使用Azure CLI检索Azure存储帐户密钥
[英]Retrieve Azure storage account key using Azure CLI
问题描述
In my release pipeline I'm using a Azure CLI to transfer my build files to a Azure storage blob: 
在发布管道中,我使用Azure CLI将生成文件传输到Azure存储Blob:
call az storage blob upload-batch --source "$(System.DefaultWorkingDirectory)/_ClientWeb-Build-CI/ShellArtifact/out/build" --destination "$web" --account-key "****QxjclDGftOY/agnqUDzwNe/gOIAzsQ==" --account-name "*****estx"
This works, but I want to retrieve the account-key dynamically. 这可行,但是我想动态地检索account-key 。
When I use: 当我使用时:
az storage account keys list -g CustomersV2 -n ****estx
I get a array with 2 objects, both holding a key value: 我得到一个包含2个对象的数组,两个对象都拥有一个键值:
[
{
"keyName": "key1",
"permissions": "Full",
"value": "f/eybpcl*****************Vm9uT1PwFC1D82QxjclDGftOY/agnqUDzwNe/gOIAzsQ=="
},
{
"keyName": "key2",
"permissions": "Full",
"value": "bNM**********L6OxAemK1U2oudW5WGRQW++/bzD6jVw=="
}
]
How do I use one of the two keys in my upload-batch command? 如何在upload-batch命令中使用两个键之一?
2 个解决方案
解决方案1
0 2019-07-05 01:18:35
For your issue, if you just want one of the two keys for example, the first one. 对于您的问题,例如,如果您只想要两个键之一,则第一个。 You can set a variable with the key as the value like this: 您可以使用以下键将变量设置为值:
key=$(az storage account keys list -g CustomersV2 -n ****estx --query [0].value -o tsv)
And then use the variable key in the other command like this: 然后在另一个命令中使用变量key ,如下所示:
call az storage blob upload-batch --source "$(System.DefaultWorkingDirectory)/_ClientWeb-Build-CI/ShellArtifact/out/build" --destination "$web" --account-key $key --account-name "*****estx"
Or you can just put the command which gets the key in the other command directly like this: 或者,您可以像这样直接将获取密钥的命令直接放在另一个命令中:
call az storage blob upload-batch --source "$(System.DefaultWorkingDirectory)/_ClientWeb-Build-CI/ShellArtifact/out/build" --destination "$web" --account-key $(az storage account keys list -g CustomersV2 -n ****estx --query [0].value -o tsv) --account-name "*****estx"
Update 更新资料
According to what you said, it seems you run the command in the windows command prompt, it's different from the Linux shell and PowerShell. 根据您所说的内容,您似乎在Windows命令提示符中运行了该命令,它不同于Linux Shell和PowerShell。 You cannot set the environment variable with the value that the output of a command. 您不能将环境变量设置为命令输出的值。 You can do that like this: 您可以这样做:
az storage account keys list -g CustomersV2 -n ****estx --query [0].value -o tsv > key.txt
set /P key=<key.txt
az storage blob upload-batch --source "$(System.DefaultWorkingDirectory)/_ClientWeb-Build-CI/ShellArtifact/out/build" --destination "$web" --account-key %key% --account-name "*****estx"
And it seems you just can quote the environment variable as %variable_name%, so it seems it's a wrong way to use "$web" in your command. 而且似乎您只可以将环境变量引用为%variable_name%,因此在命令中使用"$web"似乎是错误的方法。
解决方案2
0 已采纳 2019-07-05 10:49:12
I created a Azure Powershell task (version 4) that does: 我创建了一个Azure Powershell任务(版本4),该任务执行:
az login -u **** -p ****
Write-Host "##vso[task.setvariable variable=storageKey;]az storage account keys list -g ***** -n ***** --query [0].value -o tsv"
$key = az storage account keys list -g ***** -n **** --query [0].value -o tsv
Write-Host "##vso[task.setvariable variable=something;]$key"
Then I can use the something variable in my Azure CLI task: 然后,我可以在Azure CLI任务中使用something变量:
call az storage blob upload-batch --source "$(System.DefaultWorkingDirectory)/_ClientWeb-Build-CI/ShellArtifact/out/build" --destination "$web" --account-key $(something) --account-name "*****"
And this works. 这可行。 You'll probably need to put the -u and -p in a variable though. 您可能需要将-u和-p放在变量中。
@Charles thanks a lot for this line (az storage account keys list -g **** -n ****estx --query [0].value -o tsv) ! @Charles非常感谢这一行(az storage account keys list -g **** -n ****estx --query [0].value -o tsv) !
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.