Azure DevOps Secure Files - Central store, shared between projects?

Question

Hello,

We use a series of projects in Azure DevOps. Within one of these projects, we use signing keys (i.e. .p12, .keystore) etc. to sign our mobile apps. These are stored in the Secure Files area of the Library.

This works well within this project, but we're looking for other apps within our company to use these to sign their apps. Ideally, we want to have a central repository for things like the .p12 as this certificate needs updating annually.

However, looking at the documentation for pipeline resources, it states in regards to protected files, such as secure files: "They can be made accessible to specific users and specific pipelines within the project. They cannot be accessed by users and pipelines outside of a project."

This was also corroborated by a StackOverflow answer (though admittedly four years ago).

I've been investigating options with Azure DevOps, or perhaps even using a combination of Azure Blob Storage, and KeyVault, but I'm not sure whether this is considered best practice. I'm also not entirely sure if these resources are accessible by DevOps pipelines.

Is there a recommended approach for having a central secure file store that can be accessed by multiple project pipelines in Azure DevOps?

Thanks in advance.

Answer 1

@Richard Coleman
Azure DevOps related questions are not supported on this forum. It's better to reach out to experts in a dedicated forum over here:

https://developercommunity.visualstudio.com/spaces/21/index.html

Answer 2

Hi, thanks. I was pointed here by the AzureSupport twitter account, so I will ask there and mark this answered. Thanks.