How do I know which git authentication method is being used? - azure-devops

Is there a way to verify through which way I'm authenticating to Azure DevOps?
Am I authenticating through my SSH key?
Am I authenticating through Azure CLI?
Am I authenticating through Azure Account extension in VSCode?

I found setting GIT_TRACE=1 to be useful for debugging Git. (I found that from this page.)
git config --list --show-origin will also show if you're configured to use any credential.helper such as Git Credential Manager Core.

For git authentication with Azure DevOps, the first thing I'd do is to run
git remote show origin
If the Fetch and Push URLs start with git:, you're using an SSH key. If it starts with https:, it's going to do an OAuth browser login to Azure DevOps, and then display a message telling you that you're signed in and can close the browser window, at which point Git will have the credential it needs to work with the remote repository. In my experience, it works the same way in VS Code - it uses whatever credential the Git application has negotiated.
The Azure CLI should not come into play with Git - it can be used to manipulate Azure DevOps features, but does not participate directly in the source control process (other than allowing things like PR submission, etc.)

Related

Automatic pushing to Dreamhost from Github via Workflows

Recently transitioned hosting my website to Dreamhost from Netlify in order to host a dynamic site. One thing I miss is the ability to automatically deploy from Github to the hosting service when changes are detected in my repo.
I've found tutorials for pushing to Github from my Dreamhost server, but not the other way around. I have multiple people working on this website, and my hope is to do this centrall via Github instead of manually pushing to both Github and the Dreamhost server thru the command line.
My assumption is that to ssh to Dreamhost I need a public key from my client to store on the Dreamhost server. I don't know if this is possible to generate a public key from Github (related to the workflow), but if it is how I would I do it? The other option is to store the ssh credentials with Github repo secrets to connect, but I feel this isn't best practice.
How would I go about pushing my Github repo to my Dreamhost server automatically after changes to main?
Two different gists suggest the same approach.
Create a bare repo on the DreamHost server
push to it
have a post-receive hook doing the git restore in the target folder (on the same server) where the actual site is deployed
See "How to Git Push to a Server Machine without having to ssh on to that machine every time?"
What remains for your GitHub Action is, as describe in Deploying to a server via SSH and Rsync in a Github Action, to use a dedicated SSH key, whose private key is registered in GitHub secrets.

How to connect my GitHub Enterprise Account with Visual Studio Code

I want to know if it's possible to connect my github enterprise account of my organization to vs code, and if so how?
I know how to sign in with a normal github account on vs code but it doesn't work for github enterprise. I already looked up online but couldn't find any answers.
In the vs code settings there is an option called github enterprise: Uri. I put there the url of my github organization "github.organizationname.com" but I don't know what else I need to do.
Here's what worked for me on vs code 1.62.3.
Clone the GitHub Enterprise repo outside of vs code (ie, using git cli in a terminal or GitHub Desktop).
In vs code, open the folder containing the cloned repo.
And just like magic, it works. If you click on the source control tab in vs code, you can pull changes and make commits. Actually, it might not work quite yet if your cloned project doesn't have your personal access token saved. If you need to do that, you can find instructions in this answer to a different question
I have set it up in the vscode settings like so:
Then it asked for my personal access token. This is token can be created under "settings" -> "developer options"
see: https://docs.github.com/en/enterprise-server#3.4/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
It is possible to login using GitHub enterprise from VS Code without using personal access token or SSH keys. User can login by SSO if session already exist in browser else will need to sign in using their credentials. One of the ways to achieve this is to install Git Credential Manager. Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux.
Compared to Git's built-in credential helpers (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM provides multi-factor authentication support for Azure DevOps, Azure DevOps Server (formerly Team Foundation Server), GitHub, Bitbucket, and GitLab.
For installing GCM based on OS follow the given link:
https://github.com/GitCredentialManager/git-credential-manager
Once GCM is installed and you try to clone a repository you will be able to see Enterprise login page. This can be achieved by using other Git Oauth Authorized Apps such as GitHub CLI.
Another option is to access with you microsoft email and then , the Github enterprise signing option will be added in "Account" just click it and you now will have access to GithubEnterprise
Account bottom in green
more reference here is the link:
https://learn.microsoft.com/en-us/visualstudio/ide/work-with-github-accounts?view=vs-2022

Authentication error cloning Azure Devop's repo in OS X

I have created a project in my Azure DevOps but when I try to clone it with Visual Studio Code or SourceTree it asks me for the password and the password I use is the one associated with my account, which is the Azure tenant administrator account with which I have logged into Azure DevOps and with which I have created the project.
but he always rejects me
I have the latest git version installed in OSX
Any idea, please?
Thanks
This should be related to the Git credential in your local, try to remove them and try again.
If it still does not work, you could use PAT(personal access token) to clone the repo, it should work.
git clone https://<Your-PAT-Here>#dev.azure.com/orgname/proname/_git/reponame

Azure Devops clone This is not a valid source path in source tree

I have managed to finally add my devops account in sourcetree using the https://orgname.visualstudio.com path
Now I am having issues cloning the repository
I am using the path that devops gives me
https://orgname#dev.azure.com/orgname/MyProject/_git/MyRepo
but I get an error saying
This is not a valid source
The details reveal authentication issues... Yet it authenticated fine when adding the account.
What is going on? Does the azure account have to be the default account?
I managed to fix this by changing from the sourcetree embedded git to my system git Tools>Options>Git>Git Version>Select System. Afterwards when trying again it prompted me to login on my organization domain with 2 factor as if logging in on the devops web app directly.
My system Git is using manager-core for the credential management which is probably not the same system which the embedded version used.
I tried the above solutions (and more) but for me what in the end solved the problem was that the git-password I first wrongly entered when I tried to access the repo had been saved in Keychain (MacOS) and when I tried again this password was used without giving me the option to type it in again. I deleted the password to the Azure DevOps project in Keychain and then got prompted to enter the password again whereafter I pasted the Personal Access Token (!!) generated in Azure Devops and it finally worked!
It could happen when you entered wrong credentials and you don't get asked again, try this:
Go to : Sourtree->Preferences->Advance (tab)
Under: "Default usernames for URLs which do not include one:" delete your wrong credentials.
Try accessing your repo again with right credentials.
This is not the issue which caused by Azure devops. No matter https://xxx.visualstudio.com, or the URL which like dev.azure.com, they should all available git source.
For me, I just try with multi different git URLs, and found the few of URLs are failed with same error with you. But it prompt This is a git repository after I exit the SourceTree and re-configure the clone with same URL which encountered the error previously.
This seems be the most common Sourcetree problem which encountered by many users, not just the URL of azure devops that you occurred.
Check this thread, and try with its recommend way:
Open source tree, Tools -> Options -> Click on Git Tab -> Update
Embedded Git.
Or, consider the method I used: exit the Sourcetree, and re-configure the clone with same URL. (Not recommend since this can not permanently solve this issue)

Enable alternative credentials in TFS on premises

Using Visual Studio Team Services you have to enable Alternative Credentials in order to be able to connect to TFS Git Repo. using Eclipse or any other Git Client,
My problem is i want to connect to TFS on-premises Git repo. using Eclipse but there is no way to enable Alternative Credentials, any way to enable Alternative Credentials to be able to do that ? or can i do it other way?
TFS15 now supports Personal Access Tokens and SSH access, so your question isit's not entirely off the mark. There are scenario's where connecting using NTLM or kerberos security is not possible, but as #edward-thomson pointed out, the alternate credential is still linked to a domain account and should not be handed out to 3rd parties.
Instead users will need to be added to Active Directory, or a trust relation (or Federation) needs to be in place so the user is able to join using it's own orgs AD account.
If you're using Git, you could opt to also store the repository on Visual Studio Team Services and push/pull between that and your own TFS server. That way you can give 3rd parties access using their MSA or AAD account, while keeping the main repository secured using AD accounts only. Given the fact that Git is able to transfer data and history with ease, that's not an entirely weird scenario. It fits with the whole Distributed nature of Git quite well.