How to manage variabes and variable groups across different environments?

Hi , anyone has a good reference on how to manage variabes and variable groups across different environments?

So Here is what i do.
Open excel, create tabs for as many environment as you have.
Start writing all the variables you need per environment.
Idea is that you copy the same variables to all the environments.
After you do that, mark variables that have the SAME value in all the environments in color Green.
Next, create a tab called Common, in it MOVE the variables and values that you marked wit Green from differernt environment tabs into the Common one.
Next look at all the values you have for one specific variable across all environments. You should probably see that even these values falls into some pattern, lets say that parameters is “FilePath” with values /file/dev.txt in the dev tab and /file/prod.txt in the prod tab.
What you will do next is actually create a new variable in the Common tab called FilePath and its value will be /file/$(Env).txt, and in the dev and prod tabs, instead of a variable called FilePath, create a new one called Env with values dev and prod appropriatly.

Now Create a Variable group for each tab - Common and all the environments.

In the pipeline, link to all the variable groups, the common one will be for the release scope and the environment one for one or more stages depending how you create your pipeline.

• DRY - Do NOT Repeat yourself. Try to use your folder structure as values of variables
• Parameterize Everything - This will help you immensely when creating Task groups (note: highly addictive)
• Values of Variable Groups can be accessed via REST API and thus manipulated. Simple Variables can not.
• Remember that going through this path means youre bounding yourself to Azure Devops, so some work needed if you decide tomorrow to move to a diff.
Now a “cure” to this OCD, and also some answer to the last point, is to have in youre repo a json file per environment (of course not including secrets) and a step at each pipeline the uses to read them and then act upon them. The secrets you keep in variables / group variables depending on how much you want to reuse it.

IF you ever get a hand of a post I did waaaay waaay back (maybe Micheal remembers) is a list of tips and tricks, where i also discuss why you should limit the dependency on pipeline variables/variable groups. But if you are ALL IN, then might have use all the functionality given to you and go for the solution I mentioned above. your OCD will thank me later :wink:

IN one project, i have about 300 variable groups, just because i ran 9 environments but im in the process to lowering the numbers to potentially half as im optimizing the variables using the method above and moving things to a common one trying find differentiation that stays in the environment one.
Always think what would happen if you had to make a change in ALL the environments at once because of some requirement.

And i forgot to mention, using the solution with a json file in the repo, gives you a huge advantage of git history and a PR policy, things that are missing completely in variable groups, but are available to some degree in pipeline variables as you can track the history of the pipeline

Wow this is great! thanks a lot!