0

I have a collection of private Cocoapods libraries hosted on Github (private repositories), managed by an Azure Devops platform.

I have one AD project for each pod.

The point is, when I try to execute pod repo add or pod install (I perform this on bash scripts), I need to get an access to my private spec and pods repositories.

I have the option to use a Private Access Token as a secret variable, or an SSH key as a secure file, but then I need to deploy it on each of my projects.

git config --global url."https://$(username):$(token)@github.com/".insteadOf "https://github.com"

Since it can be shared accross projects within the same organisation, I was wondering if there was a way to use the service connection to do that? Is there a way to get it in the script? Do I absolutely need to create my own AD extension for it?

Nimantha
  • 6,405
  • 6
  • 28
  • 69
Carl Sarkis
  • 119
  • 6

1 Answers1

0

I was wondering if there was a way to use the service connection to do that? Is there a way to get it in the script?

I am afraid that the service connection couldn't be used in your bash script. In azure devops, the service connection needs to be used in a specific task, and its stored content cannot be read directly by the bash script.

I suggest that you could save your username and token in Variable Group(Pipelines -> Library -> Variable Group).

You could try to use the following PowerShell script to create variable groups for all Organization Projects: API: Variablegroups - Add Projects - List

$token = "PAT"

$url="https://dev.azure.com/{OrganizationName}/_apis/projects?api-version=6.0"

$token = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($token)"))


$response = Invoke-RestMethod -Uri $url -Headers @{Authorization = "Basic $token"} -Method Get -ContentType application/json



ForEach( $projectid in $response.value.id )

{

echo $projectid

$url2 = "https://dev.azure.com/{OrganizationName}/_apis/distributedtask/variablegroups?api-version=6.0-preview.2"

$body = "{       

    `"name`":`"Cocoapodsauth`",
    `"type`":`"Vsts`",
    `"variables`":`
        {`"token`":{`"isSecret`":true,`"value`":`"PAT`"},`"username`":{`"isSecret`":true,`"value`":`"username`"}},
    `"variableGroupProjectReferences`":[
        {
           `"name`":`"Cocoapodsauth`",
            `"projectReference`":
                {
                    `"id`":`"$projectid`"

                    }}]
     



          }"

$response = Invoke-RestMethod -Uri $url2 -Headers @{Authorization = "Basic $token"} -Method Post -Body $body -ContentType application/json

}

The above script will traverse all the projects, and then it will create a variable group for each project.

In this case , you could directly use the variable via referring to the Variable Group.

enter image description here

Kevin Lu-MSFT
  • 20,786
  • 3
  • 19
  • 28
  • Hi Kevin, I missed your answer last week. It will greatly help, thank you! I will try it before accepting the answer, but really thank you for your help – Carl Sarkis Apr 07 '21 at 09:30
  • @CarlSarkis. It's my pleasure to help you. Feel free to let me know if it could meet your requirements – Kevin Lu-MSFT Apr 07 '21 at 11:23