Search code examples
azureazure-devopsyamlcicdazure-api-management

Assigning tags to APIs in Azure APIM via Devops Pipeline

I am trying to onboard APIs into Azure APIM via CICD pipeline in azure devops. everything works good except assigning tags.

      - task: AzureCLI@2
        displayName: Deploy API Specification (Create or Update) and Configure Diagnostics
        inputs:
          azureSubscription: $(AzureServiceConnection)
          scriptType: bash
          scriptLocation: inlineScript
          inlineScript: |
            echo "Checking if API $(ApiName) exists in APIM..."
            API_EXISTS=$(az apim api show \
              --resource-group "$(ResourceGroup)" \
              --service-name "$(InstanceName)" \
              --api-id "$(ApiName)" 2>/dev/null || echo "not found")

            FILE_PATH="$(System.DefaultWorkingDirectory)/myapp/myapp-api.spec.json"
            TEMP_FILE_PATH="$(System.DefaultWorkingDirectory)/myapp/myapp-api-temp.spec.json"

            if [[ ! -f "$FILE_PATH" ]]; then
              echo "Error: API specification file not found at $FILE_PATH"
              exit 1
            fi

            echo "Replacing server URL with pipeline variable..."
            sed "s|{{myapp_API_URL}}|$(myappApiUrl)|g" "$FILE_PATH" > "$TEMP_FILE_PATH"

            if [[ "$API_EXISTS" == "not found" ]]; then
              echo "API not found. Importing as a new API..."
              result=$(az apim api import \
                --resource-group "$(ResourceGroup)" \
                --service-name "$(InstanceName)" \
                --path "$(ApiSuffix)" \
                --api-id "$(ApiName)" \
                --specification-format OpenApi \
                --specification-path "$TEMP_FILE_PATH" \
                --subscription-key-header-name "Ocp-Apim-myapp-Subscription-Key" \
                --subscription-key-query-param-name "myapp-subscription-key" 2>&1)

              if [[ $? -ne 0 ]]; then
                echo "Error importing API:"
                echo "$result"
                exit 1
              fi
              echo "API imported successfully."
            else
              echo "API exists. Updating API specification..."
              result=$(az apim api update \
                --resource-group "$(ResourceGroup)" \
                --service-name "$(InstanceName)" \
                --api-id "$(ApiName)" \
                --set subscriptionKeyParameterNames.header="Ocp-Apim-myapp-Subscription-Key" \
                --set subscriptionKeyParameterNames.query="myapp-subscription-key" \
                --set apiRevision="2" \
                --set description="Updated API specification" \
                --set format="OpenApi" \
                --set value="$TEMP_FILE_PATH" 2>&1)

              if [[ $? -ne 0 ]]; then
                echo "Error updating API:"
                echo "$result"
                exit 1
              fi
              echo "API updated successfully."
            fi

            # Add tags to API (works for both new and existing APIs)
            az apim api update \
              --resource-group "$(ResourceGroup)" \
              --service-name "$(InstanceName)" \
              --api-id "$(ApiName)" \
              --tags "myproject" "myapp"  # Explicit values

            # Verify tags
            echo "Current API Tags:"
            az apim api show \
              --resource-group "$(ResourceGroup)" \
              --service-name "$(InstanceName)" \
              --api-id "$(ApiName)" \
              --query "{Tags:tags}" -o json

            # Cleanup
            rm -f "$TEMP_FILE_PATH"

Here I can see the APIs are properly onboarded in APIM, but the tags are not assigning.

I am struggling to find what i did wrong

I tried

       --tags "myproject=true" "myapp=true"  # Explicit values

as well

Solution

  • --tags parameter in Az CLI could not able to add tags to APIM-specific API.

    You can use rest api to assign the tag to API. If the tag doesn't exist, you need to create the tag firstly.

    Sample task as below:

    pool:
  vmImage: Windows-latest

variables:
  ResourceGroup: ''
  ApiName: 'swagger-petstore-openapi-3-0'
  InstanceName: 'APIM'
  subscriptionId: ''
  apiVersion: '2024-05-01'



steps:
- task: AzureCLI@2
  inputs:
    azureSubscription: 'ARMConn4'
    scriptType: 'ps'
    scriptLocation: 'inlineScript'
    inlineScript: |
      $tagId = "tagtest3"
      $tagName = "tagtesttest3"
      # Get the access token
      $tokenResponse = az account get-access-token
      $tokenObject = $tokenResponse | ConvertFrom-Json
      $accessToken = $tokenObject.accessToken

      $headers = @{
        "Authorization" = "Bearer $accessToken"
      }

      # Create the tag
      $tagUrl = "https://management.azure.com/subscriptions/$(subscriptionId)/resourceGroups/$(ResourceGroup)/providers/Microsoft.ApiManagement/service/$(InstanceName)/tags/$tagId" + "?api-version=2024-05-01"
      $tagBody = @{
        properties = @{
          displayName = $tagName
        }
      } | ConvertTo-Json -Depth 10
     
      $tagcreate = Invoke-RestMethod -Method Put -Uri $tagUrl -Body $tagBody -ContentType "application/json" -Headers $headers
      $tagcreate | ConvertTo-Json

      # Associate the tag with the API
      $apiTagUrl = "https://management.azure.com/subscriptions/$(subscriptionId)/resourceGroups/$(ResourceGroup)/providers/Microsoft.ApiManagement/service/$(InstanceName)/apis/$(ApiName)/tags/$tagId" + "?api-version=2024-05-01"
      $apiTagBody = @{
        properties = @{
          description = "This is a tag for my API"
        }
      } | ConvertTo-Json -Depth 10

      $associatetag = Invoke-RestMethod -Method Put -Uri $apiTagUrl -Body $apiTagBody -ContentType "application/json" -Headers $headers
      $associatetag | ConvertTo-Json

    enter image description here

    Confirm on APIM API:

    enter image description here