pr-fix: use env variables

arcus-azure · Jul 25, 2024 · 4540054 · 4540054
1 parent d4daa9e
commit 4540054
Showing 1 changed file with 10 additions and 5 deletions.
diff --git a/build/templates/import-keyvault-secrets.yml b/build/templates/import-keyvault-secrets.yml
@@ -4,6 +4,11 @@ parameters:
 steps:
   - task: AzureCLI@2
     displayName: 'Import secrets from Azure Key Vault'
+    env:
+      KeyVault_Name: ${{ variables['KeyVault.Name'] }}
+      ApplicationInsights_InstrumentationKey_SecretName: ${{ variables['ApplicationInsights.InstrumentationKey.SecretName'] }}
+      ApplicationInsights_ApiKey_SecretName: ${{ variables['ApplicationInsights.ApiKey.SecretName'] }}
+      ApplicationInsights_ApplicationId_SecretName: ${{ variables['ApplicationInsights.ApplicationId.SecretName'] }}
     inputs:
       azureSubscription: '${{ parameters.azureServiceConnection }}'
       scriptType: 'pscore'
@@ -12,15 +17,15 @@ steps:
         Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
         Install-Module -Name Arcus.Scripting.DevOps -AllowClobber
 
-        $instrumentationKeySecretName = ${{ variables['ApplicationInsights.InstrumentationKey.SecretName'] }}
-        $apiKeySecretName = ${{ variables['ApplicationInsights.ApiKey.SecretName'] }}
-        $applicationIdSecretName = ${{ variables['ApplicationInsights.ApplicationId.SecretName'] }}
-        $secretNames = @( $instrumentationKeySecretName, $apiKeySecretName, $applicationIdSecretName )
+        $secretNames = @(
+          $env:ApplicationInsights_InstrumentationKey_SecretName,
+          $env:ApplicationInsights_ApiKey_SecretName,
+          $env:ApplicationInsights_ApplicationId_SecretName)
 
         $secretNames | ForEach-Object {
           $secretName = $_
           $variableName = $secretName -replace '-','.'
           Write-Host "Importing Azure Key vault secret '$secretName' as Azure DevOps pipeline variable '$variableName'"
           
-          $secret = az keyvault secret show --name $secretName --vault-name ${{ variables['KeyVault.Name'] }} | ConvertFrom-Json
+          $secret = az keyvault secret show --name $secretName --vault-name $env:KeyVault_Name | ConvertFrom-Json
           Set-AzDevOpsVariable $variableName -Value $secret.value -AsSecret }