Define a credential in TFS 2015

Question

I use a TFS 2015 instance (it will be soon decommissioned). In a release definition I need to use some sensitive data (credentials). As of now I tried setting the secrets as in this guide but this is a feature supported only from TFS 2018 on. In fact, in TFS 2015 I cannot see the "Environment variables" section that is needed to decrypt the "locked" configurations.

What are the possible options here to have a per-project set of encrypted sensitive data that I can then retrieve and use in the release scripts? Is there any credential manager (like the one in Jenkins) in TFS 2015?

Answer 1

Each pipeline has a list of variables. Each variable has a little icon you can click to keep the value secret. In 2015 I don't think there's a Variable Library option yet, if I remember correctly that was added in a later version.

Here's the official docs that describe setting a variable in Team Foundation Server 2015.

You can set a variable for a build pipeline by following these steps:

1. Go to the Pipelines page, select the appropriate pipeline, and then select Edit.
2. Locate the Variables for this pipeline.
3. Add or update the variable.
4. To mark the variable as secret, select Keep this value secret.
5. Save the pipeline.

After the variable is set, you can use it as an input to a task or within the scripts in your pipeline. To use a variable as an input to a task, wrap it in $().

If you wrap your script in a custom task, you can use a "Service Connection" to store the secret and select it from a task.