我正在尝试将一个机密变量作为Azure管道的一部分传递到Powershell脚本中。我通过转到“编辑管道”来添加变量,然后单击“变量”按钮,添加变量并选择“保持此值秘密”复选框。变量名称是PAT。
我在Powershell脚本中引用了变量,该脚本是一个单独的文件,如下所示:
$url = '[Azure DevOps url]'
<# pass PAT as pipeline variable #>
$Token = "$env:PATSECRET"
if ($PAT -eq "") {
exit 1
}
$AzureAuthHeader = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f "", $Token)))
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", ("Basic {0}" -f $AzureAuthHeader))
$headers.Add("Content-Type", "application/json")
$response = Invoke-RestMethod -Uri $url -Method GET -Headers $headers
$lastcommit = $response.value[1].commitId
$packageFolder = git diff HEAD $lastcommit --name-only
这是管道中的Powershell脚本构建步骤:
steps:
- task: PowerShell@2
displayName: 'Detect Subfolder Changes'
name: setvarStep
env:
Pat: $(PAT)
inputs:
targetType: 'filePath'
filePath: $(System.DefaultWorkingDirectory)\detectchanges.ps1
failOnStderr: true
当管道运行时,出现以下错误: ##[error]env:PAT : The term 'env:PAT' is not recognized as the name of a cmdlet, function, script file, or operable program ...
更新:我使用环境变量映射更新了Powershell构建步骤。我仍然遇到相同的错误。我也删除了括号$(env:PAT),没有任何变化。
您可以使用脚本的环境或在变量块中映射变量,以将机密传递给管道。这是我的样本:
1.脚本环境(推荐方式):
steps:
- task: PowerShell@2
displayName: 'Detect Subfolder Changes'
name: setvarStep
env:
MY_PAT: $(PAT)
inputs:
filePath: '$(System.DefaultWorkingDirectory)/test.ps1'
failOnStderr: true
test.ps1:
$token= "$env:MY_PAT"
if ($token -eq "") {
exit 1
}
$url= "https://dev.azure.com/{Organization}/_apis/wit/wiql?api-version=6.1-preview.2"
$AzureAuthHeader = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f "", $Token)))
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", ("Basic {0}" -f $AzureAuthHeader))
$headers.Add("Content-Type", "application/json")
$JSON = @'
{
"query": "Select [System.Id], [System.Title], [System.State] From WorkItems Where [System.WorkItemType] = 'Task' AND [State] <> 'Closed' AND [State] <> 'Removed' order by [Microsoft.VSTS.Common.Priority] asc, [System.CreatedDate] desc"
}
'@
$response = Invoke-RestMethod -Uri $url -Headers $headers -Method Post -Body $JSON -ContentType application/json
Write-Host "result = $($response | ConvertTo-Json -Depth 100)"
2.变量定义
variables:
MY_PAT: $(PAT)
steps:
- task: PowerShell@2
inputs:
targetType: 'inline'
script: |
Write-Host "PAT: $(MY_PAT)"
您可以在本文档中找到有关设置机密变量的更多详细信息。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句