is a "Public" DevOps project accessible by
everyone on Azure DevOps
only by the organization members
all members of the Azure Active Directory that is linked to the organization.
What I want to achieve is 3. over 2. but not 1.
Thank you
A public project means "Anyone on the internet can view the project. Certain features like TFVC are not supported." which is the 1 in your list, this you can see when you create a new project in Azure DevOps service :
You can find more detailed informaion at the doc What is a public project?, it says "Users that aren't signed into the service have read-only access to public projects on Azure DevOps.".
What I want to achieve is 3. over 2. but not 1.
only by the organization members
all members of the Azure Active Directory that is linked to the organization.
What you are seeking for is a private project in fact, create a new private project and add the organization users to this project, or if your organization is connected to AAD then you can directly add anyone who's in the AAD to this project with no need to add them to your organization first.
This you can find more information at the doc Add members to your project.
It seems for public project to access, admin/project owner need to invite the required user.
Ref: https://learn.microsoft.com/en-us/azure/devops/organizations/public/invite-users-public?view=azure-devops
Public projects are not that public...
Related
Similar to Github Cloud is there a way in Azure Devops to create internal repos wherein multiple users can have access to some repos which have certain documents without adding them as users or groups to such repos? If we make RepoA as internal it should be available to all users under an org without specifically adding them.
In Azure DevOps, for public projects, any user can get access your public project and check Git repo without signing in or added as a user in your org. You can also refer to this doc: Make your private project public - Azure DevOps Services Public Project | Microsoft Learn .
If for private projects in Azure DevOps, firstly, users must be granted access to the specified private project also as Basic access level in your org via navigating to Organization Settings -> Users -> Select the specified user -> Manage user to set users' access level.
Users be with Stakeholder access level, they will not be able to use Azure Repos for your private project.
Otherwise, to set permissions for a specific repository or some specific users, navigating to Project Settings -> Repositories -> Security to manage the permissions.
You can also refer to: About access levels - Azure DevOps | Microsoft Learn and Set Git repository permissions - Azure Repos | Microsoft Learn
I followed the guide here https://docs.github.com/en/free-pro-team#latest/actions/learn-github-actions/sharing-workflows-with-your-organization.
I successfully created a GitHub Organization shared workflow and can access this shared workflow if I create a public repo under the organization or my account (I am a member of the organization).
However, if I create a private repo I do not see the shared workflow. I am using the free-tier for my membership account and organization, so I'm not sure if that is the issue. There was no documentation stating that was a requirement.
Only possible in GitHub Enterprise plan organizations:
to use templates to create workflows in private repositories, the organization must be part of an enterprise plan.
GitHub documentation
You can also create workflow templates in the .github repository and
share them with other users in your organization.
https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
You can also create workflow templates in the .github repository and
share them with other users in your organization.
I manage an Azure DevOps organization with a couple dozen users, all with either Visual Studio subscriber or Basic user access level on the organization.
When someone creates a new project, which need to be private repos, I want all the organization users to automatically get read access to see the project and clone repos. Is there a way to do that? Everything works great once we grant the access at the project level, but sometimes people create projects and don't grant the access, so I don't know what projects exist. Do we need to rely on people creating the projects to grant read access to the group of users when they create them?
When someone creates a new project, which need to be private repos, I
want all the organization users to automatically get read access to
see the project and clone repos. Is there a way to do that?
This is not supported by design.
To protect private project, Azure Devops doesn't support automatically granting any access of newly created project to those normal Organization-level users unless the users belongs to the PCA (Project Collection Administrators, highest level in whole Org. It shouldn't be granted to normal users).
So we do need to rely on people creating the projects to grant read access to the group of users when they create them. Apart from project creators(people creating the projects), PCA or project administrators can also do this job.
You can create a new organization group which contains the Org users:
Then grant the access to those users by manually adding this group as member of default Project Reader group:
I have a setup on Devops where I want to give and external account (not part of the company) access to the repos. I thought that the Stakeholders would have at least read only access there but seems not.
I've invited a new user (external) with Access Level = Stakeholder, given access to the project X and made him a member of Project Contributors for the project.
So the question is, should Stakeholders here have access to the repos? is there a way for me to do this?
If you are using private repos for your project then stakeholders only have access to the following features:
Dashboards, Wiki, Boards, Project and Organization settings - Partial access
Repos, Test Plans - No access
Pipelines, Notifications, Semantic Search - Full access
If you are using public repos for your project then stakeholders only have access to the following features:
Dashboards, Wiki, Boards, Repos, Pipelines, Notifications, Semantic Search - Full access
Test Plans - No access
Project and Organization settings - Partial access
If you want details on Stakeholder access rights for each of the features, go here
I hope that helps.
The Public option is disabled in visibility section of create project page. When I move the mouse over the info icon of public option, it says that: Your enterprise is preventing you from selecting this option.
As I know, Enterprise in VSTS means the account that is currently selected, and each enterprise can contain many organizations.
My currently selected enterprise is Microsoft Account, and I can not create any public project in any organizations of my Microsoft account.
What is the problem with creating a public project from Microsoft Account and how can I create one?
Found the solution!
Go to Organization Settings ('Account Settings' for old UI of VSTS) -> Policy -> Security policies and turn on the Allow public projects.
Log in your VSTS account, and under settings|Policy