azure-devopsazure-pipelinesazure-keyvaultazure-pipelines-yamlazure-pipelines-release-task

How to pass the secret from azure key vault to Environmental variable


The environmental variable TEST_SECRETS shall contain the secrets from the azure key vault. This can be achieved by the AzureKeyVault task shown as follow

- task: AzureKeyVault@2
          displayName: Credential Fetch
          inputs:
            connectedServiceName: 'KVfetch'
            KeyVaultName: 'kv_abc_devops'
            SecretsFilter: 'db-primarykey-dev'
            RunAsPreJob: true

How can I pass the value of db-primarykey-dev to TEST_SECRETS

can I use variables as follows?

variables:
- name: TEST_SECRET
  value: $db-primarykey-dev

I try to pass the variable right before the test it does not work

- task: CmdLine@2
          displayName: Integration Tests
        - script: |
            echo 'TEST_SECRET = $db-primarykey-dev'
            pytest test/integration --verbose -s

Solution

  • You can do this using env mapping:

    - task: CmdLine@2
      displayName: Integration Tests
    - script: |
        pytest test/integration --verbose -s
      env:
        TEST_SECRET: $(db-primarykey-dev)