[英]Authenticate Python script task using service connection from Azure pipeline
I need to execute a Python script as part of my CICD process that will do some executions on existing files in a data lake gen 2/blob storage.我需要执行 Python 脚本作为我的 CICD 进程的一部分,该脚本将对数据湖第 2 代/blob 存储中的现有文件执行一些执行。
I don't know how to authenticate the script so that it can perform the actions needed.我不知道如何对脚本进行身份验证,以便它可以执行所需的操作。
Python script task Python 脚本任务
task: PythonScript@0
inputs:
scriptSource: 'filePath'
scriptPath: ./script.py
#arguments: # Optional
#pythonInterpreter: # Optional
#workingDirectory: # Optional
#failOnStderr: false # Optional
An Azure Powershell task has an input option to put in a azureSubscription. Azure Powershell 任务具有用于放入 azureSubscription 的输入选项。 Maybe I can pass in an argument?
也许我可以传递一个论点?
Based on your requirement, you need to use the Authentication information in the Service Connection.根据您的要求,您需要使用服务连接中的身份验证信息。
To meet your requirement, you can choose to use Azure CLI task and enable the option: addSpnToEnvironment: true
.为了满足您的要求,您可以选择使用 Azure CLI 任务并启用选项:
addSpnToEnvironment: true
。
Refer to this doc: Azure CLI task请参阅此文档: Azure CLI 任务
Adds service principal ID and key of the Azure endpoint you chose to the script's execution environment.
将您选择的 Azure 端点的服务主体 ID 和密钥添加到脚本的执行环境。
Here is an example:这是一个例子:
steps:
- task: AzureCLI@2
displayName: 'Azure CLI '
inputs:
azureSubscription: xx
scriptType: bash
scriptLocation: inlineScript
inlineScript: |
echo "##vso[task.setvariable variable=ARM_CLIENT_ID]$servicePrincipalId"
echo "##vso[task.setvariable variable=ARM_CLIENT_SECRET]$servicePrincipalKey"
echo "##vso[task.setvariable variable=ARM_TENANT_ID]$tenantId"
addSpnToEnvironment: true
In this case, you can set the Authentication information as pipeline variable.在这种情况下,您可以将身份验证信息设置为管道变量。 Then you can use the pipeline variable in next tasks.
然后您可以在下一个任务中使用管道变量。
$(ARM_CLIENT_ID)
$(ARM_CLIENT_SECRET)
$(ARM_TENANT_ID)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.