如何解决创建服务端点有效吗? REST方法失败,CLI挂起
我正在尝试在Azure DevOps中创建服务终结点(也称为服务连接)。我首先尝试使用DevOps CLI,但是此方法挂起。如下所示使用az devops。
az devops service-endpoint azurerm create --name “Azure subscription 1 endpoint” --azure-rm-service-principal-id $serviceprincipleid --azure-rm-subscription-id $subscriptionid --azure-rm-tenant-id $tenantid --azure-rm-subscription-name $serviceprinciplename --organization $organization --project $project
挂起,直到我重新启动PowerShell
我怀疑登录的帐户没有访问权限?? IDK。而且也无法指定我需要的个人访问令牌。
然后,我将注意力转向使用个人访问令牌(PAT)进行身份验证来调用DevOps REST方法。我正在使用sample
中的文档这是PowerShell中的基本代码
$body = '{
"data": {
"subscriptionId": "1272a66f-e2e8-4e88-ab43-487409186c3f","subscriptionName": "subscriptionName","environment": "AzureCloud","scopeLevel": "Subscription","creationMode": "Manual"
},"name": "MyNewARMServiceEndpoint","type": "AzureRM","url": "https://management.azure.com/","authorization": {
"parameters": {
"tenantid": "1272a66f-e2e8-4e88-ab43-487409186c3f","serviceprincipalid": "1272a66f-e2e8-4e88-ab43-487409186c3f","authenticationType": "spnKey","serviceprincipalkey": "SomePassword"
},"scheme": "ServicePrincipal"
},"isShared": false,"isReady": true,"serviceEndpointProjectReferences": [
{
"projectReference": {
"id": "c7e5f0b3-71fa-4429-9fb3-3321963a7c06","name": "TestProject"
},"name": "MyNewARMServiceEndpoint"
}
]
}' | convertto-json | convertfrom-json
$bo = $body | convertfrom-json
$bo.data.subscriptionId = $subscriptionid
$bo.data.subscriptionName = "subscription name"
$bo.name = $serviceprinciplename
$bo.authorization.parameters.tenantid = $tenantid
$bo.authorization.parameters.serviceprincipalid = $serviceprincipalid
$bo.authorization.parameters.serviceprincipalkey = $serviceprincipalkey
$bo.serviceEndpointProjectReferences = @{}
$readybody = $bo | convertto-json -Depth 100
#POST https://dev.azure.com/{organization}/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4
function createazurermserviceendpoint($body,$pat,$org,$project)
{
#POST https://dev.azure.com/{organization}/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4
$requestpath = "/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4"
$token = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$pat"))
$uribase = "https://dev.azure.com/" + $org
$uri = $uribase+$requestpath
$authheader = "Authorization=Basic " + $token
$result = az rest --method post --uri $uri --headers "Content-Type=application/json" $authheader --body $body | convertfrom-json
return $result
}
$result = createazurermserviceendpoint $readybody $pat $org $project
该方法将引发Bad Request异常,如下所示
az : Bad Request({"$id":"1","innerException":null,"message":"TF400898: An Internal Error Occurred. Activity Id:
10a098a9-b4b5-4def-8356-307a5cad0579.","typeName":"Newtonsoft.Json.JsonReaderException,Newtonsoft.Json","typeKey":"JsonReaderException","errorCode":0,"eventId":0})
因此,我进入fiddler的UI,并认为合同是相同的,因此捕获了自动和手动创建服务端点。我不确定是这样。 API生成的json主体如下所示。当我尝试通过脚本传递此消息时,我和他们两个都得到与上面完全相同的错误。 json都不像另一个。我从上面提到的文章中的示例json结构开始。现在我不确定是什么问题。
#hack a version from fiddler to try it
#fiddler body capture from automated service connection
$readybody = '{"authorization":{"parameters":{"tenantid":"xxxxxxxx-34e9-4306-ac1a-5f28c1d08fb1","serviceprincipalid":"","serviceprincipalkey":"","authenticationType":"spnKey"},"scheme":"ServicePrincipal"},"createdBy":{},"data":{"environment":"AzureCloud","scopeLevel":"Subscription","subscriptionId":"yyyyyyyy-75c4-4dfd-bdd5-c8c42d1a5dd0","subscriptionName":"Azure subscription 1.1","creationMode":"Automatic","appObjectId":"","azureSpnPermissions":"","azureSpnRoleAssignmentId":"","spnObjectId":""},"isShared":false,"name":"Azure sub 1.1 test","owner":"library","type":"azurerm","url":"https://management.azure.com/","administratorsGroup":null,"description":"","groupScopeId":null,"operationStatus":null,"readersGroup":null,"serviceEndpointProjectReferences":[{"description":"","name":"Azure sub 1 test","projectReference":{"id":"zzzzzzzz-fad9-427f-ad6c-21f4ae2d311f","name":"Connected2someone"}}]}'
$result = createazurermserviceendpoint $readybody $pat $org $project
失败的方式相同
#fiddler body capture from manual service connection
$readybody = '{"dataSourceDetails":{"dataSourceName":"TestConnection","dataSourceUrl":"","headers":null,"resourceUrl":"","requestContent":null,"requestVerb":null,"parameters":null,"resultSelector":"","initialContextTemplate":""},"resultTransformationDetails":{"callbackContextTemplate":"","callbackrequiredTemplate":"","resultTemplate":""},"serviceEndpointDetails":{"administratorsGroup":null,"authorization":{"scheme":"ServicePrincipal","parameters":{"serviceprincipalid":"xxxxxxxx-65b2-470d-adc7-c811fc993014","authenticationType":"spnKey","serviceprincipalkey":"{a key}","tenantid":"yyyyyyy-34e9-4306-ac1a-5f28c1d08fb1"}},"createdBy":null,"subscriptionId":"zzzzzzzz-75c4-4dfd-bdd5-c8c42d1a5dd3","subscriptionName":"azure test 2 ","creationMode":"Manual"},"name":"azure test 2 connection","serviceEndpointProjectReferences":null,"owner":"library"}}'
$result = createazurermserviceendpoint $readybody $pat $org $project
以相同的方式失败。
有人可以确认REST API是否有效吗?指定了什么版本的API,正文json看起来像我发布的内容?
解决方法
我对您的PowerShell脚本进行了测试,并得到了与您相同的错误。
然后,我切换到具有相同主体的另一个PowerShell脚本,并且它起作用了。
这是我的剧本:
$pat = "{PAT}"
$pat = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($pat)"))
$url="https://dev.azure.com/{organization}/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4"
$body = @'
{
body
}
'@
$head = @{ Authorization =" Basic $pat" }
Invoke-RestMethod -Uri $url -Method Post -Headers $head -Body $body -ContentType application/json
因此,错误的原因可能是您的PowerShell脚本(可能是az rest
),而不是REST API请求正文。您可以尝试我提供的PowerShell脚本。
顺便说一句:
您可以使用PAT登录Azure DevOps CLI。请单击this document了解详细信息。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。