Read a Secret from an Azure Key Vault in Azure Pipelines

1.25 hours
  • 3 Learning Objectives

About this Hands-on Lab

You are deploying a database and application using Azure DevOps, but you don’t want to store the database passwords within the repo or within the pipeline. Use Azure Key Vault in the release pipeline to read a secret for the deployment.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an Azure DevOps Organization
  • Log in to the Azure Portal using the provided credentials.
  • Search for Azure DevOps from the services menu.
  • Create a new organization and project named MyFirstProject.
Create Build Pipeline
  • Create a new GitHub repository
  • Import the code from this GitHub Repository.
  • Create a pipeline in Azure Pipelines, using the code from the keyvault branch.
  • Add a Key Vault resource in Azure, giving access to the service principal.
Create the Release Pipeline

Create a new release pipeline to deploy an Azure WebApp, including the key vault secret deployment.

Additional Resources

Start by logging into the Azure portal and searching for Azure DevOps from the services menu. Proceed to create a new Azure DevOps organization and project named MyFirstProject. Select Azure Repos and import the following code: https://github.com/linuxacademy/content-az400-lab-resources.git.

The application is located on the keyvault branch. Proceed to import the code on keyvault into your newly created Azure Repos repository. Once you've imported the code, create a build pipeline that will package up the code and publish the build artifacts to the staging directory.

Create an Azure KeyVault resource that will give permissions to the provided service principal to list and get secret access. Proceed to create the secret named sqldbpassword with a secure password.

Proceed to create the release pipeline to deploy the webapp to Azure using the keyvault secret. Make sure to use a service connection with the service principal keys provided.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?