Refactor steps to set the AzDO.BearerToken variable into a shared tem…

…plate
mjbond-msft · Sep 10, 2024 · 62fdab7 · 62fdab7
1 parent ad2c0be
commit 62fdab7
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 46 deletions.
diff --git a/tools/devops/automation/templates/windows/reenable-mac.yml b/tools/devops/automation/templates/windows/reenable-mac.yml
@@ -47,29 +47,8 @@ steps:
   condition: always()
   continueOnError: true
 
-- template: azure-tools/az-client-update.yml@templates    # AzureCLI step below requires that AzClient 2.x is installed on the agent
-  parameters:
-    platform: 'All'       # Update Az tools for both Windows and Mac agents
-    version: '2.62.0'
-
-# https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-security-configuration/configuration-guides/pat-burndown-guidance#authentication-from-pipelines
-# Requires Azure client 2.x
-- task: AzureCLI@2
-  displayName: 'AzDO.BearerToken based on service connection'
-  enabled: true
-  inputs:
-    azureSubscription: 'DevDiv - SharedUntrustedAgentPool-Manage'
-    scriptType: 'pscore'
-    scriptLocation: 'inlineScript'
-    inlineScript: |
-      # if this fails, check out this bash script that includes diagnostics:
-      # https://gist.github.com/johnterickson/19f80a3e969e39f1000d118739176e62
-
-      # Note that the resource is specified to limit the token to Azure DevOps
-      $token = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
-
-      Write-Host "Setting AzDO.BearerToken"
-      Write-Host "##vso[task.setvariable variable=AzDO.BearerToken;issecret=true]${token}"
+# Sets the AzDO.BearerToken variable that can be used as the auth token to disable/reenable agents
+- template: set-token.yml
 
 - pwsh: |
     Import-Module $Env:SYSTEM_DEFAULTWORKINGDIRECTORY\xamarin-macios\tools\devops\automation\scripts\MaciosCI.psd1

diff --git a/tools/devops/automation/templates/windows/reserve-mac.yml b/tools/devops/automation/templates/windows/reserve-mac.yml
@@ -64,29 +64,8 @@ steps:
     AUTH_TOKEN_VSENG_XAMARIN_MAC_DEVICES_P12: ${{ parameters.xqaCertPass }}
     AUTH_TOKEN_VSENG_XAMARIN_MAC_DEVICES_2_P12: ${{ parameters.xqaCertPass }}
 
-- template: azure-tools/az-client-update.yml@templates    # AzureCLI step below requires that AzClient 2.x is installed on the agent
-  parameters:
-    platform: 'All'       # Update Az tools for both Windows and Mac agents
-    version: '2.62.0'
-
-# https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-security-configuration/configuration-guides/pat-burndown-guidance#authentication-from-pipelines
-# Requires Azure client 2.x
-- task: AzureCLI@2
-  displayName: 'AzDO.BearerToken based on service connection'
-  enabled: true
-  inputs:
-    azureSubscription: 'DevDiv - SharedUntrustedAgentPool-Manage'
-    scriptType: 'pscore'
-    scriptLocation: 'inlineScript'
-    inlineScript: |
-      # if this fails, check out this bash script that includes diagnostics:
-      # https://gist.github.com/johnterickson/19f80a3e969e39f1000d118739176e62
-
-      # Note that the resource is specified to limit the token to Azure DevOps
-      $token = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
-
-      Write-Host "Setting AzDO.BearerToken"
-      Write-Host "##vso[task.setvariable variable=AzDO.BearerToken;issecret=true]${token}"
+# Sets the AzDO.BearerToken variable that can be used as the auth token to disable/reenable agents
+- template: set-token.yml
 
 - pwsh: |
     Import-Module $Env:SYSTEM_DEFAULTWORKINGDIRECTORY\xamarin-macios\tools\devops\automation\scripts\MaciosCI.psd1

diff --git a/tools/devops/automation/templates/windows/set-token.yml b/tools/devops/automation/templates/windows/set-token.yml
@@ -0,0 +1,25 @@
+# Sets the AzDO.BearerToken variable that can be used as the auth token to disable/reenable agents
+steps:
+- template: azure-tools/az-client-update.yml@templates    # AzureCLI step below requires that AzClient 2.x is installed on the agent
+  parameters:
+    platform: 'All'       # Update Az tools for both Windows and Mac agents
+    version: '2.62.0'
+
+# https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-security-configuration/configuration-guides/pat-burndown-guidance#authentication-from-pipelines
+# Requires Azure client 2.x
+- task: AzureCLI@2
+  displayName: 'AzDO.BearerToken based on service connection'
+  enabled: true
+  inputs:
+    azureSubscription: 'DevDiv - SharedUntrustedAgentPool-Manage'
+    scriptType: 'pscore'
+    scriptLocation: 'inlineScript'
+    inlineScript: |
+      # if this fails, check out this bash script that includes diagnostics:
+      # https://gist.github.com/johnterickson/19f80a3e969e39f1000d118739176e62
+
+      # Note that the resource is specified to limit the token to Azure DevOps
+      $token = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
+
+      Write-Host "Setting AzDO.BearerToken"
+      Write-Host "##vso[task.setvariable variable=AzDO.BearerToken;issecret=true]${token}"