I'm trying to add env variables and then use them.
name: Extract branch/server/ssh/project names into ENV variable
shell: bash
env:
ACTIONS_ALLOW_UNSECURE_COMMANDS: "true"
SERVER_IP_DEV: ${{ secrets.SERVER_IP_DEV }}
SERVER_IP_MASTER: ${{ secrets.SERVER_IP_MASTER }}
EC2_SSH_KEY_DEV: ${{ secrets.EC2_SSH_KEY_DEV }}
EC2_SSH_KEY_MASTER: ${{ secrets.EC2_SSH_KEY_MASTER }}
PROJECT_NAME: ${{ secrets.PROJECT_NAME }}
run: |
branch=$(sed 's|/|_|g' <<< ${GITHUB_REF#refs/heads/})
server="SERVER_IP_${branch_name^^}"
ssh_key="EC2_SSH_KEY_${branch_name^^}"
project="PROJECT_NAME"
echo "::set-env name=BRANCH_NAME::branch"
echo "::set-env name=SERVER_IP::server"
echo "::set-env name=SSH_KEY::ssh_key"
echo "::set-env name=PROJECT_NAME::project"
and then use them somethin like this
name: Install SSH Key
uses: shimataro/ssh-key-action#v2
with:
key: ${SSH_KEY}
known_hosts: "just-a-placeholder-so-we-dont-get-errors"
but it does not work. what am doing wrong?
Related
I want to check that all necessary secrets exist and fail the build if some of them are missing.
In my script I have this step
- name: Check if secrets exist
env:
secret_key1: ${{ secrets.MY_SECRET_1 }}
secret_key2: ${{ secrets.MY_SECRET_2 }}
secret_key3: ${{ secrets.MY_SECRET_3 }}
if: ${{ env.secret_key1 == '' }} || ${{ env.secret_key2 == '' }} || ${{ env.secret_key3 == '' }}
run: exit 1
but this always exists with status code 1, even if all secrets are present.
I have checked that if I use only one secret it works correctly, e.g.
- name: Check if secret exists
env:
secret_key: ${{ secrets.MY_SECRET }}
if: ${{ env.secret_key == '' }}
run: exit 1
Am I using wrong syntax or is the problem somewhere else?
Your condition should look like this:
- name: Check if secrets exist
env:
secret_key1: ${{ secrets.MY_SECRET_1 }}
secret_key2: ${{ secrets.MY_SECRET_2 }}
secret_key3: ${{ secrets.MY_SECRET_3 }}
if: ${{ (env.secret_key1 == '') || (env.secret_key2 == '') || (env.secret_key3 == '') }}
run: exit 1
Also, you can omit the expression syntax (${{ }}) because GitHub automatically evaluates the if conditional as an expression:
- name: Check if secrets exist
env:
secret_key1: ${{ secrets.MY_SECRET_1 }}
secret_key2: ${{ secrets.MY_SECRET_2 }}
secret_key3: ${{ secrets.MY_SECRET_3 }}
if: env.secret_key1 == '' || env.secret_key2 == '' || env.secret_key3 == ''
run: exit 1
Screenshot: click
For more information, see Expressions.
How can i read json key-value using inline script in git actions and pass them outside the bash tas a variable, below is the file to create a resource group and parse the json from the repo and pass the vaues as variable to the parameter
on: [push]
name: sp_keyvault
jobs:
build-and-deploy:
runs-on: ubuntu-latest
env:
ResourceGroupName: sp_keyvault-rg
ResourceGroupLocation: "eastus"
steps:
- uses: actions/checkout#master
- uses: azure/login#v1
with:
creds: ${{ secrets.Azure_cred }}
- uses: Azure/CLI#v1
with:
inlineScript: |
#!/bin/bash
if $(az group exists --name ${{ env.ResourceGroupName }}) ; then
echo "Azure resource group already exists, skipping creation..."
else
az group create --name ${{ env.ResourceGroupName }} --location ${{ env.ResourceGroupLocation }}
echo "Azure resource group created"
fi
inlineScript: |
#!/bin/bash
#need to access json from the repo and pass it to parameter variable
- uses: azure/arm-deploy#v1
with:
resourceGroupName: ${{ env.ResourceGroupName }}
template: ./sp_repo-main/KeyVaultSetup.json
parameters: "need variable from bash script"
I'm trying to create a pipeline on github actions to EKS but Im having the following error on Build & Push Image step:
***------
[2/2] ADD /target/customer.jar customer.jar:
Dockerfile:5
4 |
5 | >>> ADD /target/customer.jar customer.jar
6 |
7 | ENV JAVA_OPTS="-Xmx256m -Xms256m -XX:MetaspaceSize=48m -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"
error: failed to solve: failed to compute cache key: failed to walk /tmp/buildkit-mount023157727/target: lstat /tmp/buildkit-mount023157727/target: no such file or directory
Error: Process completed with exit code 1.***
I think there is someething about context of the root step process because I can build the image locally with the same dockerFile (after building and creating the target folder of the project of course).
Any suggestion? What Am I missing?
My DockerFile:
FROM openjdk:11-jre as release
ADD /target/customer.jar customer.jar
ENV JAVA_OPTS="-Xmx256m -Xms256m -XX:MetaspaceSize=48m -XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"
ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -jar customer.jar" ]
My Pipeline file:
name: Release
on:
pull_request:
branches:
- main
env:
RELEASE_REVISION: "pr-${{ github.event.pull_request.number }}-${{ github.event.pull_request.head.sha }}"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}
KUBE_NAMESPACE: default
ECR_REPOSITORY: my-cool-application
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Set up JDK 11
uses: actions/setup-java#v2
with:
java-version: '11'
distribution: 'adopt'
- name: Build with Maven
run: mvn -B package --file pom.xml
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action#0.4.1
with:
access_token: ${{ github.token }}
- name: Checkout
uses: actions/checkout#v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login#v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#master
- name: Docker cache layers
uses: actions/cache#v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-single-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-single-buildx
- name: Build & Push Image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
RELEASE_IMAGE: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ env.RELEASE_REVISION }}
run: |
docker buildx create --use
docker buildx build \
--cache-from=type=local,src=/tmp/.buildx-cache \
--cache-to=type=local,dest=/tmp/.buildx-cache-new \
--tag ${{ env.RELEASE_IMAGE }} \
--target release \
--push \
.
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Deploy to Kubernetes cluster
uses: kodermax/kubectl-aws-eks#master
env:
RELEASE_IMAGE: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ env.RELEASE_REVISION }}
with:
args: set image deployment/my-pod app=${{ env.RELEASE_IMAGE }} --record -n $KUBE_NAMESPACE
I read this document https://learn.microsoft.com/zh-cn/azure/devops/pipelines/process/expressions?view=azure-devops#conditional-insertion
but not like what demoed in the document, I need add three variables with same condition as below:
name: arm_temp
resources:
repositories:
- repository: self
type: git
variables:
- ${{ if in(lower(coalesce(variables['ENV'], variables['Build.SourceBranchName'])), 'release', 'prod') }}:
- newEnv: 'Prod'
- account: '$(ACCOUNT)'
- password: '$(PASSWORD)'
- ${{ if eq(lower(coalesce(variables['ENV'], variables['Build.SourceBranchName'])), 'qa') }}:
- newEnv: 'QA'
- account: '$(ACCOUNT)'
- password: '$(PASSWORD)'
- resGroupName: ${{ format('RESGROUP-{0}', variables['newEnv']) }}
ACCOUNT, PASSWORD and ENV are variables defined in azure build pipeline
but I always get error before run the build pipeline.
and error notification is about line under the if conditiona.
From your Yaml sample, it seems that the Yaml format has some issues.
You could refer to the following YAML Sample:
variables:
${{ if in(lower(coalesce(variables['ENV'], variables['Build.SourceBranchName'])), 'release', 'prod') }}:
newEnv: 'Prod'
account: $(myaccount)
password: $(mypassword)
${{ if eq(lower(coalesce(variables['ENV'], variables['Build.SourceBranchName'])), 'qa') }}:
newEnv: 'QA'
account: $(myaccount)
password: $(mypassword)
resGroupName: ${{ format('RESGROUP-{0}', variables['newEnv']) }}
pool:
vmimage: windows-latest
steps:
- script: |
echo $(newEnv)
echo $(account)
echo $(password)
Variable:
Result:
Note: You need to change the variable name $(ACCOUNT) $(PASSWORD). They cannot have the same name as the variable defined in yaml($(account), $(password)). Or the variable couldn't pass successfully.
This question already has answers here:
Multiline string in Azure Pipelines
(3 answers)
Closed 2 years ago.
Is it possible to use multiline in YAML in Azure Pipelines tasks? For instance for the ARM deployment task, there is an overrideParameters property. It would be nice if this could be split accross several lines instead of putting everything in one line:
- task: AzureResourceManagerTemplateDeployment#3
displayName: 'ARM deploy MyFunctionAPP'
inputs:
deploymentScope: 'Resource Group'
azureResourceManagerConnection: ${{ parameters.serviceConnection }}
subscriptionId: ${{ parameters.subscriptionId }}
action: 'Create Or Update Resource Group'
resourceGroupName: ${{ parameters.resourceGroupName }}
location: 'West Europe'
templateLocation: 'Linked artifact'
csmFile: '$(ARMtemplatesPath)\MyFunctionAPP\template.json'
csmParametersFile: '$(ARMtemplatesPath)\MyFunctionAPP\parameters.json'
deploymentMode: 'Incremental'
overrideParameters: '-environment_name ${{ parameters.environmentName }} -vnetAddressPrefix ${{ parameters.vnetAddressPrefix }} -subnet1Prefix ${{ parameters.subnet1Prefix }} -APIkey ${{ parameters.APIkey }} -queueName ${{ parameters.queueNameMyQueue }} -SendGridAPIkey ${{ parameters.SendGridAPIkey }} -StorageConnectionAppSetting ${{ parameters.StorageConnectionAppSetting }}'
Is it somehow possible to split the overrideParameters values on multiple lines?
This has worked for me:
overrideParameters: >-
-environment_name "${{ parameters.environmentName }}"
-vnetAddressPrefix "${{ parameters.vnetAddressPrefix }}"
-subnet1Prefix "${{ parameters.subnet1Prefix }}"
-APIkey "${{ parameters.APIkey }}"
-queueName "${{ parameters.queueNameMyQueue }}"
-SendGridAPIkey "${{ parameters.SendGridAPIkey }}"
-StorageConnectionAppSetting "${{ parameters.StorageConnectionAppSetting }}"
So using >- on a single line and then using double-quotes to surround settings values works.
Is it somehow possible to split the overrideParameters values on
multiple lines?
According to the document Expressions, we could use a pipe character (|) for multiline strings:
- task: AzureResourceManagerTemplateDeployment#3
displayName: 'ARM deploy MyFunctionAPP'
inputs:
deploymentScope: 'Resource Group'
azureResourceManagerConnection: ${{ parameters.serviceConnection }}
subscriptionId: ${{ parameters.subscriptionId }}
action: 'Create Or Update Resource Group'
resourceGroupName: ${{ parameters.resourceGroupName }}
location: 'West Europe'
templateLocation: 'Linked artifact'
csmFile: '$(ARMtemplatesPath)\MyFunctionAPP\template.json'
csmParametersFile: '$(ARMtemplatesPath)\MyFunctionAPP\parameters.json'
deploymentMode: 'Incremental'
overrideParameters: |
-environment_name ${{ parameters.environmentName }}
-vnetAddressPrefix ${{ parameters.vnetAddressPrefix }}
-subnet1Prefix ${{ parameters.subnet1Prefix }}
-APIkey ${{ parameters.APIkey }}
-queueName ${{ parameters.queueNameMyQueue }}
-SendGridAPIkey ${{ parameters.SendGridAPIkey }}
-StorageConnectionAppSetting ${{ parameters.StorageConnectionAppSetting }}
You could check this thread for some more details.