not find
expected ':'.
What is happening here please?
Is the line 164 with the code $Base64 = '.....' too long for a pipeline script?
Or do I have some other issue?
UPDATE:
After indenting the inline script (thanks, Mathias!), I get another error, surprisingly talking about a "hostname":
##[section]Starting: AzurePowerShell
==============================================================================
Task : Azure PowerShell
Description : Run a PowerShell script within an Azure environment
Version : 5.168.1
Author : Microsoft Corporation
Help : https://aka.ms/azurepowershelltroubleshooting
==============================================================================
Generating script.
========================== Starting Command Output ===========================
##[command]"C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'D:\a\_temp\13d4bf76-87b6-4ac4-9bb5-51ef481420d0.ps1'"
##[command]Import-Module -Name C:\Modules\az_2.6.0\Az.Accounts\1.7.5\Az.Accounts.psd1 -Global
##[command]Clear-AzContext -Scope Process
##[command]Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue
##[command]Connect-AzAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzureCloud #processScope
##[command] Set-AzContext -SubscriptionId XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX -TenantId ***
##[error]Invalid URI: The hostname could not be parsed.
##[error]PowerShell exited with code '1'.
##[section]Finishing: AzurePowerShell
Is -VaultName '${{ parameters.resourceGroupName }}''-my-keyvault' a correct way to prepend RG name (passed as param) to the string "-my-keyvault"?
UPDATE 2:
Using -VaultName '${{ parameters.resourceGroupName }}-my-keyvault' has fixed my problem
I would advise on selecting enable system diagnostic and run pipeline one more to get more detailed info