如何在运行时将值从 Azure DevOps 变量库获取到 Bicep 模板中-解网

问：

大家早上好，

我目前正在创建一个用于创建 sql 服务器和数据库的模板。我设法在运行时从管道中获取环境名称的参数。但是，我的下一个问题是我想对四个不同的环境使用相同的模板。其中三个具有相同的订阅 ID，然后 prod 具有不同的订阅 ID。因此，我认为最好为每个环境创建一个库，然后在我的 azure devops 管道中，将库链接到管道。

例如，我现在要做的是从库中获取三个值，并在运行管道时将它们放入 Bicep 模板中。

谁能建议如何做到这一点？

谢谢

达伦

下面是 Bicep 模板：

targetScope = 'resourceGroup'

// input parameters
param Environment string
param sqladminlogin string = '${SqlAdminLogin}'
param sqladminpassword string = '{SqlAdminPassword}'
param SqlServerName string = 'SQL-${Environment}01'
param location string = resourceGroup().location
param Sql_DB_Name string = 'SQL-${Environment}'

resource SqlServerName_resource_tst 'Microsoft.Sql/servers@2022-05-01-preview' = {
  name: toLower(SqlServerName)
  location: location
  tags: {
    Service: 'TESTING'
    Environment: Environment
    'Business Owner': 'TBC'
  }
  kind: 'v12.0'
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    administratorLogin: sqladminlogin
    administratorLoginPassword: sqladminpassword
    version: '12.0'
    minimalTlsVersion: '1.2'
    publicNetworkAccess: 'Enabled'
    administrators: {
      administratorType: 'ActiveDirectory'
      principalType: 'Group'
      login: 'NSG-AG-SQL-RW-TST'
      sid: '********'
      tenantId: '**********'
      azureADOnlyAuthentication: false
    }
    restrictOutboundNetworkAccess: 'Disabled'
  }
}

管道如下所示：

name: bicep-deployment

trigger:
- main

pool:
  vmImage: 'windows-latest'

parameters:
  - name: Environment
    displayName: Environment
    type: string
    default: 'TST'
    values:
      - DEV
      - TST
      - UAT
      - PRD

  - name: Action
    displayName: Action
    type: string
    default: 'Plan'
    values:
      - Plan
      - Apply

variables:
  - name: Environment
    value: '${{ parameters.Environment }}'

  - name: System.Debug
    value: true

  - name: Action
    value: '${{ parameters.Action }}'

  - name: serviceConnection
    ${{ if eq( parameters['Environment'], 'DEV') }}:
      value: "AG-Dev"
    ${{ if eq( parameters['Environment'], 'TST') }}:
      value: "AG-TST"
    ${{ if eq( parameters['Environment'], 'UAT' ) }}:
      value: "AG-UAT"
    ${{ if eq( parameters['Environment'], 'PRD' ) }}:
      value: "AG-PRD"

  - name: resourceGroupName
    ${{ if eq( parameters['Environment'], 'DEV') }}:
      value: "RG-AG-DEV"
    ${{ if eq( parameters['Environment'], 'TST') }}:
      value: "RG-AG-TST"
    ${{ if eq( parameters['Environment'], 'UAT') }}:
      value: "RG-AG-UAT"
    ${{ if eq( parameters['Environment'], 'PRD') }}:
      value: "RG-AG-PR"

  # Select Variable Library to use for the environment.
  - group: ${{parameters.Environment}}

stages:
  # SQL Stages
  - stage: Preview_SQL
    jobs:
    - job: Preview
      steps:
      - task: AzureCLI@2
        inputs:
          azureSubscription: $(serviceConnection)
          scriptType: 'bash'
          scriptLocation: 'inlineScript'
          inlineScript: |
            az deployment group what-if \
              --resource-group '$(resourceGroupName)' \
              --template-file Bicep/SQL/SQL-tst.bicep \
              --parameters Environment="${{ parameters.Environment }}"

  # The deployment only runs if Apply action is selected when running the pipeline and if the validate job succeeds.
  - stage: Deploy_SQL
    dependsOn: Preview_SQL
    jobs:
      - deployment: Deploy_SQL
        displayName: Deploy_SQL
        environment: $(Environment)
        condition: and(succeeded(), eq(variables['Action'], 'Apply'))
        strategy:
          runOnce:
            deploy:
              steps:
                - checkout: self
                - task: AzureCLI@2
                  displayName: Bicep deployment
                  inputs:
                    azureSubscription: $(serviceConnection)
                    scriptType: bash
                    scriptLocation: inlineScript
                    inlineScript: |
                      set -e

                      echo '##[Section]Deploy SQL'

                      az deployment group create \
                        --resource-group $(resourceGroupName) \
                        --name "SQL-deployment" \
                        --template-file Bicep/SQL/SQL-tst.bicep \
                        --parameters Environment="${{ parameters.Environment }}"

运行管道时，它将运行，但部署到 Azure 中将失败。当我在 Azure 门户中查看部署历史记录时，它有一个错误的请求，但如果我检查输入，我可以看到 sql 管理员登录名和密码没有被复制过来，而是 $（SqlAdminLogin）和 $（SqlAdminPassword）的字符串。如何获取这些变量的值显示在此处？

azure-devops azure-bicep

请重新考虑使用变量组来存储 ADO 的这些内容。变量组不提供源代码管理。另一种在扩展管道中相同的方法是将这些变量存储在每个环境的单独 variable.yml 文件中。您正在管道级别确定这些范围。会鼓励您在工作中确定它们的范围。它将引领一个更清洁、更具可扩展性的解决方案。techcommunity.microsoft.com/t5/healthcare-and-life-sciences/......

答：

0赞 Shamrai Aleksander 10/11/2023 #1

二头肌未定义所有参数：

param Environment string
param sqladminlogin string = '${SqlAdminLogin}'
param sqladminpassword string = '{SqlAdminPassword}'
param SqlServerName string = 'SQL-${Environment}01'
param location string = resourceGroup().location
param Sql_DB_Name string = 'SQL-${Environment}'

当您传递 Environment = UAT 时，这将是

Environment='UAT'
sqladminlogin = ''
sqladminpassword = ''
SqlServerName = 'SQL-UAT01'
location = your_location
Sql_DB_Name = 'SQL-UAT'

您应该在此处传递所有参数：

 az deployment group create \
    --resource-group $(resourceGroupName) \
    --name "SQL-deployment" \
    --template-file Bicep/SQL/SQL-tst.bicep \
    --parameters Environment="${{ parameters.Environment}}" sqladminlogin=Some_value sqladminpassword=Some_value

您可以将参数更新为：

param Environment string
param sqladminlogin string
param sqladminpassword string
param SqlServerName string = 'SQL-${Environment}01'
param location string = resourceGroup().location
param Sql_DB_Name string = 'SQL-${Environment}'

https://learn.microsoft.com/en-us/cli/azure/deployment/group?view=azure-cli-latest#az-deployment-group-create（）-例子

https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/parameters

如何在运行时将值从 Azure DevOps 变量库获取到 Bicep 模板中

How to get values from Azure DevOps variables library into a Bicep template at run time

评论

评论