I use a TFS 2015 instance (it will be soon decommissioned). In a release definition I need to use some sensitive data (credentials). As of now I tried setting the secrets as in this guide but this is a feature supported only from TFS 2018 on. In fact, in TFS 2015 I cannot see the "Environment variables" section that is needed to decrypt the "locked" configurations.
What are the possible options here to have a per-project set of encrypted sensitive data that I can then retrieve and use in the release scripts? Is there any credential manager (like the one in Jenkins) in TFS 2015?
Each pipeline has a list of variables. Each variable has a little 🔒 icon you can click to keep the value secret. In 2015 I don't think there's a Variable Library option yet, if I remember correctly that was added in a later version.
Here's the official docs that describe setting a variable in Team Foundation Server 2015.
You can set a variable for a build pipeline by following these steps:
- Go to the Pipelines page, select the appropriate pipeline, and then select Edit.
- Locate the Variables for this pipeline.
- Add or update the variable.
- To mark the variable as secret, select Keep this value secret.
- Save the pipeline.
After the variable is set, you can use it as an input to a task or within the scripts in your pipeline. To use a variable as an input to a task, wrap it in
$().
If you wrap your script in a custom task, you can use a "Service Connection" to store the secret and select it from a task.