Azure DevOps - 服务连接 - REST API - 已添加具有相同密钥的项目

问题描述 投票:0回答:1

有一段时间,我在 Azure Devops 中创建新的 Azure ARM Manuel 服务连接,但无法验证它们。我收到错误:已添加具有相同密钥的项目。

如果我从 Azure DevOps GUI 将服务主体服务连接的密码更改为其他内容,则会收到密码错误,并且如果我将密码更新为与 REST API 创建密码时使用的密码完全相同的密码,则连接验证OK。

那么从 REST API 创建之后发生了一些事情,导致连接出现错误?

param(
    [Parameter(Mandatory)]
    [string]$SPKey,

    [Parameter(Mandatory)]
    [string]$PAT,

    [Parameter(Mandatory)]
    [string]$TenantID,

    [Parameter(Mandatory)]
    [string]$AADApplicationID,

    [Parameter(Mandatory)]
    [string]$subscriptionName,

    [Parameter(Mandatory)]
    [string]$SubscriptionId
)

#write-host "SPKEY is $SPKEY"
write-host "TenantID is $TenantID"
write-host "AADApplicationID is $AADApplicationID"
write-host "Subname is $subscriptionName"
write-host "SubID $SubscriptionId"

$subscriptionName = $subscriptionName.Replace('Ø','OE')
$subscriptionName = $subscriptionName.Replace('ø','oe')
$subscriptionName = $subscriptionName.Replace('Å','AA')
$subscriptionName = $subscriptionName.Replace('å','aa')
$subscriptionName = $subscriptionName.Replace('Æ','AE')
$subscriptionName = $subscriptionName.Replace('æ','ae')

write-host "Subname is now" $subscriptionName

$PATGetBytes = [System.Text.Encoding]::ASCII.GetBytes(":$PAT")
$Authentication = [System.Convert]::ToBase64String($PATGetBytes)
$Headers = @{Authorization = ("Basic {0}" -f $Authentication) }
$Uri = "https://dev.azure.com/ORG/PROJECT/_apis/serviceendpoint/endpoints?api-version=5.1-preview.2"
$Body = [pscustomobject]@{
    data = [pscustomobject]@{
        subscriptionId = "$SubscriptionId"
        subscriptionName = "$subscriptionName"
        CreationMode = 'Manual'
        scopeLevel = 'Subscription'
    }
    authorization = [pscustomobject]@{
            scheme = 'ServicePrincipal'
            parameters = [pscustomobject]@{
                tenantid            = "$TenantID"
                serviceprincipalid  = "$AADApplicationID"
                authenticationType  = "spnKey"
                serviceprincipalkey = "$SPKey"
        }
    }
    isShared                         = $true
    isReady                          = $True
    serviceEndpointProjectReferences = @(
        @{
            projectReference = @{
                id   = "9a4bfcab-c7b2-48fb-90c8-efb7461a962f"
                name = "CescomIaC"
            }
            name             = "$SubscriptionId"
        }
    )
    name = "$SubscriptionId"
    type = 'azurerm'
    url = 'https://management.azure.com/'
} | ConvertTo-Json -Depth 10
$serviceendpointAzure = Invoke-RestMethod -Uri $Uri -Method Post -Body $Body -Headers $Headers -ContentType 'application/json'
$serviceendpointAzureid = $serviceendpointAzure.id
$jsonpermitazure = @"
{
    "allPipelines": {
        "authorized": true,
        "authorizedBy": null,
        "authorizedOn": null
    },
    "pipelines": null,
    "resource": {
        "id": "$serviceendpointAzureid",
        "type": "endpoint"
    }
}
"@

$authhttpazure = "https://dev.azure.com/ORG/PROJECT/_apis/pipelines/pipelinePermissions/endpoint/" + $serviceendpointAzureid + "?api-version=5.1-preview.1"
Invoke-RestMethod -Method PATCH -Uri $authhttpazure -Headers $Headers -Body $jsonpermitazure -ContentType "application/json"
azure-devops azure-devops-rest-api serviceconnection
1个回答
0
投票

我尝试使用您的脚本来创建服务连接。当我单击“验证”按钮时,我发现了相同的错误消息。

然后我尝试用以下脚本替换正文,它可以验证成功。请参考以下脚本。

$SPKey="" 
$PAT=""
$TenantID=""
$AADApplicationID=""
$subscriptionName=""
$SubscriptionId=""
$orgname=""

#write-host "SPKEY is $SPKEY"
write-host "TenantID is $TenantID"
write-host "AADApplicationID is $AADApplicationID"
write-host "Subname is $subscriptionName"
write-host "SubID $SubscriptionId"

$PATGetBytes = [System.Text.Encoding]::ASCII.GetBytes(":$PAT")
$Authentication = [System.Convert]::ToBase64String($PATGetBytes)
$Headers = @{Authorization = ("Basic {0}" -f $Authentication) }
$Uri = "https://dev.azure.com/"+$orgname+"/_apis/serviceendpoint/endpoints?api-version=7.2-preview.4"
$body = @"
{
  `"data`": {
    `"subscriptionId`": `"$SubscriptionId`",
    `"subscriptionName`": `"$subscriptionName`",
    `"environment`": `"AzureCloud`",
    `"scopeLevel`": `"Subscription`",
    `"creationMode`": `"Manual`"
  },
  `"name`": `"MyServiceConnection`",
  `"type`": `"AzureRM`",
  `"url`": `"https://management.azure.com/`",
  `"authorization`": {
    `"parameters`": {
      `"tenantid`": `"$TenantID`",
      `"serviceprincipalid`": `"$AADApplicationID`",
      `"authenticationType`": `"spnKey`",
      `"serviceprincipalkey`": `"$SPKey`"
    },
    `"scheme`": `"ServicePrincipal`"
  },
  `"isShared`": false,
  `"isReady`": true,
  `"serviceEndpointProjectReferences`": [
    {
      `"projectReference`": {
        `"id`": `"17d78674-6c54-4723-9a07-30ceb77e7d84`",
        `"name`": `"PROJECT`"
      },
      `"name`": `"MyServiceConnection`"
    }
  ]
}
"@
$serviceendpointAzure = Invoke-RestMethod -Uri $Uri -Method Post -Body $Body -Headers $Headers -ContentType 'application/json'
$serviceendpointAzure | ConvertTo-Json

文档参考:Endpoints - Create api-version=7.2-preview.4

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.