TechQA.

i am facing below issue in git based wiki updater task

955 views Asked by At

enter image description here I created Authentication token as well all permission for user which running pipeline is defined

azure-devops azure-pipelines-release-task azure-pipelines-tasks
Original Q&A
2

There are 2 answers

0
Levi Lu-MSFT On

If you checked Run with Build Agent Credentials as Authentication in the task. And the build account {ProjectName} build service ({OrganizationName}) was granted Read and Contribute permission in the Wiki Security page.

But you still encounter above error. It's probably because you have IIS Basic Authentication turned on in the Azure DevOps Server machine. When IIS Basic Authentication is enabled on your windows machine, it prevents you from using personal access tokens (PATs) as an authentication mechanism. See here.

We recommend you keep IIS Basic Authentication turned off at all times when using Azure DevOps Server. Only if necessary should you enable IIS Basic Authentication. When IIS Basic Authentication is enabled on your windows machine, it prevents you from using personal access tokens (PATs) as an authentication mechanism.

As workaround to this, you can add an extra header which includes a base 64 encoding of "user:PAT" to the Git requests when IIS Basic Authentication is enabled:

So you can run the pure git commands in a powershell task to update your wiki repo, instead of uisng the git based wiki updater task. See below example scripts in the powershell task (yaml format):

steps:
- powershell: |
  
   git config --global user.email "[email protected]"
   git config --global user.name "name"
   
   $MyPat = "$(system.accesstoken)"
   $B64Pat = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$MyPat"))
   
   #clone the wiki repo
   git -c http.extraHeader="Authorization: Basic $B64Pat" clone https://server/collection/_git/Document.wiki -q
   
   cd Document.wiki

   #add a new file 
   echo  echo "some-text"  > addnew.md
   
   git add .
   git commit -m message

   #push to wiki repo
   git -c http.extraHeader="Authorization: Basic $B64Pat" push https://server/collection/_git/Document.wiki -q
  displayName: 'update wiki'

Check here for more information.

In order to use the Build Agent OAuth token $(system.accesstoken) in above script. You need click the Agent job 1 and Check the option Allow scripts to access the OAuth token

enter image description here

0
phifi On

I had the exact same issue on a local Azure DevOps 2022 OnPremise installation and solved it by enabling the option 'Inject credentials via Headers' in the Advanced Settings of the task.

This option was added due to this Issue: https://github.com/rfennell/AzurePipelines/issues/613

To give some context: Thanks to the answer of @Levi Lu-MSFT, i was able to check if it actually was a premissions/authentication problem or not as his powershell script worked in an instant leaving the Git based WIKI File Updater task as the only possible source of the error.

Related Questions in AZURE-DEVOPS

Related Questions in AZURE-PIPELINES-RELEASE-TASK

Related Questions in AZURE-PIPELINES-TASKS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions