Sharing common variables across multiple Azure DevOps projects
TypeScriptTo share common variables across multiple Azure DevOps projects, we can utilize the
azuredevops.VariableGroup
resource from the Pulumi Azure DevOps provider. Variable groups store values and secrets that can be used across multiple Azure DevOps pipelines, which streamlines configuration management when you have several pipelines or projects that require access to the same set of variables.Here's a step-by-step guide and a corresponding Pulumi program in TypeScript that demonstrates how to create a variable group in Azure DevOps, adding variables to it, and then associating this variable group with multiple projects.
Step-by-Step Guide:
-
Define Variable Group: Use the
azuredevops.VariableGroup
resource to create a variable group and define the variables within it. -
Assign Variable Group to Projects: Variable groups are linked to projects by their
projectId
. To share your variable group, you must have the project IDs of the Azure DevOps projects you want to share variables with. -
Configure Pulumi Azure DevOps Provider: Ensure that your environment is authenticated to Azure DevOps. You would typically need a personal access token with appropriate permissions.
Below is the TypeScript program that accomplishes the above steps.
import * as azuredevops from "@pulumi/azuredevops"; const sharedVariables = { "variable1": "value1", "variable2": "value2" // Add more shared variables here }; // Create the Variable Group with shared variables const variableGroup = new azuredevops.VariableGroup("shared-variable-group", { projectId: azuredevops.getProject({ name: "Your-First-Project" }).then((p) => p.id), // Replace with your actual project name name: "SharedVariables", description: "A group of variables that are shared across projects", allowAccess: true, variables: Object.keys(sharedVariables).map(key => ({ name: key, value: sharedVariables[key] })), }); // Output the ID of the Variable Group to reference in your Azure DevOps pipelines export const variableGroupId = variableGroup.id; // Repeat the process if you have multiple variable groups or projects.
This program creates a new variable group named
SharedVariables
with two shared variables. We're using theallowAccess
property set totrue
to ensure that the variable group and its variables are accessible within the pipelines.Note that in this example, we retrieve the project ID using
azuredevops.getProject()
, which fetches an existing project by its name. You will have to replace"Your-First-Project"
with the actual name of your Azure DevOps project.After the Program:
- Assign the newly created variable group ID to your pipelines in Azure DevOps by referencing the output
variableGroupId
. - Ensure that every Azure DevOps project that needs to use the shared variables has access to the created variable group.
- Use the variables in your pipelines by referencing them in your pipeline YAML or through the Azure DevOps portal.
Keep in mind that this Pulumi program assumes that you are already authenticated to Azure DevOps with sufficient permissions to create variable groups and that you have installed the Pulumi CLI and the necessary SDKs. To apply these changes, navigate to the directory containing your Pulumi program and run
pulumi up
.-