0

I'm trying to use azure pipeline to upload certificate and binding the app service. First I use a DEV-stage,all works well.Currently I have to create a new stage for QUAL env.Just clone a new stage from DEV-stage and update the variables,but we run the pipeline can not find the certificate(file) I uploaded. My download task is:

steps:
- task: DownloadSecureFile@1
  displayName: 'Download ***.**.com Certificate for API App'
  inputs:
    secureFile: dev.pfx

and then use a azure powershell task,but in my script such error happens:

Certificate does not exist at path D:\a\_temp/

It seems can not find the download file in the agent. enter image description here

Uploaded task:

steps:
- task: AzurePowerShell@3
  displayName: 'Upload Certificate to API app and Bind Domain'
  inputs:
    azureSubscription: 'Azure: CDA NextGen DEV'
    ScriptPath: '$(System.DefaultWorkingDirectory)/CdaApi-ArmTemplates/ArmTemplates/InstallSSLAndCustomDomain.ps1'
    ScriptArguments: '-ResourceGroupName $(ResourceGroupName) -AppServiceName $(ApiSiteName) -CustomDomains $(ApiHostName) -CertificatePassword $(Password) -CertificateFileName $(CertificateFileName)'
    azurePowerShellVersion: LatestVersion

power shell script:

$CertificateFilePath = $env:AGENT_TEMPDIRECTORY + "/" +  $CertificateFileName

$ResourceGroupName -ResourceType Microsoft.Web/sites -ApiVersion 2014-11-01

if ([System.IO.File]::Exists($CertificateFilePath)) 
{
    Write-Host ("Certificate found at {0}" -f $CertificateFilePath)
}
else 
{
    Write-Error ("Certificate does not exist at path {0}" -f $CertificateFilePath)
    throw
}

How to check it?

Kevin YANG
  • 411
  • 2
  • 8
  • 23
  • How do you define your azure powershell task to upload this certificate? Maybe the complete YAML would be much clear? – Mengdi Liang Mar 25 '20 at 05:18
  • I just use a power shell script and copy the YAML to the question – Kevin YANG Mar 25 '20 at 05:25
  • So you defined InstallSSLAndCustomDomain.ps1 to upload the secure file, and how do you configured the secure file path in that powershell script? Also, are you using Hosted ubuntu agent? – Mengdi Liang Mar 25 '20 at 05:28
  • I copied some scripts above.No,I'm using windows agent – Kevin YANG Mar 25 '20 at 05:31
  • I added a script just now and list the files in path $(Agent.TempDirectory),I can get the file I uploaded.But in my ps files got the error there. – Kevin YANG Mar 25 '20 at 05:34

1 Answers1

1

Updated:

Based on your comment the files has been exists there. Also, combine your powershell script and your error message.

Since you just share the part of your YAML, I could not know how do you define variables. Please ensure your CertificateFileName variable has been stored and passed to powershell successfully.

Because, the complete file name should be displayed in your powershell error message even it does not exists in path.

In fact, it is very easy to cause some issue after you change the agent environment used.

After the Download secure file executed, it will generated one environment variable which name is secureFilePath. You just need set is as output variable and use it directly in your powershell script.

Little changes on your YAML and powershell script:

YAML:

steps:
- task: DownloadSecureFile@1
  displayName: 'Download ***.**.com Certificate for API App'
  inputs:
    secureFile: dev.pfx
  name: Path

- task: AzurePowerShell@3
  displayName: 'Upload Certificate to API app and Bind Domain'
  inputs:
    azureSubscription: 'Azure: CDA NextGen DEV'
    ScriptPath: '$(System.DefaultWorkingDirectory)/CdaApi-ArmTemplates/ArmTemplates/InstallSSLAndCustomDomain.ps1'
    ScriptArguments: '-ResourceGroupName $(ResourceGroupName) -AppServiceName $(ApiSiteName) -CustomDomains $(ApiHostName) -CertificatePassword $(Password) -CertificateFileName $(CertificateFileName) -SecureFilePath $(Path.secureFilePath)'
    azurePowerShellVersion: LatestVersion

Powershell:

$CertificateFilePath = $SecureFilePath

$ResourceGroupName -ResourceType Microsoft.Web/sites -ApiVersion 2014-11-01

if ([System.IO.File]::Exists($CertificateFilePath)) 
{
    Write-Host ("Certificate found at {0}" -f $CertificateFilePath)
}
else 
{
    Write-Error ("Certificate does not exist at path {0}" -f $CertificateFilePath)
    throw
}
Mengdi Liang
  • 17,577
  • 2
  • 28
  • 35
  • I mean the same agent and same scripts – Kevin YANG Mar 25 '20 at 05:40
  • @KevinYANG, Confusing on it. Because in Ubuntu, `/` is the available path symbol, but not in windows agent. – Mengdi Liang Mar 25 '20 at 05:48
  • Yes,me too.I just updated the script but met the same error. – Kevin YANG Mar 25 '20 at 05:58
  • @KevinYANG. I updated the reply based on your more detailed info shared, you can have a check by yourself. Because you did not share how do you configure the variable in your YAML. Just do troubleshooting way by checking whether you could get the variable `CertificateFileName` value successfully. – Mengdi Liang Mar 25 '20 at 06:19
  • Yes,thanks.I guess the issue not from the path problem.It is about the variables.I have five variables in the task ScriptArguments.`cert_pass_cda-qual.schindler.com` is the fourth one comes from variable groups.It seems that it is treated as a undefined one,so the fifth one returns null. – Kevin YANG Mar 25 '20 at 06:34
  • @KevinYANG. Yep. Even file does not exists in that path, he name should also displayed in your error message. Because it is the value you passed. Now it disappeared. So I guess the value does not be got successfully. Forgive my previous judgement since I am not too familiar on your complete work logic. – Mengdi Liang Mar 25 '20 at 06:37
  • @KevinYANG, why not use my second suggestion? Calling the environment variable that the task generated automatically. – Mengdi Liang Mar 25 '20 at 06:38
  • Yes,It's a good idea,I will have a try later.But first I want to know why I can not get the value from variable group here? – Kevin YANG Mar 25 '20 at 06:49
  • @KevinYANG, yeah! Of course. Looking forward to your good news shared. – Mengdi Liang Mar 25 '20 at 06:54
  • Here I got a strange issue,that is why these things happen.I have a variable group which are `password`,`cert_pass_cda-qual.companyname.com` .In dev stage I could use password as my privatekey password.In qual stage I use another one.This kind of name can be added into group but can not use in Script Arguments.Do you know something about this issue? – Kevin YANG Mar 25 '20 at 07:36
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/210280/discussion-between-merlin-liang-msft-and-kevin-yang). – Mengdi Liang Mar 25 '20 at 08:05