azure-devops-extensions

How to verify the publisher of a message to a service bus using VSTS server-based task?

阅读更多关于 How to verify the publisher of a message to a service bus using VSTS server-based task?

问题 I want to use Publish To Azure Service Bus VSTS server task and verify on the recipient side the VSTS user , project and account from which the published message originated. According to task.json related information is being posted onto the service bus, but for my purposes this is not secure, as I want to protect myself against client spoofing the information. Multiple different VSTS users, projects and accounts will be using the task. Once a client of the task has credentials to post to the

VSTS - Publish extension to private collection for testing [duplicate]

阅读更多关于 VSTS - Publish extension to private collection for testing [duplicate]

问题 This question already has an answer here : How to test new Azure DevOps extension version before publishing it for everyone (1 answer) Closed 7 months ago . I created some VSTS extension for internal use. I also created a CI/CD pipeline for these using the "CI/CD Tools for VSTS Extensions" by MS DevLabs. My approach has been to first push the extensions to a private testing VSTS collection and then once I have verified them I share them with my "prod" collections. I noticed yesterday though

How to publish a prod build of our VSTS extensions package to my dev VSTS (not prod VSTS), so I can validate it before publishing to prod VSTS? [duplicate]

阅读更多关于 How to publish a prod build of our VSTS extensions package to my dev VSTS (not prod VSTS), so I can validate it before publishing to prod VSTS? [duplicate]

问题 This question already has an answer here : How to test new Azure DevOps extension version before publishing it for everyone (1 answer) Closed 7 months ago . I want to take the package as-built by the release line , and install it to another (non-prod) VSTS, so I can validate it works, before installing to our prod VSTS. We use VSTS vNext build with VSTS task 'Package Extension' to compile the package. This compiles 'Publisher' with value 'my-prod-publisher' into file 'extension.vsixmanifest'

Which scope lets a TFS extension manipulate ACLs?

阅读更多关于 Which scope lets a TFS extension manipulate ACLs?

问题 TFS 2015 u2. Trying to write a TFS extension that would use JavaScript API to manipulate the security on a release definition. Security related APIs fail on me with error 401. The code goes: VSS.require(["VSS/Service", "VSS/Security/RestClient"], function (Srv, SecAPI) { var SecClient = Srv.getCollectionClient(SecAPI.SecurityHttpClient); SecClient.queryAccessControlLists("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee").then(function(a) { //... }); } That errors out with 401 Unauthorized. As far as I

Which scope lets a TFS extension manipulate ACLs?

阅读更多关于 Which scope lets a TFS extension manipulate ACLs?

TFS 2015 u2. Trying to write a TFS extension that would use JavaScript API to manipulate the security on a release definition. Security related APIs fail on me with error 401. The code goes: VSS.require(["VSS/Service", "VSS/Security/RestClient"], function (Srv, SecAPI) { var SecClient = Srv.getCollectionClient(SecAPI.SecurityHttpClient); SecClient.queryAccessControlLists("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee").then(function(a) { //... }); } That errors out with 401 Unauthorized. As far as I understand, the list of REST API that an extension may use is driven by the scopes parameter in the

How to test new Azure DevOps extension version before publishing it for everyone

阅读更多关于 How to test new Azure DevOps extension version before publishing it for everyone

I am using Azure DevOps (not TFS on-prem) and have my extension already published as public and many people using it. How can I push out a new version for just myself (or specific organizations) to test it, before making it public for everyone? I know that I could roll all of the tasks in my Build/Release pipeline extension to v2, so if there are issues it wouldn't break in my users' systems right away until they flipped the task to use v2. However, I typically only want to increment the task version when there is a breaking change to it. Also, that still wouldn't address the issue of "I don't

How to test new Azure DevOps extension version before publishing it for everyone

阅读更多关于 How to test new Azure DevOps extension version before publishing it for everyone

问题 I am using Azure DevOps (not TFS on-prem) and have my extension already published as public and many people using it. How can I push out a new version for just myself (or specific organizations) to test it, before making it public for everyone? I know that I could roll all of the tasks in my Build/Release pipeline extension to v2, so if there are issues it wouldn't break in my users' systems right away until they flipped the task to use v2. However, I typically only want to increment the task