home / skills / ntaksh42 / agents / azure-variable-groups
This skill helps you manage Azure Pipelines variable groups and Key Vault secrets for environment-specific configurations and seamless pipeline integration.
npx playbooks add skill ntaksh42/agents --skill azure-variable-groupsReview the files below or copy the command above to add this skill to your agents.
---
name: azure-variable-groups
description: Manage Azure Pipeline variable groups and library secrets. Use when organizing pipeline variables or managing configuration.
---
# Azure Variable Groups Skill
Azure Pipelinesの変数グループを管理するスキルです。
## 主な機能
- **変数グループ作成**: 共通変数管理
- **Key Vault連携**: シークレット管理
- **環境別変数**: Dev/Staging/Prod
- **パイプライン連携**: 変数グループ使用
## 変数グループ作成
### Azure CLI
```bash
# 変数グループ作成
az pipelines variable-group create \
--name "Production-Variables" \
--variables \
DATABASE_HOST="prod-db.database.windows.net" \
DATABASE_NAME="proddb" \
API_URL="https://api.production.example.com" \
--authorize true
# Key Vaultリンク変数グループ
az pipelines variable-group create \
--name "Production-Secrets" \
--variables \
ConnectionString \
ApiKey \
--authorize true
# 変数追加
az pipelines variable-group variable create \
--group-id 1 \
--name "NEW_VARIABLE" \
--value "new-value"
```
## パイプラインでの使用
```yaml
variables:
- group: Production-Variables
- group: Production-Secrets
stages:
- stage: Deploy
jobs:
- job: DeployJob
steps:
- script: |
echo "Database: $(DATABASE_HOST)"
echo "API: $(API_URL)"
displayName: 'Use Variables'
```
## Key Vault統合
```yaml
# Key Vaultから変数取得
variables:
- group: KeyVault-Secrets
steps:
- task: AzureKeyVault@2
inputs:
azureSubscription: 'Azure-Connection'
KeyVaultName: 'MyKeyVault'
SecretsFilter: '*'
RunAsPreJob: true
```
## 環境別変数管理
```yaml
# Dev環境
variables:
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/develop') }}:
- group: Dev-Variables
# Prod環境
- ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/main') }}:
- group: Prod-Variables
```
## バージョン情報
- Version: 1.0.0
This skill manages Azure Pipelines variable groups and library secrets to centralize pipeline configuration. It helps create, update, and link variable groups, integrate Azure Key Vault secrets, and reference environment-specific variables across CI/CD pipelines. Use it to simplify secret handling and maintain consistent settings across Dev, Staging, and Prod.
The skill uses Azure CLI commands and pipeline YAML snippets to create and modify variable groups, add individual variables, and authorize groups for pipeline use. It supports linking Key Vault secrets into variable groups and shows how to pull those secrets into pipeline steps with the AzureKeyVault task. Conditional YAML examples demonstrate swapping groups based on branch or environment.
Can I store secrets directly in variable groups?
You can, but storing sensitive values in Azure Key Vault and linking them to variable groups is more secure and auditable.
How do I use different variables per environment?
Define separate variable groups per environment and use conditional YAML (branch or runtime expressions) to include the appropriate group.