Closed quotschmacher closed 7 months ago
I don't think the oAuth setting in your image is related. It's for connecting third-party services like TerraForm Enterprise to independently consume data from Azure DevOps.
The manifest of this extension declares which 'scopes' (permissions) are required. The built-in agent should have these permissions by default.
Few questions:
accessToken
input parameter. (https://github.com/bryanbcook/azdevops-testplan-extension/tree/main/PublishTestPlanResultsV1#accesstoken---pat-token). That PAT token needs the scopes:
Few things that you can try:
system.debug
variable to true. The log output of the pipeline execution will show us where the pipeline is having issues. Do this before the next step.the Test Plan is in the same Project as the pipeline
yes
have you made customizations to the permissions in the project to limit access to Test Plans?
don't know - have to ask my admin tomorrow...
You mentioned you tried it with multiple users. How are you doing this?
this is why i posted the screenshot - the scheduled task is for another user, the manually triggered task is for me - don't know if this has any impact on the user runnig the test.
Run the pipeline with diagnostics enabled or set the system.debug
##[debug]Evaluating condition for step: 'Publish Test Results'
##[debug]Evaluating: succeeded()
##[debug]Evaluating succeeded:
##[debug]=> True
##[debug]Result: True
Starting: Publish Test Results
==============================================================================
Task : Publish Test Plan Results
Description : Publishes cross-platform test results (xUnit, JUnit) to an Azure DevOps Test Plan
Version : 0.1.6
Author : Bryan Cook
Help :
==============================================================================
##[debug]Using node path: /home/vsts/agents/3.232.3/externals/node16/bin/node
##[debug]agent.TempDirectory=/home/vsts/work/_temp
##[debug]loading inputs and endpoints
##[debug]loading INPUT_ACCESSTOKEN
##[debug]loading INPUT_COLLECTIONURI
##[debug]loading INPUT_PROJECTNAME
##[debug]loading INPUT_TESTPLAN
##[debug]loading INPUT_TESTRESULTFORMAT
##[debug]loading INPUT_TESTRESULTDIRECTORY
##[debug]loading INPUT_TESTRESULTFILES
##[debug]loading INPUT_TESTCASEMATCHSTRATEGY
##[debug]loading INPUT_TESTCASEPROPERTY
##[debug]loading INPUT_TESTCASEREGEX
##[debug]loading INPUT_TESTCONFIGPROPERTY
##[debug]loading INPUT_DRYRUN
##[debug]loading INPUT_TESTRUNTITLE
##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
##[debug]loaded 16
##[debug]Agent.ProxyUrl=undefined
##[debug]Agent.CAInfo=undefined
##[debug]Agent.ClientCert=undefined
##[debug]Agent.SkipCertValidation=undefined
##[debug]reading TestContextParameters from task inputs.
##[debug]accessToken=$(System.AccessToken)
##[debug]collectionUri=https://xxx.visualstudio.com/
##[debug]projectName=xxxWeb
##[debug]testPlan=UI Test mit Testcafe
##[debug]testConfigFilter=undefined
##[debug]testConfigAliases=undefined
##[debug]SYSTEM_DEBUG=True
##[debug]task result: Failed
It looks like the value for accessToken isn't being resolved in your pipeline. Is this a YAML-based pipeline or a classic ui-designer based pipeline?
YAML-based pipelines always have access to the $(System.AccessToken)
. From my YAML pipeline, it shows as:
##[debug]accessToken=***
If this is a Classic UI-Designer based pipeline, you need to grant the pipeline access to the oAuth token.
I was able to reproduce your error using a Classic Designer Pipeline without granting it access to the OAuth token. So for your immediate concerns, you should be able to set the "Allow scripts to access the OAuth token" outlined above to unblock you.
Some research suggests that custom tasks should be able to access the System.AccessToken through the ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
.
I'm closing this because the applied fix should resolve your issue.
Please let me know if you continue to see errors related to this. Otherwise, open a new issue.
forgot to answer yesterday.... yes - "allow scripts to access the oauth token" did it for me. if this is still required maybe you shoul add it to the readme.
It's no longer required. I've added code that allows custom tasks to access the accesstoken natively, so no changes are required at the pipeline level.
Description
The run of the pipeline stops with the following error:
##[error]TF400813: The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource.
provide sample usage of the task, if applicable
The result is
With the following environment:
Tried to run it with multiple users
but the error message still prompts the same user id.
Screenshots DId some research and already assured that this option is activated