是否可以为本地TFS 2018设置代理发布代理?
[英]Is it possible to setup a proxy release agent for on-prem TFS 2018?
问题描述
I am looking for a way to use onprem TFS 2018 release pipeline for deploying a web solution to a cluster of multiple servers in a locked down PCI environment. 
我正在寻找一种使用onprem TFS 2018版本管道将Web解决方案部署到锁定的PCI环境中的多个服务器群集的方法。
For security reasons we cannot link target servers to TFS server directly, ie connecting multiple release agents directly. 出于安全原因,我们无法将目标服务器直接链接到TFS服务器,即,直接连接多个发布代理。 Instead I am looking for a way to create something like a proxy agent in the PCI environment which would sit between TFS and end point release agents and pass all commands and packages from TFS to them. 相反,我正在寻找一种在PCI环境中创建类似代理程序的方法,该代理程序将位于TFS和端点发布代理程序之间,并将所有命令和程序包从TFS传递给它们。 Does TFS allow this kind of configuration? TFS是否允许这种配置? Is there any workable alternative for my scenario? 有什么可行的替代方案吗?
Many thanks 非常感谢
1 个解决方案
解决方案1
0 已采纳 2019-03-07 16:59:21
Yes, kind of. 是的,有点。 You can't use deployment groups in this kind of scenario and there's no way around it. 在这种情况下,您不能使用部署组,也无法解决。 But you can still do deployments. 但是您仍然可以进行部署。
Install an agent on a machine that has network access to both TFS and to your secured environments. 在可以同时访问TFS和安全环境的计算机上安装代理。 That agent can then retrieve artifacts from TFS and push them to your secured environments. 然后,该代理可以从TFS检索工件并将其推送到您的安全环境。
You can then use tasks like "Windows Machine File Copy" and "Run PowerShell on Target Machine" to stage the artifacts on the secured servers and run configuration/installation scripts on them. 然后,您可以使用“ Windows计算机文件复制”和“在目标计算机上运行PowerShell”之类的任务在受保护的服务器上暂存工件,并在它们上运行配置/安装脚本。 If you're not using Windows, the same thing applies except you'll have to use the tasks that are more specifically keyed to non-Windows environments like SSH File Copy. 如果您不使用Windows,则适用相同的条件,除了必须使用更专门针对非Windows环境的任务(例如SSH File Copy)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.