Using Secrets in tasks

Sample to build and run an image using secrets from Key Vaults

#environment variable
# export REGISTRY=myregistry
# export KEY_VAULT_NAME=myvault
# export KEY_VAULT_RESOURCE_GROUP=myRG

az configure --defaults acr=$REGISTRY

Setup the task

az acr task create --name task-secret  \
    --context https://github.com/sajayantony/task-secrets.git \
    --file acb.yaml \
    --commit-trigger-enabled false \
    --assign-identity \
    --set KeyVault=$KEY_VAULT_NAME

Obtain the principal ID for the task

principalID=$(az acr task show --name task-secret --query identity.principalId --output tsv)

Setup permissions on KV

az keyvault set-policy --name $KEY_VAULT_NAME \
    -g $KEY_VAULT_RESOURCE_GROUP \
    --object-id $principalID \
    --secret-permissions get

Execute the task

az acr task run -n task-secret

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
Dockerfile		Dockerfile
README.md		README.md
acb.yaml		acb.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Using Secrets in tasks

Setup the task

Obtain the principal ID for the task

Setup permissions on KV

Execute the task

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Using Secrets in tasks

Setup the task

Obtain the principal ID for the task

Setup permissions on KV

Execute the task

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages