stackoom
  简体   繁体   中英

Jenkins TFS Credential Binding

 原文  2018-01-03 12:16:16       powershell/ jenkins/ tfs/ jenkins-plugins/ credentials

Question

I have a large team of users using the same Active Directory credentials to log in to both TFS and Jenkins.

Example of AD accounts that can be used to access both TFS and Jenkins:

  • Company\\JohnSmith
  • Company\\MaryJones
  • Company\\ServiceAccount

In Jenkins I've created a job that will merge code and check-in to TFS by executing a PowerShell script.

At the moment the PowerShell script uses Company\\ServiceAccount to complete the merge and check-in in TFS. The problem with this is that even if Company\\JohnSmith or Company\\MaryJones kick off the Jenkins job, Company\\ServiceAccount is recorded in TFS as having completed the check-in.

For better traceability I would like to be able to use the credentials of the user that is currently logged into Jenkins (be it JohnSmith or MaryJones or any of the other hundreds of users), and pass that username & password to the PowerShell script to connect to TFS. The outcome will be that in TFS it will show that JohnSmith / MaryJones did the check-in instead of ServiceAccount .

I have installed the following Jenkins plugins:

  • Credentials Binding Plugin
  • Credentials Plugin
  • Plain Credentials
  • Plugin Team Foundation Server Plug-in

I would like to be able to automatically pass the currently logged in user's credentials to the PowerShell script. Is this possible and how do I go about it?

I don't wan't to pass the same credentials each time, and I don't want to have the user re-enter their username/password as a parameter.

1 answers

solution1
 0  2018-01-04 08:32:30

The script is using the user/ TFS credentials Company\\ServiceAccount which configured in Jenkins TFS plugin to do the TFS connection and check in operation.

There is no way to be able to automatically pass the currently logged in Jenkins user's credentials to the PowerShell script.

As a workaround, you could do this through TFS build pipeline. Since your source control is managed in TFS and just use the Jenkins build.

You could simply add a Jenkins Queue Job task which will queue a job on a Jenkins sever in TFS build definition.

Then add a powershell script task to do the merge and check in operation. About how to commit code to TFS with powerShell please refer this blog . Finally it will be the user who queued Jenkins Job, then checked in code in TFS.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Running PowerShell TFS script in Jenkins How do I use a jenkins declarative pipeline credential and convert to a powershell credential? Jenkins won't run Start-Job with Credential parameter How to pass jenkins credential parameter as Authentication header in powershell http post request Pass password into -credential Credential storage best practices Credential selection popup not appearing powershell filterhashtable credential Use curl with default credential Powershell - local credential verification
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM