Posted on 1 Comment

Update variable group using Azure DevOps rest API – pipeline example

Following my previous article about how to update a variable group using POSTMAN, I will now document how to implement the same behavior through a pipeline.

First things first you will need a PAT. I have included this PAT in a different variable group than the one that I will update. this is because when you update the variable group, all the variables that are inside will get lost. If you need to retain them, you should have to get them first and then add them again on the variable group.

For this reason I have created a variable group named token-group which holds my PAT. I also made this variable a secret.

The variable group that I will update has the name of var-group and the id of 5.

The pipeline includes two tasks. The first task will loop through the variables on the group and print them out. The second task will update the variable group based on the JSON that you provided. You should change your ORG and project URLs.

trigger:
– none
pr: none
pool:
vmImage: ubuntu-latest
variables:
– group: token-group
steps:
– task: PowerShell@2
displayName: Get variables from variable-group
inputs:
targetType: 'inline'
script: |
$connectionToken="$(PAT)"
$base64AuthInfo= [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($connectionToken)"))
$URL = "https://dev.azure.com/geralexgr/test-project/_apis/distributedtask/variablegroups?groupIds=5&api-version=7.1-preview.1"
$Result = Invoke-RestMethod -Uri $URL -Headers @{authorization = "Basic $base64AuthInfo"} -Method Get
$Variable = $Result.value.variables | ConvertTo-Json -Depth 100
Write-Host $Variable
– task: PowerShell@2
displayName: add variables on variable-group
inputs:
targetType: 'inline'
script: |
$connectionToken="$(PAT)"
$base64AuthInfo= [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($connectionToken)"))
$URL = "https://dev.azure.com/GeralexGR/test-project/_apis/distributedtask/variablegroups/5?api-version=5.1-preview.1"
$body = '{"id":5,"type":"Vsts","name":"var-group","variables":{"rest-var1":{"isSecret":false,"value":"rest-var-value-1"},"rest-var2":{"isSecret":false,"value":"rest-var-value-2"},"rest-var3":{"isSecret":false,"value":"rest-var-value-3"}}}'
$Result = Invoke-RestMethod -Uri $URL -Headers @{authorization = "Basic $base64AuthInfo"} -Method Put -Body $body -ContentType "application/json"
$Variable = $Result.value.variables | ConvertTo-Json -Depth 100
Write-Host $Variable

After running the pipeline you will notice a null output on the update of the variable group. This is the requested result and as task has not failed your var group will get updated.

Variables inside json

Posted on 2 Comments

Update variable group using Azure DevOps rest API – POSTMAN

I was struggling to update a variable group using the Azure DevOps Rest API. In this article I will document the procedure using POSTMAN.

First things first you should create a PAT in order to interact with the API. If you do not know how to create such a thing you should read my previous article about running a build through a REST api on which I documented also the creation of a PAT.

Then you will need to add the access token under authorization tab of POSTMAN using Type Basic Auth. The PAT should be added as plain text.

Then you will need to add Content-Type as application/json under Headers.

Then you will have to create your URL. This should be of the format:

https://dev.azure.com/Organization/project/_apis/distributedtask/variablegroups/groupVariableID?api-version=5.1-preview.1

Important: You should use the version=5.1-preview.1. If you use the latest version you will notice an error on the call. This is a bug that has not been fixed as I found online.

In my example I wanted to update the variable group with the ID 5 and add a variable named new-var. The body of your request should be like below. Keep in mind that we use the PUT HTTP verb to update the variable group. This means everything that is inside the variable group will be discarded. If you followed all the steps correctly you will notice the below output JSON. This should indicate success on the procedure.

Lastly you can locate your new variable inside the variable group.

Variablegroups – Update – REST API (Azure DevOps Task Agent) | Microsoft Docs

Video tutorial on YouTube:

Posted on Leave a comment

Deploy between different environments with variable groups – Azure DevOps

Group variables is a functionality provided by Azure pipelines that let one handle a lot of variables as one entity. It also supports key vault integration but also secrets on comparison with the standard pipeline variables which should not be used as secrets according to Microsoft, as their value can be seen.

https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml

In this article I will describe how you can use variable groups for different deployments based on the environment you work. For example the company may want to differentiate the variables for a product on the test and production version. This could be injected and handled on the pipeline accordingly with group variables and parameters.

This article refers to a product which has the same variables (version, password, environment) on test and prod, but their values are different.

In order to create a variable group you should go to Pipelines -> Library -> +Variable group.

The values which I provided on prod variable group are below:

Accordingly the same values exist for test.

The pipeline will trigger when a commit is merged on the main branch.

trigger:
- main

parameters:
  - name: environment
    displayName: Where to deploy?
    type: string
    default: test
    values:
    - prod
    - test


pool:
  vmImage: ubuntu-latest

variables:
 - group: ${{parameters.environment}}

steps:

- script: |
    echo $(ENV)
    echo $(VERSION)
  displayName: Step 1 - print version and environment

- script: echo $(PASSWORD)
  displayName: Step 2 - print secret

- script: pwd ENV ${{parameters.environment}}
  displayName: Step 3 - print parameter
  
  

By running the pipeline the type of environment will be asked

Depending on the selected input, the group variables of the specific category will be printed. If I run with test as input then I will get the test version and env variable.