3

I developed an Azure Function and I need to use the Build and Release Pipelines of VSTS (Azure DevOps) to do the CI/CD.

To be able to use the same Build in different environments, I am using Environment.GetEnvironmentVariable("MyVariable") to get the value of some variables.

I am able to configure those variables on the Application Settings of the Azure Function, and I am also able to use the VSTS release pipeline to replace those values on the Application Settings.

However, due to security reasons imposed by my client, I cannot have those variables available to be seen at the Application Settings.

So I need to, somehow, use the Build/Release pipeline to set the environment variables and not make them readable on the function resource at the Azure Portal.

What is the most elegant way to do it?

I am using Azure Functions 2.0

Thank you in advance.

Artur Quirino
  • 486
  • 6
  • 21
  • You can use [Azure Keyvault to store secrets and access into your Azure functions](https://rahulpnath.com/blog/azure-key-vault-from-azure-functions/) then you can get the values from [your vsts and assign it](https://colinsalmcorner.com/post/managing-credentials-and-secrets-in-vsts-release-management) – Jayendran Sep 18 '18 at 14:20
  • 1
    But in this way the secrets will be visible at the Application Settings on the resource, right? – Artur Quirino Sep 18 '18 at 17:49
  • 1
    No It's not,in fact all the secrets will be stored in Azure KeyVault, they never exposed to application settings – Jayendran Sep 19 '18 at 01:53
  • Did you ever figure this out? @ArturQuirino – dcdroid Dec 06 '18 at 14:25

0 Answers0