Azure-devops-cli-extension: build library secure files

Created on 5 Sep 2018  ·  10Comments  ·  Source: Azure/azure-devops-cli-extension

Are there any plans to add 'build > library > secure files' components to the VSTS cli that would enable uploading secrets?


Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

new command Feature validation

Most helpful comment

We would like to be able to upload secure files via the Azure CLI DevOps extension as well. With our Apple certificates expiring annually, it becomes quite the pain to update the code signing files (keystore & p12).

I decided to write a script that automates the updating of these files in _DevOps > Pipelines > Library > Secure Files_ so that I don't have to research the locations of these files every year. Come to find out- this doesn't appear to be possible with the Azure CLI DevOps extension.

Note: I have no experience with the CLI tools, so please don't think me stupid. I'm just new! 😁

I was hoping for a command like:

az pipelines secure-file publish --organization MyOrganization --project MyProject --path "C:\Users\Me\AppData\Local\Xamarin\Mono for Android\Keystore\MyKeysore\MyKeysore.keystore"

This would REALLY help us out with setting up Pipelines for our Xamarin.Forms projects. Thanks.

All 10 comments

We definitely need this
Since I've started working only with YAML builds, asking people to drop out to the UI just to set a storage key or other secret value feels really clumsy

We have included variable groups and variables for YAML pipelines with version 12. Wouldn't this work for your use case?

@benc-uk - did you have a chance to look at v12 of the azure devops extension which supports variables and variables groups (including secret types)? Would this suffice?

+1 for this feature. Uploading a secret file

Simple variables for secrets are...less than usable - somehow they do not show up in the GUI when created.
Variable groups are better, but you are forced to create a non-secret variable just to be able to create the group.
Also, things like certificates for signing mobile apps are much easier to manage as secret files than env variables.

We would like to be able to upload secure files via the Azure CLI DevOps extension as well. With our Apple certificates expiring annually, it becomes quite the pain to update the code signing files (keystore & p12).

I decided to write a script that automates the updating of these files in _DevOps > Pipelines > Library > Secure Files_ so that I don't have to research the locations of these files every year. Come to find out- this doesn't appear to be possible with the Azure CLI DevOps extension.

Note: I have no experience with the CLI tools, so please don't think me stupid. I'm just new! 😁

I was hoping for a command like:

az pipelines secure-file publish --organization MyOrganization --project MyProject --path "C:\Users\Me\AppData\Local\Xamarin\Mono for Android\Keystore\MyKeysore\MyKeysore.keystore"

This would REALLY help us out with setting up Pipelines for our Xamarin.Forms projects. Thanks.

+1 for this feature. Uploading a secret file.

+1 for this. This would be really useful to be able to update secrets efficiently for terraform based pipelines.

+1 so badly need this command as we destroy and recreate AKS clusters quite often and evertime we have to manually come and update the cluster certs in secure files

Any news on this? Variable and variable groups does not quite cut it. This would be so useful when passing stuff to terraform as files in order to define the stuff in the file once and in one place.

Hoping to see this come along.... really want to manage secure files via CLI.

Was this page helpful?
0 / 5 - 0 ratings