zhenlan
commented
3 years ago @everettcomstock thanks for the suggestion. We will look into it.
Open everettcomstock opened 3 years ago
zhenlan
commented
3 years ago @everettcomstock thanks for the suggestion. We will look into it.
Yiming-Jia
commented
3 years ago @everettcomstock . Could you elaborate the scenario more? My understanding is that the sensitive data stored in secure file? And you want to move the data to variable group and use the push task to consume the data from variable group directly?
everettcomstock
commented
3 years ago @Yiming-Jia, I think our ideal scenario would only rely on Pipeline Variable Groups. Values in the group can be stored as secrets. If the Push extension were able to access Pipeline variables, or variable groups directly, without the need of providing a file, I think that would work for our situation.
Currently we use the Push extension to seed configuration data when building new environments. We do not commit some of our configuration values to our repo because the data is considered sensitive.
To get around the current limitation in the push extension, we store the sensitive seed configuration file in the Pipelines "Secure files" library and then use a separate task to download the file before executing the Push task.
It would be incredibly helpful if we could just reference Pipeline Variable Groups directly.
Thanks!