Linux + PowerShell + AzureCLI in DevOps Pipelines

A couple of months ago I had an exchange with Donovan Brown on Twitter about using AzureCLI & PowerShell in Azure DevOps pipelines on Linux hosted agents. As is often the way I didn’t have the time to take the advice I received and experiment straight away. As we ramp into a new project I realized that I had project where trying this approach made sense.

So, I was eager to try this out and dived in, adding an Azure PowerShell task to my pipeline to try blending the lovely Json responses from Azure CLI with the power of proper objects in my scripts. So, attempt #1:

Let’s run some PowerShell in a Linux pipeline
Version 3 of the Azure PowerShell task is Windows only 😦

So, a quick change to toggle the task to use Task version 4 (aka Preview)

And, much after anticipation….. ERROR: Please run 'az login' to setup account. 😦 Much disappointment. But Donovan said he does it, so how does this work?
Taking a look at the logs for an Azure CLI task shows me some thing interesting.

[command]/usr/bin/az cloud set -n AzureCloud
[command]/usr/bin/az login --service-principal -u *** -p *** --tenant *** 
[
   {
     "cloudName": "AzureCloud",
     "id": "0ff1ce000-1d10-t500-86f4-28b59b7dbf13",
     "isDefault": true,
     "name": "Not really the name :P",
     "state": "Enabled",
     "tenantId": "***",
     "user": {
        "name": "***",
        "type": "servicePrincipal"
     }
   }
]

And then inspecting the task options I can see a way of accessing those variable in an Azure CLI task.

Ohhh this looks promising….

Couple this with some cunning use of the task.setvariable command and I can bubble these parameters out for use in the rest of my pipeline:

# Echo the authentication detail out to variables for use in a PowerShell step
echo "##vso[task.setVariable variable=servicePrincipalId]$servicePrincipalId"
echo "##vso[task.setVariable variable=servicePrincipalKey]$servicePrincipalKey"
echo "##vso[task.setVariable variable=tenantId]$tenantId" 

Which then get passed into PowerShell script as arguments, $(servicePrincipalId) $(servicePrincipalKey) $(tenantId) and used like so:

 az login --service-principal `
          -u $servicePrincipalId `
          -p $servicePrincipalKey `
          --tenant $tenantId 

Hey presto, Azure CLI calls from PowerShell on a Linux hosted build agent 😀
Hopefully someone out there will find this useful.

This entry was posted in Azure, Deployment, Development, DevOps, PowerShell. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.