Create export pipeline
Pipeline Definition
The below yaml can be used to create the export pipeline in Azure DevOps.
The following variables need to be updated for your environment:
| Variable Name | Comments |
|---|---|
| licenseid | From "Sign Up for a free trial" |
| azureSubscription | The name of the service connection from "Create a service connection" |
| rbacSubscriptions | A comma delimited list of the subscriptions you want to process. or use "*" for all subscriptions the service connection has access to |
| exportFolder | Temporary folder to write export files to. |
| rootFolder | This will be the root folder in your repo that the files are written to. Appending your tenant name could be a good choice here. |
| outputFolder | output files will be created here and uploaded to the artifact |
| useYaml | Set to true to use YAML format, otherwise JSON format is used. |
Export Pipeline
trigger: none
pool:
vmImage: 'windows-latest'
variables:
licenseid: '917851e2-3efb-4340-9803-ae40753f0cb9'
azureSubscription: 'sp_rbac_pipeline_read'
rbacSubscriptions: 'OSX-SUB-SBX,OSX-SUB-DEV,OSX-SUB-SIT,OSX-SUB-PRD'
rootFolder: '$(System.DefaultWorkingDirectory)\OsservanteX'
exportFolder: '$(Build.StagingDirectory)\exported'
outputFolder: '$(Build.StagingDirectory)\output'
useYaml: false
branch: 'rbac_export'
commitComment: 'Osservante RBAC Export. BuildId:$(Build.BuildId)'
steps:
- checkout: self
fetchDepth: 1
persistCredentials: true
- task: Osservante.OsservanteRBAC.custom-build-release-task2.OsservanteRBAC@1
displayName: 'Osservante RBAC - Export'
inputs:
mode: Export
licenseid: '$(licenseid)'
azureSubscription: '$(azureSubscription)'
rbacSubscriptions: '$(rbacSubscriptions)'
rootFolder: '$(exportFolder)'
outputFolder: '$(outputFolder)'
useYaml: '$(useYaml)'
- task: BatchScript@1
displayName: 'Commit to Git Branch $(branch)'
inputs:
filename: Scripts/UpdateRBAC.cmd
arguments: '"$(exportFolder)" "$(rootFolder)" "$(branch)" "$(commitComment)"'
Script to create Git branch
Script to create "rbac_export" branch in git
Add the below code to the repo as Scripts/UpdateRBAC.cmd
@ECHO OFF
REM Script to commit changed files to Git
REM This script runs after the Osservante RBAC Export
REM And commits any changes to to the specified branch
REM EXPORTFOLDER is where Osservante RBAC Export places it's files
REM ROOTFOLDER is the root of the checked out RBAC files
REM BRANCH is the git branch to commit the changes to
REM COMMITMESSAGE is the message to add to the commit
SET EXPORTFOLDER=%1
SET ROOTFOLDER=%2
SET BRANCH=%3
SET COMMITMESSAGE=%4
ECHO ==============================================================================
ECHO Export folder = %EXPORTFOLDER%
ECHO Root folder = %ROOTFOLDER%
ECHO Branch = %BRANCH%
ECHO ==============================================================================
ECHO Change directory to root folder
cd %ROOTFOLDER%
ECHO Set git user details
git config user.email "rbac.pipeline@osservante.com"
git config user.name "rbac pipeline"
ECHO Removing branch if it already exists
ECHO Delete local branch
git branch -d %BRANCH%
ECHO Delete remote branch
git push origin --delete %BRANCH%
ECHO Create (or recreate) the branch: %BRANCH%
git switch -c %BRANCH%
ECHO Copy exported rbac files over the files checked out from Git
ECHO robocopy %EXPORTFOLDER% %ROOTFOLDER% /S /COPY:D /NP
robocopy %EXPORTFOLDER% %ROOTFOLDER% /S /COPY:D /NP
ECHO Commit changes
git add .
git commit -m %COMMITMESSAGE%
ECHO ==============================================================================
ECHO git push
ECHO ==============================================================================
git push --set-upstream origin %BRANCH%