admin管理员组文章数量:1278983
When using Azure Pipelines YAML pipelines, is it possible to directly use an existing Service Connection?
More specifically, the existing service connection to Bitbucket Cloud is used implicitly when creating pipelines for repos in Bitbucket. We would like to pull in a Bitbucket repo using git --mirror.... Is it possible to use the service connection to with git in such a way?
When using Azure Pipelines YAML pipelines, is it possible to directly use an existing Service Connection?
More specifically, the existing service connection to Bitbucket Cloud is used implicitly when creating pipelines for repos in Bitbucket. We would like to pull in a Bitbucket repo using git --mirror.... Is it possible to use the service connection to with git in such a way?
1 Answer
Reset to default 1Update
Based on my recent tests with persistCredentials: true for checkout step, I noticed that step would temporarily save auth token in the .git/config file during the agent job.
Therefore, I ran a script to extract and decode that token for authenticating git clone --mirror command. Here is the sample YAML pipeline for your reference.
trigger: none
pool: # Default
vmImage: ubuntu-latest
steps:
- checkout: self
persistCredentials: true
- powershell: |
Write-Host "Build.Repository.Name - $(Build.Repository.Name)"
Write-Host "Build.Repository.Provider - $(Build.Repository.Provider)"
$configFilePath = "$(System.DefaultWorkingDirectory)/.git/config"
$configFileContent = Get-Content -Path $configFilePath
$encodedAuthToken = $configFileContent | Where-Object { $_ -match "extraheader = AUTHORIZATION: basic (.+)" }
$encodedAuthToken = $encodedAuthToken -replace "extraheader = AUTHORIZATION: basic ", ""
$encodedAuthToken = $encodedAuthToken.Trim()
$decodedAuthToken = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($encodedAuthToken))
Write-Output "decodedAuthToken - $decodedAuthToken"
mkdir testFolder
git clone --mirror https://[email protected]/$(Build.Repository.Name).git testFolder
tree testFolder
The Bitbucket Cloud service connection my pipeline references is using grant authorization of BitbucketAzurePipelines.
As far as I tested to use persistCredentials: true property for the checkout step, I found that the git push command in a pipeline script could succeed to push commits during the build onto the remote Bitbucket source repo.
steps:
- checkout: self
persistCredentials: true
- powershell: |
mkdir testFolder
git clone --mirror https://bitbucket./xxx/bitbucketrepo.git testFolder
tree testFolder
However, per the git clone --mirror <repoURL> command, it requires to provide the token for authentication inside the URL in order to avoid prompting user interactive dialog. There is no way to extract token form the Bitbucket Cloud service connection, unlike the $(System.AccessToken) we can use to authenticate access to an Azure Repo. git clone --mirror https://$(System.AccessToken)@dev.azure/$(AzureDevOpsOrgName)/$(TheProjectName)/_git/$(AzureRepoName)
本文标签: bitbucket cloudDirectly use Azure Devops Service ConnectionStack Overflow
版权声明:本文标题:bitbucket cloud - Directly use Azure Devops Service Connection - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741299929a2371035.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
BitbucketAzurePipelinesapp or Basic with a token? – Alvin Zhao - MSFT Commented Feb 24 at 2:08git clone? Thx for your time and sharing. – Alvin Zhao - MSFT Commented 2 days ago