You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/ci-cd/azure-devops.md
+15-8Lines changed: 15 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -127,25 +127,26 @@ The pipeline runs automatically when changes to artifact files or configuration
127
127
| Parameter | Type | Default | Description |
128
128
|-----------|------|---------|-------------|
129
129
| `COMMIT_ID_CHOICE` | string | `publish-artifacts-in-last-commit` | Choose `publish-artifacts-in-last-commit` for incremental publish, or `publish-all-artifacts-in-repo` for a full publish |
130
-
| `ENVIRONMENT` | string | `all` | Which environment to publish to: `all`, `dev`, or `prod` |
130
+
| `ENVIRONMENT` | string | `dev` | Which environment to publish to (for example `dev` or `prod`) |
131
131
132
132
### Multi-Stage Deployment
133
133
134
-
The pipeline generates one stage per environment. Stages run sequentially — each stage depends on the previous:
134
+
The pipeline generates one stage per environment. The selected stage runs based on the `ENVIRONMENT` parameter.
135
135
136
136
```mermaid
137
137
flowchart LR
138
-
A[Publish_dev] --> B[Publish_prod]
138
+
A[ENVIRONMENT=dev] --> B[Publish_dev]
139
+
C[ENVIRONMENT=prod] --> D[Publish_prod]
139
140
```
140
141
141
142
Each stage:
142
143
143
-
1. **Conditionally runs** — Only executes if the `ENVIRONMENT` parameter matches the stage name or is `all`
144
+
1. **Conditionally runs** — Only executes when the `ENVIRONMENT` parameter matches the stage name
144
145
2. **Uses a deployment job** — Wraps the publish step in a `deployment` job targeting an [Azure DevOps environment](https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments) for approval gates
145
146
3. **Loads per-environment variables** — Each stage uses its own variable group (`apim-dev`, `apim-prod`)
146
147
4. **Authenticates per-environment** — Uses environment-specific service connections (`AZURE_SERVICE_CONNECTION_DEV`, `AZURE_SERVICE_CONNECTION_PROD`)
147
148
5. **Substitutes tokens** — Replaces `{#[TOKEN_NAME]#}` placeholders in `configuration.<env>.yaml` with secret variable values before publishing
@@ -300,6 +301,11 @@ To replace `{#[TOKEN_NAME]#}` placeholders in `configuration.<env>.yaml` with se
300
301
301
302
1. **Install the [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens)** in your Azure DevOps organization (if not already installed).
302
303
304
+
You can do this via CLI:
305
+
```bash
306
+
az devops extension install --publisher-id qetza --extension-id replacetokens
307
+
```
308
+
303
309
2. **Add secret variables** to the `apim-<env>` variable group. See the Azure DevOps documentation for [adding variables to a variable group](https://learn.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups) and [marking variables as secret](https://learn.microsoft.com/en-us/azure/devops/pipelines/process/set-secret-variables).
304
310
305
311
For example, to substitute `{#[BACKEND_URL]#}` in your configuration file:
@@ -326,10 +332,11 @@ See the [Token Substitution Guide](../guides/token-substitution.md) for full det
326
332
|---------|-------|-----|
327
333
| `AzureCLI@2` fails with "service connection not found" | Variable group not linked or variable name mismatch | Verify the variable group is linked to the pipeline and `AZURE_SERVICE_CONNECTION` is defined |
328
334
| Extract shows "No changes to commit" | APIM config hasn't changed since last extract | Expected behavior — no branch is created |
329
-
| Publish stage is skipped | `ENVIRONMENT` parameter doesn't match the stage | Set `ENVIRONMENT` to `all` or the specific stage name |
335
+
| Publish stage is skipped | `ENVIRONMENT` parameter doesn't match the stage | Set `ENVIRONMENT` to the specific stage name (for example `dev` or `prod`) |
330
336
| `npm ci` fails | `package.json` or `package-lock.json` missing | Run `apiops init` to generate project files, then commit them |
331
337
| "publish-all-artifacts-in-repo" deploys everything | Expected — this mode publishes all artifacts, ignoring git diff | Use `publish-artifacts-in-last-commit` (default) for incremental |
| Run is stuck with "This pipeline needs permission to access a resource" | Environment resource isn't authorized for pipeline use | Authorize the environment in Azure DevOps or run the prompt step that PATCHes `pipelinePermissions/environment/{id}` with `{"allPipelines":{"authorized":true}}` |
333
340
| `--subscription-id` error | `AZURE_SUBSCRIPTION_ID` not set in variable group | Add it to the relevant variable group |
Copy file name to clipboardExpand all lines: docs/guides/token-substitution.md
+6-1Lines changed: 6 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -97,7 +97,9 @@ Result: the placeholder `{#[PAYMENT_API_KEY]#}` is replaced with `sk-live-abc123
97
97
## Azure DevOps Setup
98
98
99
99
> [!IMPORTANT]
100
-
> The [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens) must be installed in your Azure DevOps organization from the Visual Studio Marketplace.
100
+
> The [Replace Tokens extension](https://marketplace.visualstudio.com/items?itemName=qetza.replacetokens) must be installed in your Azure DevOps organization.
0 commit comments