I am trying to run below commands in .sh file in Bash Task in Azure Devops classic pipeline:
set -e
pip install azure-identity
pip install azure-cosmos
pip install requests
set +e
az login --service-principal -u $(AZURE_CLIENT_ID) --tenant $(AZURE_TENANT_ID) --allow-no-subscriptions --federated-token $(AZURE_ID_TOKEN)
Before running this , I have a task where i have SPN connect and AZ authenticated and using below script to print details which i am able to see it succesfully:
az account show
echo "##vso[task.setvariable variable=AZURE_CLIENT_ID]$servicePrincipalId"
echo "##vso[task.setvariable variable=AZURE_ID_TOKEN]$idToken"
echo "##vso[task.setvariable variable=AZURE_TENANT_ID]$tenantId"
The problem here is when i try to run Bash task as inline script it works fine but as soon as i am using filePath script (same code), it is giving me below error:
ERROR: argument --username/-u: expected one argument
2024-09-10T10:36:22.9450758Z
2024-09-10T10:36:22.9451406Z Examples from AI knowledge base:
2024-09-10T10:36:22.9451894Z az login --service-principal -u http://azure-cli-2016-08-05-14-31-15 -p VerySecret --tenant contoso.onmicrosoft.com
2024-09-10T10:36:22.9453690Z Log in with a service principal using client secret. Use -p=secret if the first character of the password is '-'.
2024-09-10T10:36:22.9454012Z
2024-09-10T10:36:22.9454461Z az login --service-principal -u http://azure-cli-2016-08-05-14-31-15 -p ~/mycertfile.pem --tenant contoso.onmicrosoft.com
2024-09-10T10:36:22.9454937Z Log in with a service principal using client certificate.
2024-09-10T10:36:22.9455157Z
2024-09-10T10:36:22.9455468Z az login -u johndoe@contoso.com -p VerySecret
2024-09-10T10:36:22.9456041Z Log in with username and password. This doesn't work with Microsoft accounts or accounts that have two-factor authentication enabled. Use -p=secret if the first character of the password is '-'.
2024-09-10T10:36:22.9456402Z
I have tried setting environment variable , but still no luck. Thanks for your support. I also verified the Creds they are working and giving the variable when used as inline script , issue in in bash script. Let me know if you want more details or i could help you to understand more about the problem
When using 'inline' type script, before executing the script, the task will pre-parse all the macro syntax expressions ($(Variable_Name)) in the script and replace them with the actual values of the variables if the variables exist, then wrap the script as a script file and save the script file into the working directory of the agent. After that, it will execute the script file on the agent.
When using 'filePath' type script, since the script has been wrapped as a script file, the task generally would just copy the script file into the working directory of the agent. And then execute the script file on the agent. It will not pre-parse the macro syntax expressions ($(Variable_Name)) in the script file. So, it will return empty values or report errors when executing the script file.
For your case, the solution is referencing the corresponding environment variables of these variables in the 'filePath' type script. Since you have used the setvariable command to set up the variables, they also will be automatically decrypted into environment variables. So, you do not need to map them as environment variables again.
NOTE: Secret variables will not be automatically decrypted into environment variables.
In Bash scripts, the "$(VARIABLE_NAME)" is not a valid expression to call environment variables, the valid expression should be "$VARIABLE_NAME".
#!/bin/sh
az login --service-principal -u $AZURE_CLIENT_ID --tenant $AZURE_TENANT_ID --allow-no-subscriptions --federated-token $AZURE_ID_TOKEN