I have below variables.
variable value
stage dev
admin $($(stage)-admindata)
dev-admindata 4000
But these multiple substitutions are not working for variable admin.
Please let me know how to solve this.
admin values should be 4000 when I use it in yaml or in json file, Currently I am getting $(dev-admindata)
At this moment, the value of nested variables (like $($(stage)-admindata)) are not yet supported in the build/release pipelines.
If you want to give different values to the admin variable depending on the value of stage varibale. As a work around you can write a script in the powershell task to judge, e.g. If the value of the stage variable is dev, then assign the value of the dev-admindata variable to the admin variable.
if ($(stage) -eq "dev"){
$admin = $(dev-admindata)
}
else{
xxxxx
}
For the similar issue ,you can refer to this case.
Related
I build various VMS in different regions. Currently i have created a variable group for each region.
However without unlinking and linking variable groups for each region all the time to a pipleline, if i link them all how can i refer to a specific variable in a variable group in powershell ?
eg variable group called region1 has a variable called vnetname which equals vnet-region1
variable group called region2 also has a variable called vnetname which has the value vnet-region2
so i if link both those variable groups to my pipeline and want to build a vm in region 1, how can I refer to the variable "vnetname" in the region1 variable group in the inline powershell script ?
It is not recommended to define a variable with the same name in different variable groups.
When you use the same variable name in different variable group in the same pipeline the variable group included last in your YAML file will set the variable's value.
That means that the variable value in the variable group written later will overwrite the variable value in the variable group written first.
Here is the reference SO thread for more information about usage of multiple variable groups have same Same variable but different variable values in the pipelines.
I was wondering if it's possible to grab different data dynamically based on variables like so
data.terraform_remote_state.vm.outputs.vm_***var.vmname***
Or something similar? i dont have the option to redesign the outputs currently, and this would greatly lower the chance of making failure upon creating new terraform deployments
thanks!
There are Input Variables available in Terraform. These variables allow you to define inputs expected at the time of terraform apply. The values may be entered via an interactive terminal or provided in a .tfvars file.
variable "vmname" {
type = string
description = "The name of the virtual machine."
}
Then you can use them by expansion:
"data.terraform_remote_state.vm.outputs.vm_${var.vmname}"
For additional reference, see https://www.terraform.io/docs/language/values/variables.html
How can I assigned the $NewIP variable precalculated in this step to a DevOps pipeline variable called $pipeline_ip?
You should use logging command if you want to assign powershell variable to Azure DevOps variable
echo "##vso[task.setvariable variable=pipeline_ip;]$NewIP"
Update after clarification:
If you use syntax like:
$NewIP = $(pipeline_ip)
Then $(pipeline_ip) would be replaced with the value before script will be executed.
And if you use syntax like
$NewIP = $env:PIPELINE_IP
then you will refer to environment variable and since all DevOps variables are mapped (except secret variables - here you need to express this excplicitly) it would also work.
However, these are two ways of doing that.
You can use two methods:
$NewIP = $(pipeline_ip) Macro syntax variables
$NewIP = $env:PIPELINE_IP Set variables in pipeline
My team is working to integrate an infrastructure-as-code scanning solution into our build pipelines and we've discovered that the string "GCP" is being replaced with three asterisks when tasks are being executed in our build pipelines. This isn't unique to one task either whereas I created a bash script to execute and list our our repository and all directories that start with "GCP" are replaced by the three asterisks. The only variable set using the "GCP" value is the "system.teamProject" variable and we are not using any secret values that I know of and there are no variable groups used.
Any help would be greatly appreciated. Thanks!
Bash Asterisk Output "ls -a"
IaC Scanning Asterisk Task Failure
If you have set any secret variables in your pipeline, or have linked any variable groups that contain secret variables (include the secrets from the connected external and remote services services), generally the values of these secrets will be masked as asterisks.
When you try to print the values of the secrets to the output logs, the values will display as asterisks in the logs. If you try to output the values into a text file, the values will still display as asterisks in the file.
In addition, if a string that is not set as secret but its substrings are the values of some existing secrets in the pipeline, these substring parts may be masked as asterisks when trying to output this string.
If you do not set any secrets, for us to investigate this issue further, would you like to share us with the actual value that was masked as asterisks in the the logs? We well investigate and evaluate whether this string contains some special or sensitive characters that may be automatically identified as secrets by Azure DevOps.
Is it possible to use variable inside a variable in Powershell script with Azure Pipelines variables?
SCENARIO
Two variables are set in Azure Pipelines Variable group - DeploymentCredentials
a. DeployUATApiPassword = "123456"
b. DeployPRODApiPassword = "789654"
Another variable is set in the Variables section of the pipeline as DeploymentEnvironment
At runtime, the value of the DeploymentEnvironment variable is set as either UAT or PROD
Based on the enviornment, I want to fetch the password which is stored as a variable, defined in the variables group. At runtime, it should work something like...
# setting the value of the variable to UAT
Write-Host "##vso[task.setvariable variable=DeploymentEnvironment]UAT"
Now DevelopmentEnvironment variable has the value UAT, In another step, I want to fetch the Password for the UAT deployment environment, which is only known at runtime.
# I want to get the Password
# The following works! but not useful for me, UAT is hard-coded!!
$deployPwd = $(DeployUATApiPassword) # works! but not useful for me, UAT is hard-coded!!
# I want to get the Password
# the following doesn't work, I only know the environment at runtime
# Replaces the inner variable to `DeployUATApiPassword`
# Raises an error, DeployUATApiPassword : The term 'DeployUATApiPassword' is not recognized as the name of a cmdlet...
$deployPwd = $(Deploy$(DeploymentEnvironment)ApiPassword)
# All the following didn't work either, but no error...
Write-Host $('Deploy$(DeploymentEnvironment)ApiPassword') # Output: DeployUATApiPassword
Write-Host $($("Deploy$(DeploymentEnvironment)ApiPassword")) # Output: DeployUATApiPassword
Write-Host { 'Deploy$(DeploymentEnvironment)ApiPassword' } # Output: 'DeployUATApiPassword'
Write-Host { Deploy$(DeploymentEnvironment)ApiPassword } # Output: DeployUATApiPassword
Write-Host { $(Deploy$(DeploymentEnvironment)ApiPassword) } # Output: $(DeployUATApiPassword)
Similarly, I tried to fetch the pwd in several ways, nothing worked.
For instance, one of the ways was to create another variable DeployApiPassword and I did set the value of the variable to Deploy$(DeploymentEnvironment)ApiPassword. No luck in this either...
$deployPwd = $(DeployApiPassword) # Output: DeployUATApiPassword
DESIRED OUTPUT
I want to fetch the password from one of the variables which is set in a variables group. The password variable name contains the deployment environment. Deployment environment is only set at runtime.
# I know something is wrong with the following, but that's how I want to run.
$deployPwd = $(Deploy$(DeploymentEnvironment)ApiPassword)
Write-Host $deployPwd # output: *** (of course, the pwd is hidden, but at least it fetches)
Variables set in Azure Pipelines Variable group would be used as environment variables in PowerShell task. So, basically, you need to get the value as :
$environment = $env:DeploymentEnvironment
$deployPwd = $env:DeployUATApiPassword
At the same time, as your want to dynamically get the password based on the environment, you may try the following:
$environment= $env:DeploymentEnvironment
Write-Host "Deployment Environment is " $environment
$realName = $("Deploy${environment}ApiPassword")
$pwd = [Environment]::GetEnvironmentVariable($realName)
#I used UAT password, check it here
Write-Host $pwd.Equals("123456")
Output:
I noticed that the value returned by 'Deploy$(DeploymentEnvironment)ApiPassword' is a string type, however $() accepts a variable not a string.
In the secret variables official document, it says the secret cannot be referenced directly like normal variable. You have to manually explicitly map them in using the Environment section.
You will need to use if statement. And in the Environment Variables sections
Map the secret variables to variables UATpassword and PRODpassword and Then refer to them in the scripts using $env:UATpassword
From below log, we can see the password is retrieved in the script.