How to use AzureCLI in azure-pipelines.yml to delete old files on Azure Blob Storage

Question

I'm using Azure DevOps and their Build and Release pipelines. As part of my build I'd like to delete old files from my Azure Blob storage. I'm using an ubuntu-latest vmImage.

This task:

- task: AzureCLI@2
  displayName: Delete old files
  inputs:
    scriptType: pscore
    scriptLocation: inlineScript
    inlineScript: |
        date=`date -d "1 days ago" '+%Y-%m-%dT%H:%MZ'`
        az storage blob delete-batch -s $web --account-name xenobellstorage --if-unmodified-since $date

Produces this error, which doesn't match any params in their documentation.

Script failed with error: Error: Input required: connectedServiceNameARM

If I add azureSubscription: 'Main subscription' to the task, I get this error, with an Authorize resources button that doesn't work.

There was a resource authorization issue: "The pipeline is not valid. Job Job: Step AzureCLI input connectedServiceNameARM references service connection Main subscription which could not be found. The service connection does not exist or has not been authorized for use. For authorization details, refer to https://aka.ms/yamlauthz."

The linked page suggests I go to Project Settings to authorize all pipelines, but that toggle doesn't work.

How can I run this AzureCLI task on my Ubuntu VM?

---

The full YAML file I used that fixed my problem:

# Node.js
# https://learn.microsoft.com/azure/devops/pipelines/languages/javascript

trigger:
- master

pool:
  vmImage: 'ubuntu-latest'

steps:
- task: NodeTool@0
  inputs:
    versionSpec: '10.x'
  displayName: 'Install Node.js'

- script: |
    npm install
  displayName: 'npm install'

- script: |
    grunt --gruntfile gruntfile.js prod
  displayName: 'grunt production build'

- task: CopyFiles@2
  displayName: 'Copy files'
  inputs:
    SourceFolder: '$(System.DefaultWorkingDirectory)'
    Contents: |
      game/**
    TargetFolder: '$(Build.ArtifactStagingDirectory)'

- task: PublishBuildArtifacts@1
  displayName: 'Publish files'
  inputs:
    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
    ArtifactName: 'drop'

- task: AzureCLI@2
  displayName: Delete old files
  inputs:
    azureSubscription: 'Main subscription (abc-123-idd)'
    scriptType: pscore
    scriptLocation: inlineScript
    inlineScript: |
        az storage blob delete-batch -s '$web' --account-name mystorage --if-unmodified-since $(date -d "1 days ago" '+%Y-%m-%dT%H:%MZ')

Answer 1

using AzureCLI version 2

- task: AzureCLI@2
  displayName: "Azure Storage - delete old files"
  inputs:
    azureSubscription: 'xxxx-PAYG(xxx-xxx-xxx-xxx-xxx)'
    scriptType: 'ps'
    scriptLocation: 'inlineScript'
    inlineScript: 'az storage remove --account-name ''xxx'' --container-name ''$web'' -r'

Answer 2

You need to add the correct azureSubscription, something like this:

steps:
- task: AzureCLI@1
  displayName: 'Azure CLI '
  inputs:
    azureSubscription: 'ARMConnection'
    scriptLocation: inlineScript
    inlineScript: 'xxx'

And as mentioned in the linked page: Resources must be authorized before they can be used, so please try to authorize the resources by following the guide.

Firstly, please navigate to Project setting and click Server Connections please check to see if the connection your endpoint using is still there and make sure it works correctly, just make sure you can Verify connection successfully (Edit the connection -> Verify connection). Please also make sure the service connection has the necessary roles assigned to it.

Answer 3

your azureSubscription has to match the actual name of the service connection. so not Azure subscription name, but the service connection created in Azure Devops to manage that subscription.