Is there a way to set variables in variable groups - azure-devops

I'm trying to share version information from different pipelines to later use them to create a release config in a release pipeline. So basically I need to share information between different pipelines.
To create a somehow unique version I want to always use the output of git rev-parse HEAD.
I've already tried to use variable groups, but I was only able to read them and not to set them. And I'm not aware of another way which is supported by azure devops, I could of course use files and publish them.
I used the example which was provided by the documentation.
#!/bin/bash
echo "##vso[task.setvariable variable=sauce]crushed tomatoes"
I expect to get a change variable in the variable group in order to read that variable later on in a release pipeline.
Any help is appreciated.

Could be done via the Azure devops CLI.
Create the powershell task:
echo $env:AZURE_DEVOPS_EXT_PAT | az devops login
az devops configure -d organization=https://dev.azure.com/<your_organisation>/ project=<your_project>
az pipelines variable-group variable update --id <id_here> --name <name_here> --value <value_here>
and also create the variable in the task like so

You can not change a variable in a variable group with the logging command task.setvariable (the logging command can change only for a specific run).
The only way to update a variables in the variable group is with the Rest API:
PUT https://dev.azure/com/{organization}/{project}/_apis/distributestask/variablegroups/{groupId}?api-version=5.0-preview.1
Request body:
{
"variables": {
"key1": {
"value": "value1"
}
},
"type": "Vsts",
"name": "TestVarialeGroup",
}
So you need to add a task that excute the above Rest API, for example, PowerShell:
You need to allow scripts to access the
OAuth token (check the checkbox in the agent job options):
And give Administrate permissions to the build user (to the variable group):

Related

How to read release pipeline variable and use as environment variable in Azure DevOps in Azure CLI task?

I am using one powershell task and one Azure Cli task in release pipeline of Azure DevOps.
I have some release pipeline's variables. I want to read those variables as they will be required by my script in above two tasks. I used powershell core in Azure cli task
I tried to read them in the inline script directly as $(variableName) or $env:variableName but none of the above worked.
I tried to set read the variable in Environment variables option in the task and then use in the inline scripts using $env:variableName but it also didn't work. On printing the variableName in the script using Write-Host, the value I got is $(valueName) instead of the correct value.
How to read those variables inside these scripts?
The pipeline variables can be reference in the Azure CLI inline script by using the syntax $(variableName). I tested by adding the following in a script
write-host "The variable value: $(variableName)"

Automatically pass string to powershell user input

In my powershell script, I call the following azure function:
az repos import create --git-source-url https://incommunities#dev.azure.com/my-organisation/Templates/_git/$($Framework) --detect true --project $ProjectAlias --repository $ProjectAlias --requires-authorization
When running, it prompts the user for a Password/PAT token, e.g:
Git Password / PAT:
Is there a way to automatically pass the password/token to the user input without having to enter manually?
I attempted to pipe the value through, however this does not seem to work e.g
my-pat-token | az repos import create --git-source-url https://incommunities#dev.azure.com/my-organisation/Templates/_git/$($Framework) --detect true --project $ProjectAlias --repository $ProjectAlias --requires-authorization
Is this both a) possible and then if so b) how can I do this?
There are two approaches you can use, both come courtesy from this nice blog post which you'll probably want to read, as it talks about a bunch of Azure Devops tasks.
Use an environmental variable
These commands will check for the presence of an environmental variable and will use it instead of prompting.
To do this, set an environment variable called AZURE_DEVOPS_EXT_PAT to the value of your PAT. (More info on how these tokens work here from the Microsoft Docs)
# set environment variable for current process
$env:AZURE_DEVOPS_EXT_PAT = 'xxxxxxxxxx'
When you're automating things, just set this variable before running the Azure commands.
Pipe the value in
I am not as big of a fan of this sort of approach but you can "echo out" the PAT value and pipe that into a command, which might work. IMHO this is more fragile and frunky and I wouldn't advise it.
$pat | az devops login

Set Release.ReleaseDescription automatically from the build. (Azure devops Pipeline)

Good afternoon, I need help with this case, I want to generate a release description in my pipeline builds, I tried to set the variable in the build and I used a group variable but I was not successful, the idea is to generate a build that contains a description of what contains and when generating the new release already has the value in the variable Release.ReleaseDescription, I have a slack task that sends approvals, it would be good to have this description so that the people who approve see what it contains. This manual procedure is currently performed when the release is generated and a description is placed.
Variable group can only share variables with static values from build pipeline to release pipeline. However there is an extension task tool Variable Tools for Azure DevOps Services that can accomplish this. You can follow below steps:
1, You need first to search for Variable Tools for Azure DevOps Services and install it to your organization.
This task include two subtasks as the task describles:.
Variable Save Task - During your build you can save the variables to a json file stored with your other build assets
Variable Load Task - During your Release you can load the saved variables and gain access to them.
2, Then you need to define a variable (BuildDescription)in your build pipeline
3, Add a powershell task to assign a value to variable BuildDescription.
4, add Variable Save Task to save variable BuildDescription to a json file and store it to the build artifacts folder which will be published to azure devops server as a part of aritfacts.
5, in the release pipeline, add task Variable Load Task, and then you can use the variable (BuildDescription) in your release pipeline.
Update:
As above tasks cannot be run on linux system. We can write bash scripts to do the variable save task and variable load task.
To save the variable, you only need to replace above variable save task with bash task to run below command.
echo '{"des":"description"}' > variable-meta.json
To load the variable. Add bash task to replace variable load task
val= ($(jq '.description' variable-meta.json))
echo "##vso[task.setvariable variable=BuildDescription]$val"

Updating environment variable on Azure DevOps

In Azure DevOps pipeline, how to update environment variable in variable group so new value persists, so new value can be used even after build is finished.
For example, I'm trying to save new version number, this does not work:
Write-Host "##vso[task.setvariable variable=currentVersion]$newVersion"
how to update environment variable in variable group so new value persists, so new value can be used even after build is finished.
I am afraid there is no such way to update environment variable in variable group and keep it persists after build is finished.
When you use the Logging Command to set the variable, which is environment variable and can only work in the current environment.
So the new value can not be used after build is finished.
on the other hand, just like Daniel said, if we write any persistent value, then this value will compete/conflict with the value in the variable group. The compiler will not know which value to choose.
So, if you want to write any persistent value, we have to update the value in the variable group manually or use REST API to update it in the variable group.
Check the How to modify Azure DevOps release definition variable from a release task? for some more details.
Hope this helps.
Yes, you can update during build, but the Write-Host only persists in the pipeline currently running. You could use Azure CLI and call something like this:
echo %AZ_LOGIN_PAT%|az devops login
az pipelines variable-group variable update --group-id variable_id --org https://dev.azure.com/your_org --project your_project --name VariableName --value %NewValue%
The PAT might be able to be secured better, but this is how I do it. This is a Windows inline command task.

Save Azure CLI command Output using inline script in DevOps

I've been trying to store the output of multiple az cli commands in a variable defined in my pipeline with 0 success.
This being my last attempt:
The way I try to make sure is getting pass to the var is by doing an echo, which it outputs this(in all attempts):
At the end what im trying to achieve is to get the key value stored to use later:
Any suggestions on how to do this in the Azure CLI task from Azure DevOps Pipeline?
PS: Have being trying some commands from shell and batch and must of the attempts failures are related to not recognizing commands(batch/shell) inside the script. Which is confusing since in Azure cli task Docs:
Answer
#4c74356b41 Answer helped a lot since I didn't know I could do query in azure cli commands to get a specific value of a command. But it didn't quite answer my questions. All that said, this link Set Output Variable in Azure CLI task on VSTS has the Answer to my question.
just use query path filtering, something like this:
--query 'properties.properties.sites[0].key' -o tsv
this should output only the key you are interested it. reading:
https://learn.microsoft.com/en-us/cli/azure/query-azure-cli?view=azure-cli-latest