Allow authentication using Azure service connections #905
Conversation
| tfx.argIf(setServiceUrl, ["--service-url", "https://marketplace.visualstudio.com"]); | ||
| tfx.arg(["--auth-type", "pat"]); | ||
| tfx.arg(["--token", token]); | ||
| tl.setSecret(token); |
There was a problem hiding this comment.
Please move up to directly under const token =...
| "type": "radio", | ||
| "label": "Connect to", | ||
| "required": true, | ||
| "defaultValue": "AzureRM", |
There was a problem hiding this comment.
This is hairy. Since the YAML will not contain the default value people upgrading will end up with broken tasks.
For backwards compat it's probably better to keep the current default.
There was a problem hiding this comment.
Hmm maybe not... Looks like because this is set to required:true current users will have vsteam as their default.
| @@ -150,7 +150,7 @@ | |||
| "ms.vss-distributed-task.tasks" | |||
| ], | |||
| "properties": { | |||
| "name": "BuildTasks/PublishVSExtension" | |||
| "name": "BuildTasks/PublishVsExtension" | |||
There was a problem hiding this comment.
This a concious change?
|
I'm considering dropping @geekzter do you have any metrics on how many people still rely on these |
There was a problem hiding this comment.
These .snyk files can be deleted, the current lib no longer has this vulnerability.
| "type": "module", | ||
| "license": "MIT", | ||
| "dependencies": { | ||
| "azure-pipelines-task-lib": "^4.12.0", |
There was a problem hiding this comment.
Should probably upgrade to 4.12.1 while we're at it
There was a problem hiding this comment.
Though it would require some work, specifying out the files section in more detail may strip enough package-lock.jsons to drop the file size considerably. Especially if we decide to keep V3 for now.
Technically they, nor the package.json and the .ts files are all extra unneeded ballast that I never left out for convenience' sake.
|
Merged as part of #906. |
|
There are a few issues publishing at the moment. @MOlausson can you look into the pipeline issues? |
|
I don't have visibility into the failures, but I betcha based on the exit code that you're also hitting "Extension package is malformed/corrupted", in which case...microsoft/tfs-cli#458 😊. |
|
Nah the PAT token has expired. So I need a MSFT employee to publish in the UI on my behalf. And I need to temporarily test on my own publisher which I haven't had to do in forever. |
Adds a new V5 version of all the tasks with the following changes:
azurermthat allows using Azure credentials to authenticate to the Marketplace rather than PATsI think those are the main changes - there are some small pathing updates, but I tried not to touch many other things.
To use, there's a new
AzureRMvalue for theconnectTooption, which when set allows you to use the (also-new)connectedServiceNameAzureRMinput.At this point. I'm pretty sure publishing works, though final validation is blocked as I'm running into microsoft/tfs-cli#362 which I've fixed in microsoft/tfs-cli#458. (The current VSIX size is now ~110MB - quite large!)
Mostly getting this out for feedback at this point.
Closes #506