0

In below tasks , I'm unable to read the ouput from 1st task in 2nd task. The $objectId is not updating with the value. Any help on this ?

Set-AzKeyVaultAccessPolicy fails as objectId does not have valid value.

 steps:  
    - task: AzureResourceManagerTemplateDeployment@3
      inputs:
        deploymentScope: 'Resource Group'
        azureResourceManagerConnection: ${{parameters.ServiceConnection}}
        subscriptionId: $(azureSubscriptionId)
        action: 'Create Or Update Resource Group'
        resourceGroupName: $(loadTestResourceGroup)
        location: '$(location)'
        templateLocation: 'Linked artifact'
        csmFile: '$(System.DefaultWorkingDirectory)/ARMTemplates/template.json'
        csmParametersFile: '$(System.DefaultWorkingDirectory)/ARMTemplates/parameters.json'
        overrideParameters: '-name $(loadTestResource) -location "$(location)" '
        deploymentMode: 'Incremental' 
        deploymentOutputs: 'armOutputs'
    - task: AzurePowerShell@5
      displayName: Assign access policy
      inputs:
        azureSubscription: ${{parameters.ServiceConnection}}
        scriptType: 'InlineScript'
        Inline: |
          $var=  $env:armOutputs | ConvertFrom-Json 
          Write-Host "armOutputs:: $env:armOutputs"
          Write-Host "json output:: $var"
          $objectId=$var.azLoadTestResourceObjectID.value
          Write-Host "ObjectID:: $objectId"
          Set-AzKeyVaultAccessPolicy -VaultName $(keyvaultName) -ObjectId $objectId -PermissionsToSecrets get 
        azurePowerShellVersion: 'latestVersion'
        pwsh: true
Patri
  • 3
  • 4

1 Answers1

0

Here is the sample code of Powershell Scripts and assiglns for each output defined in ARM template.

param (
    [Parameter(Mandatory=$true)]
    [string]
    $armOutputString
)

Write-Host $armOutputString
$armOutputObj = $armOutputString | convertfrom-json
Write-Host $armOutputObj

$armOutputObj.PSObject.Properties | ForEach-Object {
    $type = ($_.value.type).ToLower()
    $key = $_.name
    $value = $_.value.value

    if ($type -eq "securestring") {
        Write-Host "##vso[task.setvariable variable=$key;issecret=true]$value"
        Write-Host "Create VSTS variable with key '$key' and value '$value' of type '$type'!"
    } elseif ($type -eq "string") {
        Write-Host "##vso[task.setvariable variable=$key]$value"
        Write-Host "Create VSTS variable with key '$key' and value '$value' of type '$type'!"
    } else {
        Throw "Type '$type' not supported!"
    }
}

Reverify your Powershell scripts with the above script as well as with this Github and SO threads.

SaiSakethGuduru
  • 2,218
  • 1
  • 5
  • 15
  • thank you.. any example for inline script? like the one I've listed in. Weird thing is $objectId gets printed correctly in console but not in the Set-AzKeyVaultAccessPolicy command...... $objectId=$var.azLoadTestResourceObjectID.value Write-Host "ObjectID:: $objectId" Set-AzKeyVaultAccessPolicy -VaultName $(keyvaultName) -ObjectId $objectId -PermissionsToSecrets – Patri May 06 '22 at 05:04