Handle secrets in Azure DevOps
When creating a ci/cd pipeline for your project, at some point you have to define a connection to your environment. In case of Dataverse, the connection string will contain clientid and client secret values. It's always a good idea to store secret values in a secure place, instead of putting them in clear text into your pipeline definition file (yaml) and potentially pushing them into your code repository.
Azure DevOps provides you a number of possible solutions to address just that:
- Azure DevOps Service Connection: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints
- Azure Key Vault: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault
- Azure DevOps Secret Variables: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=yaml%2Cbatch#secret-variables
Personally, I prefer to use Azure Key Vault because it allows me to use these secrets in other applications too (like for example an Azure Functions).
Published on:
Learn moreRelated posts
Automating Microsoft Fabric Workspace Creation with Azure DevOps Pipelines
In today’s fast-paced analytics landscape, Microsoft Fabric has become the leader of enterprise BI implementations, one of the fundamental con...
New T-SQL AI Features are now in Public Preview for Azure SQL and SQL database in Microsoft Fabric
At the start of this year, we released a new set of T-SQL AI features for embedding your relational data for AI applications. Today, we have b...
Zonal resiliency in Azure
Azure DevOps and GitHub Repositories — Next Steps in the Path to Agentic AI
In May, we talked about the evolution of GitHub Copilot from a coding assistant into an AI powered peer programmer. Since then, GitHub has tak...
Public preview of vector indexing in Azure SQL DB, Azure SQL MI, and SQL database in Microsoft Fabric
We are happy to share that DiskANN vector indexing is now in public preview across Azure SQL Database, Azure SQL Managed Instance, and SQL dat...