Редактиране

Споделяне чрез


target definition

Tasks run in an execution context, which is either the agent host or a container.

Implementations

Implementation Description
target: string Environment in which to run this step or task.
target: container, commands, settableVariables Configure step target with environment, and allowed list of commands and variables.
Implementation Description
target: string Environment in which to run this step or task.
target: container, commands Configure step target with environment and allowed list of commands.

Remarks

An individual step may override its context by specifying a target, and optionally configure a container, commands, and settable variables.

target: string

Specify a step target by name.

target: string # Environment in which to run this step or task.

target string.

Available options are the word host to target the agent host plus any containers defined in the pipeline.

target: container, commands, settableVariables

Configure step target using a container name, commands, and settable variables.

target:
  container: string # Container to target (or 'host' for host machine).
  commands: any | restricted # Set of allowed logging commands ('any' or 'restricted').
  settableVariables: none | [ string ] # Restrictions on which variables that can be set.

Properties

container string.
Container to target (or 'host' for host machine).

commands string.
Set of allowed logging commands ('any' or 'restricted'). any | restricted.

settableVariables target.settableVariables.
Restrictions on which variables that can be set.

target: container, commands

Configure step target with environment and allowed list of commands.

target:
  container: string # Container to target (or 'host' for host machine).
  commands: any | restricted # Set of allowed logging commands ('any' or 'restricted').

Properties

container string.
Container to target (or 'host' for host machine).

commands string.
Set of allowed logging commands ('any' or 'restricted'). any | restricted.

Remarks

You don't need to configure all of these properties when configuring a step target. If not specified, the default value for container is host, the default value of commands is any, and the default value for settableVariables allows all variables to be set by a step.

Step targeting and command isolation

Azure Pipelines supports running jobs either in containers or on the agent host. Previously, an entire job was set to one of those two targets. Now, individual steps (tasks or scripts) can run on the target you choose. Steps may also target other containers, so a pipeline could run each step in a specialized, purpose-built container.

Note

This feature is in public preview. If you have any feedback or questions about this feature, let us know in the Developer Community.

Containers can act as isolation boundaries, preventing code from making unexpected changes on the host machine. The way steps communicate with and access services from the agent is not affected by isolating steps in a container. Therefore, we're also introducing a command restriction mode which you can use with step targets. Setting commands to restricted will restrict the services a step can request from the agent. It will no longer be able to attach logs, upload artifacts, and certain other operations.

Examples

The following example shows running steps on the host in a job container, and in another container.

resources:
  containers:
  - container: python
    image: python:3.8
  - container: node
    image: node:13.2

jobs:
- job: example
  container: python

  steps:
  - script: echo Running in the job container

  - script: echo Running on the host
    target: host

  - script: echo Running in another container, in restricted commands mode
    target:
      container: node
      commands: restricted

See also