'How can you use secret variables from a linked variable group in an Azure Powershell task in an Azure Release pipeline?
I have an Azure Release pipeline that I've built using the GUI in Azure DevOps. There is a stage that has a linked variable group (Release scope) with a secret variable in the variable group. The stage has an agent job with an Azure Powershell task that runs a script file. That script file references the secret variable using the syntax $env:MYSECRETVARIABLE but the value is null. When I add an Azure Powershell task for debugging that runs Get-ChildItem -Path Env:\, I can see that all the non-secret variables in the variable group are mapped but the secret variable is not. What am I doing wrong here?
Solution 1:[1]
I tested to get the secret variable in the variable group in azure powershell task, just use the syntax of $(varibaleName) to work.
Test with inline script:
Test with Script File:
Solution 2:[2]
To help others who may fell into this trap. With Azure release pipelines it only works if you map the secret variable into environment. Passing the secret variable via arguments will not work. Tried out a multiple variants, with inline- or file-script, with secret pipeline variable or secret linked variable group, in the end, what counts is the environment mapping. Here you are:
The variable group with the secret spPwd
And how it is passed into the script, no matter if inline or file, here ENVPWD
Good luck to all the poor ones struggling with azure pipelines :)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | goToDino |