search

renevanosnabrugge / vsts-promotepackage-task

Promote a package in VSTS to a Release View
MIT License
21 stars 25 forks source link

How does PAT authentication work with this task? #66

Closed armanik11 closed 3 years ago

armanik11 commented 3 years ago

Does the task use the release pipeline's System_AccessToken to call VSTSREST APIs? Or do we need to set some PAT as Environment variable ?

jessehouwing commented 3 years ago

It uses the system access token.

armanik11 commented 3 years ago

Thanks for confirming.

I took a look at the InitializeRestHeaders method and saw things like $connectServiceName and $connectedServiceDetails (not sure what it is) and $env:PROMOTEPACKAGE_PAT so wanted to clarify?

function InitializeRestHeaders() { $restHeaders = New-Object -TypeName "System.Collections.Generic.Dictionary[[String], [String]]" if([string]::IsNullOrWhiteSpace($connectedServiceName)) { $patToken = GetAccessToken $connectedServiceDetails ValidatePatToken $patToken $restHeaders.Add("Authorization", [String]::Concat("Bearer ", $patToken)) } else { Write-Verbose "Username = $Username" -Verbose if (![string]::IsNullOrWhiteSpace($env:PROMOTEPACKAGE_PAT)) { $Username = "" $Password = $env:PROMOTEPACKAGE_PAT } else { $Username = $connectedServiceDetails.Authorization.Parameters.Username $Password = $connectedServiceDetails.Authorization.Parameters.Password } $alternateCreds = [String]::Concat($Username, ":", $Password) $basicAuth = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($alternateCreds)) $restHeaders.Add("Authorization", [String]::Concat("Basic ", $basicAuth)) } return $restHeaders }

jessehouwing commented 3 years ago

That seems to be some fallback code which is used for local testing. And you could use it to supply a PAT. But in general the system token should be present on the agent and this code won't be triggered.

On Wed, Oct 14, 2020, 09:08 armanik11 notifications@github.com wrote:

Thanks for confirming.

I took a look at the InitializeRestHeaders method and saw things like $connectServiceName (not sure what it is) and $env:PROMOTEPACKAGE_PAT so wanted to clarify.

function InitializeRestHeaders() { $restHeaders = New-Object -TypeName "System.Collections.Generic.Dictionary[[String], [String]]" if([string]::IsNullOrWhiteSpace($connectedServiceName)) { $patToken = GetAccessToken $connectedServiceDetails ValidatePatToken $patToken $restHeaders.Add("Authorization", [String]::Concat("Bearer ", $patToken)) } else { Write-Verbose "Username = $Username" -Verbose if (![string]::IsNullOrWhiteSpace($env:PROMOTEPACKAGE_PAT)) { $Username = "" $Password = $env:PROMOTEPACKAGE_PAT } else { $Username = $connectedServiceDetails.Authorization.Parameters.Username $Password = $connectedServiceDetails.Authorization.Parameters.Password } $alternateCreds = [String]::Concat($Username, ":", $Password) $basicAuth =

$restHeaders.Add("Authorization", [String]::Concat("Basic ", $basicAuth)) } return $restHeaders }

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/renevanosnabrugge/vsts-promotepackage-task/issues/66#issuecomment-708207060, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA724SZLBVRKJQ44MAVJKGLSKVE7PANCNFSM4SQFEHFA .

armanik11 commented 3 years ago

Sounds good. Thanks for the clarification!