Share via

Unable to run az devops login from a bash script

Anandharaj 1 Reputation point
2021-11-09T14:01:36.75+00:00

I have my azure-pipelines.yaml as follows and stored my personal access token in the pipeline variable

trigger:

  • main

pool:
vmImage: 'ubuntu-latest'

variables:
ProjectName: 'New-Project'
OrgUrl: 'https://dev.azure.com/myorg'

steps:

And this is my bash script project.sh as below

!/bin/bash

ProjectName=$1
OrgUrl=$2

echo "ProjectName: $ProjectName"
echo "OrgUrl: $OrgUrl"

az devops project create --name $ProjectName --organization $OrgUrl

I get the error as given below

2021-11-09T13:37:03.5130033Z ##[section]Starting: Bash
2021-11-09T13:37:03.5137408Z ==============================================================================
2021-11-09T13:37:03.5137673Z Task : Bash
2021-11-09T13:37:03.5137897Z Description : Run a Bash script on macOS, Linux, or Windows
2021-11-09T13:37:03.5138127Z Version : 3.189.0
2021-11-09T13:37:03.5138326Z Author : Microsoft Corporation
2021-11-09T13:37:03.5138606Z Help : https://learn.microsoft.com/azure/devops/pipelines/tasks/utility/bash
2021-11-09T13:37:03.5138933Z ==============================================================================
2021-11-09T13:37:03.6372643Z Generating script.
2021-11-09T13:37:03.6384515Z Formatted command: exec bash '/home/vsts/work/1/s/project.sh' demo-project-name-2 https://dev.azure.com/myorg
2021-11-09T13:37:03.6394935Z ========================== Starting Command Output ===========================
2021-11-09T13:37:03.6406594Z [command]/usr/bin/bash --noprofile --norc /home/vsts/work/_temp/49e563fe-0b5d-4395-8f33-5598e422bdc9.sh
2021-11-09T13:37:03.6472619Z ProjectName: New-Project
2021-11-09T13:37:03.6473201Z
2021-11-09T13:37:03.6473694Z OrgUrL: https://dev.azure.com/myorg
2021-11-09T13:37:03.6474061Z
2021-11-09T13:37:03.6480714Z /home/vsts/work/1/s/test.sh: line 7: PAT: command not found
2021-11-09T13:37:04.1904697Z ERROR: Failed to authenticate using the supplied token.
2021-11-09T13:37:04.7810750Z ERROR: Before you can run Azure DevOps commands, you need to run the login command(az login if using AAD/MSA identity else az devops login if using PAT token) to setup credentials. Please see https://aka.ms/azure-devops-cli-auth for more information.
2021-11-09T13:37:04.8700691Z ##[error]Bash exited with code '1'.
2021-11-09T13:37:04.8719210Z ##[section]Finishing: Bash

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
39,335 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2021-11-09T14:03:02.637+00:00

    The product group for Azure DevOps / TFS actively monitors questions over at
    https://developercommunity.visualstudio.com/report?space=21&entry=problem
    https://developercommunity.visualstudio.com/report?space=22&entry=problem

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments
  2. BhargaviAnnadevara-MSFT 5,466 Reputation points
    2021-11-10T01:04:02.677+00:00

    @Anandharaj Thanks for reaching out. From your description above, I see that piping PAT on StdIn to az devops login is failing. However, an even better approach IMHO would be to set the AZURE_DEVOPS_EXT_PAT environment variable, and not use az devops login at all. :)

    Pipeline variables:

    148002-image-4560.png

    Tasks:

    147953-image-0294.png

    Check Sign in with a personal access token (PAT) for more details.

    Hope this helps. Do let us know if you have further questions.

    ----------

    If an answer is helpful, please "Accept answer" and/or "Up-Vote" which might help other community members reading this thread.

  3. BhargaviAnnadevara-MSFT 5,466 Reputation points
    2021-11-11T15:49:21.187+00:00

    @Anandharaj Thanks for the response. So, for YAML pipelines, the way this works is slightly different. Unlike a normal variable, secret variables are not automatically decrypted into environment variables for scripts. You need to explicitly map secret variables. Check this article for more details.

    I suspect you may have missed mapping the PAT explicitly to an env variable. Here is the complete set of steps you'd need to follow to make this work:

    1. Set secret variables in the pipeline settings UI for your pipeline.
      a. Go to the Pipelines page, select the appropriate pipeline, and then select Edit.
      b. Locate the Variables for this pipeline.
      c. Add or update the variable AZURE_DEVOPS_EXT_PAT.
      d. Select Keep this value secret to store the variable in an encrypted manner.
      e. Click OK to add the variable and Save changes.
    2. To use this secret variable in your script, you must explicitly map it as an environment variable. env:
      AZURE_DEVOPS_EXT_PAT: $(AZURE_DEVOPS_EXT_PAT)

    Here is the complete pipeline yml for your reference: 

       trigger:  
   - main  
     
   pool:  
     vmImage: ubuntu-latest  
     
   steps:  
   - bash: |  
       # Write your commands here  
       echo 'Hello world'  
       az devops project list  
     env:  
       AZURE_DEVOPS_EXT_PAT: $(AZURE_DEVOPS_EXT_PAT)  
     displayName: 'Azure DevOps Projects List'

    Hope this helps. Please check and let us know if you have further questions.

    ----------

    If an answer is helpful, please "Accept answer" and/or "Up-Vote" which might help other community members reading this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.