通过 DevOps 创建服务端点时设置 "Allow all pipelines" API 创建端点
Setting "Allow all pipelines" when creating a service endpoint through DevOps API Create Endpoint
我正在尝试通过 Azure DevOps Rest API 创建服务端点,但无法设置 "Allow all pipelines to use this service connection" 选项。我找不到有关 json 结构的文档来完成此操作。
创建连接的当前片段:
$baseUri = "https://dev.azure.com/org/proj/";
$createEndpointUri = "$($baseUri)_apis/serviceendpoint/endpoints?api-version=5.0-preview.2";
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("token:{0}" -f $devOpsPAT)))
$DevOpsHeaders = @{Authorization = ("Basic {0}" -f $base64AuthInfo)};
$AzureSubscriptionData = New-Object PSObject -Property @{
authorizationType = "AzureSubscription"
azureSubscriptionId = $SubscriptionId
azureSubscriptionName = $subscriptionName
clusterId = $clusterId
};
$Authorization = New-Object PSObject -Property @{
parameters = New-Object PSObject -Property @{
azureEnvironment = "AzureCloud"
azureTenantId = "$tenantID"
};
scheme = "Kubernetes"
};
$ServiceEndpointBody = New-Object PSObject -Property @{
authorization =$Authorization
data = $AzureSubscriptionData
name = $serviceConnectionName
type = "kubernetes"
url = $k8sUrl
isReady = "true"
};
$jsonbody = $ServiceEndpointBody | ConvertTo-Json -Depth 100
Invoke-RestMethod -UseBasicParsing -Uri $createEndpointUri -Method Post -ContentType "application/json" -Headers $DevOpsHeaders -Body $jsonbody;
您通常可以通过在 Azure DevOps UI 中执行操作并使用(例如)Chrome 调试工具检查它发出的 HTTP 请求来解决这些问题。
在这种情况下,我认为您首先需要创建服务连接,然后向 pipelinePermissions 端点发出 PATCH 请求,将 allPipelines.authorized 标志设置为 true。
URI
PATCH https://dev.azure.com/{organisation}/{project}/_apis/pipelines/pipelinePermissions/endpoint/{endpointId}?api-version=5.1-preview.1
补丁请求正文
{
"allPipelines": {
"authorized": true,
"authorizedBy": null,
"authorizedOn": null
},
"pipelines": null,
"resource": {
"id": "{endpointid}",
"type": "endpoint"
}
}
Powershell
Invoke-RestMethod -Method PATCH -Uri "{uriasabove}" -Headers $headers -Body "{patchbodyasabove}" -ContentType "application/json"
感谢上述帮助,但是我想使用 bash 脚本完成所有这些。
patch.json
{
"allPipelines": {
"authorized": true,
"authorizedBy": null,
"authorizedOn": null
},
"pipelines": null,
"resource": {
"id": "test-service-endpoint-id",
"type": "endpoint"
}
}
一个简单的 Bash 脚本 实现同样的效果。
#!/bin/bash
token=test-token
organization_name=your-azuredevops-organisation
project=test-project
user=your-user-name
connection_name=test-connection
#Get Request for endpoint ID
connection_id=$(curl -X GET \
-H "Content-Type: application/json" \
-u $user:$token \
https://dev.azure.com/$organization_name/$project/_apis/serviceendpoint/endpoints\?endpointNames\=$connection_name\&api-version\=5.1-preview.2 | jq '.value[].id' | tr -d "\"" )
#Creating newpatch.json with connection_id
cat patch.json | jq --arg conn_id "$connection_id" -r '.resource.id = $conn_id' > newpatch.json
curl --request PATCH \
-H "Content-Type: application/json" \
-u $user:$token \
-d "@newpatch.json" https://dev.azure.com/$organization_name/$project/_apis/pipelines/pipelinePermissions/endpoint/$connection_id\?api-version\=5.1-preview.1
我正在尝试通过 Azure DevOps Rest API 创建服务端点,但无法设置 "Allow all pipelines to use this service connection" 选项。我找不到有关 json 结构的文档来完成此操作。
创建连接的当前片段:
$baseUri = "https://dev.azure.com/org/proj/";
$createEndpointUri = "$($baseUri)_apis/serviceendpoint/endpoints?api-version=5.0-preview.2";
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("token:{0}" -f $devOpsPAT)))
$DevOpsHeaders = @{Authorization = ("Basic {0}" -f $base64AuthInfo)};
$AzureSubscriptionData = New-Object PSObject -Property @{
authorizationType = "AzureSubscription"
azureSubscriptionId = $SubscriptionId
azureSubscriptionName = $subscriptionName
clusterId = $clusterId
};
$Authorization = New-Object PSObject -Property @{
parameters = New-Object PSObject -Property @{
azureEnvironment = "AzureCloud"
azureTenantId = "$tenantID"
};
scheme = "Kubernetes"
};
$ServiceEndpointBody = New-Object PSObject -Property @{
authorization =$Authorization
data = $AzureSubscriptionData
name = $serviceConnectionName
type = "kubernetes"
url = $k8sUrl
isReady = "true"
};
$jsonbody = $ServiceEndpointBody | ConvertTo-Json -Depth 100
Invoke-RestMethod -UseBasicParsing -Uri $createEndpointUri -Method Post -ContentType "application/json" -Headers $DevOpsHeaders -Body $jsonbody;
您通常可以通过在 Azure DevOps UI 中执行操作并使用(例如)Chrome 调试工具检查它发出的 HTTP 请求来解决这些问题。
在这种情况下,我认为您首先需要创建服务连接,然后向 pipelinePermissions 端点发出 PATCH 请求,将 allPipelines.authorized 标志设置为 true。
URI
PATCH https://dev.azure.com/{organisation}/{project}/_apis/pipelines/pipelinePermissions/endpoint/{endpointId}?api-version=5.1-preview.1
补丁请求正文
{
"allPipelines": {
"authorized": true,
"authorizedBy": null,
"authorizedOn": null
},
"pipelines": null,
"resource": {
"id": "{endpointid}",
"type": "endpoint"
}
}
Powershell
Invoke-RestMethod -Method PATCH -Uri "{uriasabove}" -Headers $headers -Body "{patchbodyasabove}" -ContentType "application/json"
感谢上述帮助,但是我想使用 bash 脚本完成所有这些。
patch.json
{
"allPipelines": {
"authorized": true,
"authorizedBy": null,
"authorizedOn": null
},
"pipelines": null,
"resource": {
"id": "test-service-endpoint-id",
"type": "endpoint"
}
}
一个简单的 Bash 脚本 实现同样的效果。
#!/bin/bash
token=test-token
organization_name=your-azuredevops-organisation
project=test-project
user=your-user-name
connection_name=test-connection
#Get Request for endpoint ID
connection_id=$(curl -X GET \
-H "Content-Type: application/json" \
-u $user:$token \
https://dev.azure.com/$organization_name/$project/_apis/serviceendpoint/endpoints\?endpointNames\=$connection_name\&api-version\=5.1-preview.2 | jq '.value[].id' | tr -d "\"" )
#Creating newpatch.json with connection_id
cat patch.json | jq --arg conn_id "$connection_id" -r '.resource.id = $conn_id' > newpatch.json
curl --request PATCH \
-H "Content-Type: application/json" \
-u $user:$token \
-d "@newpatch.json" https://dev.azure.com/$organization_name/$project/_apis/pipelines/pipelinePermissions/endpoint/$connection_id\?api-version\=5.1-preview.1