I am trying to use variable in azure CLI like we used in powershell.
In powershell we define variable as follows
$LOCATION = value
And used it in command as follows
az group create --name foo --location $LOCATION
What I have tried :-
I have tried to find it out in Microsoft documentation
https://learn.microsoft.com/en-us/cli/azure/get-started-with-azure-cli?view=azure-cli-latest
but I did not get any information about that.
Question :-
How we can define variable in azure CLI?(like powershell)
How we can used it in command?(like powershell)
Note:- I have installed azure CLI at my local.
The easiest way to pass variables to any CLI command is by using environment variables
An environment variable is a variable whose value is set outside the
program, typically through a functionality built into the operating
system or microservice. An environment variable is made up of a
name/value pair, and any number may be created and available for
reference at a point in time.
Below you can find examples in Bash and CMD:
Bash-
Set new environment variable-
export LOCATION=westeurope
Print the environment variable-
echo ${LOCATION}
AZ CLI example-
az group create --name foo --location ${LOCATION}
CMD-
Set new environment variable-
set LOCATION=westeurope
Print the environment variable-
echo %LOCATION%
AZ CLI example-
az group create --name foo --location %LOCATION%
It is the same way you do it in powershell,
To assign a value
sajeetharan#Azure:~$ LOCATION="eastus"
To check value is set,
sajeetharan#Azure:~$ echo $LOCATION
eastus
You could do it like this:
New-Variable -Name "location" -Visibility Public -Value "eastus"
Azure Cloud Shell
Assignment: use double quotes if you are assigning a long string (export is not needed):
AZURE_STORAGE_CONNECTION_STRING="DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=MYACCNAME;AccountKey=MYACCKEY"
Usage: invoke/surround it with ${}, example:
checking Storage Queue messages:
az storage message peek \
--connection-string ${AZURE_STORAGE_CONNECTION_STRING} \
--queue-name MYQUEUE
printing:
echo ${AZURE_STORAGE_CONNECTION_STRING}
Related
I am trying to read in the access policies using the az cmdlets but struggling to do this. I thought this would work
$foo = az keyvault show -g "my-rg" -n "my-kv"
This returns a value back and was hoping to do:
$accessPolicies = $foo.accessPolicies
However this returns a null. I did notice the output produces properties so I also tried
$accessPolicies = $foo.properties.accessPolicies
Clearly doing something wrong here. Any ideas how I do this?
You could directly query the accessPolicies properties from the Azure CLI command.
$accessPolicies = az keyvault show -g "my-rg" -n "my-kv" --query 'properties.accessPolicies'
The --query parameter needs the JMESPath query string. See http://jmespath.org/ for more information and examples.
If you want to use the PowerShell commands, you can do it like this:
$accessPolicies= (Get-AzKeyVault -vaultname "my-kv" -resourcegroupname "my-rg").AccessPolicies
We have multiple variable groups in our project and I am trying to find ways how I can export them to my local desktop.
So far I have this az script that exports a variable group but I can only do one at a time. I have several variables and I am trying to do all of them at once. Could someone please help on how I can export multiple variables and use the same name of that variable on Azure DevOps to match it when it's saved on the desktop?
az pipelines variable-group show --group-id "id number" --org "https://dev.azure.com/Organization" -p "Project" --output json > test.json
Also when I use the script, the value for secret is showing as "null" instead of "false"? Any reason why it's doing that?
You can use below command to export multiple variable groups at a time. See: az pipelines variable-group for details.
az pipelines variable-group list --org "https://dev.azure.com/Organization" --project "Project" --output json>test.json
In addition, this secret variable is encrypted in variable group by reference to this doc: Add & use variable groups, thus we can only get "null" from return result, which is by design. If you want to use secret variables in Azure Pipelines, please see: Set secret variables for guidance.
To download variable groups in different json file, I've created a script that collects all variable groups, gets their names, and creates folder and files for each variable group. It will create a subfolder VariableGroups in current folder.
$ProjectName = "projectName"
$Organization = "https://dev.azure.com/organizationName"
# Get variable-groups list
$vars = az pipelines variable-group list --organization $Organization --project $ProjectName
# Get variable-groups names list
$v = $vars | ConvertFrom-Json -AsHashtable
$variable_group_names = $v.name
# Go though every variable-group
foreach ($variable_group_name in $variable_group_names) {
$group = az pipelines variable-group list --organization $Organization --project $ProjectName --group-name $variable_group_name
# Get every variable-group Id
$g = $group | ConvertFrom-Json -AsHashtable
$groupId = $g.id
# Check if VariableGroups folder exist, if not - create it
if (!(Test-Path .\VariableGroups)){
New-Item -itemType Directory -Path .\VariableGroups
}
# Get every variable-group content and place it in corresponding folder
az pipelines variable-group show --organization $Organization --project $ProjectName --id $groupId --output json>.\VariableGroups\$variable_group_name.json
Write-Host created .\VariableGroups\$variable_group_name.json
}
I am trying to create a new Azure Key Vault secret using the Azure Cli v2.9.0 (we use this version in our pipelines and upgrading would be difficult at the moment.) via the command below,
az keyvault secret set --vault-name $myKeyVaultName -n $mySecretName --value "abc^def"
The command is accepted and a new secret is created but it drops the caret (^) from the string and results in a secret value of abcdef instead of the intended abc^def.
During my testing I have seen the below message from Powershell but it's very rare :
Unable to encode the output with cp1252 encoding. Unsupported characters are discarded.
Strange as tjhe caret is in the character set - https://en.wikipedia.org/wiki/Windows-1252#Code_page_layout
Is there a way to run this command and get Key Vault to accept the value with the caret?
I can reproduce your issue.
Actually, it depends on your environment, this issue just occurs when you run the command in Powershell, if you run the CLI command in Bash, it works fine.
az keyvault secret set --vault-name joykeyvault -n testkey12 --value "abc^def"
So if you want to run this command in Powershell environment, just use the line below.
az keyvault secret set --vault-name joykeyvault -n testkey12 --value '"abc^def"'
If you have any special value to store in AKV please use double quote under single quote '"abcx^09|"' instead of "abcx^09|"
AKV Stored Value = abcx^09|
I'm trying to save a key value to pass on to the next step in my release pipeline, but no matter what I do I can't save the result of my command to a variable. I've already checked many of the articles here dealing with this with no success. Here is what I am trying:
$KEY=(az storage account show-connection-string --key primary -n myStorageAccount -g myResourceGroup --query "connectionString" -o tsv)
echo "Attempting to set variable"
echo $KEY
echo ##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]$KEY
echo $AZURE_STORAGE_CONNECTION_STRING
Running on Windows Agent by the way. I've tried all kinds of variations: SET KEY=, SET $KEY=, SET $(KEY)=, $KEY=, $(KEY)=, KEY=, none of it works. Likewise I've tried referencing the variable differently in the echo statements with no luck. If I just run the az storage account command, I do get back the connection string. But either I get that $KEY is not a recognizeable command or if I'm using SET, echo simply gives me back $KEY and the vso line gives me nothing.
I can accomplish most of this, including saving to variable, in Azure Cloud Shell (via syntax $KEY= and echo $KEY). But of course that doesn't help my pipeline. Any idea the proper syntax to get this value into my next release pipeline step, or is the another method to accomplish this?
Can't set variable using Azure CLI within DevOps Release Pipeline
If you are using Azure CLI version 1.*, try to use following scripts:
for /f "tokens=1 USEBACKQ" %%F in (`Yourcommand`) do echo ##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]%%F
If you are using Azure CLI version 2.*, you can also use a powershell command:
$KEY= & YourCommand
Write-Output("##vso[task.setvariable variable=AZURE_STORAGE_CONNECTION_STRING;]$KEY")
Check this thread for some more details.
Hope this helps.
I am getting crazy to achieve this very simple task.
I need to set an Output Variable in an Azure CLI task on Visual Studio Team Services, because next task in the Release definition will be executed according to the value of this variable.
I wrote this simple code
call az extension add --name azure-cli-iot-ext
call echo ##vso[task.setvariable variable=iotEdgeExists;]$(az iot hub query -n $(iotHub) -q "select * from devices.modules where devices.deviceId ='$(iotEdge)'")
which works, but not as exepected, in fact when I read the Ouput Variable in the next Azure CLI task and I try to print it on the screen I get the command string instead of the output...
call echo"$(az iot hub query -n <IOT_HUB> -q "select * from devices.modules where devices.deviceId ='<IOT_EDGE>'")"
What am I doing wrong?
If using Azure CLI version 2.* , you can use a powershell command rather than batch script wizardry. Microsoft's documentation found here
For example if you needed access token to update azure database it would look like so:
$token= & az account get-access-token --resource=https://database.windows.net --query accessToken
Write-Output("##vso[task.setvariable variable=sqlToken;]$token")
Don't forget to login first if testing locally:
az login
Install Azure cli here
Refer to this code below:
call {your command}>tmpFile1
set /p myvar= < tmpFile1
echo "##vso[task.setvariable variable=testvar;]%myvar%"
or
FOR /F "tokens=* USEBACKQ" %%F IN (`{your command}`) DO (
SET var=%%F
)
echo "##vso[task.setvariable variable=testvar;]%var%"
Mechaflash's answer in How to set commands output as a variable in a batch file
Inspired from the answer above but with some variation.
Works in an Azure CLI task on a Hosted Ubuntu agent in Microsoft DevOps as of July 2019.
This example runs an az command to fetch the full resource name of a storage account and sets it in the variable _StorageAccountNameVar for use in another pipeline task.
myvar=`az storage account list -g MyResourceGroup --query "[?contains(name, 'config')].name" -o tsv`
echo $myvar
echo "##vso[task.setvariable variable=_StorageAccountNameVar;]$myvar"
I've got some trouble (error code 255) with
FOR /F “tokens=* USEBACKQ” %%F IN (`az account get-access-token --resource=https://database.windows.net/ -query accessToken`) DO (
SET var=%%F
)
echo ##vso[task.setvariable variable=sqlToken;]%var%
So I used this (and that work for me)
for /f "tokens=1 USEBACKQ" %%F in (`az account get-access-token --resource=https://database.windows.net/ --query accessToken`) do echo ##vso[task.setvariable variable=sqltoken;]%%F