Use an external (private) nuget server as upstream source in Azure Artifacts? - azure-artifacts

Is there any way of using an external private nuget feed (either an Artifact feed belonging to another organization, or a standalone private (basic auth) enabled nugetserver) as an upstream source in Azure Artifacts?
It is possible in other parts of Azure Devops as a service connection, but I can't find a way of either utilizing service connections nor specify a private external nuget as upstream source in Artifacts. The only options are public nuget servers and feeds present in Devops.

Not yet. We're considering building support for custom upstream sources next quarter. This Developer Community suggestion tracks the idea.

Related

Azure Data Factory CI/CD without using AzureDevOps & AzureRepo

With Azure Data Factory, mostly used with Azure Repo & for CI/CD, Azure DevOps is used.
Currently I am using Azure Data Factory, where the AzureRepo not configured and Azure DevOps is not to be used as DevOps need to be build around a framework which included GitLab, Concourse-CI , Terraform and other OpenSource tools. All the JSONs are exported & available on GitLab. From there Azure Data Factory need to be created on every check-in from the ARMs/ADF-JSONs.
Let me know if anyone has came across such scenarios and is there a way to publish Azure Data Factory without using AzureDevOps & AzureRepo.
Yes there is. The JSONs being exported are standard Azure Resource Manager (ARM) templates. These templates can be deployed from outside of Azure DevOps.
Here is how to deploy ARM templates using GitHub Actions
Another option would be to use Powershell New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateFile <path-to-template>
Basically anything on how to deploy ARM templates to Azure will allow for Data Factory pipelines and infrastructure to be deployed.

Direct download URL for universal package in Azure artifacts

we would like to share a URL pointing to an universal package to our company internal customers.
By opening the link the referenced universal package file shall be directly downloaded.
I know that I can use the Azure CLI for achieving the same goal but forcing the people to install and properly configure the Azure CLI only for downloading the package file is not ideal.
Therefore I am interested if there is a way to have a direct download link for a universal package.
Thank you
The answer is No.
1,If your customers donot have access to your azure devops project.
The most direct workaround i can think of is to create a azure repo and upload the universal package to this repo. Then create a PAT with only Code-read scope. Then you can share below commands with your customers. They can download the universal package directly with below git command.
git clone https://{PAT}#dev.azure.com/{Org}/{Proj}/_git/{repoName}
The PAT created above may have the access to your other azure repos. To create a more secure PAT with access to only one repo, you can refer to this thread Giving a script Git access to a single Azure Repo
2,If your customers have access to your azure devops project.
They can use their own credential to git clone the universal package azure repo directly.
Pulish the universal package to azure pipeline server as build artifacts as Torsten mentioned is workable too. But it is a little complicated.
You have to create a pipeline to publish the package and call Get Artifacts rest API to get the download url of the build artifacts. The download url will authenticate Your customers to download the artifacts.(So This is only workable if customers have access to your azure devops project)
You must use the Azure CLI to download the package. Azure DevOps [currently] doesn't support direct HTTP/HTTPS download links or other ways to download the package.
Build/pipeline artifacts can be downloaded, though.

Is there a way to host binaries on Azure DevOps kind of like GitHub allows?

I develop mostly desktop apps and class libraries, and I am struggling to find an way to host them using pipeline automation.
I know I can push them to a UNC, but then people need to know that path to find them. It works, but is not very user friendly.
What I would like is a way to host them on DevOps Server, like GitHub. On GitHub there is a Release section that you can go to and download the binaries of a project. I know Azure DevOps is geared toward webapps, but has anyone found a way to use build/release pipelines to automate the hosting of binary files?
I think what you are looking for is the Atifacts which is under the Test Plans in your project in Azure DevOps.
You can publish and download your binaries very easily here. Create a Feed and connect to it with any kinds of packages, including built in ones like NuGet and Maven, or you can customize it which called Universal packages in it.
You may find more useful information at Azure Artifacts documentation, learn what is Azure Artifacts and how you can publish and download you binaries via the CLI tool.

Issue with visual studio build agent behind a proxy

I am currently setting up continuous integration using Visual Studio Team Services with onsite build agents, but I am having issues with my company's proxy.
I have tried adding the .proxy file but my company's proxy is still blocking it (it is a very old proxy).
Speaking to my infrastructure guys they can bypass the proxy but need all the urls that the build agent calls.
Unfortunately I can not find a list online of all the urls that it requires, I know it needs the following:
https://xxxxxxxxx.visualstudio.com
https://xxxxxxxxx.vssps.visualstudio.com
Does anyone know all the other urls that an onsite build agent calls?
It's hard to tell, the agent itself uses a number of URI's connect, the ones I know of are these at least:
account.visualstudio.com
account.vsrm.visualstudio.com
account.vssps.visualstudio.com
app.vssps.visualstudio.com
But then there are a number of tasks that need download access as well, e.g.
npm needs access to www.npmjs.com
Sonar Qube needs to download the sonar runner
NuGet needs access to www.nuget.org to restore packages
...
Then depending on which extensions you use, you may need additional ones
My Snyk task needs access to snyk.io for example
The easiest way to find them all is to setup a build agent outside of your company network and monitor the traffic with fiddler. To get an answer from the source I recommend to post an issue on the vsts-agent github repo.

Visual Studio Online Hosted Agent Public IP

I'm attempting to move our internal builds to VSO. The kicker is that we have our own private nuget feeds that the builds will obviously need access to. Now I would rather not have to just open the feeds up to everyone and instead whitelist the ip(s) being used by the VSO hosted build agents.
Has anyone got any ideas as to how I go about getting th ip ranges used by these hosted agents?
Or is there a better way of achieving what I am after?
thanks
VSO Build Agents are hosteded in cloud, so there is no changeless IP range for them.
I would recommend you set a credential for your Nuget Server. And in the build definition, adding a powershell step to call Nuget restore instead of using the "Restore Nuget Packages" option provide by VSO.
Other option also might to be install your own agent service on machine which has access to yours Nuget Repo:
https://www.visualstudio.com/en-us/docs/build/admin/agents/v2-windows

Resources