Open saccy opened 6 years ago
We definitely need this Since I've started working only with YAML builds, asking people to drop out to the UI just to set a storage key or other secret value feels really clumsy
We have included variable groups and variables for YAML pipelines with version 12. Wouldn't this work for your use case?
@benc-uk - did you have a chance to look at v12 of the azure devops extension which supports variables and variables groups (including secret types)? Would this suffice?
+1 for this feature. Uploading a secret file
Simple variables for secrets are...less than usable - somehow they do not show up in the GUI when created. Variable groups are better, but you are forced to create a non-secret variable just to be able to create the group. Also, things like certificates for signing mobile apps are much easier to manage as secret files than env variables.
We would like to be able to upload secure files via the Azure CLI DevOps extension as well. With our Apple certificates expiring annually, it becomes quite the pain to update the code signing files (keystore & p12).
I decided to write a script that automates the updating of these files in DevOps > Pipelines > Library > Secure Files so that I don't have to research the locations of these files every year. Come to find out- this doesn't appear to be possible with the Azure CLI DevOps extension.
Note: I have no experience with the CLI tools, so please don't think me stupid. I'm just new! 😁
I was hoping for a command like:
az pipelines secure-file publish --organization MyOrganization --project MyProject --path "C:\Users\Me\AppData\Local\Xamarin\Mono for Android\Keystore\MyKeysore\MyKeysore.keystore"
This would REALLY help us out with setting up Pipelines for our Xamarin.Forms projects. Thanks.
+1 for this feature. Uploading a secret file.
+1 for this. This would be really useful to be able to update secrets efficiently for terraform based pipelines.
+1 so badly need this command as we destroy and recreate AKS clusters quite often and evertime we have to manually come and update the cluster certs in secure files
Any news on this? Variable and variable groups does not quite cut it. This would be so useful when passing stuff to terraform as files in order to define the stuff in the file once and in one place.
Hoping to see this come along.... really want to manage secure files via CLI.
It is possible if you can do a bit of Powershell/Python/Javascript to interact with the REST API directly.
https://github.com/microsoft/azure-pipelines-tasks/issues/9172
Specifically https://github.com/microsoft/azure-pipelines-tasks/issues/9172#issuecomment-626474029
and https://github.com/microsoft/azure-pipelines-tasks/issues/9172#issuecomment-655569961
https://github.com/microsoft/azure-pipelines-tasks/issues/9172#issuecomment-853098180
What is the scope of this API ? I am trying to authenticate via az rest so AD instead of PAT but it wants me to provide a scope. I cannot find out what is is.
Are there any plans to add 'build > library > secure files' components to the VSTS cli that would enable uploading secrets?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.