Open admin-simeon opened 4 years ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @narula0781, @ashishonce, @romil07.
devops
Bump. Not supported?
This would be really useful. At the moment using terraform for devops isn't really possible without this
As a workaround, I've tried using the az devops service-endpoint create --org [ORG] -p [PROJECT] --service-endpoint-configuration CustomServiceEndpoint.json
with the file below, without much luck. When I access the project build information got the error
An error occurred while fetching the pipeline. TF400864: The Item specified by the key '26501285-261b-409c-b7ce-154f1da82d74' does not exist.
where the key 26501285...
is the actual project id
{
"description": "",
"administratorsGroup": null,
"authorization": {
"parameters": {
"accessToken": null
},
"scheme": "InstallationToken"
},
"createdBy": null,
"data": {
"AvatarUrl": "https://avatars2.githubusercontent.com/u/2916417?v=4",
"pipelinesSourceProvider": "github"
},
"name": "SomeName",
"type": "GitHub",
"url": "https://github.com",
"readersGroup": null,
"groupScopeId": null,
"serviceEndpointProjectReferences": null,
"operationStatus": null,
"isReady": true,
"isShared": false,
"owner": "Library"
}
Don't have the specs for this json and since I cannot create it by hand I cannot follow the https://docs.microsoft.com/en-gb/azure/devops/cli/service-endpoint?view=azure-devops#create-service-endpoint-using-a-configuration-file to get the json.
If any one figures this json schema, drop here a message.
This process is terrbile and not really fit for production but you can sort of manage it via terraform. I haven't tried creating one via the cli. You can create an oauth service connection in terraform:
resource "azuredevops_serviceendpoint_github" "organisation" {
project_id = azuredevops_project.platform.id
service_endpoint_name = "some_org"
description = ""
auth_oauth {
oauth_configuration_id = "000000000-0000-0000-0000-000000000000"
}
}
Which you then have to go an manually authorize as the azuredevops_resource_authorization
resource doesn't work. You can then go to your pipeline and "convert" the oauth service endpoint to an "app connection", like this:
This creates a new service connection named "my connection (1)" or whatever you called it. You can them import this new object to terraform with terraform import azuredevops_serviceendpoint_github.s projectid/service-endpoint-id
and use it for any new pipelines for that project. I haven't come acorss a scenario where you'd need multiple github connections per project so it seems to be a one time operation.
resource "azuredevops_serviceendpoint_github" "s" {
project_id = azuredevops_project.platform.id
service_endpoint_name = "my connection (1)"
description = ""
}
Extension name: Azure DevOps
Description
How do I create a GitHub service connection using an InstallationToken (the installed GitHub app) instead of an OAuth flow/PAT?
I can see the following service connection in one of my existing orgs, by running:
az devops service-endpoint list
But how do I create such a connection using the DevOps CLI? It only seems to support OAuth or entering a PAT when creating a GitHub connection.