I am using the following yaml file where I declared all variables within the project settings. The AZ login command failed to run. When I replaced the variables with the actual value, it was able to run. Any idea why the variable values are not getting picked from the project settings ?
variables:
DEFAULT_RG:
description: "Default resource group to deploy the resources for testing"
value: "newgrp"
DEFAULT_LOCATION:
description: "Default location of the testing resource group"
value: "East US"
default:
image: mcr.microsoft.com/azure-cli
before_script:
- az login --service-principal --username $SP_ID --password $SP_SECRET --tenant $TENANT_ID
- az account set --subscription $SUBSCRIPTION_ID
- set -euo pipefail
stages:
- deploy
deploy automation account and tie it with UAMI:
stage: deploy
script:
- New-AzAutomationAccount -Location $Location -Name $automationccount -ResourceGroupName $ResourceGroup
- Set-AzAutomationAccount -ResourceGroupName $ResourceGroup -Name $automationccount -AssignUserIdentity "/subscriptions/$SUBSCRIPTION_ID/resourcegroups/$resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/$userAssignedOne"
2
Answers
Well, I figured out the issue. I had used all the variables as 'protected' which would mean that I can use these variables only on protected branches!
You need to check your variables type, if they are set to be protected; you can only access them from protected branches.
So, you either only
mask
them or update the protected branch list to include your current branch.