I'm looking for a way to use DevOps REST API (e.g.: download artifact published from pipeline) from VSCode extension (from TypeScript/JavaScript). (That is, I'm writing the extension/code to do that...)
In VSCode there is Azure Account extension (https://github.com/microsoft/vscode-azure-account) which is used in many existing extensions interacting with Azure so I'd like to use it too to be consistent. It handles Azure sign-in and exposes credentials.
I found out there is Azure DevOps Services REST API (https://learn.microsoft.com/en-us/rest/api/azure/devops/?view=azure-devops-rest-6.1) and Node.js client (https://github.com/microsoft/azure-devops-node-api) but it seems to use different form of authentication for Azure (personal access tokens), so I think it's not possible to use it with Azure Account extension?
Is there a way to get required credential information from Azure Account, or is there an alternative for accessing things like pipeline artifacts?
Related
I need to deploy an azure function app via Azure DevOps.
If I deploy via visual studio, it asks me to create a publish profile, where storage is specified.
I'm unsure how this works however with DevOps.
I have a build pipeline that builds the (.net core) function app, but on the release, I'm unsure how to proceed.
The Microsoft documentation is quite poor in my opinion, so would appreciate any expertise.
Thanks!
You have to create the underlying infrastructure prior to deploying the Azure Function to it.
There are steps you could user here and have an inline script job/stage within your pipeline:
https://learn.microsoft.com/en-us/azure/azure-functions/create-first-function-cli-csharp?tabs=azure-cli%2Cin-process#create-supporting-azure-resources-for-your-function
Alternatively you could use an ARM template or terraform to provision the app service and storage account as required.
I've got a sample github actions deployment of a function which uses the inline script method here:
https://github.com/brettmillerb/testfunctionapp/blob/master/.github/workflows/main.yml
I am trying to use Microsoft Identity Platform to authorize users to access Azure DevOps REST APIs in my Angular SPA, similar to how it is done for Graph API authorization. Do I use Azure Portal and register my app and include the Azure DevOps API with user_impersonation scope?
You don't need to use Microsoft Identity Platform to access Azure DevOps REST APIs.
For angular application that want access to resources like Azure DevOps REST API's, you can click Microsoft Authentication Library for JavaScript (MSAL.js) for detailed information.
And here is a code sample.
I am trying to implement an integration between a web-based code editor and Azure Devops. I am trying to use OAuth to get user authorization and then to make a clone of a repository on behalf of the user.
For GitHub I can use the OAuth access token as a username to clone the repository. Is there a similar functionality for Azure Devops?
Is there a similar functionality for Azure Devops?
The answer is yes.
Azure DevOps Services uses the OAuth 2.0 protocol to authorize your app for a user and generate an access token. And we need make sure Authorised scopes include code (Read) when we generate the OAuth token:
Please refer this document and this blog for some more details.
Note:
Since OAuth 2.0 is not supported on Azure DevOps Server
(I saw you add Azure DevOps Server tag on your post). Client
Libraries are a series of packages built specifically for extending
Azure DevOps Server functionality. For on-premises users, we recommend
using Client Libraries, Windows Auth, or Personal Access Tokens
(PATs) to authenticate on behalf of a user.
I'm trying to set up a new instance of Aggregator CLI as an Azure function app. I've created the app on Azure and think I've installed Aggregator CLI, but don't know how to save my Azure DevOps (formerly VSTS) Personal Access Token (PAT) to Aggregator in order for the app to authenticate against DevOps. To be clear, I am not trying to install the server plugin (which requires an on-prem instance of TFS) nor am I trying to configure the webhooks version (which has been deprecated).
What I've done so far
Created a new resource group on Azure
Created a function app on Azure with storage account and application insights
Created an Azure service principle
Assigned permissions to the Azure service principle
Downloaded FunctionRuntime.zip v0.9.8 from https://github.com/tfsaggregator/aggregator-cli/releases
Deployed the code to the function app
Created a PAT in Azure DevOps
Expected behaviour
I expect to be able to save the PAT to the Aggregator_VstsToken application setting on the function app, so that the app can authenticate against VSTS. Setup.md doesn't describe how to do this. I expect to see the application settings shown in this screenshot on the app.
Actual behaviour
There isn't an application setting called Aggregator_VstsToken on the function app. There aren't any other Aggregator-specific settings either.
Environment
Azure DevOps (VSTS) cloud
Azure Function App
I have the need to be able to create completely new Azure DevOps organizations from scratch. I have tried with azure devops cli but there just seems to be no way to do it.
I already checked MS documentation but it only mentions the manual way through a browser to do so.
Is this even possible?
Is this even possible?
As far as I know it is not possible to create organizations in Azure DevOps programmatically. You can create Projects, Work Items or Teams through Rest API but not Organizations.
In addition, please also refer to Use Azure DevOps REST API to Delete organizations / accounts? Where you can see there isn't a way to automate delete an organization currently too.