I am using Azure Resource Group Deployment task in Azure Devops. Some of the Override template parameters include the SubscriptionID.
-virtualNetworkId /subscriptions/53614803-d327-4397-bf55-8dedcc24be0d/resourceGroups/$(resourceGroup)/providers/Microsoft.Network/virtualNetworks/vnet
Is there a was to use the SubsciptionID used in the Azure subscription connection ?
Reason: The subscriptionId needed to be known in the build pipeline. This also solves the uniqueString template issue, where we need to know the uniqueString, but powershell does not have a way to tell you.
My deployments are being built to run in any ResourceGroup in different Subscriptions. I am deploying several VM's using the ARM template generated creating one VM in the portal. One of the parameters embedded the subscription Id as shown in question. Because of how the variables are calculated inside the template built by the portal, [subscription.SubscriptionId] was not going to work:
"variables": {
"vnetId": "[parameters('virtualNetworkId')]",
"subnetRef": "[concat(variables('vnetId'), '/subnets/', parameters('subnetName'))]",
It ends up at run time as:
/subscriptions/$(subscription().subscriptionid)/resourceGroups/Dev1/providers/Microsoft.Network/virtualNetworks/vnet/subnets/default
I do not want to edit the template, as I will need to make some adjustments to future deployments, and will likely use the portal to make a new template. The subscriptionId needed to be known in the build pipeline. This also solves the uniqueString template issue, where we need to know the uniqueString, but powershell does not have a way to tell you.
Solution: I created a blank template with output variables and an empty parameters file: template.json:
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": { },
"variables": { },
"resources": [ ],
"outputs": {
"subscriptionId": {
"condition": "[bool('true')]",
"type": "string",
"value": "[subscription().subscriptionId]"
},
"uniqueString": {
"condition": "[bool('true')]",
"type": "string",
"value": "[uniqueString(resourceGroup().id)]"
}
}
}
parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
}
}
Then I ran the tasks:
1. Azure Resource Group Deployment -> runs empty template
2. ARM Outputs -> captures outputs from ARM as variables:
##[section]Starting: ARM Outputs
==============================================================================
Task : ARM Outputs
Description : This task reads the output values of an ARM deployment and sets them as Azure Pipelines variables.
Version : 5.0.21
Author : Kees Schollaart
Help : [More Information](https://github.com/keesschollaart81/vsts-arm-outputs)
==============================================================================
1ef1317c-0917-4a7e-a922-a31b6069c707 exists true
Logging in using ApplicationTokenCredentials, authScheme is 'ServicePrincipal'
Updating Azure Pipelines variable 'subscriptionId'
Updating Azure Pipelines variable 'uniqueString'
##[section]Finishing: ARM Outputs
Then I invoke the real Azure Resource Group Deployment to run my actual template.
Now I can set the Override template parameters property using Pipeline Syntax, ie $(parmName):
-location eastus
-enableAcceleratedNetworking true
-subnetName default
-virtualNetworkId /subscriptions/$(subscriptionId)/resourceGroups/$(resourceGroup)/providers/Microsoft.Network/virtualNetworks/vnet
-diagnosticsStorageAccountId /subscriptions/$(subscriptionId)**/resourceGroups/$(resourceGroup)/providers/Microsoft.Storage/storageAccounts/osdiag$(uniqueString)
...