I have recently migrated to Azure DevOps from Teamcity, yesterday i migrated around 60 repositories.
I set some permissions on our core project repository using tf.exe and this command
tf git permission /deny:CreateBranch
/group:[FabrikamProject]\Contributors
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
I ideally need to apply the same permissions to the other repositories.
I am wondering if there is a way to use tf.exe to accept wildcards for the repository param such as:
/repository:*
- this does not work
I really do not want to go through them manually, but will have to otherwise.
I don't know if the wildcard work, but you can iterate the repositories and run the command with a small PowerShell script (using the Rest API):
$reposJson = Invoke-RestMethod -Method Get -Uri https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=5.0-preview.1 -ContentType application/json
$repos = $reposJson | ConvertFrom-Json
$tfExe = "path/to/exe"
$repos.value.ForEach({
& $txExe git permission /deny:CreateBranch /group:[FabrikamProject]\Contributors /collection:{collection} /teamproject:{project} /repository:$_.name
})
You just need to authenticate, you can use -Credential {email}
(in the Invoke-RestMethod
) and a window will prompt to put a password or use PAT in this way:
$personalAccessToken = "your-personal-access-token-here"
$header = @{Authorization = 'Basic ' + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$($personalAccessToken)"))}
And add -Headers $header
in the Invoke-RestMethod
.
Instead of /repository:*
you just remove this parameter to get desired behavior.
The documentation doesn't say so explicitly, but to set project-level permissions ( all existing and new repositories ), you should avoid specifying a particular repository. I have tried it and it works.
So tf
code looks like this:
tf git permission /deny:CreateBranch
/group:[FabrikamProject]\Contributors
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
#You should remove this => /repository:FabrikamRepo
The documentation shows an example of how to get project-level permission information. Other examples refer to repository level permission settings and the relevant difference is that the /repository
parameter is specified.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.