I am trying to pass the below variable to a inline script in the Azure CLI Job in Azure release Pipelines, to get the principal ID of an identity:
miid=$(az identity show -g Resourcegroup -n prodaks-agentpool --query "principalId" -o tsv)
I am then running the below commands to set a policy in keyvault for the identity.
call az keyvault set-policy -n proddigitalkeyvault1 --key-permissions get --object-id $miid
call az keyvault set-policy -n proddigitalkeyvault1 --secret-permission get --object-id $miid
call az keyvault set-policy -n proddigitalkeyvault1 --certificate-permissions get --object-id $miid
I receive the error: "miid is not recognized as an internal command". Is it possible to add this variable into the inline script? This script works fine when running from my own machine.
I switched my type of script to shell and removed the "call" command. This script now runs ok in Azure Devops
Related
While creating webapps using Az cli in Azure, the command line have no option to mention the location parameter. However while creating from azure portal,there is a option where in we can select the region .
Following is the link to the command and the command itsel
https://learn.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest
az webapp create --name
--plan
--resource-group
[--assign-identity]
[--deployment-container-image-name]
[--deployment-local-git]
[--deployment-source-branch]
[--deployment-source-url]
[--docker-registry-server-password]
[--docker-registry-server-user]
[--https-only {false, true}]
[--multicontainer-config-file]
[--multicontainer-config-type {COMPOSE, KUBE}]
[--role]
[--runtime]
[--scope]
[--startup-file]
[--subnet]
[--tags]
[--vnet]
You can use az webapp up CLI command which has a location switch like
az webapp up -n MyUniqueAppName --runtime "java:11:Java SE:11" -l locationName
BTW, if you even don't specify the location while using az webapp create it will be default to the region of "Resource Group" or if you are specifying app service plan then that region would be in use
You can use this cmdlet for specifying the location while creating the web app in Azure:
New-AzwebApp [[-ResourceGroupName] <String>] [-Name] <String> [[-Location] <String>] ...
Of course, the next question will be some parameters like specifying runtime environment missing in the New-AzWebApp cmdlet, we need to use different combination of cmdlets for our requirement.
Please refer to one of these workarounds that shows how to choose the runtime environment when using the New-AzWebApp cmdlet.
Refer here for more information on New-AzWebApp cmdlet parameters.
I essentially have to run a Python script that has AZ CLI commands baked into the script and get spawned as processes from the subprocess module. In order for these commands to run, I need to be logged in to AZ CLI.
I have a AZ CLI task in my pipeline of which setting the addSpnToEnvironment = true provides me the $env:servicePrincipalId, $env:servicePrincipalKey and $env:tenantId. My question is, how can I use these details to now sign in to AZ CLI so that the context is maintained in the task and the AZ CLI commands in my Python script recognize this and can execute?
You can log into az cli using the service principal. See below:
az login --service-principal --username $env:servicePrincipalId --password $env:servicePrincipalKey --tenant $env:tenantId
See document here for more information.
I'm trying to run the sample script found here: https://learn.microsoft.com/en-au/azure/service-fabric/service-fabric-quickstart-containers-linux#create-a-service-fabric-cluster
#!/bin/bash
# Variables
ResourceGroupName='containertestcluster'
ClusterName='containertestcluster'
Location='eastus'
Password='q6D7nN%6ck#6'
Subject='containertestcluster.eastus.cloudapp.azure.com'
VaultName='containertestvault'
VmPassword='Mypa$$word!321'
VmUserName='sfadminuser'
# Login to Azure and set the subscription
az login
az account set --subscription <mySubscriptionID>
# Create resource group
az group create --name $ResourceGroupName --location $Location
# Create secure five node Linux cluster. Creates a key vault in a resource group
# and creates a certficate in the key vault. The certificate's subject name must match
# the domain that you use to access the Service Fabric cluster. The certificate is downloaded locally.
az sf cluster create --resource-group $ResourceGroupName --location $Location --certificate-output-folder . --certificate-password $Password --certificate-subject-name $Subject --cluster-name $ClusterName --cluster-size 5 --os UbuntuServer1604 --vault-name $VaultName --vault-resource-group $ResourceGroupName --vm-password $VmPassword --vm-user-name $VmUserName
From the command prompt or PowerShell, I run "az login" and login, then I copy & paste this script into the console but get errors when it comes to the variables.
I see you use the Shell script, it's more appropriate to run in Linux. For Windows, the PowerShell script is more suitable. And in Windows, the variables need to be set like this:
$varName = 'xxxx'
So you need to change all the variables like above. And I suggest you change the script into a PowerShell script.
I get this error in windows CMD "stat: path too long for Windows" whenever I execute this command below in my azure cli in windows CMD.
az group deployment create -g "testacsengine" --template-file azuredeploy.json --parameters #azuredeploy.parameters.json
In windows, if you already install the Azure CLI model, you can execute the CLI command in CMD or Windows PowerShell ISE.
For the deployment of Azure template, you can just use the command az group deployment create -g "charlesTest" --template-file template.json in the directory of your template.
Or use the absolute path like this az group deployment create -g "charlesTest" --template-file D:\template.json. Of curse, you need to get authentication with the command az login first.
If you still get the error when you do this, the error must be inside your template. You should check your template correctly.
For more details about template deployment, see az group deployment create.
I´m using az functionapp create for creating function ap in Azure, where apparts of creating the function app it also hooks it to a bitbucket repo. I´m using parametere --deployment-source-url -u but it seems is not working this way and is giving me an error. This is done by a jenkin file pipeline
node {
stage('Azure Login') {
withCredentials([azureServicePrincipal('6-8afd-ae40e9cf1e74')]) {
sh 'az login --service-principal -u $AZURE_CLIENT_ID -p $AZURE_CLIENT_SECRET -t $AZURE_TENANT_ID'
sh 'az account set -s $AZURE_SUBSCRIPTION_ID'
}
}
stage('Build Azure FuntionApp') {
sh 'az functionapp create -g $RG_NAME -p $SP_NAME -n grey-$JOB_NAME-$BUILD_NUMBER -s $SA_NAME --deployment-source-url https:// bitbucket.org/xxxx/functions/s***strong text***rc/develop --debug'
}
If I put --deployment-source-url -u https://user#bitbucket.org I get:
ERROR: az functionapp create: error: argument
--deployment-source-url/-u: expected one argument
I tried without the -u just : --deployment-source-url https://#bitbucket.org
and the job gets done, but the link with bitbucket repos is not made. Getting this:
So how is it that this work? how come if I put user it says invalid argument and if I don´t it pases but It can find user. Does anyone ever used this command to create a function app? thanks!
If you want to create azure function via azure-cli, you could change the deployment resource url after --deployment-source-url. You could refer to my command to create a function with a blob trigger, replace the url of yours. It works fine on my side.
Note: The Access level should be public, you could check it in Settings like the screenshot below.
az functionapp create --deployment-source-url https://bitbucket.org/xxx/azure-function --resource-group resourcegroupname --consumption-plan-location westeurope --name joyfun22 --storage-account <storage_name>
Besides, you also can use a github repository to create a function.
For example, to use the command below to create a function with a blob trigger.
az functionapp create --deployment-source-url https://github.com/Joyw1/Azure-Function-Trigger --resource-group myResourceGroup --consumption-plan-location westeurope --name <app_name> --storage-account <storage_name>
Update:
If your Access level is private. You need a access token to access your bitbucket repository. Please follow the steps bellow.
1.Go to the Bitbucket Labs -> Access Management -> OAuth -> Add consumer
More details, refer to this link.
2.Enable authenticated git deployment with Azure CLI
#!/bin/bash
gitrepo=<Replace with your GitHub repo URL e.g. https://github.com/Azure-Samples/functions-quickstart.git>
token=<Replace with a GitHub access token>
# Enable authenticated git deployment
az functionapp deployment source update-token \
--git-token $token
For complete command, refer to this link.