I've tried a few ways of doing this and every time the step fails saying:
...
File "/home/vsts/work/1/s/api/config/settings.py", line 23, in <module>
SECRET_KEY = os.environ['DJANGO_SECRET_KEY']
File "/opt/hostedtoolcache/Python/3.8.10/x64/lib/python3.8/os.py", line 675, in __getitem__
raise KeyError(key) from None
KeyError: 'DJANGO_SECRET_KEY'
This is template in question that fails at the last script step:
parameters:
- name: serviceName
type: string
default: ''
- name: pathName
type: string
default: ''
jobs:
- job:
displayName: Running unit tests for ${{ parameters.serviceName }}...
variables:
servicesChanged: $[ stageDependencies.Changed.Changes.outputs['detectChanges.servicesChanged'] ]
condition: or(contains(variables['servicesChanged'], '${{ parameters.serviceName }}'), eq(variables['Build.Reason'], 'Manual'))
steps:
- task: UsePythonVersion@0
inputs:
versionSpec: '3.8'
- script: |
cd ${{ parameters.pathName }} &&
python -m pip install --upgrade pip &&
pip install -r requirements.txt
displayName: Install requirements for ${{ parameters.pathName }}...
- script: cd ${{ parameters.pathName }} && coverage run --omit='manage.py,config/*,.venv*,*/*__init__.py,*/tests.py,*/admin.py' manage.py test
displayName: Run unit tests and coverage for ${{ parameters.pathName }}...
- task: PublishTestResults@2
inputs:
testResultsFiles: reports/django-basic.xml
testRunTitle: ${{ parameters.pathName }} Tests
condition: succeededOrFailed()
Throughout my Django app, I read in env vars with os.environ[ENV_VAR] which has worked fine so far.
This is what I've tried:
Setting Vars in the Pipeline
What I thought would be the easiest, but the least desirable way of doing this. I say that because I have all these values in Azure Key Vault, so it would be duplicative updating these in two places.
Still, I get the error that DJANGO_SECRET_KEY is None.
Azure Key Vault Task
Pretty much follow this guide which involves setting up a Service Principle between AKV and ADO.
I then made a secrets.yaml with this:
steps:
- task: AzureKeyVault@2
inputs:
azureSubscription: $(azureSubscription)
KeyVaultName: $(keyVaultName)
SecretsFilter: '*'
RunAsPreJob: false
This task runs fine and you can see it ADO Pipelines pulling all of the values from AKV.
And updated the Python unit test template to:
parameters:
- name: serviceName
type: string
default: ''
- name: pathName
type: string
default: ''
jobs:
- job:
displayName: Running unit tests for ${{ parameters.serviceName }}...
variables:
servicesChanged: $[ stageDependencies.Changed.Changes.outputs['detectChanges.servicesChanged'] ]
condition: or(contains(variables['servicesChanged'], '${{ parameters.serviceName }}'), eq(variables['Build.Reason'], 'Manual'))
steps:
- template: secrets.yaml
- task: UsePythonVersion@0
inputs:
versionSpec: '3.8'
env:
DJANGO_SECRET_KEY: $(PROD-DJANGOSECRETKEY)
- script: |
cd ${{ parameters.pathName }} &&
python -m pip install --upgrade pip &&
pip install -r requirements.txt
displayName: Install requirements for ${{ parameters.pathName }}...
- script: cd ${{ parameters.pathName }} && coverage run --omit='manage.py,config/*,.venv*,*/*__init__.py,*/tests.py,*/admin.py' manage.py test
displayName: Run unit tests and coverage for ${{ parameters.pathName }}...
I was led to believe that I could just map env: to the UsePythonVersion@0 task by this SO question. That is apparently not the case because even hard coding a string there does nothing.
Question
What am I doing wrong here and what is the correct way of handling this?
