在“each”循环中添加azureSubscription

问题描述 投票:0回答:1

我需要将 azureSubscription 添加到我的每个循环中,如下所示

parameters:
- name: info
   displayName: Information
   type: object
   default:
     info1: abc
     info2: 123
     info3: hello
steps:
  - checkout: none
  - ${{ each info in parameters.info }}:
      - script: |
          echo "info1 is ${{ info.info1}}"
          echo "info2 is ${{ info.info2}}"
          echo "info3 is ${{ info.info3}}"

          az keyvault secret set --vault-name ${{ parameters.info1 }} --name ${{ parameters.info2 }} --value ${{ parameters.info3 }}
        displayName: Show ${{ info.key }} value

我尝试将其添加为输入,并尝试在不输入的情况下添加它,但出现意外的参数错误

parameters:
 - name: info
   displayName: Information
   type: object
   default:
     info1: abc
     info2: 123
     info3: hello
steps:
  - checkout: none
  - ${{ each info in parameters.info }}:
      -   inputs:
           azureSubscription: subscriptionNumber
          script: |
          echo "info1 is ${{ info.info1}}"
          echo "info2 is ${{ info.info2}}"
          echo "info3 is ${{ info.info3}}"

          az keyvault secret set --vault-name ${{ parameters.info1 }} --name ${{ parameters.info2 }} --value ${{ parameters.info3 }}
        displayName: Show ${{ info.key }} value`
azure azure-devops yaml azure-pipelines devops
1个回答
0
投票

您可以设置一组包含要更新的 keyvault 机密的对象,然后使用 

${{ each ... }}
为每个对象生成一个脚本任务。

稍微更改代码以使其更具可读性:

parameters:
  - name: secrets
    displayName: Keyvault secrets
    type: object
    default:
      - subscription: my-subscription1
        vaultName: my-keyvault1
        secretName: my-secret1
        secretValue: password123
      - subscription: my-subscription2
        vaultName: my-keyvault2
        secretName: my-secret2
        secretValue: password456

steps:
  - checkout: none
  - ${{ each secret in parameters.secrets }}:
    - script: |
        echo "Subscription: ${{ secret.subscription }}"
        echo "Vault name: ${{ secret.vaultName }}"
        echo "Secret name: ${{ secret.secretName }}"
        
        # DO NOT PRINT SECRET VALUE IN THE PIPELINE LOGS
        # echo "Secret value: ${{ secret.secretValue }}"

        # ECHO USED JUST FOR DEMONSTRATION PURPOSES, REPLACE WITH ACTUAL COMMAND
        echo "az keyvault secret set --subscription ${{ secret.subscription }} --vault-name ${{ secret.vaultName }} --name ${{ secret.secretName }} --value ${{ secret.secretValue }} --output none"
      displayName: 'Set secret ${{ secret.vaultName }}/${{ secret.secretName }}'

运行管道:

Pipeline logs

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.