Search code examples
azureazure-devopsazure-blueprints

How can I pass pipeline variable to parameters file for blueprint assignment

I'm trying to create an Azure DevOps pipeline for deploying Azure Blueprint. There are some fields in the parameters file(JSON) which I want to be configurable. How can I pass these values as pipeline variables and use them in the parameters file?

I tried defining a pipeline variable and reference it in the parameter file like this "$(var-name)", but it didn't work. Is there a way to solve this?

Below is my pipeline definition, I'm using AzureBlueprint extension for creating and assigning blueprint:

steps:
- task: CreateBlueprint@1
  inputs:
    azureSubscription: $(serviceConnection)
    BlueprintName: $(blueprintName)
    BlueprintPath: '$(blueprintPath)'
    AlternateLocation: false
    PublishBlueprint: true

- task: AssignBlueprint@1
  inputs:
    azureSubscription: $(serviceConnection)
    AssignmentName: '$(blueprintName)-assignment'
    BlueprintName: $(blueprintName)
    ParametersFile: '$(blueprintPath)/assign.json'
    SubscriptionID: $(subscriptionId)
    Wait: true
    Timeout: 500

and my parameters file:

"parameters":{
         "organization" : {
            "value": "xxxx"
         },
         "active-directory-domain-services_ad-domain-admin-password" : {
            "reference": {
               "keyVault": {
                     "id": "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.KeyVault/vaults/xxxx"
               },
               "secretName": "xxxx"
            }
         },
         "jumpbox_jumpbox-local-admin-password" : {
            "reference": {
               "keyVault": {
                     "id": "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.KeyVault/vaults/xxxx"
               },
               "secretName": "xxxx"
            }
         },         
         "keyvault_ad-domain-admin-user-password" : {
            "value" : "xxxx"
         },
         "keyvault_deployment-user-object-id" : {
            "value" : "xxxx"
         },
         "keyvault_jumpbox-local-admin-user-password" : {
            "value" : "xxxx"
         }
      }
Solution

  • Since the Tasks (CreateBlueprint and AssignBlueprint) you are using doesn't support overriding parameters, you have two options:

    • Use the Azure CLI az blueprint command to directly create and assign blueprints.
    • Change the parameters file bei either using JSON variable substitution or by using a small PowerShell script (see blow):

    Sample:

    $paramFile = Get-Content ./azuredeploy.parameters.json | ConvertFrom-Json
$paramFile.parameters.organization.value = "your-org-name" 
$paramFile | ConvertTo-Json | Set-Content ./azuredeploy.parameters.json

    Be aware that the Task you are using hasn't received an update within the last 17 months (here is the GitHub repository).