Throughout the pipeline script, it is essential to use user-defined variables to parameterize certain steps and avoid hardcoding values. This approach improves maintainability, security, and flexibility in pipeline execution.
Some practical use cases include:
- Specifying the GeneXus version that the pipeline should use during execution.
- Defining user credentials (username and password) for connecting to GeneXus Server—credentials that should be handled as secrets.
- Selecting which environment within the Knowledge Base (KB) should be marked as active before initiating a build.
Depending on how variables are defined, different advantages may apply. Below are three common methods for defining variables in Azure DevOps:
In YAML pipeline definitions, variables can be declared at the root, stage, or job level. This is the most straightforward and visible method, allowing full control over when and where each variable is used.
Advantages:
-
Easy to implement directly in the pipeline file.
-
Clear visibility and version control over the variable values.
-
Useful for values that are not sensitive and may change frequently.
Example:
#Environment variables:
MSBUILD: "C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\MSBuild\Current\Bin\MSBuild.exe"
WORKING_DIR: "C:\AzureCICDKBs"
stages:
- stage: Build
jobs:
- job: Compile
steps:
- script: '"$(MSBUILD)" "$(WORKING_DIR)\\MySolution..." /p:Configuration=Release'
displayName: 'Run MSBuild'
Keep in mind that variables can be referenced using the $(variableName) syntax.
This modular approach helps centralize configuration and makes the pipeline easier to maintain and extend.
Azure DevOps also allows defining variables directly in the pipeline's graphical user interface.
Advantages:
-
When defined through the UI, variables can be marked as secret, which ensures that sensitive values such as passwords or tokens are encrypted and hidden during execution.
-
Useful for credentials and other secure data that should not be stored in version control.
Variable groups allow you to define a collection of variables and share them across multiple pipelines.
To define this type of variable, navigate to the main menu, select Pipelines > Library, and click the "+ Variable Group" button.
A name and a description must be provided for the variable group to clearly identify its purpose.
At the bottom of the form, example variables are defined as part of this group:
-
GX_PATH: Stores the installation path for GeneXus, assuming that all environments are generated using the same GeneXus version and upgrade.
-
KB_ALIAS: Contains the alias of the Knowledge Base (KB), used to identify the corresponding project instance, among others.
-
Save
The Save button must be selected to confirm and store all changes made to the group, then Pipeline permissions option will be enabled.
-
Pipeline permissions
Through the Pipeline permissions option, access can be granted to specific pipelines, enabling them to reference this variable group during execution.
Advantages:
-
Encourages reusability by centralizing variable management.
-
Ideal for environments where the same settings (e.g., connection strings, deployment targets) are used across several projects or pipelines.
-
Variables in a group can also be marked as secrets.
It is important to note that any variable containing a file path must not end with a backslash.
For example, use:
C:\AzureCICDKBs\OnlineShopRWD
instead of:
C:\AzureCICDKBs\OnlineShopRWD\
Additionally, the sample pipeline already includes the use of double quotes around each variable, which is helpful when:
-
The path contains spaces e.g.,
C:\Program Files (x86)\...
-
A password or secret includes special characters
This behavior should be taken into account.
In summary:
-
Do not manually add single or double quotes to variable values, unless it is deemed necessary after reviewing the specific case
-
Do not end file paths with a backslash
More info about variables.