I'm listing the contributors in an Azure Devops services git repository, and seeing some users with a guid instead of a domain in the email address, i.e username#xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
I've tried to track this guid back to any user property, but couldn't find any match.
Any idea on where it could have come from? I'd want to be able to track it back to the user and I don't think I can use the username as a unique identifier (its domain specific).
That's a strange one. Maybe an issue with how Active directory is syncing with Azure DevOps. I would try and validate with a user who has the problem what they have in their local git config file.
Something to be aware of is the email format enforcement you can do for git repositories. Project Settings -> Repositories -> Policies.
https://dev.azure.com/{collection}/{project}/_settings/repositories?repoGroup=true&_a=pushpolicy
Git stores your name and email address in its config file. This file can be at the system level, global to your account on your computer, or local to a repository. If a name and email aren't found in any of these places, Git will do its best to get this information from your operating system. Your details are included in the commit, marking you as the author of that commit.
Where does Azure DevOps Services get your name and email?
Your details in Azure DevOps Services come from your profile. Your
profile was originally populated from details in your Microsoft
Account or Azure Active Directory account, but you may change these
details yourself. When you edit a file in the web or complete a PR,
Azure Repos supplies your profile details as the author of the
commit. This is another opportunity for your name or email address
to be specified differently.
Please check both of Git and Azure DevOps Service and make sure the name and e-mail is correct.
--How do I change my information in Git and Azure DevOps Services?
In Git, you can run two commands to change your name and email
address:
git config --global user.name "Frances Totten"
git config --global user.email "frances_t#fabrikam.com"
In Azure DevOps Services, you can update your profile by clicking your picture in the upper right corner and choosing My profile.
Besides, you could also try to change the author displayed for past commits. More details please kindly refer our tutorial here-- How names work in Git
Related
I am using the GitHub pull request builder plugin in Jenkins to make pull requests on GitHub automatically trigger Jenkins jobs.
I am using GitHub Enterprise and when I try to get the values of environment vars ghprbActualCommitAuthor and ghprbActualCommitAuthorMail, I get incorrect values:
ghprbActualCommitAuthor : GitHub Enterprise
ghprbActualCommitAuthorEmail : noreply#github.***.com
Please help, thanks!
This behavior is seen in GitHub Enterprise when users commit changes directly using the web UI or they have not set their email addresses.
According to GHE support:
This is by design, since the commit is actually done by the GitHub Enterprise instance. This is because we do not impersonate users when creating commits.
You can fix this by ensuring that users make commits only through the Git clients using their own SSH credentials or Personal Access Tokens.
I'm trying to set up Jenkins Multi-branch pipelines to add status checks to my GitHub private org repos. Blue Ocean requires the bot-user to have write (maybe more) privileges, listed as so:
I would like to pull code, write status checks but not push code. Is there any combination/workaround that will enable this?
P.s. I'm not entirely confident in what each scope enables and what permission level of collaborator (read/write/admin) they need even though I've read the hyperlinked docs.
A personal access token grants a user API access at the same level of their permissions within GitHub, never greater. For example if the user has read access to a repo and the token is marked as "Full control" then they will still only have read access to that repo.
Writing a Status Check requires the user to have Write, Maintain or Admin permission to your repos as described in this page:
https://help.github.com/en/articles/repository-permission-levels-for-an-organization
Write, as the name suggests, grants push permission to your repo so you will need to think about how to proceed.
I assume you're using GitHub.com (rather than GitHub Enterprise) so would suggest the following:
Grant the bot-user write access to your repo
Create a team of users who require push access
Enable the branch restriction "Restrict who can push to this branch"
Add the newly created team you to the restriction
Set the "Branch name pattern" to *
https://help.github.com/en/articles/enabling-branch-restrictions
This will apply the restriction to all branches within your repo and prevent the user from pushing, but does not prevent the writing of status checks.
If you were using GitHub Enterprise I would consider a pre-receive hook to prevent the bot-user from being able to push code into your repos.
Mick
I'm new to SVN when committing the code to svn repository it was not asking username and password and it will raise issue showing author name was empty in repository commit history. How could set for username every time while committing the code to svn repository in Xcode ?
You should be able to run svn info <REPOSITORY-URL> -username <USERNAME> and the <USERNAME> will be specified as svn:author for your commits.
The actual problem is that your server allows anonymous and non-authenticated access. I guess that your admin may want to reconsider that and make the server require authentication or at least reject commits with empty svn:author property. Users should not be able to enter arbitrary usernames / commit author names. How are you going to distinguish was an author of some revision in future? How are you going to search repository history for commits made by a particular user if this user can enter anything he wants as his username?
I'm hosting a project on my Jenkins server. That project has a GitHub repo and I have it set up so it automatically builds new commits. In order for that to work, I need to input credentials for a github account that has full access to the repo.
The problem is, that if I want him to add his login info to the credentials list, I'd have to give him acces to all credentials on the server (I don't want that).
I tried using the credentials under "{username}" > "Credentials", but those didn't show up in the project setup (even with 100% access to everything on the server).
Is there a way for the user to store his credentials and use them for the project without giving him full access to all credentials on the server?
Add the user's credentials under Global security and then allow project based Matrix Authorization Strategy per project as shown:
I found the answer in this mailing list entry:
In short: You need to
install and activate the Authorize Projects Plugin,
enable "run as specific user" strategy in global security settings,
enable this for the project in question.
This allows you to use the credentials for this specific user.
Enabling ssh-agent is the final step to make this work conveniently.
Here is what I've done so far.
Grabbed the Repository URL from AppHarbor
In bitbucket, I configured the AppHarbor service to use that token.
For the project, I entered the same name of the application I used in AppHarbor (I have no idea what a slug is)
I saved the settings
I granted apphb read permissions in Access Management
I pushed to bitbucket. I even created a dummy changeset to make sure it would get a new push
In AppHarbor, I clicked on "Build URL" and it tells me that my URL was succesfully copied to the clipboard.
I followed the guide to the letter (well, with the exception of the slug, so I'm expceting that is the issue).
Steps to Follow and what gets filled in where:
On BitBucket:
Apphb needs read access to the repository (if it's private)
Go to admin
Add Service: AppHarbor
Token is the UglyValue from the "authorization=UglyValue" part of the build url
Project Name is the last part of the url when looking at that application on AppHarbor. So https://appharbor.com/applications/slug-is-here would use "slug-is-here"
Then you are good to go. You can get more complicated than that (like branches and whatnot) but that's the basic setup.