A tool for securely viewing Azure DevOps Variable Group secrets. This pipeline retrieves variables from a specified group, storing them as artifacts. It allows authorized users to inspect secret values safely, aiding in auditing and troubleshooting Variable Group configurations without compromising security.
- Securely retrieves variables from Azure DevOps Variable Groups
- Stores sensitive information as pipeline artifacts
- Enables controlled access to secret values for authorized users
- Facilitates auditing and troubleshooting of Variable Group configurations
- Azure DevOps account with appropriate permissions
- Access to the target Variable Group
- Basic understanding of Azure DevOps pipelines
- Clone this repository to your Azure DevOps project.
- Update the
YOUR_VARIABLE_GROUP_NAMEin the YAML file with your actual Variable Group name. - Ensure that the necessary permissions are set for accessing the Variable Group and running the pipeline.
- Navigate to the pipeline in your Azure DevOps project.
- Run the pipeline manually (as it's set to manual trigger).
- Once completed, access the pipeline artifacts to view the extracted secrets.
- Ensure that access to the pipeline and its artifacts is properly restricted.
- Remember that the secrets are stored in plain text in the artifact. Handle with care.
- Regularly rotate secrets and update the Variable Group accordingly.
- Consider implementing additional encryption for enhanced security.
Contributions to improve ado-secret-viewer are welcome. Please follow these steps:
- Fork the repository.
- Create a new branch for your feature.
- Commit your changes.
- Push to your branch.
- Create a new Pull Request.
Have questions or suggestions? Reach out to us:
- 📧 Email: [email protected]
- 💼 LinkedIn: in/sauravsrivastav2205
- 🐙 GitHub: https://github.com/SauravSrivastav