Skip to content

Commit 83a49e2

Browse files
committed
adding instructions to install extension.
1 parent 207bb40 commit 83a49e2

3 files changed

Lines changed: 33 additions & 9 deletions

File tree

docs/ci-cd/azure-devops.md

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -127,25 +127,26 @@ The pipeline runs automatically when changes to artifact files or configuration
127127
| Parameter | Type | Default | Description |
128128
|-----------|------|---------|-------------|
129129
| `COMMIT_ID_CHOICE` | string | `publish-artifacts-in-last-commit` | Choose `publish-artifacts-in-last-commit` for incremental publish, or `publish-all-artifacts-in-repo` for a full publish |
130-
| `ENVIRONMENT` | string | `all` | Which environment to publish to: `all`, `dev`, or `prod` |
130+
| `ENVIRONMENT` | string | `dev` | Which environment to publish to (for example `dev` or `prod`) |
131131

132132
### Multi-Stage Deployment
133133

134-
The pipeline generates one stage per environment. Stages run sequentially — each stage depends on the previous:
134+
The pipeline generates one stage per environment. The selected stage runs based on the `ENVIRONMENT` parameter.
135135

136136
```mermaid
137137
flowchart LR
138-
A[Publish_dev] --> B[Publish_prod]
138+
A[ENVIRONMENT=dev] --> B[Publish_dev]
139+
C[ENVIRONMENT=prod] --> D[Publish_prod]
139140
```
140141

141142
Each stage:
142143

143-
1. **Conditionally runs** — Only executes if the `ENVIRONMENT` parameter matches the stage name or is `all`
144+
1. **Conditionally runs** — Only executes when the `ENVIRONMENT` parameter matches the stage name
144145
2. **Uses a deployment job** — Wraps the publish step in a `deployment` job targeting an [Azure DevOps environment](https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments) for approval gates
145146
3. **Loads per-environment variables** — Each stage uses its own variable group (`apim-dev`, `apim-prod`)
146147
4. **Authenticates per-environment** — Uses environment-specific service connections (`AZURE_SERVICE_CONNECTION_DEV`, `AZURE_SERVICE_CONNECTION_PROD`)
147148
5. **Substitutes tokens** — Replaces `{#[TOKEN_NAME]#}` placeholders in `configuration.<env>.yaml` with secret variable values before publishing
148-
6. **Applies overrides** — Passes `--override configuration.{env}.yaml` to apply [environment-specific overrides](../guides/environment-overrides.md)
149+
6. **Applies overrides** — Passes `--overrides configuration.{env}.yaml` to apply [environment-specific overrides](../guides/environment-overrides.md)
149150

150151
### Publish Pipeline Walkthrough
151152

@@ -156,15 +157,15 @@ For incremental publish (default), `--commit-id $(Build.SourceVersion)` is passe
156157
displayName: 'Publish to dev (incremental - last commit only)'
157158
condition: ne('${{ parameters.COMMIT_ID_CHOICE }}', 'publish-all-artifacts-in-repo')
158159
inputs:
159-
azureSubscription: '$(AZURE_SERVICE_CONNECTION_DEV)'
160+
azureSubscription: 'AZURE_SERVICE_CONNECTION_DEV'
160161
scriptType: 'bash'
161162
scriptLocation: 'inlineScript'
162163
inlineScript: |
163164
npx apiops publish \
164165
--resource-group $(APIM_RESOURCE_GROUP_DEV) \
165166
--service-name $(APIM_SERVICE_NAME_DEV) \
166167
--source ./apim-artifacts \
167-
--override configuration.dev.yaml \
168+
--overrides configuration.dev.yaml \
168169
--commit-id $(Build.SourceVersion) \
169170
--subscription-id $(AZURE_SUBSCRIPTION_ID)
170171
```
@@ -300,6 +301,11 @@ To replace `{#[TOKEN_NAME]#}` placeholders in `configuration.<env>.yaml` with se
300301

301302
1. **Install the [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens)** in your Azure DevOps organization (if not already installed).
302303

304+
You can do this via CLI:
305+
```bash
306+
az devops extension install --publisher-id qetza --extension-id replacetokens
307+
```
308+
303309
2. **Add secret variables** to the `apim-<env>` variable group. See the Azure DevOps documentation for [adding variables to a variable group](https://learn.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups) and [marking variables as secret](https://learn.microsoft.com/en-us/azure/devops/pipelines/process/set-secret-variables).
304310

305311
For example, to substitute `{#[BACKEND_URL]#}` in your configuration file:
@@ -326,10 +332,11 @@ See the [Token Substitution Guide](../guides/token-substitution.md) for full det
326332
|---------|-------|-----|
327333
| `AzureCLI@2` fails with "service connection not found" | Variable group not linked or variable name mismatch | Verify the variable group is linked to the pipeline and `AZURE_SERVICE_CONNECTION` is defined |
328334
| Extract shows "No changes to commit" | APIM config hasn't changed since last extract | Expected behavior — no branch is created |
329-
| Publish stage is skipped | `ENVIRONMENT` parameter doesn't match the stage | Set `ENVIRONMENT` to `all` or the specific stage name |
335+
| Publish stage is skipped | `ENVIRONMENT` parameter doesn't match the stage | Set `ENVIRONMENT` to the specific stage name (for example `dev` or `prod`) |
330336
| `npm ci` fails | `package.json` or `package-lock.json` missing | Run `apiops init` to generate project files, then commit them |
331337
| "publish-all-artifacts-in-repo" deploys everything | Expected — this mode publishes all artifacts, ignoring git diff | Use `publish-artifacts-in-last-commit` (default) for incremental |
332338
| Approval gate blocks deployment | Environment checks configured | Approve in **Pipelines → Environments → {env}** |
339+
| Run is stuck with "This pipeline needs permission to access a resource" | Environment resource isn't authorized for pipeline use | Authorize the environment in Azure DevOps or run the prompt step that PATCHes `pipelinePermissions/environment/{id}` with `{"allPipelines":{"authorized":true}}` |
333340
| `--subscription-id` error | `AZURE_SUBSCRIPTION_ID` not set in variable group | Add it to the relevant variable group |
334341

335342
---

docs/guides/token-substitution.md

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,9 @@ Result: the placeholder `{#[PAYMENT_API_KEY]#}` is replaced with `sk-live-abc123
9797
## Azure DevOps Setup
9898

9999
> [!IMPORTANT]
100-
> The [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens) must be installed in your Azure DevOps organization from the Visual Studio Marketplace.
100+
> The [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens) must be installed in your Azure DevOps organization.
101+
> You can install it from Marketplace or via CLI:
102+
> `az devops extension install --publisher-id qetza --extension-id replacetokens`
101103

102104
### Mapping Variables to Tokens
103105

@@ -112,6 +114,9 @@ The substitution task will automatically replace `{#[PROD_SECRET_VALUE]#}` with
112114
### Step-by-Step for Azure DevOps
113115

114116
1. **Install the Replace Tokens extension** in your Azure DevOps organization if not already present.
117+
```bash
118+
az devops extension install --publisher-id qetza --extension-id replacetokens
119+
```
115120

116121
2. **Add secret variables to your variable group:**
117122
- Go to **Pipelines → Library → apim\<env\>** (e.g., `apim-prod`)

src/templates/shared/identity-setup-azure-devops-core.md

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,18 @@ Install the extension (works in both shells):
101101
az extension add --name azure-devops
102102
```
103103

104+
Install the Azure DevOps Replace Tokens extension (required by publish pipeline):
105+
106+
**PowerShell:**
107+
```powershell
108+
az devops extension install --publisher-id qetza --extension-id replacetokens
109+
```
110+
111+
**Git Bash:**
112+
```bash
113+
az devops extension install --publisher-id qetza --extension-id replacetokens
114+
```
115+
104116
Set organization defaults:
105117

106118
For self-hosted Azure DevOps Server, use your server/collection URL format:

0 commit comments

Comments
 (0)