How to run Git commands in Azure DevOps Server release pipeline using PowerShell tasks (git clone)
Question
I am trying to execute git commands through PowerShell task in an Azure DevOps Server and I am facing authentication issues. More specific the task keep exiting with error code 1, as it asks for username and password. The git commands I am trying to executre are:
$wikiUrl = 'https://azure-devops-server/tfs/Common/MainProject/_git/MainProject.wiki'
git clone $wikiUrl $tmpDirName --depth 1
# Editing files content
git -C $tmpDirName add $statusPageRepoPath
git -C $tmpDirName commit -m 'update status page'
git -C $tmpDirName push
I don't want to add the username and the password as parameters for security reasons. I am interested in making it work with the user credential being retrieved from the execution and not explicitly defined.
The recommended from Microsoft solution is to enable in the Agent the option to allow scripts to access the OAuth token. I have enabled this option as it is shown in the picture below, but still, I am getting the same error.
It looks like that the git clone command cannot access the token and it keeps asking for credentials. I tested also the git checkout and it looks to work ok. The problem is mainly appears to be with the clone command.
1 answers
solution1
1 ACCPTED 2020-10-17 21:35:31
After a lot of tries and trying different solutions I managed to make it work. As first step, as I mentioned in my question, I enabled the option in the Agent to allow scripts retrieve the OAuth token.
This doesn't look to be sufficient as it needs also to pass the token in the requests. In order to do this, I applied the following changes:
- I changed the URL of the repository prior to git clone . The initial URL was this one:
and the new is this one:$wikiRawUrl = 'https://azure-devops-server/tfs/Common/MainProject/_git/MainProject.wiki'
which adds the access token$wikiRawUrl = 'https://azure-devops-server/tfs/Common/MainProject/_git/MainProject.wiki' $url = "$($wikiRawUrl)".Replace("https://", "") $wikiUrl = "https://$($env:SYSTEM_ACCESSTOKEN)@$url"env:SYSTEM_ACCESSTOKENin front of the URL of the repository.
I added in extra parameters on my git commands in order to pass the access token again as extra header in them. Furthermore, to ensure that I am not going to have any issues with our local provided certificate, I also explicitly applied the https.sslbackend to schannel ( this part was taken from reverse engineering native tasks of Azure DevOps release pipelines ). As that, the initial commands were these ones:
git clone $wikiUrl $tmpDirName --depth 1 # Editing files content git -C $tmpDirName add $statusPageRepoPath git -C $tmpDirName commit -m 'update status page' git -C $tmpDirName pushand the new ones are these:
git -c http.extraheader="AUTHORIZATION: bearer $($env:SYSTEM_ACCESSTOKEN)" -c http.sslbackend="schannel" clone $wikiUrl $tmpDirName --depth 1 # Editing files content git -C $tmpDirName -c http.extraheader="AUTHORIZATION: bearer $($env:SYSTEM_ACCESSTOKEN)" -c http.sslbackend="schannel" add $statusPageRepoPath git -C $tmpDirName -c http.extraheader="AUTHORIZATION: bearer $($env:SYSTEM_ACCESSTOKEN)" -c http.sslbackend="schannel" commit -m 'update status page' git -C $tmpDirName -c http.extraheader="AUTHORIZATION: bearer $($env:SYSTEM_ACCESSTOKEN)" -c http.sslbackend="schannel" push
All the above changes worked well and finally I was able to use git commands without any problem in PowerShell.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.