gpt4 book ai didi

Azure 发布管道变量中的变量

转载 作者:行者123 更新时间:2023-12-03 03:29:49 24 4
gpt4 key购买 nike

我正在尝试构建一个能够为多个客户部署环境的管道。我有以下结构

  • Azure Vault 的 secret 名称采用以下形式:customerName-customerEnvironmentType-secretName
  • 通过以下步骤发布管道。这是一个多配置类型作业,它为列表中的每个客户创建一个作业
    • 使用过滤器从保管库获取 secret :customerName-customerEnvironmentType-secretName
    • Bash print env env:sort 并打印 secret (应在日志中生成 ****)。下面添加了 bash 脚本

secret 名称的 customerName-customerEnvironmentType 部分被放入变量中以供重用。我想做的是根据客户名称和环境类型获取保管库 secret 。 bash脚本如下。

#!/bin/bash

env | sort

echo "FULL_NAME: $(FULL_NAME)" # This prints customerName-customerEnvironmentType

echo "normal usage: $(customerName-customerEnvironmentType-secretName)" # This works and prints ***, but this wouldn't be dynamic and would only work for one customer

# Some options I tried, all of them do not resolve. Some of them don't even resolve the FULL_NAME variable
echo "variables['customerName-customerEnvironmentType-secretName']"
echo "${{ variables['FULL_NAME'] }}"
echo "${{ variables.FULL_NAME }}"
echo "$($(FULL_NAME)-secretName)"
echo "$(${{ variables.FULL_NAME }}-secretName)"
echo "variables['$(FULL_NAME)-secretName']"
echo "$(variables['$(FULL_NAME)-secretName'])"
echo "$[variables['$(FULL_NAME)-secretName']]"

有没有更好的方法来做到这一点,也许是另一种有效的变量替换方法?

日志:Azure 保管库构建步骤

2022-12-27T13:38:38.0903674Z ##[section]Starting: Azure Key Vault: customer-environments
2022-12-27T13:38:38.0909613Z ==============================================================================
2022-12-27T13:38:38.0909898Z Task : Azure Key Vault
2022-12-27T13:38:38.0910115Z Description : Download Azure Key Vault secrets
2022-12-27T13:38:38.0910336Z Version : 2.211.1
2022-12-27T13:38:38.0910524Z Author : Microsoft Corporation
2022-12-27T13:38:38.0910836Z Help : https://docs.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-key-vault
2022-12-27T13:38:38.0911185Z ==============================================================================
2022-12-27T13:38:38.2801948Z SubscriptionId: hidden-for-security.
2022-12-27T13:38:38.2804271Z Key vault name: customer-environments.
2022-12-27T13:38:38.2810602Z Downloading secrets using: hidden-for-security.
2022-12-27T13:38:38.8860681Z Number of secrets found in customer-environments: 8
2022-12-27T13:38:38.8900028Z Number of enabled and unexpired secrets found in customer-environments: 8
2022-12-27T13:38:38.8909999Z Downloading secret value for: customerName-customerEnvironmentType-secretName.
.... there where more here, but i have hidden them
2022-12-27T13:38:39.0434461Z ##[section]Finishing: Azure Key Vault: customer-environments

Bash 构建步骤

2022-12-27T13:38:39.7977754Z ##[section]Starting: Bash Script
2022-12-27T13:38:39.7990665Z ==============================================================================
2022-12-27T13:38:39.7991040Z Task : Bash
2022-12-27T13:38:39.7991348Z Description : Run a Bash script on macOS, Linux, or Windows
2022-12-27T13:38:39.7991674Z Version : 3.211.0
2022-12-27T13:38:39.7991955Z Author : Microsoft Corporation
2022-12-27T13:38:39.7992334Z Help : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/bash
2022-12-27T13:38:39.7992749Z ==============================================================================
2022-12-27T13:38:40.0194291Z Generating script.
2022-12-27T13:38:40.0198418Z ========================== Starting Command Output ===========================
2022-12-27T13:38:40.0202702Z [command]/usr/bin/bash /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh
... removed the output of env | sort for security reasons
2022-12-27T13:38:40.0288018Z FULL_NAME: customerName-customerEnvironmentType
2022-12-27T13:38:40.0298702Z normal usage: ***
2022-12-27T13:38:40.0299290Z variables['customerName-customerEnvironmentType-secretName']
2022-12-27T13:38:40.0299794Z
2022-12-27T13:38:40.0300226Z
2022-12-27T13:38:40.0301018Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 11: ${{ variables['FULL_NAME'] }}: bad substitution
2022-12-27T13:38:40.0302092Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 12: ${{ variables.FULL_NAME }}: bad substitution
2022-12-27T13:38:40.0304197Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 13: customerName-customerEnvironmentType-secretName: command not found
2022-12-27T13:38:40.0305052Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 14: ${{ variables.FULL_NAME }}-secretName: bad substitution
2022-12-27T13:38:40.0305862Z variables['customerName-customerEnvironmentType-secretName']
2022-12-27T13:38:40.0306661Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 15: variables[customerName-customerEnvironmentType-secretName]: command not found
2022-12-27T13:38:40.0307284Z
2022-12-27T13:38:40.0308101Z /home/vsts/work/_temp/6ad51bf7-2673-449a-9e74-66b2bb6abb19.sh: line 16: 'customerName-customerEnvironmentType-secretName': syntax error: operand expected (error token is "'customerName-customerEnvironmentType-secretName'")
2022-12-27T13:38:40.0337412Z ##[error]Bash exited with code '1'.
2022-12-27T13:38:40.0352993Z ##[section]Finishing: Bash Script

最佳答案

我在我的管道中进行了测试,效果很好。这是 yaml 示例:

variables:
- name: FULL_NAME
value: customerName-customerEnvironmentType

steps:
- task: AzureKeyVault@2
inputs:
azureSubscription: ‘your subscription‘
KeyVaultName: ‘your key vault name’
SecretsFilter: '*'
RunAsPreJob: true
- script: |
echo "FULL_NAME: $(FULL_NAME)"
echo "normal usage: $(customerName-customerEnvironmentType-secretName)"
# get the vault secret based on the customer name and environment type
echo $(${{ variables.FULL_NAME }}-secretName)
displayName: 'Run a multi-line script'

结果

result

顺便说一句,Wetransfer 链接中的日志似乎是私有(private)的,我无权访问它,您可以提供纯文本或将其公开。

关于Azure 发布管道变量中的变量,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/74930129/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com