通过DevOps API创建端点创建服务端点时,设置“允许所有管道”

时间:2019-06-14 14:30:16

标签: azure azure-devops azure-devops-rest-api

我正在尝试通过Azure DevOps Rest API创建服务终结点,但是无法设置“允许所有管道使用此服务连接”选项。我找不到有关json结构的文档来完成此操作。

https://docs.microsoft.com/en-us/rest/api/azure/devops/serviceendpoint/endpoints/create?view=azure-devops-rest-5.0#endpointauthorization

用于创建连接的当前代码段:


$baseUri = "https://dev.azure.com/org/proj/";
$createEndpointUri = "$($baseUri)_apis/serviceendpoint/endpoints?api-version=5.0-preview.2";


$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("token:{0}" -f $devOpsPAT)))
$DevOpsHeaders = @{Authorization = ("Basic {0}" -f $base64AuthInfo)};

$AzureSubscriptionData = New-Object PSObject -Property @{            
                            authorizationType = "AzureSubscription"
                            azureSubscriptionId = $SubscriptionId
                            azureSubscriptionName = $subscriptionName
                            clusterId = $clusterId
                            };
$Authorization = New-Object PSObject -Property @{
                            parameters = New-Object PSObject -Property @{            
                                azureEnvironment = "AzureCloud"
                                azureTenantId = "$tenantID"
                                };
                            scheme = "Kubernetes"
                            };

$ServiceEndpointBody = New-Object PSObject -Property @{            
                            authorization =$Authorization
                            data = $AzureSubscriptionData
                            name = $serviceConnectionName
                            type = "kubernetes"
                            url = $k8sUrl
                            isReady = "true"
                            };

$jsonbody = $ServiceEndpointBody | ConvertTo-Json -Depth 100


Invoke-RestMethod -UseBasicParsing -Uri $createEndpointUri -Method Post -ContentType "application/json" -Headers $DevOpsHeaders -Body $jsonbody;

2 个答案:

答案 0 :(得分:1)

通常可以通过在Azure DevOps UI中进行操作并使用(例如)Chrome调试工具检查它发出的HTTP请求来弄清楚这些内容。

在这种情况下,我认为您首先需要创建服务连接,然后向PATCH端点发出pipelinePermissions请求,并将allPipelines.authorized标志设置为true。

URI 

PATCH https://dev.azure.com/{organisation}/{project}/_apis/pipelines/pipelinePermissions/endpoint/{endpointId}?api-version=5.1-preview.1

补丁请求正文 

{
    "allPipelines": {
        "authorized": true,
        "authorizedBy": null,
        "authorizedOn": null
    },
    "pipelines": null,
    "resource": {
        "id": "{endpointid}",
        "type": "endpoint"
    }
}

Powershell 

Invoke-RestMethod -Method PATCH -Uri "{uriasabove}" -Headers $headers -Body "{patchbodyasabove}" -ContentType "application/json"

答案 1 :(得分:0)

感谢上述帮助,但是我想使用bash脚本来完成所有这些工作。

patch.json 

{
    "allPipelines": {
        "authorized": true,
        "authorizedBy": null,
        "authorizedOn": null
    },
    "pipelines": null,
    "resource": {
        "id": "test-service-endpoint-id",
        "type": "endpoint"
    }
}

一个简单的 Bash脚本,即可实现相同目标。

#!/bin/bash

token=test-token
organization_name=your-azuredevops-organisation
project=test-project
user=your-user-name
connection_name=test-connection

#Get Request for endpoint ID
connection_id=$(curl -X GET \
-H "Content-Type: application/json" \
-u $user:$token \
https://dev.azure.com/$organization_name/$project/_apis/serviceendpoint/endpoints\?endpointNames\=$connection_name\&api-version\=5.1-preview.2 | jq '.value[].id' | tr -d "\"" )

#Creating newpatch.json with connection_id
cat patch.json | jq --arg conn_id "$connection_id" -r '.resource.id = $conn_id' > newpatch.json

curl --request PATCH \
-H "Content-Type: application/json" \
-u $user:$token \
-d "@newpatch.json" https://dev.azure.com/$organization_name/$project/_apis/pipelines/pipelinePermissions/endpoint/$connection_id\?api-version\=5.1-preview.1
相关问题
最新问题