How to declare variable groups once in template and use in multiple repos in Azure yaml pipeline

AmroHassaan
February 7, 2023
234 views
0 votes
2 Answers

How to authorize variable in a yaml template in another repo to be used in a different repo. IOW, how to declare variables in a template once and use in multiple repos in azure devops

I am trying to migrate from classic pipelines to yaml in azure devops. So i am trying to set up a repo to host all yaml templates so it can be referenced and reused by multiple repos for builds, etc.
I wrote this yaml pipeline to sample prototyping it:

`name: FirstPL

trigger:
  - my_test_branch

pool: my-agent


resources:
  repositories:
    - repository: blah
      type: git
      name: foo/bar
      ref: refs/heads/poc

variables:
  - template: pipeline_vars.yml@blah
steps:
  - script: echo $(variable_from_pipeline_vars) 

`

However when i run this i get the follwoing error:

An error occurred while loading the YAML build pipeline. Variable group was not found or is not authorized for use. For authorization details, refer to https://aka.ms/yamlauthz.

How can i declare my variables and variables groups once in a template in a repo that is dedicated to host those templates and then use them over and again in multiple repos using the resourcs syntax above? Also, I tried to find a way authorize the variables template but couldn’t find anything to enable this.

Answers

- SiddheshDesai
- February 8, 2023 at 8:04 am
- 0 votes
0
How to authorize variable in a yaml template in another repo to be
used in a different repo. IOW, how to declare variables in a template
once and use in multiple repos in azure devops. However when I run
this i get the follwoing error:

An error occurred while loading the YAML build pipeline. Variable group was not found or is not authorized for use. For authorization
details, refer to
https://aka.ms/yamlauthz.

You can directly add the variable group in your azure DevOps project in the Library tab and save all your variables from pipeline_vars.yml in the variable group like below:-

Now, You can access this variable group in your YAML pipeline of multiple repos like the below:-
```
# Starter pipeline

# Start with a minimal pipeline that you can customize to build and deploy your code.

# Add steps that build, run tests, deploy, and more:

# https://aka.ms/yaml

  

pool:

vmImage: ubuntu-latest

  

workspace:

clean: all

  

resources:

repositories:

- repository: repo_a

type: git

name: InternalProjects/repo_a

trigger:

- main

- release

  

- repository: repo_b

type: git

name: InternalProjects/repo_b

trigger:

- main

  

variables:

- group: SharedVariables

  

steps:

- checkout: repo_a

  

- checkout: repo_b

- script: |

echo $(databaseServerName)

  

- task: AzureCLI@2

inputs:

azureSubscription: 'xxx subscription(xxxxxxxxx-f598-44d6-b4fd-xxxxxxxxxxxx)'

scriptType: 'bash'

scriptLocation: 'inlineScript'

inlineScript: 'az resource list --location uksouth'
```
Output:-

It asks for approving permission for the Variable group to run in the pipeline like below:-

Console:-

Tried the same with another repo repo_b in the project and it asks to approve access for repositories and variable groups like the below:-

Output:-

If you want this variable to be accessed in multiple stages/repos/pipelines within the project without authorization prompt. You can click on Security on top and allow it:-

I created one variables template and referenced it in the YAML pipeline to use across multiple repos by checking out another repo like below:-
```
# Starter pipeline

# Start with a minimal pipeline that you can customize to build and deploy your code.

# Add steps that build, run tests, deploy, and more:

# https://aka.ms/yaml

  

pool:

vmImage: ubuntu-latest

  

workspace:

clean: all

  

resources:

repositories:

- repository: repo_a

type: git

name: InternalProjects/repo_a

trigger:

- main

- release

  

- repository: repo_b

type: git

name: InternalProjects/repo_b

trigger:

- main

variables:

- template: pipeline_vars.yml

steps:

- checkout: repo_a

- checkout: repo_b

  

- script: |

echo $(environmentName)

- task: AzureCLI@2

inputs:

azureSubscription: 'xxx subscription(xxxxxxxx-f598-44d6-b4fd-e2b6e97xxxxxx)'

scriptType: 'bash'

scriptLocation: 'inlineScript'

inlineScript: 'az resource list --location uksouth'
```
Output:-

I tried to reference the same template in another repo where it does not exist it could not read the pipeline_vars.yml file as it does not exist in the repo.

You can make use of variable groups like the above to reference the variables in this pipeline.
Login or Signup to reply.

- GetShifting
- February 8, 2023 at 8:05 am
- 0 votes
0
One of the possible reasons for this is that the project that hosts the repository with the variables does not allow access to it’s repositories from yaml pipelines.

To verify, go to your project’s settings -> Pipelines -> Settings -> Verify "Protect access to repositories in YAML pipelines" . This setting is enabled by default. You could set it to off or add a checkout step to your pipeline yaml. See here for more information.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.