Handle secrets in Azure DevOps
When creating a ci/cd pipeline for your project, at some point you have to define a connection to your environment. In case of Dataverse, the connection string will contain clientid and client secret values. It's always a good idea to store secret values in a secure place, instead of putting them in clear text into your pipeline definition file (yaml) and potentially pushing them into your code repository.
Azure DevOps provides you a number of possible solutions to address just that:
- Azure DevOps Service Connection: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints
- Azure Key Vault: https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault
- Azure DevOps Secret Variables: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=yaml%2Cbatch#secret-variables
Personally, I prefer to use Azure Key Vault because it allows me to use these secrets in other applications too (like for example an Azure Functions).
Published on:
Learn moreRelated posts
Building Event-Driven Go applications with Azure Cosmos DB and Azure Functions
The Go programming language is a great fit for building serverless applications. Go applications can be easily compiled to a single, staticall...
July Patches for Azure DevOps Server
Today we are releasing patches that impact the latest version of our self-hosted product, Azure DevOps Server. We strongly encourage and recom...
Azure SDK Release (June 2025)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (June 2025) ap...
Exploring azd extensions: Enhance your Azure developer experience
A deep dive into the introduction of the Azure Developer CLI (azd) extensions and the azd extension framework to build extensions. The post Ex...