Community Center | Not monitored
Tag not monitored by Microsoft.
just checked today... MS has upgraded the az cli version of the host probably due to the criticality...
Azure Pipeline Host Azure CLI version outdated
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 28.999999999999996%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JoelP
386
Reputation points
Hi,
Just received some security alerts regarding our azure subscription using an old azure cli version. Found out that it was our Azure DevOps pipelines host agent using the old version (2.53.0)
Checking on the az cli release, there was a hotfix released on 24/10/2023 for the azure cli which is 2.53.1.
Question is how do we manually update the version of the Azure Pipelines host? or should we just wait for Microsoft to update the host? if yes, how long does it take ?
Community Center | Not monitored
3 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 8%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGB%3C/text%3E%3C/svg%3E)
Gordon Byers 7,165 Reputation points2023-10-26T08:03:16.8933333+00:00 The cycle for the Azure DevOps agents images being updated to the latest Azure CLI can take several weeks. There is no specific SLO that I am aware of.
You can run a standard shell task on the agent to manually upgrade the version of the agent: https://learn.microsoft.com/en-us/cli/azure/update-azure-cli#manual-update
Grab the current version installed
AZVER=$(az version | jq -r ".[\"azure-cli\"]")then check to see if it's equal to2.53.0and if so,az upgrade. This way you won't unnecessarily be updating the version.
Sign in to comment -
Deepanshu katara 18,150 Reputation points MVP Volunteer Moderator2023-10-26T07:47:23.9866667+00:00 Hi , hope doing well
To answer your query
Use the Azure CLI Installer Task: If you want to ensure a specific version of the Azure CLI is used in your pipelines, you can use the "Azure CLI Installer" task. This task allows you to specify the version of the Azure CLI to be used in your pipeline. You can include this task at the beginning of your pipeline to ensure that the correct version is available
Here's an example YAML snippet of how you can use the "Azure CLI Installer" task:
- task: UseAzureCLI@2 inputs: azureSubscription: 'YourServiceConnection' scriptType: 'bash' scriptLocation: 'inlineScript' inlineScript: | # Install a specific version of Azure CLI curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash -s -- -y --upgrade <desired_version>Replace <desired_version> with the specific version you want to install, in this case, "2.53.1". This task will ensure that the specified version of the Azure CLI is used in your pipeline.
Please try this and let me know , Thanks!