In my project, i can get the value of a variable defined inside a variable group like this, without no problem
steps:
- checkout: none
- bash: |
echo $(shared-smtp-user)
But then, later in the code, i need to put into files the value of some variables from a variable group, and i do something like this
parameters:
# The targetVariables to put inside secrets/, for example
# targetVariables:
# - shared-azure-devops-pat
# - shared-ldap-password
# - shared-ldap-user
# - shared-smtp-user
- name: targetVariables
type: object
jobs:
- job: echo_secret_files
displayName: 🗣️ Echo secret files
steps:
- checkout: none
- bash: |
echo "Echoing targetVariables into secrets/"
echo "using targetVariables ${{ convertToJson(parameters.targetVariables) }}"
mkdir -p ./secrets/
echo $(shared-smtp-user) # THIS WORKS !!!
displayName: Display information about the secrets being used
- ${{ each variableName in parameters.targetVariables }}:
- bash: |
echo $SECRET_VALUE > ./secrets/${variableName}.txt
env:
SECRET_VALUE: "$( ${{ variableName }} )" # THIS IS NOT WORKING!!!
displayName: Generate file for ${{ variableName }}
- bash: tree secrets/ -a
displayName: Display the generated secrets
For some weird reason, i cant assing a value to SECRET_VALUE
using this syntax "$( ${{ variableName }} )"
What im trying to do, for each item inside parameters.targetVariables
, set the value of SECRET_VALUE
to $(variableName)
, and then echo $SECRET_VALUE
into a file.
Is there any way i can do $(myVariableNameHere)
, but without actually hardcoding myVariableNameHere
, and instead using the variable from the each
loop (called variableName
)?
As Rui Jarimba's answer, you need to change the env format to ENV_VALUE: $(${{ variableName }})
to get the secret variable in variable group based on parameter value.
In addition, you need to make the following changes in YAML to achieve your goal.
1.You need to change the bash script:
From:
echo $SECRET_VALUE > ./secrets/${variableName}.txt
To
echo $SECRET_VALUE > ./secrets/${{variableName}}.txt
Then it will generate the txt file based on variable name.
2.You need to change the SECRET Key word in the environment variable in bash task.
For example:
SECRET_VALUE
-> MAPPED_VALUE
Based on my test, if the env variable contains the SECRET Key word, it will return the empty value.
Here is the full yaml sample:
pool:
vmimage: ubuntu-latest
parameters:
- name: targetVariables
type: object
default:
- shared-smtp-user
- shared-ldap-password
variables:
- group: variablegroupname
jobs:
- job: echo_secret_files
displayName: 🗣️ Echo secret files
steps:
- checkout: none
- bash: |
echo "Echoing targetVariables into secrets/"
echo "using targetVariables ${{ convertToJson(parameters.targetVariables) }}"
mkdir -p ./secrets/
echo $(shared-smtp-user)
displayName: Display information about the secrets being used
- ${{ each variableName in parameters.targetVariables }}:
- bash: |
echo $MAPPED_VALUE > ./secrets/${{variableName}}.txt
env:
MAPPED_VALUE: $(${{ variableName }})
displayName: Generate file for ${{ variableName }}
- bash: tree secrets/ -a
displayName: Display the generated secrets
Result: