1 min read
Secure Files in Azure DevOps
Secure Files in Azure DevOps provide a way to store and use sensitive files like certificates, provisioning profiles, and key files in your pipelines.
Using Secure Files
# Download and use secure files
trigger: [main]
pool:
vmImage: 'macos-latest'
steps:
- task: DownloadSecureFile@1
name: signingCert
inputs:
secureFile: 'ios-signing.p12'
- task: DownloadSecureFile@1
name: provisionProfile
inputs:
secureFile: 'app-store.mobileprovision'
- script: |
# Install certificate
security import $(signingCert.secureFilePath) -P $(CertPassword) -A
# Copy provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $(provisionProfile.secureFilePath) ~/Library/MobileDevice/Provisioning\ Profiles/
displayName: 'Install signing credentials'
- task: Xcode@5
inputs:
actions: 'build'
scheme: 'MyApp'
signingOption: 'manual'Common Use Cases
# SSH keys
- task: InstallSSHKey@0
inputs:
knownHostsEntry: 'github.com ssh-rsa AAAA...'
sshKeySecureFile: 'github-deploy-key'
# Kubernetes config
- task: DownloadSecureFile@1
name: kubeconfig
inputs:
secureFile: 'production-kubeconfig'
- script: |
export KUBECONFIG=$(kubeconfig.secureFilePath)
kubectl get podsSecure Files protect sensitive credentials while enabling automated pipelines.