Do you have any ideas how to reactivate the microsoft hosted agent pool?
Look at the image, from my dashboard it is missing "Azure Pipelines".
(I use the free Version of Azure Devops)
There was a change made earlier this year to prevent abuse by crypto miners; you no longer get pipelines automatically in new organizations, you have to specifically request that they be enabled.
By default, new organizations created in Azure DevOps will no longer get a free grant of concurrent pipelines. This applies to both public as well as private projects in new organizations.
To request your free grant, send an email to azpipelines-freetier#microsoft.com and provide the following details clearly:
Your name
Azure DevOps organization for which you are requesting the free grant
Whether you need the free grant for public projects, private projects, or both
Links to the repositories that you plan to build (public projects only)
Brief description of your project (public projects only)
Ref: https://learn.microsoft.com/en-us/azure/devops/release-notes/2021/pipelines/sprint-184-update#changes-to-azure-pipelines-free-grants
Related
I am trying to deploy an on-prem instance of Azure DevOps Server to a VM in an Azure Government subscription (which by nature, seems it does not support standard DevOps).
This template is referenced within support material directly from Microsoft:
https://github.com/usri/deploy_DevOps_Server_AzureSQL
All the referenced resources were created from scratch for the purpose of getting this server running.
This requires an AAD account with the associated password stored in a Key Vault. However, every attempt I make to run the template returns the following error on the 'Write VirtualMachines' step (when all other components pass):
The client has permission to perform action 'Microsoft.Compute/images/read' on scope '(MY_SUBSCRIPTION)\(MY_RESOURCEGROUP)\(VM)', however the current tenant '(MY_KEYVAULT)' is not authorized to access linked subscription '(ID in the template with the deployment files)'
This seems to me like the password cannot be retrieved from Key Vault- is it a formatting issue with the Secret? An access control issue somewhere? I've tried many various combinations of both. Hopefully this is just a trivial issue..
I am the original author of the code in that repo. I went ahead and merged a pull request into that repo which should address your issue. I did the following:
Updated the ReadMe file to include information on creating the image
Updated the azuredeploy.json with parameters for Key Vault & image references
Updated the ps1 file to eliminate hard links for KV (a particularly bad oversight on my part, my apologies).
Updated and tested everything for the latest version of Azure DevOps Server 2020
This should fix your issue and several other related ones. I retested the entire deployment from scratch and it worked as designed. A couple of other quick notes:
The USRI and all of it's repositories including the one being utilized here are not Microsoft official repositories. They represent an open-source Azure community dedicated to regulated entity customers. The members which contribute there are mostly Microsoft employees and the repos themselves just represent interesting and sometime niche templates that might be of interest.
This particular repo shows a manner in which Azure templates could be used to deploy services when no internet connection is available or permitted. I just used Azure DevOps Server because it was interesting and regulated industry customers use it.
All the best
Last year i am integrating VSTS with our testing environment but with new Azure devops it is completely change my old account of VSTS is working with my integration but new account of Azure devops (VSTS) is not working. Why it is happen.
Could not find any reference that's shows me breaking changes.
Kindly help.
Thanks in advance.
On September 10, 2018, Microsoft renamed Visual Studio Team Services (VSTS) to Azure DevOps Services.
VSTS features are now separate services:
For the url's change. We've moved to the new dev.azure.com domain name as the primary URL for new organizations. (Specifically, it's https://dev.azure.com/{your organization}/{your project}.)
If you want to change your URL to be based on dev.azure.com as the primary, an organization administrator can change this from the organization settings page. We will also support redirects from visualstudio.com URLs so there will not be broken links.
For more information about this change, see Introducing Azure DevOps.
About the concept of collection in Azure DevOps, Default collection is no longer present in the URL for a long time. You could take a look at our PM's word:
One important note – we have been working for some time to enable
grouping multiple VSTS organizations together under a higher-level
artifact. We had been calling this artifact an organization in blog
posts
(https://blogs.msdn.microsoft.com/devops/2016/01/11/how-we-plan-to-enable-creating-multiple-collections-per-account/
and
https://blogs.msdn.microsoft.com/devops/2016/04/09/merging-the-concepts-of-account-and-collection/)
as well as in our communication with some users already trying it out
in private preview. The work here will continue, and we’ll be coming
up with a new name for these groupings of organizations.
For the url of REST API, the request URI, in the following form:
VERB https://{instance}[/{team-project}]/_apis[/{area}]/{resource}?api-version={version}
instance: The Azure DevOps Services organization or TFS server you're sending the request to. They are structured as follows:
Azure DevOps Services: dev.azure.com/{organization}
TFS: {server:port}/tfs/{collection} (the default port is 8080, and
the value for collection should be DefaultCollection but can be any
collection)
We do not use collection concept in Rest API of Azure DevOps, so you do not need to specify it in the url. Actually Azure DevOps organization is collection level, TFS is server level, they are not the same level, one TFS server could have multiple collections.
In order to not be restricted to 4h of build /month, in VSTS we have bought an hosted build agent for us Team (We can see it in Azure portal).
But how restrict the access to the other teams ?
In the Agent Queues i see nothing to do that...
For the same team project, you can’t do it.
For different team projects, the user with Administrator role of agent pool and project collection can create new queue. So you can remove these permissions for others and delete the Hosted queue from related team project. With this way, they can’t use Hosted queue.
BTW, there isn’t the time restrict once buy a Hosted pipeline.
Given a VS web app project that has an existing Azure publish profile is there a way to tell what subscription the selected publish profile will publish the app to? We have such so many subscriptions it's quite time consuming to to use the portals poor blade interface to locate which subscription the app is in. Even opening the SCM site it seems apps know nothing about it's subscription.
As I know, we don't need Azure subscription information to publish our project. What we need is contentPath, ComputerName, UserName& Password when you use msdeploy. The following is the parameters that used to deploy:
.\msdeploy.exe -verb:sync -source:contentPath='E:\code' -dest:contentPath='sub2',ComputerName='https://waws-prod-sn1-047.ftp.azurewebsites.windows.net/msdeploy.axd?site=sub2',UserName='$sub2',Password='key',AuthType='Basic'
If we published project to Azure, we have no easy way to see which subscription it belongs to. I suggest you submit a voice at Azure feedback forum.
We are a small company and are still unsure how to start all this azure stuff.
Ok, we are clear on the technicalities like table storage and queues and all the that stuff, what we don't know about at all is how to set up the organization around developing for our developers. Which/how many azure accounts, shared or individual ones.
So far we've done classic windows development, so everyone has his environment, unit tests run either locally or on the build server (after pushing to mercurial or git), deployment from the build server.
The thing is that we want to use Azure not just as a hoster, but the full set, like blob/document/table storage, event hubs, storage queues, ReliableActors and everything. Things we can't do locally.
What's the appropriate way for azure then? There are about 20 to 30 developers and most have the enterprise msdn subscription.
What is a "company or organisation" account for? Should developers have their own accounts? Does DevOps need their passwords for all the bamboo or jenkins build stuff?
I went through this recently and I can share a few tips here since I'm also not aware of a DevOps specific platform to share this on StackExhange.
As far as organizing your subscriptions go look at Azure Pay-As-You-Go Dev/Test Subscriptions link
or Enterprise Dev/Test link if you are an Enterprise Agreement customer. These are aimed at development teams, you get discounted rates since you don't pay for software licenses that are already included in your MSDN subscription.
It is best to use individual developer subscriptions for exploration, POC etc while running your main dev workload in the Dev-Test subscription. It looks tempting to try and save a buck by spreading the work across multiple MSDN subscriptions to use the credits but I wouldn't recommend it. It becomes a pain to manage 20~30 subscriptions and they can run out of credits and things stop working. If you remove the spending limit on all the subscriptions you run the risk of racking up a huge bill accidently if multiple devs leave VMs on or add premium storage to VMs etc.
As far as DevOps go, use RBAC and Azure Active Directory to manage access and certificates for your DevOps tooling, build servers, release management etc don't use individual developer credentials for this.
And I agree with the other comments, get in touch with MS as well, this is just the tip of the iceberg but it will get you started.