I can't find an easy way to communicate to Microsoft AzureDevops team.
I'm working on some tools that are working with Azure 2019 and there's also Azure 2020 RC right now. Microsoft deprecated SOAP API for 2019. And 2020 also, for REST Client.
Thou in 2019 REST client is not fully provided. GraphClient: https://learn.microsoft.com/en-us/rest/api/azure/devops/graph/?view=azure-devops-rest-6.0 is missing there. That means, no way to get UserGraph and Users, but through SOAP API the old way.
I though that maybe with Azure 2020 it's gonna be changed, but actually no.
I'm using Microsoft.VisualStudio.Services.Client in newest preview and latest stable version. That are: 16.173.0-preview and 16.153.0. Calling it manually making REST requests won't help either.
My test code:
var uriToServer = new Uri("http://localhost:81/DefaultCollection");
var vssBasicCredential = new VssCredentials(new WindowsCredential(new NetworkCredential("test", "test")));
using var vssConnection = new VssConnection(uriToServer, vssBasicCredential);
using var graphHttpClient = vssConnection.GetClient<GraphHttpClient>();
var listUsersAsync = await graphHttpClient.ListUsersAsync();
And we're getting:
handled Exception: System.AggregateException: One or more errors occurred. (API resource location 005e26ec-6b77-4e4f-a986-b3827bf241f5 is not registered on http://localhost:81/DefaultCollection.) --->
Microsoft.VisualStudio.Services.WebApi.VssResourceNotFoundException: API resource location 005e26ec-6b77-4e4f-a986-b3827bf241f5 is not registered on http://localhost:81/DefaultCollection.
at Microsoft.VisualStudio.Services.WebApi.VssHttpClientBase.CreateRequestMessageAsync(HttpMethod method, IEnumerable`1 additionalHeaders, Guid locationId, Object routeValues, ApiResourceVersion version, HttpContent content,
IEnumerable`1 queryParameters, Object userState, CancellationToken cancellationToken, String mediaType)
at Microsoft.VisualStudio.Services.Graph.Client.GraphHttpClient.ListUsersAsync(IEnumerable`1 subjectTypes, String continuationToken, Object userState, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at ConsoleApp1.Program.Main(String[] args) in C:\Users\user\RiderProjects\ConsoleApp1\ConsoleApp1\Program.cs:line 17
The same problem as with 2019. Of course other clients are working perfectly.
The same code works perfectly for Azure DevOps Cloud - just have to change VssCredentials to VssBasicCredentials. Thou Basic I know can work for server if SSL is active.
Yes, currently graph api is not available for Azure DevOps Server 2019 and Server 2020.
You could add your request for this feature on our UserVoice site, which is our main forum for product suggestions. After suggest raised, you can vote and add your comments for this feedback. The product team would provide the updates if they view it.
As an alternative, you can try to use azure cli. With the Azure DevOps extension for Azure Command Line Interface (CLI), you can manage many Azure DevOps Services from the command line.
The Azure DevOps Command Line Interface (CLI) is available for Azure
DevOps Server 2020 and Azure DevOps Services.
About getting started with Azure DevOps CLI ,please refer to this document.
Related
I am observing Authorization:REDACTED in the log stream attached to my Azure Function.
Context:
Note, that I can execute the same function successfully when I run the Function App in the debugger within my Visual Studio session, using local host.
Details:
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Storage.Blobs/12.13.0,(.NET 6.0.11; Microsoft Windows 10.0.14393)
x-ms-date:Wed, 01 Feb 2023 19:42:49 GMT
Authorization:REDACTED
client assembly: Azure.Storage.Blobs
The Azure Function was deployed using Pulumi.
FUNCTIONS_EXTENSION_VERSION : ~4
Verifications:
I verified that the Azure Function's URL referenced in my client app is valid and matches the URL in the Azure portal for the Azure Function I want to invoke
I executed the Azure Function from local host without issue.
Please check the below findings if that helps to fix your issue:
When I run the Pulumi Serverless Function (CSharp) in Visual Studio locally, I got the below output:
Not Sure the cause of the issue because I tried Pulumi Stack for the 1st time.
And I have identified the similar issue registered in MS Q&A Forum #1163056 and the user #MayankBargali-MSFT given the accepted solution to check the local storage emulator is running on the specified ports each with each Storage object such as Blob, Queue, Table.
We have added an app service as an endpoint to Azure Traffic Manager, and everything is working fine. However, when trying to add a second app service it fails with the following error:
Some of the provided Azure Website endpoints are not valid: Traffic manager configuration unexpectedly failed in region 'uksouth' with exception: Microsoft.Web.Hosting.Administration.Client.GeomasterClientException: Call to geomaster failed!, HttpStatusCode=BadRequest, RequestId='cae63ca1-0a3d-4f87-bd8e-9b881186e114', Uri=https://ln1.geomaster.azurewebsites.windows.net:444/subscriptions/fe12301c-5b6f-45f7-a038-ce2d4dbeec94/providers/Microsoft.Web/verifyTrafficManagerConfiguration?api-version=2018-02-01, CorrelationId=06de79f7-a67a-4a0e-ac5f-f6db24d5f908 at Microsoft.Web.Hosting.Administration.Client.InterGeomasterClient.Send[P,R](HttpMethod verb, String path, String queryString, P payload, Boolean throwOnError) at Microsoft.Web.Hosting.Administration.Client.InterGeomasterClient.<>c__DisplayClass22_0`2.<Post>b__0() at Microsoft.Practices.EnterpriseLibrary.TransientFaultHandling.RetryPolicy.ExecuteAction[TResult](Func`1 func) at Microsoft.Web.Hosting.Administration.Client.RegionalToRegionalClient.VerifyAndRegisterTrafficManagerConfiguration(String subscriptionName, CsmTrafficManagerConfiguration csmTrafficManagerConfiguration) at Microsoft.Web.Hosting.Administration.GeoScale.Sql.SubscriptionController.ForwardVerifyAndRegisterApiCallToRegionalGeomaster(RESTApiMetricsTracker tracker, String location, String subscriptionName, String trafficManagerDomainName, String[] hostNamesForsitesInRegion, Boolean registerTrafficManagerDomainName, Boolean failIneligibleSites)
We seem to be able to add two different app services without error, even this particular one with a different app service without error. It seems to be this particular combination of app services that fails as if they are somehow incompatible?
Not sure if it's significant but it seems combinations with an old app service (i.e. created a couple of years ago doesn't work with a recently created app service) but adding two app services that have been created recently works OK.
This error could be because of using the free tier of Traffic Management. If you are using the free tier of the old app, then change the tier plan.
Alternatively:
If the two apps are running on standard tier and still the issue occurs, then it must be the location error mentioned in the exception. That is South. Make sure the regions of the apps running are compatible with all the services you want to use. Some of the services may not be enabled in all the availability zones.
With Azure Devops Services, I need to get azure devops user id which triggered a release, from task.json.
I've got a datasourcebinding with Azure API Management service. This has to get Azure API Management tag based on user id. I've tried different approach :
{
"target": "TEST",
"endpointId": "$(ConnectedServiceName)",
"endpointUrl": "{{endpoint.url}}/subscriptions/{{endpoint.subscriptionId}}/resourceGroups/$(ResourceGroupName)/providers/Microsoft.ApiManagement/service/$(APIM)/products?tags=**$(Release.RequestedForId)**&api-version=2019-12-01",
"resultSelector": "jsonpath:$.value[*]",
"resultTemplate": "{\"Value\" : \"{{{id}}}\", \"DisplayValue\" : \"{{{properties.displayName}}}\" }"
},
I tried also with {{Release.RequestedForId}} but it didn't work.
I saw different resources for datasourcebinding support :
tfs:teamfoundation – Any micro service hosted within TFS (e.g. Build, Test etc.)
tfs:packaging – Packaging service
tfs:feed – Feed service
tfs:rm – Release Management service
tfs:governance - Governance service
tfs:ems - Extension Management service
I found examples for tfs:feed and tfs:teamfoundation only.
Is there any section for users ? Is there any additional information apart from Azure Devops Services REST API ?
Quite few examples in but none for user request.
Is it possible to get current context release variables or azure devops user id directly in task.json ?
This would be a huge help.
Thank you !
You made a small misatke. Instead of Release.RequestedForId please give a try for Release.Deployment.RequestedFor of Release.Deployment.RequestedForId
Docs for Release.Deployment.RequestedFor says:
The display name of the identity that triggered (started) the
deployment currently in progress. Not available in TFS 2015.
Example: Mateo Escobedo
Docs for Release.Deployment.RequestedForId says:
The ID of the identity that triggered (started) the deployment
currently in progress. Not available in TFS 2015.
Example: 2f435d07-769f-4e46-849d-10d1ab9ba6ab
You have this written here.
I Use ASP.Net Core 3.1 and I deploy it on Azure App Service (Web) On Linux.
the question is, when i deploy the code on Azure App Service, i got error message:
Unhandled exception. System.UriFormatException: Invalid URI: The hostname could not be parsed.
at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
at System.Uri..ctor(String uriString)
at Microsoft.Azure.KeyVault.KeyVaultClient.GetSecretsWithHttpMessagesAsync(String vaultBaseUrl, Nullable`1 maxresults, Dictionary`2 customHeaders, CancellationToken cancellationToken)
at Microsoft.Azure.KeyVault.KeyVaultClientExtensions.GetSecretsAsync(IKeyVaultClient operations, String vaultBaseUrl, Nullable`1 maxresults, CancellationToken cancellationToken)
at Microsoft.Extensions.Configuration.AzureKeyVault.AzureKeyVaultConfigurationProvider.LoadAsync()
at Microsoft.Extensions.Configuration.AzureKeyVault.AzureKeyVaultConfigurationProvider.Load()
at Microsoft.Extensions.Configuration.ConfigurationRoot..ctor(IList`1 providers)
at Microsoft.Extensions.Configuration.ConfigurationBuilder.Build()
at Microsoft.Extensions.Hosting.HostBuilder.BuildAppConfiguration()
at Microsoft.Extensions.Hosting.HostBuilder.Build()
at ZHFSoftware.Program.Main(String[] args) in / home / runner / work / ZHFSoftware / ZHFSoftware / ZHFSoftware / Program.cs:line 19
ptrace(ATTACH, 29) FAILED Operation not permitted
i know this is PERMISSION error related.
and when i run the web,
:( Application Error
If you are the application administrator, you can access the diagnostic resources.
i can run the code in DEVELOPMENT and PRODUCTION, but on LOCALHOST (and i can get the azure key vault)
but NOT in the Deploy version.
(https://.azurewebsites.net/) => Got Error
i already set the permission based on the manual :
https://learn.microsoft.com/en-us/azure/key-vault/managed-identity
https://learn.microsoft.com/en-us/azure/azure-app-configuration/howto-integrate-azure-managed-service-identity?tabs=core2x
https://wakeupandcode.com/key-vault-for-asp-net-core-3-1-web-apps/
and i follow the youtube manual:
https://www.youtube.com/watch?v=k2VYcYS3EIA
but no use. still error.
Any help will appreciated.
thanks.
Today, i solved my problem.
i "Publish" my web project from Visual Studio 2019 Preview.
and Configure "Service Dependencies", and then Publish.
MY Website Running ...
i push to my github and found this item added.
"serviceDependencies. - Web Deploy.json"
and i open the file, it contains:
{
"dependencies": {
"secrets1": {
"resourceId": "/subscriptions/<subscriptionId>/resourceGroups/<resGroudId>/providers/Microsoft.KeyVault/vaults/<Key Vault Name>",
"type": "secrets.keyVault",
"connectionId": "ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT"
}
}
}
NB: the Manual from
https://learn.microsoft.com/en-us/azure/spring-cloud/spring-cloud-github-actions-key-vault very useful. thanks Microsoft ^^/
We use Azure DevOps for building and deploying our applications and services in Azure. Right now we are also switching our on premise deployments to Azure DevOps as well.
Unfortunately we have one issue with our servers which are on the one hand protected by a firewall (outgoing internet traffic is mostly blocked) and on the other hand are part of Azure DevOps deployment groups. As soon as we create a new release and start the deployment to a stage the artifact download process fails since the server is not permitted to download the artifacts from the blob storage where the artifacts are stored.
Warning, https://elgvsblobprodsu6weus10.blob.core.windows.net/dbcXXXXXXX/XXXX
Try 1/5, retryable exception caught. Retrying in 00:00:01. Details:
2019-10-21T19:59:02.7071549Z No LastRequestResponse on exception HttpRequestException: An error occurred while sending the request. System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: Error 12029 calling WINHTTP_CALLBACK_STATUS_REQUEST_ERROR, 'A connection with the server could not be established'.
2019-10-21T19:59:02.7071940Z at System.Threading.Tasks.RendezvousAwaitable`1.GetResult()
2019-10-21T19:59:02.7072055Z at System.Net.Http.WinHttpHandler.StartRequest(WinHttpRequestState state)
2019-10-21T19:59:02.7072112Z --- End of inner exception stack trace ---
2019-10-21T19:59:02.7074791Z at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
2019-10-21T19:59:02.7074976Z at Microsoft.VisualStudio.Services.Common.TaskCancellationExtensions.EnforceCancellation[TResult](Task`1 task, CancellationToken cancellationToken, Func`1 makeMessage, String file, String member, Int32 line)
2019-10-21T19:59:02.7075133Z at Microsoft.VisualStudio.Services.BlobStore.WebApi.DedupStoreHttpClient.<>c__DisplayClass56_0.<<GetRedirectResponseAsync>b__0>d.MoveNext()
2019-10-21T19:59:02.7075213Z --- End of stack trace from previous location where exception was thrown ---
2019-10-21T19:59:02.7075312Z at Microsoft.VisualStudio.Services.Content.Common.AsyncHttpRetryHelper`1.InvokeAsync(CancellationToken cancellationToken)
So is there any list of endpoints which are used for storing Azure Pipeline artifacts that can be added to our firewall policy, do we have to exclude *.blob.core.windows.net in general or is there any different approach?
Unfortunately the Microsoft docs do only provide a list of Urls which are required for establishing a connection with Azure DevOps in general, but not with the artifacts store.
Is there any list of endpoints which are used for storing Azure
Pipeline artifacts that can be added to our firewall policy.
Of course yes. We store these data in the corresponding region's Azure Data center.
Download the Json file in this link, the file list the IP Address range of different regions. But, here is one important thing you need pay attention to. For security, we update these IP address range regularly. (Also, publish it to users regularly)
If you choose this approach to achieve you want, you need to download the JSON file regularly, then make necessary updates in your access rules:
[!IMPORTANT] IP address ranges for Azure services can change, and
updates are published weekly. Download the JSON file regularly, and
make necessary updates in your access rules. If your scenario involves
configuring network security group rules in an Azure virtual network
to access Azure Container Registry, use the AzureContainerRegistry
service tag instead.
See this doc: Allow access by IP address range.
But, if you think this method is inconvenient for you and your team. Another unique method is the one you are using now: allow access to all Azure blob storage accounts using the wildcard *.blob.core.windows.net.