As per below link, test manager in AzureDevOps cannot be assigned to Stakeholder level access.
https://marketplace.visualstudio.com/items?itemName=ms.vss-testmanager-web#pricing
So it can be assign to basic access level with contributor permission? Please clarify on this.
Yes, this is totally possible. We have such cases in one of our projects.
For using Test Manager you need to buy different licenses, you buy them from the link you provided and everyone can use Test Manager that have license. Basic access to azure devops does not include access to Test Manager
Related
I have a scenario where a user with a valid Personal Access Token makes thousands of calls to create work items in Azure DevOps. I went through all the documentation but couldn't find anything. One can enable conditional access but that would not cover this. The rate-limits etc are all default and there is no option to control those. Is there a way to control the number of requests a valid user can make?
Is there a way to control the number of requests a valid user can make?
I am afraid there is no such way to do this at this moment.
In my personal opinion, this request is reasonable.
You could add your request for this feature on our UserVoice site (https://developercommunity.visualstudio.com/report?space=21&entry=suggestion), which is our main forum for product suggestions. Thank you for helping us build a better Azure DevOps.
I was "david.corbin#companyA.com" now I am "boogie.woogie#companyB.com". Both are AAD backed identities.
The goal is to change how I authenticate to Azure DevOps so that I have one consistent history without "fracturing" or "historical user".
I have tried (in a playpen environment) various items, but I always end up with there being two distinct identities.
In the past during migrations, Microsoft Support was able to alter identities, but I am looking for a solution that does not involve opening a bunch of support tickets.
Azure DevOps Change User Identity
I am afraid there is no such solution that you could resolve this issue by yourself.
If you have already add the new account boogie.xxxx#companyB.com in the organization, we could not map that old david.xxxx#companyA.com to their Azure AD identities.
That is because it will be treated as a new account and assigned a unique VSID when you add the account account boogie.xxxx#companyB.com to organization.
That is also the reason why you always end up with there being two distinct identities.
To resolve this issue, we need to contact the support team to map two account as one in the backend. You could submit the ticket on the Developer Community if you do not want open a support ticket. Or you could create a technical support ticket from Azure Portal if you have Azure support plans.
We have successfully integrated SonarQube into our build pipelines on Azure DevOps and have used a developer's account to generate a PAT for pull request decoration. The problem is now that the developer's account is posting comments across all our repos on different Pull Requests. It seems the alternative is to create a whole new user titled 'SonarQube' (or similar) in our Active Directory and generate a new PAT to do this, which seems overkill. Any alternative options would be appreciated.
Creating a separate identity that would belong to SonarQube is the only option. The identity posts the comments using the DevOps API where the PAT is the only identification of the identity.
Using a developer's account for PR decoration not only feels strange when reading the comments, but it is also fragile. When the developer leaves the company, their account will be terminated and suddenly, PR decoration will break and it may not be immediately clear why. Also, the developer could revoke the PAT at any time by mistake. In a larger organization, no single developer will have the right to comment on pull requests everywhere, so multiple developer accounts will be in use, which makes the configuration even more complex and fragile.
How do you make Test and Code Coverage from the Azure Devops publicly available, so (anonymous, without an MSDN account) users can see the results without having to have an account on your organization? I tried fiddling with the "Readers" settings within Azure DevOps but no luck. Typically, when users don't have an account the Code Coverage will load indefinitely and the Test tab is not shown.
Question 2: how can I provide a direct link (url) to my latest code-coverage for a specific build definition? Using Shield.io i was able to get a badge for the code-coverage but i also would like to provide a direct link to the report.
shields.io link to badge: https://img.shields.io/azure-devops/coverage/OffTheRecordv4/OTRv4/1
This is the project:
https://dev.azure.com/OffTheRecordv4/OTRv4/_build?definitionId=1&_a=summary
and the shield.io badge can be viewed here:
https://github.com/southernsun/otr
when logged in:
When logged out (spinning wheel never stops and nothing loads):
Thanks!
UPDATE
I created a feature request, feel free to support the request: https://developercommunity.visualstudio.com/idea/1069707/allow-code-coverage-and-test-plan-tabs-accessible.html
According to your description, you are working with a public project. A public project allows non-members of a project and users who aren't signed in read-only, limited access to the project's artifacts and services. Check the following table:
To contribute to a public project, you must be added as a member of that project and assigned either Stakeholder, Basic, or Basic + Test Plans access. The access level determines the user interfaces you can access. If you want users to access Test, you would need to assign Basic + Test Plans access to them.
Regarding how to get code coverage link, you may try Code Coverage - Get Build Code Coverage API, which would give you codeCoverageFileUrl in response.
Objective: Allow different clients access to only read/pull from my private repo.
Overview:
Listed are the different options that I am aware of:
I could invite the clients and give them access to the Basic access level but do know what to have to pay for different users just to read/clone from the repo.
I could create a single user with Basic access level and then create git access tokens for them individually. However, I did not see a way to restrict the access tokens to be project/repo specific. Instead, the access tokens create had the same privileges as the created user.
Question: What is the best practice to provide access to an external user to only access the private Azure DevOps repo?
Note: I have seen this link and did not know if there were other options.
To make the user only have read access to all repos in one project:
You may consider making the user a reader instead of contributor or Project Administrators, so the user can have only read access to the repos in one project.
Organization Settings=>Users(General)=>Manage user=> select Project reader.
More details about project readers you can check this document.
To make the user only have read access to one special repos in one project:
We can control related permissions from Project Settings=>Repositories(Repos)=>Version Control Administrators:
Hope all above helps :)