@@ -148,70 +148,70 @@ steps:
148148
149149# # MI Service Connection
150150
151- - template : get-resources.steps.yaml
152- parameters :
153- resourceType : serviceconnection
154- serviceConnection : $(ACN_TEST_SERVICE_CONNECTION)
155- inputs :
156- resourceGroupName : $(resourcegroups.ACNCI_BUILD_RESOURCEGROUP)
157- buildTagDefinitionIdKey : $(ACNCI_BUILDTAG_DEFINITIONID)
158- buildTagCreatedByAppIdKey : $(ACNCI_BUILDTAG_CREATEDBYAPPID)
159- # SERVICECONNECTION_PRINCIPALID: ${{ parameters.inputs.serviceConnectionPrincipalId }}
160- # SUBSCRIPTION_ID: ${{ parameters.inputs.subscriptionId }}
161- # SUBSCRIPTION_NAME: ${{ parameters.inputs.subscriptionName }}
162- # SERVICECONNECTION_TENANTID: ${{ parameters.inputs.tenantId }}
163- # SERVICECONNECTION_NAME: ${{ parameters.inputs.serviceConnectionName }}
164-
165- - template : create-or-update-resource.steps.yaml
166- parameters :
167- resourceType : serviceconnection
168- serviceConnection : $(ACN_TEST_SERVICE_CONNECTION)
169- createCondition : |
170- and(succeeded(),
171- or(not(variables.OUT_RESULT_LENGTH),
172- eq(variables.OUT_RESULT_LENGTH, 'null'),
173- lt(variables.OUT_RESULT_LENGTH, 1)))
174- updateCondition : False
175- inputs :
176- serviceConnectionName : $(managedidentity.ACNCI_MANAGEDIDENTITY_NAME)-serviceconnection
177- serviceConnectionPrincipalId : $(managedidentity.ACNCI_MANAGEDIDENTITY_OBJECTID)
178- subscriptionId : $(build.ACNCI_BUILD_SUBSCRIPTION_ID)
179- subscriptionName : $(build.ACNCI_BUILD_SUBSCRIPTION_NAME)
180- tenantId : $(build.ACNCI_BUILD_TENANT_ID)
181- buildTagDefinitionIdKey : $(ACNCI_BUILDTAG_DEFINITIONID)
182- buildTagCreatedByAppIdKey : $(ACNCI_BUILDTAG_CREATEDBYAPPID)
183- buildTagCreatedByBuildIdKey : $(ACNCI_BUILDTAG_CREATEDBYBUILDID)
184-
185- - task : AzureCLI@2
186- name : serviceconnection
187- displayName : " [Output] Build User ServiceConnection Details"
188- inputs :
189- azureSubscription : $(ACN_TEST_SERVICE_CONNECTION)
190- scriptType : bash
191- scriptLocation : inlineScript
192- addSpnToEnvironment : true
193- inlineScript : |
194- set -e
195- [[ -n $SYSTEM_DEBUG ]] && [[ $SYSTEM_DEBUG =~ $IS_TRUE ]] && set -x || set +x
196-
197- # Select MI to use
198- RANDOM_SELECT=`tr -dc '1-9' < /dev/urandom | head -c${1:-7}`
199- IDX=$(( "$RANDOM_SELECT" % "$SC_LIST_LENGTH" ))
200- SC_DATA=$(echo "$SC_LIST" | jq --argjson IDX "$IDX" -rc '.[$IDX]')
201-
202- echo "$SC_DATA"
203- exit 1
204- SC_ID=$(echo "$SC_DATA" | jq -r '.id')
205- echo >&2 "##vso[task.setvariable variable=ACNCI_SERVICECONNECTION_ID;isoutput=true]$SC_ID"
206- SC_PRINCIPALID=$(echo "$SC_DATA" | jq -r '.principalId')
207- echo >&2 "##vso[task.setvariable variable=ACNCI_SERVICECONNECTION_NAME;isoutput=true]$SC_PRINCIPALID"
208- SC_APPID=$(echo "$SC_DATA" | jq -r '.clientId')
209- echo >&2 "##vso[task.setvariable variable=ACNCI_MANAGEDIDENTITY_APPID;isoutput=true]$SC_APPID"
210- SC_NAME=$(echo "$SC_DATA" | jq -r '.name')
211- echo >&2 "##vso[task.setvariable variable=ACNCI_MANAGEDIDENTITY_NAME;isoutput=true]$SC_NAME"
212- env :
213- SC_LIST : $(OUT_RESULT)
214- SC_LIST_LENGTH : $(OUT_RESULT_LENGTH)
151+ # - template: get-resources.steps.yaml
152+ # parameters:
153+ # resourceType: serviceconnection
154+ # serviceConnection: $(ACN_TEST_SERVICE_CONNECTION)
155+ # inputs:
156+ # resourceGroupName: $(resourcegroups.ACNCI_BUILD_RESOURCEGROUP)
157+ # buildTagDefinitionIdKey: $(ACNCI_BUILDTAG_DEFINITIONID)
158+ # buildTagCreatedByAppIdKey: $(ACNCI_BUILDTAG_CREATEDBYAPPID)
159+ # # SERVICECONNECTION_PRINCIPALID: ${{ parameters.inputs.serviceConnectionPrincipalId }}
160+ # # SUBSCRIPTION_ID: ${{ parameters.inputs.subscriptionId }}
161+ # # SUBSCRIPTION_NAME: ${{ parameters.inputs.subscriptionName }}
162+ # # SERVICECONNECTION_TENANTID: ${{ parameters.inputs.tenantId }}
163+ # # SERVICECONNECTION_NAME: ${{ parameters.inputs.serviceConnectionName }}
164+ #
165+ # - template: create-or-update-resource.steps.yaml
166+ # parameters:
167+ # resourceType: serviceconnection
168+ # serviceConnection: $(ACN_TEST_SERVICE_CONNECTION)
169+ # createCondition: |
170+ # and(succeeded(),
171+ # or(not(variables.OUT_RESULT_LENGTH),
172+ # eq(variables.OUT_RESULT_LENGTH, 'null'),
173+ # lt(variables.OUT_RESULT_LENGTH, 1)))
174+ # updateCondition: False
175+ # inputs:
176+ # serviceConnectionName: $(managedidentity.ACNCI_MANAGEDIDENTITY_NAME)-serviceconnection
177+ # serviceConnectionPrincipalId: $(managedidentity.ACNCI_MANAGEDIDENTITY_OBJECTID)
178+ # subscriptionId: $(build.ACNCI_BUILD_SUBSCRIPTION_ID)
179+ # subscriptionName: $(build.ACNCI_BUILD_SUBSCRIPTION_NAME)
180+ # tenantId: $(build.ACNCI_BUILD_TENANT_ID)
181+ # buildTagDefinitionIdKey: $(ACNCI_BUILDTAG_DEFINITIONID)
182+ # buildTagCreatedByAppIdKey: $(ACNCI_BUILDTAG_CREATEDBYAPPID)
183+ # buildTagCreatedByBuildIdKey: $(ACNCI_BUILDTAG_CREATEDBYBUILDID)
184+ #
185+ # - task: AzureCLI@2
186+ # name: serviceconnection
187+ # displayName: "[Output] Build User ServiceConnection Details"
188+ # inputs:
189+ # azureSubscription: $(ACN_TEST_SERVICE_CONNECTION)
190+ # scriptType: bash
191+ # scriptLocation: inlineScript
192+ # addSpnToEnvironment: true
193+ # inlineScript: |
194+ # set -e
195+ # [[ -n $SYSTEM_DEBUG ]] && [[ $SYSTEM_DEBUG =~ $IS_TRUE ]] && set -x || set +x
196+ #
197+ # # Select MI to use
198+ # RANDOM_SELECT=`tr -dc '1-9' < /dev/urandom | head -c${1:-7}`
199+ # IDX=$(( "$RANDOM_SELECT" % "$SC_LIST_LENGTH" ))
200+ # SC_DATA=$(echo "$SC_LIST" | jq --argjson IDX "$IDX" -rc '.[$IDX]')
201+ #
202+ # echo "$SC_DATA"
203+ # exit 1
204+ # SC_ID=$(echo "$SC_DATA" | jq -r '.id')
205+ # echo >&2 "##vso[task.setvariable variable=ACNCI_SERVICECONNECTION_ID;isoutput=true]$SC_ID"
206+ # SC_PRINCIPALID=$(echo "$SC_DATA" | jq -r '.principalId')
207+ # echo >&2 "##vso[task.setvariable variable=ACNCI_SERVICECONNECTION_NAME;isoutput=true]$SC_PRINCIPALID"
208+ # SC_APPID=$(echo "$SC_DATA" | jq -r '.clientId')
209+ # echo >&2 "##vso[task.setvariable variable=ACNCI_MANAGEDIDENTITY_APPID;isoutput=true]$SC_APPID"
210+ # SC_NAME=$(echo "$SC_DATA" | jq -r '.name')
211+ # echo >&2 "##vso[task.setvariable variable=ACNCI_MANAGEDIDENTITY_NAME;isoutput=true]$SC_NAME"
212+ # env:
213+ # SC_LIST: $(OUT_RESULT)
214+ # SC_LIST_LENGTH: $(OUT_RESULT_LENGTH)
215215
216216# SERVICECONNECTION_PRINCIPALID: ${{ parameters.inputs.serviceConnectionPrincipalId }}
217217# SUBSCRIPTION_ID: ${{ parameters.inputs.subscriptionId }}
@@ -287,7 +287,6 @@ steps:
287287 buildTagCreatedByAppIdKey : $(ACNCI_BUILDTAG_CREATEDBYAPPID)
288288 buildTagCreatedByBuildIdKey : $(ACNCI_BUILDTAG_CREATEDBYAPPID)
289289
290-
291290# storage accounts
292291
293292- template : get-resources.steps.yaml
@@ -419,3 +418,25 @@ steps:
419418 MANAGEDIDENTITY_OBJECTID : $(managedidentity.ACNCI_MANAGEDIDENTITY_OBJECTID)
420419 STORAGEACCOUNT_ID : $(artifact_storage.ACNCI_STORAGEACCOUNT_ID)
421420 STORAGECONTAINER_NAME : $(artifact_storage.ACNCI_STORAGEACCOUNT_CONTAINER_NAME)
421+
422+ - task : AzureCLI@2
423+ displayName : " [Test] Blob Access"
424+ continueOnError : true
425+ inputs :
426+ azureSubscription : $(ACN_TEST_SERVICE_CONNECTION)
427+ scriptType : bash
428+ scriptLocation : inlineScript
429+ addSpnToEnvironment : true
430+ inlineScript : |
431+ set +x
432+ az login --service-principal --username "$MI_NAME" --tenant "$MI_TENANT"
433+ az storage blob download --auth-mode login --container-name "STORAGECONTAINER_NAME" --account-name "$STORAGEACCOUNT_NAME" --name "$STORAGEBLOB_PATH/.created" --file output
434+ cat ./output
435+ env :
436+ RESOURCEGROUP_NAME : $(resourcegroups.ACNCI_BUILD_RESOURCEGROUP)
437+ STORAGEACCOUNT_NAME : $(artifact_storage.ACNCI_STORAGEACCOUNT_NAME)
438+ STORAGECONTAINER_NAME : $(artifact_storage.ACNCI_STORAGEACCOUNT_CONTAINER_NAME)
439+ MANAGEDIDENTITY_OBJECTID : $(managedidentity.ACNCI_MANAGEDIDENTITY_OBJECTID)
440+ STORAGEBLOB_PATH : $(Build.BuildId)/$(System.JobAttempt)
441+ MI_NAME : $(managedidentity.ACNCI_MANAGEDIDENTITY_NAME)
442+ MI_TENANT : $(build.ACNCI_BUILD_TENANT_ID)
0 commit comments