Variable groups in Azure DevOps allow you to manage variables in a single place and share them across multiple CI/CD pipelines.
Variable groups are defined and managed in the Library page under Pipelines (see the picture above).
Creating a variable group
Variable groups can be created from the Portal or the Azure DevOps CLI, according to the Microsoft documentation here.
To create a variable group via PowerShell, use this script:
Function New-VariableGroup ($groupName, $groupDescription, $variableName, $variableValue) {
$body = @{
type = "Vsts"
name = $groupName
description = $groupDescription
variables = @{$variableName = $variableValue }
}
$json = $body | ConvertTo-Json
Invoke-RestMethod -Uri $variableGroupsUri -Method POST -ContentType "application/json" -Headers @{Authorization = ("Basic {0}" -f $base64AuthInfo) } -Body $json
}
Where:
$variableGroupsUri = "https://dev.azure.com/" + $organizationName + "/" + $projectName + "/_apis/distributedtask/variablegroups?api-version=5.1-preview.1"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f "", $personalAccessToken)))
Creating a variable
To create or update a variable in a variable group using PowerShell, use this script:
param(
[Parameter(Mandatory = $true, HelpMessage = 'Please enter your Azure DevOps organization name')]
[String]$organizationName,
[Parameter(Mandatory = $true, HelpMessage = 'Please enter your Azure DevOps project name')]
[String]$projectName,
[Parameter(Mandatory = $true, HelpMessage = 'Please enter your personal access token to authenticate to Azure Devops')]
[String]$personalAccessToken,
[Parameter(Mandatory = $true, HelpMessage = 'Please enter the Azure DevOps variable group name')]
[String]$variableGroupName,
[Parameter(Mandatory = $true, HelpMessage = 'Please enter the Azure DevOpsvariable name')]
[String]$variableName,
[Parameter(Mandatory = $true, HelpMessage = 'Please enter the value for the Azure DevOps variable')]
[String]$variableValue
)
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(('{0}:{1}' -f '', $personalAccessToken)))
$vstsUri = 'https://dev.azure.com/' + $organizationName + '/' + $projectName
# Returns the variable group ID.
Function Get-VariableGroupId ($groupName) {
$groupsUri = $vstsUri + '/_apis/distributedtask/variablegroups?api-version=5.1-preview.1'
$groups = Invoke-RestMethod -Uri $groupsUri -Method Get -Headers @{Authorization = ('Basic {0}' -f $base64AuthInfo) }
foreach ($group in $groups.value) {
if ($group.name.Equals($groupName)) {
$groupId = $group.id
}
}
return $groupId
}
# Adds a variable to the variable group
Function Add-Variable ($groupId, $name, $value) {
$groupUri = $vstsUri + '/_apis/distributedtask/variablegroups/' + $groupId + '?api-version=5.1-preview.1'
$group = Invoke-RestMethod -Uri $groupUri -Method Get -Headers @{Authorization = ('Basic {0}' -f $base64AuthInfo) }
$groupVariables = $group.variables
$groupVariables | Add-Member -MemberType NoteProperty -Name $name -Value @{Value = $value } -Force
Invoke-RestMethod -Uri $groupUri -Method Put -ContentType 'application/json' -Headers @{Authorization = ('Basic {0}' -f $base64AuthInfo) } -Body (ConvertTo-Json $group) -Verbose
}
#####################################################
$variableNameGroupId = Get-VariableGroupId -groupName $variableGroupName
try {
Add-Variable -groupId $variableNameGroupId -name $variableName -value $variableValue
}
catch {
Write-Host 'An error occurred while updating the variable in the variable group'
Write-Error -Message $_.Exception
}
Linking a variable group to a pipeline
To link the variable group to a pipeline, open the pipeline and go to the Build / Release Definition, Move to Variables Tabs, and then select “Variable Groups.” Under Variable Groups, you will have the option to “Link Variable Group” that will list all the Variable groups created under the Library.
Radu Narita 