Azure SQL Server CICD Bicep and Key Vault

I have built a CICD Pipeline to deploy an Azure SQL Server and DB and part of this process is to obtain the username and password from secrets in a Key Vault. The Key Vault task in YAML works and can access the Vault, but when it calls an Azure CLI Task to execute the Bicep, it fails with the following error:

ERROR: Unable to parse parameter: **

My code:

   steps:
- task: AzureKeyVault@2
  displayName: 'Download Key Vault Secrets'
  inputs:
    connectedServiceName: $
    keyVaultName: $
    secretsFilter: '*' 

- task: AzureCLI@2
  displayName: '$: $ $'
  inputs:
    azureSubscription: $
    scriptType: 'ps'
    scriptLocation: 'inlineScript'
    inlineScript: |
      $tags = "$/$/tags.json"
      $products = "$/$/products.json"
      $productDeploymentFile = "$/SQLServer.bicep"
      az --version
      az deployment group $ --name $-$-products-deployment --resource-group $ --template-file $productDeploymentFile --parameters $tags $products "$(sql-admin-username)" "$(sql-admin-password)" --mode $

And the Bicep file:

param tags object
    param sqlServers array
    param sqlDatbases array
    
    param sqlAdminUserName string
    @secure()
    param sqlAdminPassword string
    
    
    resource sqlServer 'Microsoft.Sql/servers@2021-08-01-preview' = [for sql in sqlServers: {
      name: sql.Name
      location: sql.location
      properties: {
        administratorLogin: sqlAdminUserName
        administratorLoginPassword: sqlAdminPassword
        administrators: {
          azureADOnlyAuthentication: false
          administratorType: sql.administratorType
          principalType: sql.principalType
          login: sql.login
          sid: sql.sid
          tenantId: sql.tenantId
        }
      }
      tags: tags
    }]

Is there anything obvious that is incorrect?



Comments

Popular posts from this blog

Today Walkin 14th-Sept

Spring Elasticsearch Operations

Hibernate Search - Elasticsearch with JSON manipulation