fixup! Artifacts

Sheyla Trudo · Sheyla Trudo · commit d97c5caf3c5d · 2024-10-07T13:51:00.000-07:00
diff --git a/.pipelines/templates/artifact-storage.steps.yaml b/.pipelines/templates/artifact-storage.steps.yaml
@@ -96,7 +96,6 @@ steps:
   env:
     SA_LIST_LENGTH: $(SA_LIST_LENGTH)
 
-
 - task: AzureCLI@2
   displayName: "Add Storage Account to Pool"
   condition: and(succeeded(), eq(variables.CREATE_NEW_SA, True))
@@ -124,13 +123,19 @@ steps:
                "$ACNCI_BUILDTAG_CREATEDBYBUILDID"="$BUILD_BUILDID" \
                "$ACNCI_BUILDTAG_CREATEDBYAPPID"="$servicePrincipalId"
         #--enable-files-aadds true 
+        az role assignment create \
+          --role "Contributor" \
+          --assignee-principal-type ServicePrincipal \
+          --assignee-object-id "$SP_APP_OID" \
+          --scope "$RG_ID"/providers/Microsoft.Storage/storageAccounts/"$SA_NAME"
   env:
     ACNCI_UNIQUE_ID: $(ACNCI_UNIQUE_ID)
     RG_NAME: $(resourcegroups.ACNCI_BUILD_RESOURCEGROUP)
     
 - template: get-storage-accounts.steps.yaml
   parameters:
     STORAGE_ACCOUNT_SERVICE_CONNECTION: $(ACN_TEST_SERVICE_CONNECTION)
+    condition: and(succeeded(), eq(variables.SA_LIST_LENGTH, 0))
     resourceGroupName: $(resourcegroups.ACNCI_BUILD_RESOURCEGROUP)
 
 # Select Storage Account for use.
@@ -205,13 +210,13 @@ steps:
       set -e
       [[ -n $SYSTEM_DEBUG ]] && [[ $SYSTEM_DEBUG =~ $IS_TRUE ]] && set -x || set +x
 
+      az storage account show -n "$SA_NAME" --query networkRuleSet
       az storage container create \
         --account-name "$SA_NAME" \
         --resource-group "RG_NAME" \
         --name "$CONTAINER_NAME" \
         --auth-mode login
         #--public-access off 
-      az storage account show -n "$SA_NAME" --query networkRuleSet
 
       echo >&2 "##vso[task.setvariable variable=ACNCI_STORAGEACCOUNT_ARTIFACT_CONTAINER;isoutput=true]$CONTAINER_NAME"
   env:
diff --git a/.pipelines/templates/get-storage-accounts.steps.yaml b/.pipelines/templates/get-storage-accounts.steps.yaml
@@ -3,6 +3,10 @@ parameters:
 - name: STORAGE_ACCOUNT_SERVICE_CONNECTION
   type: string
 
+- name: condition
+  type: boolean
+  default: true
+
 - name: resourceGroupName
   type: string
 
@@ -14,6 +18,7 @@ steps:
 ## Storage Account Resource Query
 - task: AzureCLI@2
   displayName: "Get Storage Account Resources"
+  condition: ${{ parameters.condition }}
   inputs:
     azureSubscription: ${{ parameters.STORAGE_ACCOUNT_SERVICE_CONNECTION }}
     scriptType: bash
