Azure Pipeline Part 7 – Variables

Azure Pipeline Part 7 – Variables

Azure Pipeline Part 7 – Variables

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

Today we are going to discuss how to declare and use variables in Azure pipelines with examples. Variables are used to pass and use certain information in your Azure pipelines. You can use your own user-defined variables and environment variables or system defined variables in Azure pipeline.

Next, we are going to explain different concepts related to variables with examples.

Azure Pipeline Part 7 – Variables

Prerequisites:

Setup:

Azure Pipeline – Variables:

Azure Pipeline – Variable syntax:

Azure Pipeline – Variable example:

User defined variables:

In YAML pipelines, you can set variables using a variable block. You can also specify variables outside of a YAML pipeline in the UI. When you set a variable in the UI, that variable can be encrypted and set as secret. Azure Pipelines supports three different ways to reference variables: macro, template expression, and runtime expression. Each syntax can be used for a different purpose and has some limitations.

  • Template expression variables (${{ variables.var }}) get processed at compile time, before runtime starts.
  • Macro syntax variables ($(var)) get processed during runtime before a task runs.
  • Runtime expressions ($[variables.var]) also get processed during runtime but were designed for use with conditions and expressions.

Azure Pipeline Variable scope:

When you define the same variable in multiple places with the same name, the most locally scoped variable wins. So, a variable defined at the job level can override a variable set at the stage level. A variable defined at the stage level will override a variable set at the pipeline root level. A variable set in the pipeline root level will override a variable set in the Pipeline settings UI.

Azure Pipelines – Variable Groups:

Variable groups store values and secrets that you might want to be passed into a YAML pipeline or make available across multiple pipelines. You can share and use variables groups in multiple pipelines in the same project.

Create a new variable group:

Step 1: Log in to your Azure DevOps organization > Select the project created during setup => Azure Pipelines => Library => Click “Variable group”.

Azure Pipeline Part 7 – Variables

Step 2: Provide a name and description to the variable group and click “Add” to add new variable name and value under this variable group. Finally click “Save”.

Azure Pipeline Part 7 – Variables

Now we can use this variable group in any pipeline inside this project.

Use variable group in Azure Pipeline:

Note: We have added the password in plain text in our Azure pipeline config YAML file. If you want to store and use any sensitive data in your Azure Pipeline, you should use Azure Vault and reference that Azure Vault to your Variable group. Which is exactly what we are going to cover next.

Note: You might need to grant additional permission to your Azure Pipeline to able to use Variable group.

Azure Pipeline Part 7 – Variables

Use Secrets in Azure Pipeline using Azure Key Vault and Variable Groups:

Step 1: Create a new Azure Key Vault.

Login to Azure Portal and navigate to Azure Key Vault. Click “Create key vault”.

Provide a unique name and click “Review + create”, and once validation is done click “Create”.

Azure Pipeline Part 7 – Variables

Step 2: Get inside the Key vault and create a new secret.

Azure Pipeline Part 7 – Variables

Provide a name and value for your secret and click “Create”.

Azure Pipeline Part 7 – Variables

I have created two secrets namely username and password for this demo.

Azure Pipeline Part 7 – Variables

Step 3: Log in to your Azure DevOps account and navigate to the variable group under Azure pipeline library and click

Provide a name and select “link secrets from an Azure key vault as variables”, select your Azure subscription and Azure Key vault which has your secrets.

Azure Pipeline Part 7 – Variables

Note: You might need to authorize your Azure DevOps account to use your Azure subscription and key vault.

Click “Add” to add the secrets from Azure Key Vault to Azure Pipeline variable group and finally “Save” your variable group.

Azure Pipeline Part 7 – Variables

Now we are ready to use secrets from Azure Key Vault into our Azure DevOps Pipeline.

Note: You might need to grant additional permission to your Azure Pipeline to able to use Variable group and Azure subscription.

Environment Variables:

Environment variables are specific to the operating system you are using. They are injected into a pipeline in platform-specific ways. The format corresponds to how environment variables get formatted for your specific scripting platform.

On UNIX systems (macOS and Linux), environment variables have the format $NAME. On Windows, the format is %NAME% for batch and $env:NAME in PowerShell.

System and user-defined variables also get injected as environment variables for your platform. When variables are turned into environment variables, variable names become uppercase, and periods turn into underscores.

System Variables:

In addition to user-defined variables, Azure Pipelines has system variables with predefined values. System variables are set with their current value when you run the pipeline. Some variables are set automatically. As a pipeline author or end user, you change the value of a system variable before the pipeline is run. System variables are read-only.

You can get all types system variables in this link.

Clean up:

Hope you have enjoyed this article. To know more about Azure DevOps, please refer below official documentation

https://docs.microsoft.com/en-us/azure/devops/?view=azure-devops

Leave a Reply

Close Menu