User Profile
Rolf_GJ
Copper Contributor
Joined 3 years ago
User Widgets
Recent Discussions
Use keyvault secrets in pipeline (YAML).
I am trying to use a KeyVault to protect secret password for a database deployment. The service connection have Contributor roll for the subscription, and sett up with get, set, list and delete access for secrets in access policy. Use this step to get the keyvault secrets. Have also tested SecretFilter: ‘*’ trigger: - None pool: vmImage: ubuntu-latest steps: - task: AzureKeyVault@2 inputs: azureSubscription: 'VIP til Azure' KeyVaultName: 'kvxxxxxxxxxxxxxxr6u' SecretsFilter: 'vipDatabaseTestPassord,vipDatabaseTestAdmin' RunAsPreJob: false The result for this step is Key vault name: kvxxxxxxxxxxxxx6u. Downloading secret value for: vipDatabaseTestPassord. Downloading secret value for: vipDatabaseTestAdmin. Finishing: AzureKeyVault For me it looks like the values are being read. The next task - task: AzureResourceManagerTemplateDeployment@3 inputs: deploymentScope: 'Resource Group' azureResourceManagerConnection: 'xxxxxxxxxxxxx' subscriptionId: 'xxxxxxxxxxxxxxxxxx' action: 'Create Or Update Resource Group' resourceGroupName: 'ResourceGroup' location: 'xxxxxx' templateLocation: 'Linked artifact' csmFile: './sql/sqldeploy.json' csmParametersFile: './sql/sqldeploy.parameters.json' overrideParameters: '-administratorLoginPassword $(vipDatabaseTestPassord) -administratorLogin $(vipDatabaseTestAdmin)' deploymentMode: 'Incremental' This com up with following error There were errors in your deployment. Error code: InvalidDeploymentParameterKey. ##[error]One of the deployment parameters has an empty key. Please see https://aka.ms/resource-manager-parameter-files for details. ##[warning]Validation errors were found in the Azure Resource Manager template. This can potentially cause template deployment to fail. Task failed while creating or updating the template deployment.. Please follow https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-syntax Starting Deployment. Deployment name is xxxxxxxxxxxx There were errors in your deployment. Error code: InvalidDeploymentParameterKey. ##[error]One of the deployment parameters has an empty key. Please see https://aka.ms/resource-manager-parameter-files for details. ##[error]Check out the troubleshooting guide to see if your issue is addressed: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-resource-group-deployment?view=azure-devops#troubleshooting ##[error]Task failed while creating or updating the template deployment. For me it look like there are some problems with parsing KeyVault secrets to values YML file can use3.2KViews0likes0Comments
Groups
Recent Blog Articles
No content to show