在每晚构建的Azure管道中,我正在执行以下步骤:
这里是管道的摘录:
# purge the self-signed cert from the Keyvault to avoid conflict; ignore failures (DOES NOT WORK?)
- task: AzureCLI@2
inputs:
azureSubscription: '${{ parameters.ArmConnection }}'
scriptType: 'pscore'
scriptLocation: 'inlineScript'
continueOnError: true
failOnStandardError: false
powerShellErrorActionPreference: 'silentlyContinue'
inlineScript: |
az keyvault certificate delete --vault-name $(KeyVaultName) --id 'https://$(KeyVaultName).vault.azure.net/certificates/my-self-signed-cert'
az keyvault certificate purge --vault-name $(KeyVaultName) --id 'https://$(KeyVaultName).vault.azure.net/deletedcertificates/my-self-signed-cert'
# import the self-signed certificate my-self-signed-cert into the Keyvault
- task: AzurePowerShell@5
inputs:
azureSubscription: '${{ parameters.ArmConnection }}'
ScriptType: 'InlineScript'
azurePowerShellVersion: '3.1.0'
Inline: |
$Pwd = ConvertTo-SecureString -String 'MyPassword' -Force -AsPlainText
$Base64 = 'MIIKqQI__3000_CHARS_HERE____HP1ICAgfQ=='
$Cert = Import-AzKeyVaultCertificate -VaultName $(KeyVaultName) -Name my-self-signed-cert -CertificateString $Base64 -Password $Pwd
echo "##vso[task.setvariable variable=Thumbprint;isOutput=true]$Cert.Thumbprint"
起初,上面的代码适用于此功能,但是后来我在ARM模板中为keyvault禁用了soft delete功能:
"properties": {
"enableSoftDelete": false,
"enabledForDeployment": true,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": true,
或者也许是我的问题的触发因素只是手动删除了密钥库...
无论如何,我现在收到重复的管道错误:
我想知道即使设置了failOnStandardError: false
和powerShellErrorActionPreference: 'silentlyContinue'
,为什么也不能忽略“ az”故障?
而且,我尝试用“ try / catch”将两个“ az”命令包围起来,但错误仍然存在:
##[debug]which 'az'
##[debug]found: 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd'
##[debug]scriptType=pscore
##[debug]scriptLocation=inlineScript
##[debug]scriptArguments=null
##[debug]powerShellErrorActionPreference=silentlyContinue
##[debug]Agent.Version=2.169.0
##[debug]Agent.TempDirectory=d:\a\_temp
##[debug]scriptPath=d:\a\1\s
##[debug]inlineScript=az keyvault certificate delete --vault-name my-nightly-my-keyvault --id 'https://my-nightly-my-keyvault.vault.azure.net/certificates/my-self-signed-cert'
--vault-name my-nightly-my-keyvault --id 'https://my-nightly-my-keyvault.vault.azure.net/deletedcertificates/my-self-signed-cert'
##[debug]powerShellIgnoreLASTEXITCODE=false
...lines skipped...
A certificate with (name/id) my-self-signed-cert was not found in this key vault. If you recently deleted this certificate you may be able to recover it using the correct recovery command. For help resolving this issue, please see https://go.microsoft.com/fwlink/?linkid=2125182
Operation "purge" is not enabled for this vault.
##[debug]$LASTEXITCODE: 1
##[debug]Exit code 1 received from tool 'C:\Program Files\PowerShell\7\pwsh.exe'
##[debug]STDIO streams have closed for tool 'C:\Program Files\PowerShell\7\pwsh.exe'
##[debug]task result: Failed
##[error]Script failed with exit code: 1
##[debug]Processed: ##vso[task.issue type=error;]Script failed with exit code: 1
##[debug]Processed: ##vso[task.complete result=Failed;]Script failed with exit code: 1
##[debug]which 'az'
##[debug]found: 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd'
##[debug]which 'az'
##[debug]found: 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd'
##[debug]C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd arg: account clear
##[debug]C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd arg: account clear
##[debug]exec tool: C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd
##[debug]exec tool: C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd
##[debug]arguments:
##[debug]arguments:
##[debug] account
##[debug] account
##[debug] clear
##[debug] clear
[command]C:\windows\system32\cmd.exe /D /S /C ""C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" account clear"
##[section]Finishing: AzureCLI
检查您的Yaml格式。 continueOnError
不是任务的输入,而是任务本身的一个属性。因此,您的任务应该是:
作为解决方法,添加exit 0
对我有所帮助-