Jfrog Xray: Unable to generate Security Report - jfrog-xray

I have setup a new instance of jFrog-xray and configured artifacts. The "Security Report" button is not enabled. What do I need to do to ensure the button is enabled?
NOTE: The question is wrongly tagged since jfrog-xray is not an existing tag and mission-control is the closest (product from same company)

Once you will have some alerts and Xray will find some vulnerabilities the button will be available to you.

Related

Using pac portal to deploy portal between environments. Want to exclude certain records

Using pac portal to push changes between environments. Following the instructions mentioned here. https://learn.microsoft.com/en-us/power-apps/maker/portals/power-apps-cli
Have a specific to exclude certain adx weblinks records from getting pushed. Is there a way to do so? Other than downloading the portal data and deleting the records first?
We use Azure devops to perform the operations. If that helps.
Really appreciate your help and time.
Thanks!
Not sure how to remove the weblinks, but could you solve your problem by changing the weblink 'Publishing Status' from 'Published' to 'Draft' instead? Resulting in the weblinks becoming hidden from public after deployment? This can be done in a deployment profile for your target environment (tutorial here)
Look up the GUID for the 'Draft' 'Publishing State' (in Portal Management App go to 'Websites', select your website, then pick 'Related' tab and 'Publishing States', click on 'Draft' and pull the Id from the URL e.g &id=14ea80af-db7f-ec11-8d21-00224815aec9)
Then in your dev.deployment.yml file you can add something like:
adx_weblink:
- adx_weblinkid: 95f37310-3489-ec11-9390-002248154727
adx_publishingstateid: 14ea80af-db7f-ec11-8d21-00224815aec9
- adx_weblinkid: 349175f7-3389-ea11-93b0-002248154627
adx_publishingstateid: 14ea80af-db7f-ec11-8d21-00224815aec9
Where adx_weblinkid is the GUID of a weblink you want to hide and adx_publishingstateId is the GUID for the 'Draft' Publishing State. Then when you do your 'pac paportal upload' dont forget to include the '--deploymentProfile dev' flag so the dev.deployment.yml file gets used.
You can use Deployment profiles to set and override environment-specific settings when you deploy. That way, you don't need to manually make changes every time you deploy.
I hope this helps?!

VS860016: Could not find subject in the backing domain. This value came from the parameter 'originId'

I'm working with the Azure DevOps API and Microsoft Graph API. This is the issue:
I create an AAD (azure active directory) group, then, I create a new ADO (AzureDevOps) project in a XXX organization. Once the project is created I add the AAD group created at the beginning into the ADO project groups.
It works fine, but sometimes I get an error when I try to add the AAD group into the project permissions groups (the image above), the error is the same as the title: "VS860016: Could not find subject in the backing domain. This value came from the parameter 'originId'."
The first solution was creating a retry function, but it doesn't ever work, so, I'm trying to figure out was is the best approach to resolve the problem, I tried to find some information about this error, but not exists info regarding this.
Do you know the reason for the issue?
Creating a queue for this could work, but I'm looking for a workaround.
Tested in my Environment able to add the AAD group into the project permissions groups.
Not Sure why you are getting the error, Even there is no document to troubleshoot for this Error. Would Suggest you please reach out to Azure Support Team for Solution and Root Cause.

Manage versions with Azure DevOps

I currently use these tools :
Azure DevOps - Only for Git repositories
Jira - To manage tasks / bugs / versions / customer requests / ...
TeamCity - Continuous integration (build and deploy versions )
I would like to replace Jira with Azure Devops (but continue to use TeamCity for builds for now.)
I already created some teams / areas / user stories / bugs.
But I would like a simple way to handle versions. For example, I fix some bugs and release a new version using TeamCity (ex. : v3.1.1.1234 ). How can I update my user stories / bugs to say that it is fix in this version ? There is no "Fix version" field like in Jira...
Should I use "Iterations" or just "tags" ?
If I want to generate release notes for the new version (for internal use), do I have to use Azure DevOps queries ?
You can create a customized field (ie.Fix version) for User Stories in azure devops. You can follow below steps:
1, Create an inherited process. (only an inherited process is allowed to create custom field)
Organization Setting--> Process under Boards--> Select the Process--> Click 3dots(...)-->Click Create inherit process.
2, Create customized Field for the inherited processs which created above
Choose your inherited process, and then choose the Work Item Type (ie, User Story)you want to customize.
Click New field, type in the new field's name (ie. Fix Version) in the Definition section. (you can decide where the new field should locate in Layout section or keep the default layout).
3, Change your project process to above inherited process.
Choose the process that contains you project. Click Projects-->Choose your Project-->Click the 3dots-->Click Change Process
You can check the document here for more information.
After you finish above steps, you will see the new field Fix Version in User Stories edit page.
If you find above steps complicated, you can just use tags.
#Levi Lu-MSFT, This only lets you create field in one workitem type if you want same field in Bugs, Features, Stories it wouldn't allow, it'll throw 'Field already exists" error.

VSTS Extension - Release definition data, environment ids

I am developing web extension for VSTS. I am using vss sdk of Microsoft.
I got some issue.
You can see on the image that there is new line - App insights Settings
This pop up appears on clicking on 3 dots near every release definition on page of list of all releases.
This button navigates user to some environment of some specific release.
Example of link:
https://ozcodedev.visualstudio.com/OzCode/_releaseProgress?releaseId=372&_a=release-environment-logs&environmentId=850
The problem that I do not know how to fetch list of releases and environments for building this link.
How can I get them on page All release pipelines.
Through the GUI it is not possible to get all the release ids and the environment ids for each step. However this is possible through the VSTS APIS. You could use the release endpoint to and iterate to obtain your release id
https://{accountName}.vsrm.visualstudio.com/{project}/_apis/release/releases?api-version=4.1-preview.6
Once you have the release id you can use it like so
https://{accountName}.vsrm.visualstudio.com/{project}/_apis/release/releases/{releaseId}?api-version=4.1-preview.6
Within the returned JSON you can follow iterate the path environment[n].id to obtain the environment id.
You can then construct the link using this information.
Hope that helps
Ok. So after working 2 days on this issue I found solution.
1.It is possible to fetch data that I wanted on Client Side. For this I used Microsoft's library vss-web-extension-sdk. Install it - npm install vss-web-extension-sd --save.
2.Add relevant scopes to your vss-extension.json. In my case the problem was - that I needed data that relates to managing of VSTS user releases. So after Including "vso.release_manage" to my scopes array I stopped to got 401 Unauthorized error because access token was changed according to new scopes.
https://learn.microsoft.com/en-us/vsts/extend/develop/manifest?view=vsts#scopes
In this documentation you can check which scope controls which resources that can be accessed by your extension.
You can use our ts/js clients to get whatever you want for your experience.
We have extensive documentation available here. Let me know if you are blocked anywhere.

How to customize workflow in Azure DevOps Service (VSTS online)?

I've read all the MSDN docs, but cannot find a way to edit the work item transitions in Azure DevOps Service (VSTS online).
I'm trying to:
Add a custom Reason to a State of a work item. (e.g. "resolved", "won't fix")
See/edit all the existing rules about how states transition.
This is possible if you are on the Hosted XML Process model in VSTS.
Hosted XML process model concept - VSTS
When are you on the Hosted XML Process model you ask??
Well after lots of reading I found the following note on the page explaining Hosted XML customization which states
Feature availability: Import process supports the Hosted XML process model which allows you to manage customizations through updating select XML definition files of a process template. This feature is only available for accounts that have been migrated to VSTS using the TFS Database Import Service.
But since I didn't import my VSTS I'm on the Inheritance Process model.
Which does NOT currently support this feature as confirmed here in comments
#RohanDaniel #ehofman#MSFT #DevMarTechOps You are correct. Advanced workflow management, which includes restricting transitions and customizing the reasons of a transition is not yet possible in the Inheritance model. It is on our backlog to add though.
Also, if you indeed used a high fidelity migration tool and you have a Hosted XML process model, you are stuck on it. You cannot move to the inheritance model as seen in this link.
In summary then. On the Inheritance Process model in VSTS this is not a feature that is available currently but is on the backlog as confirmed by MS. However it is not planned for delivery in the next few months and a year or more from now is more likely.
In my case I also had to add addition fields and a new state on the BUG WIT (Work Item Type). This was accomplished on VSTS by customizing a process which is done by inheriting from one of the standard processes ( Agile, CMMI, Scrum ) which you can then customize.
You can add customized rules to a WIT and you can base a rule on changes to the state.... however the rules seems too limited to restrict transitions and the options to set fields doesn't have the "Reason" field available.
In fact, I came up with a solution! Which I admit is not clean as I would like, but it works.
I created three new fields: "Rules error" (Text single line), "Rules broken" (Text single line) and "Rules activated" (Boolean).
"Rules error" I put it on the main tab so I can see the error and the two others I created a tab named "Useless" in which I put them.
Now, add a rule making the reset:
Name: Reset rules
Condition: The value of equals ==> "Rules activated" ==> true
Action: Clear the value ==> "Rules error"
And then one rule per not wanted transition of states:
Name: State change - Approved to Deployed QA
Condition: A work item state changes from ==> Approved ==> Deployed QA
Action: Make required ==> "Rules broken"
Action: Set the value of ==> "Rules activated" ==> true
Action: Set the value of ==> "Rules error" ==> "Can't change from Approved to Deployed QA"
I know, entering something in the field "Rules broken" breaks this enforcement, but as this functionality doesn't exist, it is the only way I came up with when you don't have access to Hosted XML.
Neither of those things appear to be possible at the moment.
The VSTS process customisation is very different to TFS and is still evolving. #1 seems like something that might be added in a future update. But #2 doesn't seem like it would appear, as Microsoft have relaxed most of the transition rules on all the templates on VSTS by default.
This is currently not possible when using inheritance process.
You can vote for this feature request in the community: Allow specifying state transitions when using inheritance process
It's possible by creating our own custom extensions and creating some rules that disable state changes from one state to another state
I have implemented this for my org but haven't published it online..will do it soon
Here is a workaround for denying any users who are not a member of group "HighLevelManagement" to change state from Approved to Committed for PBI:
Create a new Field Called "Unlocked".
create a new rule to "Hide the Field" when the user is not part of "HighLevelManagement" as below
Create a new rule with action "Make Read Only" set to "State" when
Unlocked is False and workitem change from Approved to Commited as
below:
Now whenever a user from HighLevelManagement wants to change state from Approved to Committed he simply tick Unlocked change state and then tick back Unlocked, that way anyone from outside HighLevelManagement will be restricted to change state from Approved to Committed.