I'm trying to work with TFS 2018 Artifacts.
I created a very simple build (definition)- it has one agent phase that uploading artifact, and then another agent that should download the artifact.
The Download Build Artifact failed with Unauthorized:
Downloading artifacts from: {...}/tfs/DefaultCollection//_apis/resources/Containers/262302?itemPath=Artifact&isShallow=true&api-version=4.1-preview.4
Failed to parse response body: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
.
.
.
(Also this message appears five times)
More details (please comment for asking to add more)
Both phases marked with this:
TFS 2018 Unauthorized when downloading current build artifact
According to the error message:
This is an authentication issue, you could check if those two Agent phases use the same build agent. And try to enable the option Allow scripts to access OAuth token in the Agent phase page:
If you are using different build agent, you should make sure your account has permission to access that agent:
Agent Pools-> Agents-> Roles
Add your account as user or admin.
If above not resolve this issue, I would like provide you a workaround to resolve it:
Create a share folder on your TFS server, then make sure your account could access that share folder, now we could publish our artifact to that share folder instead of Visual Studio Team Services/TFS:
Related
In my organization we have some Jenkins jobs building packages and pushing the packages to a private feed on Azure DevOps.
This has been running for years.
The build machine has Credential Manager Core running, enabling the job perform Git operations like tagging and updating submodules on same Azure DevOps orhanisation.
I suppose Credential Manager Core has also been used by Nuget Push.
Every time the Personal Access Token in %AppData%\Nuget\Nuget.Config expired, we created a new PAT for the AD user running the Jenkins service and updated NuGet.Config with:
nuget sources Update -Name <feedname> -UserName <user> -Password <PAT>
Since a few weeks now, the jobs started failing, and the Jenkins log shows:
C:\Users\<user>\.nuget\packages\nuget.commandline\5.8.0\tools\NuGet.exe push C:\Jenkins\workspace\<buildjob>\Deploy\MyPackage.1.0.17.nupkg -ApiKey [hidden] -Source \<feedname>
Pushing MyPackage.1.0.17.nupkg to 'https://pkgs.dev.azure.com/\<organization>/_packaging/\<some GUID>/nuget/v2/'...
PUT https://pkgs.dev.azure.com/<organization>/_packaging/\<some GUID>/nuget/v2/
MSBuild auto-detection: using msbuild version '17.3.1.41501' from 'C:\Program Files\Microsoft Visual Studio\2022\Professional\MSBuild\Current\bin'.
Using credentials from config. UserName: ****
[CredentialProvider]Using the ADAL UI flow for uri https://pkgs.dev.azure.com/<organization>/_packaging/<feedname>/nuget/v3/index.json. User sign-in required in a pop-up authentication window.
[CredentialProvider]DeviceFlow: https://pkgs.dev.azure.com/<organization>/_packaging/<feedname>/nuget/v3/index.json
[CredentialProvider]ATTENTION: User interaction required.
**********************************************************************
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXXXX to authenticate.
**********************************************************************
[CredentialProvider]Device flow authentication failed. User was presented with device flow, but didn't react within 90 seconds.
[CredentialProvider]Using the ADAL UI flow for uri https://pkgs.dev.azure.com/<organization>/_packaging/<feedname>/nuget/v3/index.json. User sign-in required in a pop-up authentication window.
Needless to say; user interaction during headless build is not very efficient.
I found an article describing Azure Artifacts Credential Provider and thought this might solve the problem.
According to section Other automated build scenarios it should be sufficient to declare an environment variable VSS_NUGET_EXTERNAL_FEED_ENDPOINTS with content like:
{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/<organization>/_packaging/<feedname>/nuget/v3/index.json", "username":"optional", "password":"accesstoken"}]}
I replaced the "accesstoken" above with my own accesstoken, but still NuGet Push seems to depend on my %AppData%\Nuget\Nuget.Config.
The preferred solution would be to hold the Personal Access Token in a Jenkins Secret, and use that for Git clone and Git tag as well as for NuGet Restore and NuGet Push.
I find local config files and OS environment varables to be more problem prone, and would rather avoid them.
I have created a folder on my localhost and shared it by giving all the permissions.
Now inside the Build Definition, i have used the "Publish Artifact" and configured it as shown in the below screenshot:
Error: I am getting error during the build process to publish the artifact on the respective location. The error is shown in the below screenshot:
Any help will be greatly appreciated. Thanks in advance.
The Publish Artifact build task runs on a build agent. That build agent cannot address a file share on your localhost as \\localhost\something. You should use the name of your host which is available on the network, e.g. \\mylaptop\publicshare.
In fact, if the build agent is a VSTS hosted agent, it will not be able to see your file share unless it is visible on the internet. Basically, this is what the error message is about:
If directory is a file share, please verify the share name is correct, the share is online, and the current process has permission to access the share.
We are using Sonar 6.1. SCM provider for this project is: tfvc. Even though we have provided the tfvc settings like username and PAT/password we are getting the below error.
2017-01-18T06:44:22.9837227Z INFO: SCM provider for this project is: tfvc
2017-01-18T06:44:22.9837227Z INFO: 1245 files to be analyzed
2017-01-18T06:44:25.0818549Z ##[error]ERROR: Unable to TFS annotate the project which raised the following authentication exception: TF30063: You are not authorized to access extranet URL.
2017-01-18T06:44:25.0818549Z INFO: 0/1245 files analyzed
2017-01-18T06:44:25.0818549Z ##[error]WARN: Missing blame information for the following files:
2017-01-18T06:44:25.0818549Z ##[error]WARN: * C:/../../../../*.cs
2017-01-18T06:44:25.0818549Z ##[error]WARN: * C:/../../../../*.js
You are not authorized to access extranet URL.
It appears that the analysis process can't get to TFS to pull the required blame data.
Weve been trying to implement Microsoft's Release Management into our CI\CD process between trusted and untrusted servers.
The TFBuild server drops the compiled files onto the drop folder via FTP as post build script, and goes on to trigger the Release process
In the build process i have configured the components to be taken from an UNC: C:\BuildDrop[Build]\Artifacts
The release keeps failing on an error cannot find files under "C:\BuildDrop\\Artifacts...." and u can see the BuildNumber is missing.
after some research in the logs i found out that the metadata of the tfs transfered to the Release server is empty and looks as follows
<Metadata>
<BuildDefinition></BuildDefinition>
<BuildNumber></BuildNumber>
<PackageLocation></PackageLocation>
<ServerName>RMServerName</ServerName>
<ServerDnsName>DNSName</ServerDnsName>
<TeamProject></TeamProject>
<TfsCollection></TfsCollection>
<TfsUrl></TfsUrl>
<TfsUrlWithCollection></TfsUrlWithCollection> </Metadata>
(This was captured using DeploymentAgent.exe debug start)
Note: same user running the DeploymentAgent and the BuildService and has TFSCollection Admin authorization and Administrator on both servers
I keep getting this error everytime I try to setup TFS plublishing with my Azure Cloud Services Account:
Unable to find AzureContinuousDeployment.11.xaml
And links to this post:
http://blogs.msdn.com/b/bharry/archive/2012/06/07/announcing-continuous-deployment-to-azure-with-team-foundation-service.aspx
I had removed the BuildProcessTemplates folder to another path inside TFS. I just restored it to "$//BuildProcessTemplates" just like the article said, but I keep getting the same error from the Windows Azure Management portal.
The publishing templates haven't been modified.
OK so apparently, I needed at least one Build Configuration defined in the "Builds" section of Team Explorer for this to work.
I added a new configuration called TEMP and directed the process template xaml to the root folder.
Once that was configured I went back to the Azure Management Site, retried the "Setup TFS Publishing" option and everything worked fine.