[英]Azure Devops Pipeline Run makes Git Error?
ACTION: I have a git project on my work azure devops that I pull normally using ssh authentication.行动:我的工作 azure devops 上有一个 git 项目,我通常使用 ssh 身份验证将其拉取。 I tryed to run a pipeline on my work azure devops and work self-hosted windows computer from azure GUI to test CI features.
我尝试在我的工作 azure devops 上运行管道,并从 azure GUI 工作自托管 windows 计算机以测试 CI 功能。 It's a hello word project, just testing if everything is set-up correctly.
这是一个 hello word 项目,只是测试是否一切设置正确。
EXPECTED:预期的:
Seeing "Hello word" results from Azure Pipelines jobs terminal.从 Azure Pipelines 作业终端看到“Hello word”结果。
RESULT:结果:
Pipeline use an automated script and run some git commands witch try to init and fetch a https project with wrong credentials and fails.管道使用自动化脚本并运行一些 git 命令,尝试使用错误的凭据初始化和获取 https 项目并失败。 Here's the log with some redacted info.
这是包含一些已编辑信息的日志。
2020-09-21T20:35:25.0633203Z ##[command]git init "C:\agentW\_work\1\s"
2020-09-21T20:35:25.1242756Z Initialized empty Git repository in C:/agentW/_work/1/s/.git/
2020-09-21T20:35:25.1279844Z ##[command]git remote add origin https://********(REDACTED)
2020-09-21T20:35:25.1703998Z ##[command]git config gc.auto 0
2020-09-21T20:35:25.2109482Z ##[command]git config --get-all http.https://********(REDACTED).extraheader
2020-09-21T20:35:25.2498108Z ##[command]git config --get-all http.proxy
2020-09-21T20:35:25.2898438Z ##[command]git -c http.extraheader="AUTHORIZATION: bearer ***" fetch --force --tags --prune --progress --no-recurse-submodules origin
2020-09-21T20:35:25.5928108Z fatal: unable to access 'https:********(REDACTED)': SSL certificate problem: unable to get local issuer certificate
INFO:信息:
I tried going to C:\agentW_work\1\s and using git remote set-url origin ssh... as specified here: https://learn.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops and make a pull manually.我尝试转到 C:\agentW_work\1\s 并使用 git 远程设置 url 来源 ssh... 如此处指定: https://learn.microsoft.com/en-us/azure/devops/repos/git/使用 ssh-keys-to-authenticate?view=azure-devops并手动进行拉取。 it succeeded.
它成功了。
I tried changing C:\agentW.credentials authorizationUrl and oauthEndpointUrl values to values given to me by our DevOps.我尝试将 C:\agentW.credentials authorizationUrl 和 oauthEndpointUrl 值更改为我们的 DevOps 给我的值。
I tried running another pipeline projects(from other personal azure repo, but same self-hosted computer) with a HTTP settings in configuration #2, it works.我尝试使用配置 #2 中的 HTTP 设置运行另一个管道项目(来自其他个人 azure 回购,但相同的自托管计算机),它有效。 See below.
见下文。
I have acess to my C:\Users*****(REDACTED).ssh, if i need to paste my public ssh key somewhere.我可以访问我的 C:\Users*****(REDACTED).ssh,如果我需要将我的公共 ssh 密钥粘贴到某处。
Question :问题:
Configuration#1: Work Computer + Work Azure DevOps.配置#1:工作计算机 + 工作 Azure DevOps。
# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger:
branches:
include:
- feature/azure-pipelines
pool:
name: Default
demands:
- agent.name -equals WORK
steps:
- script: echo Hello, world!
displayName: 'Run a one-line script'
- script: |
echo Add other tasks to build, test, and deploy your project.
echo See https://aka.ms/yaml
displayName: 'Run a multi-line script'
Configuration#2: Work Computer + Personal Azure DevOps.配置#2:工作计算机 + 个人 Azure DevOps。
# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger:
branches:
include:
- master
pool:
name: Default
demands:
- agent.name -equals WORK
steps:
- task: RunMATLABCommand@0
inputs:
command: runBatchT
- task: RunMATLABTests@0
inputs:
testResultsJUnit: test-results/results.xml
codeCoverageCobertura: code-coverage/coverage.xml
sourceFolder: src;test
- task: PublishTestResults@2
condition: succeededOrFailed()
inputs:
testResultsFiles: test-results/results.xml
- task: PublishCodeCoverageResults@1
inputs:
codeCoverageTool: Cobertura
summaryFileLocation: code-coverage/coverage.xml
It's a temporary fix, But I found that deleting my self hosted agent and creating a new one with sslcert skip worked.这是一个临时修复,但我发现删除我的自托管代理并使用 sslcert skip 创建一个新代理是有效的。
.\config.cmd --sslskipcertvalidation
It's going to influence the git script and modify this line to use the ssl skip paramter:它将影响 git 脚本并修改此行以使用 ssl 跳过参数:
2020-09-22T12:34:55.3658192Z ##[command]git -c http.extraheader="AUTHORIZATION: bearer ***" -c http.sslVerify=false fetch --force --tags --prune --
Source:资源:
https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/certificate?view=azure-devops-2020 https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/certificate?view=azure-devops-2020
https://confluence.atlassian.com/bitbucketserverkb/ssl-certificate-problem-unable-to-get-local-issuer-certificate-816521128.html https://confluence.atlassian.com/bitbucketserverkb/ssl-certificate-problem-unable-to-get-local-issuer-certificate-816521128.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.