I'm trying to have a YAML pipeline build out a JSON file to be used as a Cypress.env.json. Some of the values need to come from a variable group (ultimately tied to an Azure Key Vault). I want it to be build dynamically so if a secret is added to the Key Vault and exposed via the Variable Group it will be written out as a new property of the JSON file without the YAML pipeline needing to be modified. I was hopeful I had found a trick in this answer which describes an undocumented function named convertToJson which allows a pipeline object to be passed as a JSON string to a script. So I gave this a try:
- job:
variables:
- group: DevVariableGroup
steps:
- bash: echo "${{ convertToJson(variables) }}"
displayName: 'Get an Object - Bash'
This works insofar as I get a JSON string with all variables which are available at compile time. Unfortunately, the variables provided by the variable group are not among them. I've only been able to get the convertToJson function to work using the template syntax, not macro or runtime syntax.
I can't think of another way to dynamically access the variables provided by the variable group. Any suggestions?
I thought I would circle back to this question and share the solution we landed on in case it's helpful for anyone else. The secrets are held in a Key Vault and retrieved using the AzureKeyVault@1 task. That downloads the values to variables, so there isn't a need to rely on a Variable Group to expose the Key Vault's contents. Once they are variables, we can use the replacetokens@3 task. So we changed the JSON file into which we are populating the values so it would work with that task.
Two tasks got us what we needed.
- task: AzureKeyVault@1
displayName: 'Read vault'
inputs:
azureSubscription: ${{ parameters.azureSubscription }}
KeyVaultName: $(keyVaultName)
SecretsFilter: '*'
RunAsPreJob: false
- task: replacetokens@3
inputs:
targetFiles: '**/cypress.json'
encoding: 'auto'
writeBOM: true
actionOnMissing: 'warn'
keepToken: false
tokenPrefix: '#{'
tokenSuffix: '}#'
useLegacyPattern: false
enableTransforms: false
enableTelemetry: true