We Keep Coding

Azure DevOps Pipeline Variables Group Error

I have this problem. When trying to use variable groups with conditional templates pipeline gives me this error:
templates/vars-qa.yml (Line: 9, Col: 1): While parsing a block mapping, did not find expected key.
Here is the azure-pipelines.yml
trigger:
- main
- qa
- development
- staging
#//
resources:
- repo: self
variables:
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/main') }}:
- template: templates/vars-qa.yml
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/qa') }}:
- template: templates/vars-qa.yml
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/development') }}:
- template: templates/vars-dev.yml
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/staging') }}:
- template: templates/vars-qa.yml
stages:
- template: templates/transform-settings.yml
- template: templates/build-image.yml
And vars-qa.yml where error is happen:
variables:
imageRepository: 'service-qa'
dockerRegistryServiceConnection: 'dec124f0-814f-4511-94d3-b3396698767508'
containerRegistry: 'test.azurecr.io'
imagePullSecret: 'test1334fe31-auth'
dockerfilePath: '**/Dockerfile'
vmImageName: 'ubuntu-latest'
tag: '$(Build.BuildId)'
- group: dev-secrets
- name: ConnectionStrings.DefaultConnection
value: $(psql-conn-str-dev)
This is happen in -group: dev-secrets.The group is existing and the psql-conn-str-dev already to.I have tried with $(variables.psql-conn-str-dev) but result was the same. Everything works correctly without templates

There is a problem in the indent of your template YAML.
You cannot define a sequence item when in a mapping.
Please try and use an online YAML validator tool to check this:
https://codebeautify.org/yaml-validator
I converted your variables to sequence items.
I think this will work better:
variables:
- name: imageRepository
value: 'service-qa'
- name: dockerRegistryServiceConnection
value: 'dec124f0-814f-4511-94d3-b3396698767508'
- name: containerRegistry
value: 'test.azurecr.io'
- name: imagePullSecret
value: 'test1334fe31-auth'
- name: dockerfilePath
value: '**/Dockerfile'
- name: vmImageName
value: 'ubuntu-latest'
- name: tag
value: '$(Build.BuildId)'
- group: dev-secrets
- name: ConnectionStrings.DefaultConnection
value: $(psql-conn-str-dev)

Azure Pipeline: Unexpected value 'steps'

Can anybody point me in the right direction here?
When I attempt to kick off the pipeline from the main yaml template the reference template gives me the unexpected 'steps' value.
I attempted to add a stage before the defined job and then receive the unexpected 'stage' message. Looking at some similar previously asked questions I understand a step can't be place directly under a 'stage' but this is not the case here.
parameters:
- name: baseEnvironmentName
type: string
- name: environmentSuffix
type: string
- name: postDeploySteps
type: stepList
default: []
- name: publishedPackageName
type: string
- name: serviceName
type: string
- name: dnsHostName
type: string
jobs:
- deployment: ${{ parameters.environmentSuffix }}Deployment
displayName: '${{ parameters.environmentSuffix }} Deployment'
pool:
vmImage: 'windows-2019'
environment: ${{ parameters.baseEnvironmentName }}-${{ parameters.environmentSuffix }}
variables:
- template: variables/variables.common.yaml
- template: variables/variables.${{ parameters.environmentSuffix }}.yaml
- name: MonitorExceptionAlert_Name
value: '${{ variables.IdPrefix }}-${{ parameters.environmentSuffix }}-${{ parameters.dnsHostName }}-ExceptionAlert'
steps:
- checkout: self
- checkout: common_iac
- task: Random Task Name
displayName: 'Create Environment Resource Group'
inputs:
ConnectedServiceName: '$(ADOS.ServiceConnectionName)'
resourceGroupName: '$(ResourceGroup.Name)'
location: '$(ResourceGroup.Location)'
condition: and(succeeded(), ne(variables['CreateResourceGroupInTaskGroup'], 'false'))
- task: Random Task Name 2
displayName: 'Create Application Insights'
inputs:
ConnectedServiceName: '$(ADOS.ServiceConnectionName)'
ResourceGroupName: '$(ResourceGroup.Name)'
Location: '$(ResourceGroup.Location)'
instanceName: '$(ApplicationInsights.Name)'

You are using deployment jobs. Try defining a strategy. Try replacing steps: inline with deployment with:
- deployment: ....
strategy:
runOnce:
deploy:
steps:

From the example at the Azure docs templates page, jobs: should contain a - job: which contains steps:. I don't know that jobs: can directly contain steps:.

Using if else conditions within a Azure devops yaml pipeline template

Essentially I am trying to use a if else logic inside a yaml template instead of the caller pipeline.
I have following two pipelines azure-caller.yml and template.yaml
azure-caller.yml
parameters:
- name: test
displayName: 'select true or false'
values:
- true
- false
variables:
- name: test-true
${{ if eq(parameters.test, 'true') }}:
value: false
${{ elseif eq(parameters.test, 'false') }}:
value: true
stages:
- template: job-templates/template.yml
parameters:
testrue: $(test-true)
template.yml
parameters:
testrue: test_true
stages:
- stage: A
jobs:
- job: JA
steps:
- script: |
echo "Reverted value is" ${{ parameters.testrue }}
name: DetermineResult
How can I move the if else logic in the template.yml instead of azure-caller.yml? Your input will be helpful. thx

Below pipeline should do the trick with a limitation that the scope of variable test-true in the template will be limited only for stage: A
azure-caller.yml
parameters:
- name: test
displayName: 'select true or false'
values:
- true
- false
stages:
- template: job-templates/template.yml
parameters:
testrue: ${{ parameters.test }}
template.yml
parameters:
testrue: default
stages:
- stage: A
variables:
- name: test-true
${{ if eq(parameters.testrue, 'true') }}:
value: NewValueForTrueParam
${{ elseif eq(parameters.testrue, 'false') }}:
value: NewValueForFalseParam
jobs:
- job: JA
steps:
- script: |
echo "Echo value is" $(test-true)
Result

Tags as variables are not supported in environment

I was trying to use a variable as tag while executing the deploy job using the environment template. But from https://developercommunity.visualstudio.com/content/problem/1015274/yaml-variable-names-not-expanded-for-tags-on-envir.html, it's evident that ADO doesn't support variables as tags in environment deployments. For example, this works
variables:
envName: 'EnvironmentName'
vmTag: 'vm-test-01'
environment:
name: "EnvironmentName"
resourceName: 'vm-test-01'
resourceType: "virtualMachine"
tags: "vm01"
strategy:
runOnce:
deploy:
steps:
- powershell: write-host "This is $(VMName)"
but this doesn't
name: "$(envName)"
resourceType: "virtualMachine"
tags: "$(vmTag)"
strategy:
runOnce:
deploy:
steps:
- powershell: write-host "This is $(VMName)"
Does anyone know of an alternate or a workaround for this?
Thanks
UPDATE: This is what I've tried
multistage-pipeline.yml
- stage: "deploytouservm"
displayName: "Stage - Deploy To User VM"
dependsOn: "build"
variables:
- name: envName
value: "environmentName"
- name: userVM
value: "vmName01" #this value is dynamically generated
- template: templates\jobs\deploy-template.yml
parameters:
envName: $(envName)
vmName: $(userVM)
deploy-template.yml
parameters:
- name: envName
- name: vmName
jobs:
- deployment: "deployJob"
environment: ${{ parameters['envName']}}.${{ parameters['vmName']}}
displayName: "Deploy - SCOM To User VM"
strategy:
runOnce:
deploy:
steps:

Try using parameters instead of variables:
parameters:
- name: envName
default: EnvironmentName
jobs:
- deployment: VMDeploy
displayName: Test_script
environment:
name: ${{ parameters.envName}}
resourceType: VirtualMachine
azure-pipelines.yml
stages:
- stage:
variables:
EnvironmentName: Prod
jobs:
- template: steps.yml
parameters:
myParameter: Test
....
steps:yml
parameters:
- name: myParameter
jobs:
- deployment: deployment
environment: ${{ parameters['myParameter']}}
strategy:
...

Parameterized variable names as task input in Azure Pipelines

I've been trying to make a YAML template that first uses the AzureKeyVault#1 task to get the value ofsome Azure KeyVault secrets, and then uses these secrets for the sqlUsername and sqlPassword in asqlAzureDacpacDeployment#1 task.
I want to make the names of the KeyVault secrets a parameter, so that this template can be used for many different situations.
I've successfully used this technique before, with an AzureKeyVault#1 task and then an AzurePowerShell#4 task, where the secret gets injected as an environment variable for the PowerShell script.
This is a dressed down version of the working template:
parameters:
- name: subscription
type: string
- name: keyVaultSecretName
type: string
- name: keyVault
type: string
jobs:
- job: Run_PowerShell_With_Secret
pool:
name: Azure Pipelines
vmImage: windows-latest
steps:
- task: AzureKeyVault#1
inputs:
azureSubscription: ${{ parameters.subscription }}
keyVaultName: ${{ parameters.keyVault }}
secretsFilter: ${{ parameters.keyVaultSecretName }}
- task: AzurePowerShell#4
inputs:
azureSubscription: ${{ parameters.subscription }}
ScriptPath: 'some_script.ps1'
azurePowerShellVersion: LatestVersion
env:
SECRETVALUE: $(${{ parameters.keyVaultSecretName }})
And here is the template where I can't get the same technique to work:
parameters:
- name: subscription
type: string
- name: keyVault
type: string
- name: sqlServerName
type: string
- name: sqlDatabaseName
type: string
- name: sqlServerAdminSecretName
type: string
- name: sqlServerPasswordSecretName
type: string
- name: dacpacName
type: string
- name: artifactName
type: string
jobs:
- job: Deploy_SQL_Database
pool:
name: Azure Pipelines
vmImage: windows-latest
steps:
- task: DownloadPipelineArtifact#2
inputs:
artifact: ${{ parameters.artifactName }}_artifacts
- task: AzureKeyVault#1
inputs:
azureSubscription: ${{ parameters.subscription }}
keyVaultName: ${{ parameters.keyVault }}
secretsFilter: '${{ parameters.sqlServerAdminSecretName }}, ${{ parameters.sqlServerPasswordSecretName }}'
- task: sqlAzureDacpacDeployment#1
inputs:
azureSubscription: ${{ parameters.subscription }}
ServerName: ${{ parameters.sqlServerName }}.database.windows.net
DatabaseName: ${{ parameters.sqlDatabaseName }}
sqlUsername: $(${{ parameters.sqlServerAdminSecretName }})
sqlPassword: $(${{ parameters.sqlServerPasswordSecretName }})
DacpacFile: $(Pipeline.Workspace)\${{ parameters.dacpacName }}.dacpac
I can get the template to work if I hardcode the secret names:
parameters:
- name: subscriptionName
type: string
- name: keyVault
type: string
- name: sqlServerName
type: string
- name: sqlDatabaseName
type: string
- name: dacpacName
type: string
- name: artifactName
type: string
jobs:
- job: Deploy_${{ parameters.sqlDatabaseName }}_Database
pool:
name: Azure Pipelines
vmImage: windows-latest
steps:
- checkout: none
- task: AzureKeyVault#1
inputs:
azureSubscription: ${{ parameters.subscriptionName }}
keyVaultName: ${{ parameters.keyVault }}
secretsFilter: 'SQLServerAdmin, SQLServerPassword'
- task: DownloadPipelineArtifact#2
inputs:
artifact: ${{ parameters.artifactName }}_artifacts
- task: sqlAzureDacpacDeployment#1
inputs:
azureSubscription: ${{ parameters.subscriptionName }}
ServerName: ${{ parameters.sqlServerName }}.database.windows.net
DatabaseName: ${{ parameters.sqlDatabaseName }}
sqlUsername: $(sqlServerAdmin)
sqlPassword: $(sqlServerPassword)
DacpacFile: $(Pipeline.Workspace)\${{ parameters.dacpacName }}.dacpac
Although this works for us for now, I find this sub-optimal. Is there any way I can make these parameterized variable names work?