This article explains three different ways to use variables in Azure DevOps pipelines, each with its own advantages.
Throughout the pipeline script, it is essential to use user-defined variables to parameterize specific steps and avoid hard-coded values. This approach improves maintainability, security, and flexibility in pipeline execution.
Some practical use cases include:
- Specifying the GeneXus version that the pipeline should use during execution.
- Defining user credentials (username and password) for connecting to GeneXus Server—these credentials should be handled as secrets.
- Selecting which environment within the Knowledge Base (KB) should be marked as active before initiating a build.
Depending on how variables are defined, different advantages may apply. Below are three common methods for defining variables in Azure DevOps:
In YAML pipeline definitions, variables can be declared at the root, stage, or job level. This is the most straightforward and visible method, allowing full control over when and where each variable is used.
Advantages:
- Easy to implement directly in the pipeline file.
- Clear visibility and version control over the variable values.
- Useful for values that are not sensitive and may change frequently.
Sample
#Environment variables:
MSBUILD: "C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\MSBuild\Current\Bin\MSBuild.exe"
WORKING_DIR: "C:\AzureCICDKBs"
stages:
- stage: Build
jobs:
- job: Compile
steps:
- script: '"$(MSBUILD)" "$(WORKING_DIR)\\MySolution..." /p:Configuration=Release'
displayName: 'Run MSBuild'
Keep in mind that variables can be referenced using the $(variableName) syntax.
This modular approach centralizes configuration and improves pipeline maintainability and scalability.
Azure DevOps also allows defining variables directly through the pipeline's graphical user interface.
Advantages:
- When defined through the UI, variables can be marked as secret, ensuring that sensitive values such as passwords or tokens are encrypted and hidden during execution.
- Useful for credentials and other secure data that should not be stored in version control.
Variable groups allow you to define a collection of variables and share them across multiple pipelines.
To define this type of variable, navigate to the main menu, select Pipelines > Library, and click on the + Variable Group button.
A name and a description must be provided for the variable group to clearly identify its purpose.
At the bottom of the form, example variables are defined as part of this group:
- GX_PATH: Stores the installation path for GeneXus, assuming that all environments are generated using the same GeneXus version and upgrade.
- KB_ALIAS: Contains the alias of the Knowledge Base (KB), used to identify the corresponding project instance, among others.
-
Save
The Save button must be selected to confirm and store all changes made to the group. Once saved, the Pipeline permissions option will be enabled.
-
Pipeline permissions
Through the Pipeline permissions option, access can be granted to specific pipelines, enabling them to reference this variable group during execution.
Advantages:
- Encourages reusability by centralizing variable management.
- Ideal for environments where the same settings (e.g., connection strings, deployment targets) are used across several projects or pipelines.
- Variables in a group can also be marked as secrets.
Any variable containing a file path must not end with a backslash (\).
Correct:
C:\AzureCICDKBs\OnlineShopRWD
Incorrect:
C:\AzureCICDKBs\OnlineShopRWD\
Additionally, the sample pipeline already includes the use of double quotes around each variable. This is important in the following cases:
This behavior should be taken into account.
In summary:
- Avoid manually adding single or double quotes to variable values unless specifically required after evaluating the use case.
- Do not end file paths with a backslash.
Define variables - Azure Pipelines