Download Secure File task

Azure Pipelines

Use this task in a pipeline to download a secure file to the agent machine. When specifying the name of the file (using the secureFile input) use the name you specified when uploading it rather than the actual filename.

Once downloaded, use the name value that is set on the task (or "Reference name" in the classic editor) to reference the path to the secure file on the agent machine. For example, if the task is given the name mySecureFile, its path can be referenced in the pipeline as $(mySecureFile.secureFilePath). Alternatively, downloaded secure files can be found in the directory given by $(Agent.TempDirectory). See a full example below.

When the pipeline job completes, no matter whether it succeeds, fails, or is canceled, the secure file is deleted from its download location.

It is unnecessary to use this task with the Install Apple Certificate or Install Apple Provisioning Profile tasks because they automatically download, install, and delete (at the end of the pipeline job) the secure file.

This task currently supports only one file task per instance.

YAML snippet

# Download secure file
# Download a secure file to the agent machine
- task: DownloadSecureFile@1
  name: mySecureFile # The name with which to reference the secure file's path on the agent, like $(mySecureFile.secureFilePath)
    secureFile: # The file name or GUID of the secure file
    #retryCount: 5 # Optional


Argument Description
Secure File
(Required) The file name or unique identifier (GUID) of the secure file to download to the agent machine. The file will be deleted when the pipeline job completes.
Retry Count
(Optional) Number of times to retry downloading a secure file if the download fails.
Default value: 8


This example downloads a secure certificate file and installs it to a trusted certificate authority (CA) directory on Linux:

- task: DownloadSecureFile@1
  name: caCertificate
  displayName: 'Download CA certificate'
    secureFile: 'myCACertificate.pem'

- script: |
    echo Installing $(caCertificate.secureFilePath) to the trusted CA directory...
    sudo chown root:root $(caCertificate.secureFilePath)
    sudo chmod a+r $(caCertificate.secureFilePath)
    sudo ln -s -t /etc/ssl/certs/ $(caCertificate.secureFilePath)