Can I create an azure app using azure devops

1
votes

I am trying to automate the process of an Azure Active Directory (AAD) app registration using Azure DevOps release pipeline but it fails to do so. (Please note that the same command (powershell commands as well as azure commands) works perfectly fine if I am running the same commands from my laptop) and for that I created an azure powershell task in the release pipeline and used the following line of code in the "inline script section":

I tried creating the AAD app registration using the following 2 methods: 1. "Azure Powershell script task" 2. Azure commands

Following is inline script that I used in case of azure powershell task:

Import-Module AzureRM
Import-Module AzureAD

# Register an AAD app
$appURI = "https://knaabdapp123.azurewebsites.net"
$appHomePageUrl = "https://knaabdapp123.knandan.in"

$appReplyURLs = @($appURI, $appHomePageURL, "https://localhost:12345")
New-AzureADApplication -DisplayName knaabdapp123 -IdentifierUris $appURI -Homepage $appHomePageUrl -ReplyUrls $appReplyURLs

I get the following error when I do so:

2019-08-09T11:27:31.1039145Z ##[section]Starting: Azure PowerShell script: Register an AAD app and generate credential for the same
2019-08-09T11:27:31.1162119Z ==============================================================================
2019-08-09T11:27:31.1162226Z Task         : Azure PowerShell
2019-08-09T11:27:31.1162310Z Description  : Run a PowerShell script within an Azure environment
2019-08-09T11:27:31.1162378Z Version      : 2.153.1
2019-08-09T11:27:31.1162446Z Author       : Microsoft Corporation
2019-08-09T11:27:31.1162520Z Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-powershell
2019-08-09T11:27:31.1162620Z ==============================================================================
2019-08-09T11:27:37.0179906Z ##[command]Import-Module -Name C:\Modules\AzureRm_5.1.1\AzureRM\5.1.1\AzureRM.psd1 -Global
2019-08-09T11:28:10.7554409Z ##[command]Clear-AzureRmContext -Scope Process
2019-08-09T11:28:11.2755157Z ##[command]Disable-AzureRmContextAutosave -ErrorAction Stop
2019-08-09T11:28:15.0230853Z ##[command]Add-AzureRMAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzureCloud @processScope
2019-08-09T11:28:16.5226685Z ##[command] Select-AzureRMSubscription -SubscriptionId a*******-ae1c-****-****-********** -TenantId ***
2019-08-09T11:28:16.8648715Z ##[command]& 'C:\Users\VssAdministrator\AppData\Local\Temp\2a55****-67c6-****-8f80-**********.ps1' 
2019-08-09T11:28:17.0308219Z ##[error]The specified module 'AzureAD' was not loaded because no valid module file was found in any module directory.
2019-08-09T11:28:19.0607544Z ##[command]Remove-AzureRmAccount -Scope Process -ErrorAction Stop
2019-08-09T11:28:19.4371114Z ##[command]Clear-AzureRmContext -Scope Process -ErrorAction Stop
2019-08-09T11:28:19.8885329Z ##[error]The term 'New-AzureADApplication' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

I also used the Azure CLI task and used the following script, but that fails too:

az ad app  create --display-name MyApplication123 --homepage "https://myapplication1232.nl" --reply-urls "https://localhost:12345" --identifier-uris "https://myapplication2.azurewebsites.net"

I get the following error in this case:

>az ad app  create --display-name MyApplication123 --homepage "https://myapplication1232.nl" --reply-urls "https://localhost:12345" --identifier-uris "https://myapplication2.azurewebsites.net" 
2019-08-09T11:47:46.5676945Z ERROR: Insufficient privileges to complete the operation.
2019-08-09T11:47:46.6721317Z ##[error]Script failed with error: Error: d:\a\_temp\azureclitaskscript1565351201021.bat failed with return code: 1

So, I have 2 questions:

  1. Is it possible to create an AAD app registration using "Azure powershell" task script or "Azure CLI" task in Azure DevOps?

  2. If yes, then what may I be doing wrong?

1
azureazure-devopsazure-active-directoryazure-web-app-service

1 Answers

1
votes

Is it possible to create an AAD app registration using "Azure powershell" task script or "Azure CLI" task in Azure DevOps?

For this question, the answer is Yes, of course you can.

The cause of the error you received in Azure Powershell task is as default, the AzureAD powershell cmdlets will not be installed in agent.So, if you try to using this module directly, you will receive the message like "##[error]The specified module 'AzureAD' was not loaded because no valid module file was found in any module directory."

If yes, then what may I be doing wrong?

To solve this error message, please try with replacing your script Import-Module AzureAD as the follow script to use a correct way to get the AzureAD module.

$AzureADModulePath = $PSScriptRoot + "\AzureAD\2.0.1.16\AzureAD.psd1"
Import-Module $azureAdModulePath

This is the detailed info about AzureAD module in Powershell Gallery. And also, here has a blog you can refer.

Updated:

You must install AzureAD cmdlets module from the PowerShell gallery with the below script first:

Install-Module -Name AzureAD -RequiredVersion 2.0.1.16

Note: If get error like Install-Module : Administrator rights are required to install modules while you install with this script, please add -scope CurrentUser to the install script. It will running the script as administrator role.

enter image description here

And then, import the module from the installed path afterwards.