具有条件手动批准作业的 DevOps 模板
DevOps template with conditional manual approval job
我正在尝试添加基于阶段的审批作业,我正在使用模板并希望跳过某些阶段的审批:
parameters:
- name: Stage
type: string
- name: Environment
type: string
- name: WebAppName
type: string
- name: ArtifactName
type: string
- name: DependsOn
type: object
default: []
- name: Subscription
type: string
- name: isApproval
type: boolean
default: false
stages:
############################################################
# Deploy stages
############################################################
- stage: ${{ parameters.Stage }}
displayName: '${{ parameters.Stage }} Stage'
dependsOn: '${{ parameters.DependsOn }}' # this will execute based on the stage that is passed.
jobs:
- job: approval
condition: eq('${{ parameters.isApproval }}', true)
pool:
vmImage: 'windows-latest'
steps:
- task: ManualIntervention@8
timeoutInMinutes: 1440 # task times out in 1 day
inputs:
emailRecipients: 'example@example.com'
instructions: 'Please validate the build configuration and resume'
- deployment: ${{ parameters.Environment }}
${{ if eq('${{ parameters.isApproval }}', true)}}:
dependsOn: approval
timeoutInMinutes: 70
environment: '${{ parameters.Environment }} Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- task: DownloadBuildArtifacts@0
inputs:
buildType: 'current'
downloadType: 'single'
artifactName: ${{ parameters.ArtifactName }}
downloadPath: '$(System.ArtifactsDirectory)'
- task: AzureRmWebAppDeployment@4
inputs:
ConnectionType: 'AzureRM'
azureSubscription: ${{ parameters.Subscription }}
appType: 'webApp'
WebAppName: ${{ parameters.WebAppName }}
package: '$(System.ArtifactsDirectory)/**/*.zip'
现在,我从发布管道向模板传递值:
- template: stages\deploy.yml
parameters:
Environment: 'Dev'
WebAppName: 'azureappservicehelloworldapp-dev'
Stage: 'Dev'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
# empty DependsOn, as Dev depends on nothing
DependsOn:
- Build
- template: stages\deploy.yml
parameters:
Environment: 'UAT'
WebAppName: 'azureappservicehelloworld-uat'
Stage: 'UAT'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- Dev
isApproval: true
- template: stages\deploy.yml
parameters:
Environment: 'Prod'
WebAppName: 'azureappservicehelloworld'
Stage: 'Prod'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- UAT
isApproval: true
如果您看到 IsApproval 从 UAT 和 Prod 模板发送为真,那么我应该能够验证对 UAT 和 prod 的批准,并且应该在没有任何批准的情况下部署 DEV。
但是我在模板中遇到以下错误:
手动干预任务出错,请提出任何建议。
Manual Intervention 任务仅适用于经典版本,并且仅适用于版本的无代理作业阶段。
对于您的情况,我要做的是将两个新的占位符环境注入管道,每个环境都有批准要求,但不部署任何内容:
- template: stages\deploy.yml
parameters:
Environment: 'Dev'
WebAppName: 'azureappservicehelloworldapp-dev'
Stage: 'Dev'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
# empty DependsOn, as Dev depends on nothing
DependsOn:
- Build
- stage: UATApproval
displayName: 'UAT Approval Stage'
dependsOn: 'Dev'
jobs:
- deployment: UATApproval
environment: 'UAT Approval Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- pwsh: Write-Host "Placeholder approval deployment."
- template: stages\deploy.yml
parameters:
Environment: 'UAT'
WebAppName: 'azureappservicehelloworld-uat'
Stage: 'UAT'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- UATApproval
isApproval: true
- stage: PRODApproval
displayName: 'PROD Approval Stage'
dependsOn: 'UAT'
jobs:
- deployment: PRODApproval
environment: 'PROD Approval Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- pwsh: Write-Host "Placeholder approval deployment."
- template: stages\deploy.yml
parameters:
Environment: 'Prod'
WebAppName: 'azureappservicehelloworld'
Stage: 'Prod'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- PRODApproval
isApproval: true
如果您愿意,您可以像处理其他部署阶段一样“模板化”这些阶段。
ManualIntervention 任务设置了 runOn: "server",因此您不能 运行 它在代理上,它 运行 在应用程序层上。
这意味着您不能使用:
pool:
vmImage: 'windows-latest'
But you can set the pool to 'server' and use the 'ManualValidation' task
jobs:
- job:
pool: 'server'
steps:
- task: ManualValidation@0
inputs:
notifyUsers: 'me@example.org'
instructions: 'check stuff'
结果触发审核。不出所料。
无论出于何种原因,ManualIntervention@8 任务在 YAML 上下文中都有一个不受支持的任务执行处理程序。所以您可以使用 ManualValidation@0,但不能使用 ManualIntervention@8。
我正在尝试添加基于阶段的审批作业,我正在使用模板并希望跳过某些阶段的审批:
parameters:
- name: Stage
type: string
- name: Environment
type: string
- name: WebAppName
type: string
- name: ArtifactName
type: string
- name: DependsOn
type: object
default: []
- name: Subscription
type: string
- name: isApproval
type: boolean
default: false
stages:
############################################################
# Deploy stages
############################################################
- stage: ${{ parameters.Stage }}
displayName: '${{ parameters.Stage }} Stage'
dependsOn: '${{ parameters.DependsOn }}' # this will execute based on the stage that is passed.
jobs:
- job: approval
condition: eq('${{ parameters.isApproval }}', true)
pool:
vmImage: 'windows-latest'
steps:
- task: ManualIntervention@8
timeoutInMinutes: 1440 # task times out in 1 day
inputs:
emailRecipients: 'example@example.com'
instructions: 'Please validate the build configuration and resume'
- deployment: ${{ parameters.Environment }}
${{ if eq('${{ parameters.isApproval }}', true)}}:
dependsOn: approval
timeoutInMinutes: 70
environment: '${{ parameters.Environment }} Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- task: DownloadBuildArtifacts@0
inputs:
buildType: 'current'
downloadType: 'single'
artifactName: ${{ parameters.ArtifactName }}
downloadPath: '$(System.ArtifactsDirectory)'
- task: AzureRmWebAppDeployment@4
inputs:
ConnectionType: 'AzureRM'
azureSubscription: ${{ parameters.Subscription }}
appType: 'webApp'
WebAppName: ${{ parameters.WebAppName }}
package: '$(System.ArtifactsDirectory)/**/*.zip'
现在,我从发布管道向模板传递值:
- template: stages\deploy.yml
parameters:
Environment: 'Dev'
WebAppName: 'azureappservicehelloworldapp-dev'
Stage: 'Dev'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
# empty DependsOn, as Dev depends on nothing
DependsOn:
- Build
- template: stages\deploy.yml
parameters:
Environment: 'UAT'
WebAppName: 'azureappservicehelloworld-uat'
Stage: 'UAT'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- Dev
isApproval: true
- template: stages\deploy.yml
parameters:
Environment: 'Prod'
WebAppName: 'azureappservicehelloworld'
Stage: 'Prod'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- UAT
isApproval: true
如果您看到 IsApproval 从 UAT 和 Prod 模板发送为真,那么我应该能够验证对 UAT 和 prod 的批准,并且应该在没有任何批准的情况下部署 DEV。
但是我在模板中遇到以下错误:
手动干预任务出错,请提出任何建议。
Manual Intervention 任务仅适用于经典版本,并且仅适用于版本的无代理作业阶段。
对于您的情况,我要做的是将两个新的占位符环境注入管道,每个环境都有批准要求,但不部署任何内容:
- template: stages\deploy.yml
parameters:
Environment: 'Dev'
WebAppName: 'azureappservicehelloworldapp-dev'
Stage: 'Dev'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
# empty DependsOn, as Dev depends on nothing
DependsOn:
- Build
- stage: UATApproval
displayName: 'UAT Approval Stage'
dependsOn: 'Dev'
jobs:
- deployment: UATApproval
environment: 'UAT Approval Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- pwsh: Write-Host "Placeholder approval deployment."
- template: stages\deploy.yml
parameters:
Environment: 'UAT'
WebAppName: 'azureappservicehelloworld-uat'
Stage: 'UAT'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- UATApproval
isApproval: true
- stage: PRODApproval
displayName: 'PROD Approval Stage'
dependsOn: 'UAT'
jobs:
- deployment: PRODApproval
environment: 'PROD Approval Environment'
pool:
vmImage: 'windows-latest'
strategy:
runOnce:
deploy:
steps:
- pwsh: Write-Host "Placeholder approval deployment."
- template: stages\deploy.yml
parameters:
Environment: 'Prod'
WebAppName: 'azureappservicehelloworld'
Stage: 'Prod'
ArtifactName : '$(ArtifactName)'
Subscription: 'AzureConnectionSC'
DependsOn:
- PRODApproval
isApproval: true
如果您愿意,您可以像处理其他部署阶段一样“模板化”这些阶段。
ManualIntervention 任务设置了 runOn: "server",因此您不能 运行 它在代理上,它 运行 在应用程序层上。
这意味着您不能使用:
pool:
vmImage: 'windows-latest'
But you can set the pool to 'server' and use the 'ManualValidation' task
jobs:
- job:
pool: 'server'
steps:
- task: ManualValidation@0
inputs:
notifyUsers: 'me@example.org'
instructions: 'check stuff'
结果触发审核。不出所料。
无论出于何种原因,ManualIntervention@8 任务在 YAML 上下文中都有一个不受支持的任务执行处理程序。所以您可以使用 ManualValidation@0,但不能使用 ManualIntervention@8。