May you please suggest how to lowercase the environment name in Azure DevOps pipelines.
When environment name is "Test" I want account name to be myprefixtest.
I don't think there is an option to do to lower when you use the task (like in your Azure CLI task), but you can add a small PowerShell script that does it before the Azure CLI task:
$envName = "$(Release.EnvironmentName)"
$lower = $envName.ToLower()
Write-Host "##vso[task.setvariable variable=Release.EnvironmentName;]$lower"
Have you seen lower? This might help with what you are trying to do.
Related
After some internet search, I wasnt able to find a proper way or suggestion on how to access variables from different pipelines. Lets say, from Pipeline A access variables of Pipeline B.
What I did find, is the idea to use Key Vault, which I am not able to use right now. I was wondering if there is a workaround, lets say, with powershell.
All of this is happening in an Azure Devops environment, where I am trying to access/read variables from different pipelines.
Any ideas?
Kind regards
Leo.
You can make use of variable groups to call variables in multiple pipelines within a project.
You just need to reference that variable in the YAML script or release pipeline with the variable group and use it in any pipeline, Refer below :-
I went to my project > Pipelines > Library > Variable Group > And added a variable > You can add multiple variables here storing your secrets or values.
Using the variable group in a yaml pipeline :-
trigger:
- main
pool:
vmImage: ubuntu-latest
variables:
- group: SharedVariables
steps:
- script: |
echo $(databaseserverpassword)
Now, when you run the pipeline, It will ask you to permit the use of variable group for the pipeline.
This will enable access to all the variables in the SharedVariables group.
Output :-
We got our databaseservername value masked.
You can also enable this variable group for all the pipeline in the project by default.
You can use the same variable group in your Classic pipeline or release pipeline in release or specific stages like below :-
Reference :-
Variable groups for Azure Pipelines - Azure Pipelines | Microsoft Learn
For PowerShell - Azure DevOps: how to manage CI/CD variable groups using PowerShell – Radu Narita (ranari.com)
I'm working with a subscription that has a few different deployed environments (dev, test, staging, etc.). Each environment has its own storage account, containing an associated Terraform state file. These environments get deployed via Azure DevOps Pipelines.
It's easy enough to get at the .tfstate files that have been created this way, through the portal, CLI, etc.
But is it possible to access these state files using the 'terraform state' commands, for example using Azure Cloud Shell? If so, how do you point them at the right location?
I've tried using the terraform state commands in a Cloud Shell, but it's not clear how to point them to the right location or if this is indeed possible.
For these requirement, you need AzurePowerShell task to achieve your requirement.
1, First, if you can achieve your requirement via powershell feature in azure portal, then it is possible using the AzurePowerShell task to achieve the same thing(AzurePowerShell is running on the agent based on the service connection/service principal you provided.).
- task: AzurePowerShell#5
inputs:
azureSubscription: 'testbowman_in_AAD' #This service connection related to service principal on Azure side.
ScriptType: 'InlineScript'
Inline: |
# Put your logic here.
# Put your logic here.
azurePowerShellVersion: 'LatestVersion'
2, Second, you can use AzCopy to download the file and then do operations to it. DevOps microsoft host agent support this tool.
running this command : terraform state pull > state.tfstate (you can give like thils dev.tfstate extension tfstate is important)in the Azure cloud shell.
All you need to move to the terraform file directory
enter image description here
and run this command terraform state pull > dev.tfstate
enter image description here
Background: I want to create a tag on azure resources created via bicep which is orchestrated via my azure devops pipeline(s). The tag in question I would like is the user who created them I.E the person who ran the release pipeline.
I'm not aware of any pre-defined variables that can capture the current ADO user, and I've also tried in PowerShell, however the below snippet only captures the build agent user on the microsoft hosted agent
$currentUserTemp=[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
Write-Host "##vso[task.setvariable variable=currentUser;]$currentUserTemp"
This can help you get the VSID of the user who queue the pipeline:
Build.QueuedById
And these are the official documents:
https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml
https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#how-are-the-identity-variables-set
I have a PowerShell script where I have multiple output variables generated with the following syntax :
Write-Host ("##vso[task.setvariable variable=appObjectId;issecret=false]"+$appObjectId)
In the PowerShell task in Azure DevOPS, I have set the Output variables as follow:
Then, I use my output variables in an Azure Resource Group deployment as follow:
Unfortunately, when I look into the deployment details in Azure, I can see that the parameters of my ARM are not filled out with the value of the output parameters but with the name of it:
Important information: the ARM deployment task is done inside a task group. My PowerShell script is in the pipeline, just before the call to the Task Group. I tried to put the script inside the Task Group but I have the exact same issue.
I found the root cause: I need to enclose the parameter "$(myParam)" in the tasks where I need to use it. Otherwise, it is not computed.
I think you might have gotten the format wrong for defining the output variable from your Powershell script, this should work -
Write-Host "##vso[task.setvariable variable=appObjectId;isOutput=true]$appObjectId"
Update
Also add is isoutput=true, the defaults to false.
Cause you are not set the variable to appObjectId correctly. There is not AADApplication.appClientid. Then Azure DevOps treat this to string. That's why the parameters of my ARM are not filled out with the value of the output parameters but with the name of it.
No need to use () to include the follow set variable command.
SetVariable: Initialize or modify the value of a variable
##vso[task.setvariable]value
You should use the following syntax :
Write-Host "##vso[task.setvariable variable=appClientID;issecret=false;isoutput=true]value"
More details please refer our official doc here.
I have a simple Build setup in Team Services. The build simply downloads source code from a Team Services hosted Git repo and then executes a Powershell script.
The Powershell Script receives 4 parameters;
-SiteName "$(AppServiceName)" -AzureRMTenantID "$(AzureRMTenantID)" -AzureRMUN "$(AzureRMUN)" -AzureRMPW "$(AzureRMPW)"
AppServiceName is entered manually when the build is queued.
The 3 AzureRM* parameters should be coming from a Variable Group which I have linked to the Build Definition;
The Variable Group AzureDevOps is configured to Link the Secrets from Azure Key Vault as variables;
Based on everything I have been able to find regarding this pattern, it seems like it should just work.
As an interim sanity check, I am printing the variables out in my powershell script just so I can confirm they are being passed correctly.
Thus far, I have not been able to get the values of any of the AzureRM* variables to print correctly which leads me to believe they are NOT being passed as expected.
Generating script.
Formatted command: . 'd:\a\1\s\AppServices\Create Canned App Service Application.ps1' -SiteName "Testers" -AzureRMTenantID "" -AzureRMUN "" -AzureRMPW ""
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -File "d:\a\_temp\23b9a27a-4b6d-4232-8e24-150173e08915.ps1"
Working Set of Variables:
SiteName: Testers
ResourceGroup: Applications
ASE Name: appservices-ase
Location: East US
Additional Variables:
AzureRMTenantID:
I am not expecting the variables to be printed in the log command here;
Formatted command: . 'd:\a\1\s\AppServices\Create Canned App Service Application.ps1' -SiteName "Testers" -AzureRMTenantID "" -AzureRMUN "" -AzureRMPW ""
but I would expect them to be printed within my script where I am explicitly writing them out;
Write-Host "Working Set of Variables:`nSiteName: "$SiteName"`r`nResourceGroup: "$RG"`r`nASE Name: "$ASEName"`r`nLocation: "$Location
Write-Host "Additional Variables:`nAzureRMTenantID: "$AzureRMTenantID"`r`n"$AzureRMUN"`r`n"$AzureRMPW
If I run the PS script locally, the values do print as expected;
PS C:\ashley\scm\AzureAutomation\AppServices> & '.\Create Canned App Service Application.ps1' -SiteName "tester" -AzureRMTenantID 12345 -AzureRMUN user -AzureRMPW 1234
Working Set of Variables:
SiteName: tester
ResourceGroup: Applications
ASE Name: appservices-ase
Location: East US
Additional Variables:
AzureRMTenantID: 12345
user
1234
Does anyone know how to make this work? I am wondering if the problem has to do with the KeyVault permissions since the request is coming from the "Hosted 2017" Agent Queue built into Team Services.
First, you can’t print out the secret variables’ value, you can send the data to a service (e.g. Web API) to get the actual data during the build/release.
Secondly, the Key Vault secrets variables are used for release, it will add Azure Key Vault task during the release. Link secrets from an Azure Key vault as variables
You will get the empty value if you are using in build. You can add Key Vault Task to the build definition, then you can use the related variables in the following tasks. (Do not need to link to that variable group in build definition)
The Key Vault support currently works only with Release Definitions. You can create a Release Definition and link your Git Repo as an artifact and can achieve the same.
I receive this error while linking Azure Keyvault VG to BD.