search

microsoft / VSTSAgent.PowerShell

Tools for managing and automating your Azure DevOps Agents.
MIT License
29 stars 23 forks source link

Missing quotes in specifying args for $configArgs at install-vstsagent #23

Open seriousscripts opened 4 years ago

seriousscripts commented 4 years ago

Following piece of code (line 294 - 298 in install-vsts): [string[]]$configArgs = @('--unattended', '--url', "$ServerUrl", '--auth', ` 'pat', '--pool', "$Pool", '--agent', "$Name", '--runAsService') if ( $Replace ) { $configArgs += '--replace' } if ( $LogonCredential ) { $configArgs += '--windowsLogonAccount', $LogonCredential.UserName } if ( $Work ) { $configArgs += '--work', $Work } Does not include quotes in the string. For instance "$Pool" will only pass the $Pool parameter and not put it in (single) quotes for the eventual command.

So for instance when passing a Agent pool name like Pool 001 the command line args will be "--pool Pool 001" and not "--pool 'Pool 001'.

Becouse of this the script is not able to handle Agent pools that contain spaces.

jwittner commented 4 years ago

Good find! PRs welcome! =)

jwittner commented 4 years ago

As a workaround, I believe that since the pool is just a string forwarded through you could surround it in quotes before passing it in.

seriousscripts commented 4 years ago

Yeah that workaround might work yea. I may actually look into updating some code on this DSC module. I'll take a look at contributing.

tbalasavage commented 3 years ago

I actually ran into this issue recently with a password. The password had an "&" for $LogonCredential.Password and was being interpreted and not included as part of the string literal.

@jwittner I can add quotes to the variables and submit a PR.

I did a small test to understand what is occurring. In the example below, I quoted $cred.Password and placed it into the array and it's shown as the type System.Net.NetworkCredential.Password and not the string literal. Is that the expected behavior? Will this break functionality? image

jwittner commented 3 years ago

@ps-tb - You're seeing that output because you have to wrap variables with $(<statement>) to access members if you want them to be interpolated into the string. So in your code, $cred is being turned into "System.Net.NetworkCredential" and then that's be joined with ".Password". To resolve this try, "$($cred.Password)".