#vcconnect.ps1
Get-VICredentialStoreItem -File C:\Users\*******\AppData\Roaming\VMware\credstore\vicredentials.xml | %{
Connect-VIServer -Server $_.host -User $_.User -Password $_.Password
}
#Successful run within PS...
PS D:\ECE\vCenter\tested> .\vcconnect.ps1
Name Port User
---- ---- ----
xxx.xxx.xxx.xxx 443 *****\******
xxx.xxx.xxx.xxx 443 *****\******
#Fail from AzureDevOps...
2020-08-13T02:39:37.2754305Z + CategoryInfo : WriteError: (:) [Get-VICredentialStoreItem], ParentContainsErrorRecordException
2020-08-13T02:39:37.2754933Z + FullyQualifiedErrorId : ParameterBindingFailed,VMware.VimAutomation.ViCore.Cmdlets.Commands.GetVICredentialStore
2020-08-13T02:39:37.2755213Z Item
2020-08-13T02:39:37.2755320Z
2020-08-13T02:39:37.3521447Z ##[error]PowerShell exited with code '1'.
Is that in PSv6 or higher?
The Get-VICredentialStoreItem cmdlet does not work with PSv6 or PSv7.
The PS Core environment doesn't have DPAPI
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
It's 5.1, should I upgrade to 6 or higher?
PS D:\ECE\vCenter\tested> Get-Host | Select-Object Version
Version
-------
5.1.14393.2879
Could it be that DPAPI, which are the security API the CredentialSToreItem cmdlets use, is not available in Azure?
Or perhaps the Azure DPAPI is not compatible?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I'll attempt to confirm/troubleshoot with our DevOps team. If I understand correctly, the AZD release pipeline task should be calling the .PS1 script to run on the same VM that we can successfully run from within a PS session. Here are shots of the AZD config where we call the .PS1 on the VM via an installed AZD agent using a fully qualified file path to the .PS1 script in the local repo on the VM:
Is it possible that the AZD pipeline is not executing the task as a user with AuthZ to the VICredentialStore which is configured using my creds?
I don't have an Azure environment, so I'm afraid I can't really test.
Are you running the script with the same account as the one used to create the VICredentialItem?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Also, since it seems to be a terminating exception, you could run that line in a try-catch construct.
And then in the catch code block run
$error[0].Exception
$error[0].exception.innerexception
That might give some more clues about what is happening.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference