问题
What is the easiest way to get key rotation to work for azure storage accounts from a AzureDevOps relase task? The current plan is to re-generate the old key after release to invalidate it, and have a fresh key that can be used on next deployment. But to get that to work it seems like I at least need to store the name of the key to use in a release variable.
I had a look at he logging tasks (https://github.com/Microsoft/azure-pipelines-tasks/blob/master/docs/authoring/commands.md), but that only changes the value in the current release and does not modify the release definition.
回答1:
You can use the REST API (Definitions - Update) to update the value of the release definition variable from a release task.
- Go to the
Agent Phaseand selectAllow Scripts to Access OAuth Token. See Use the OAuth token to access the REST API - Grant
Project Collection Build Service (xxx)account the edit release pipeline permission. (Select the release pipeline -->...-->Security-->Edit release definitionset toAllow) - Add a PowerShell task in your release pipeline
Run inline script: (Update the value of variable
v1030in below sample)$url = "$($env:SYSTEM_TEAMFOUNDATIONSERVERURI)$env:SYSTEM_TEAMPROJECTID/_apis/Release/definitions/$($env:RELEASE_DEFINITIONID)?api-version=5.0-preview.3" Write-Host "URL: $url" $pipeline = Invoke-RestMethod -Uri $url -Headers @{ Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN" } Write-Host "Pipeline = $($pipeline | ConvertTo-Json -Depth 100)" # Update an existing variable named v1030 to its new value 1035 $pipeline.variables.v1030.value = "1035" ####****************** update the modified object ************************** $json = @($pipeline) | ConvertTo-Json -Depth 99 $updatedef = Invoke-RestMethod -Uri $url -Method Put -Body $json -ContentType "application/json" -Headers @{Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"} write-host "==========================================================" Write-host "The value of Varialbe 'v1030' is updated to" $updatedef.variables.v1030.value write-host "=========================================================="
来源:https://stackoverflow.com/questions/53042605/how-to-modify-azure-devops-release-definition-variable-from-a-release-task