Automating Azure DevOps
There are several ways in which Azure DevOps can be automated with scripts. Here I show how to use the AZ command line tool retrieve an artifact created by a build pipeline. Understanding how to use a CLI tool is the first requirement for automation.
The Azure DevOps CLI provides access to external assets such as build and release pipelines, work items, repositories, and build artifact feeds.
There are also the REST APIs that give access to the DevOps site assets.
The Azure DevOps build pipeline can create build artifacts after a successful build. I want to manually download a Universal Package posted by a build.
Finding the package
On the Azure DevOps site, I navigate to the Artifact Packages
I select the package to see the details
Unfortunately the command to download the package is invalid, as the VSTS CLI tool has been deprecated. Some searching leads to Azure DevOps CLI in the Visual Studio Marketplace. Unlike the VSTS CLI, the DevOps functionality is an extension of the AZ CLI tool.
Following the help information, the correct command is
az artifacts universal download \ --org "https://dev.azure.com/epsdev/" \ --feed "TestRelease" \ --name "epsbilling" \ --version "1.0.0" \ --path .
Before I can use this command, I need to log in
az login --allow-no-subscriptions -u ████@█████.com -p ████████
and at the end I need to log out of Azure
I find this integration into the Azure CLI annoying. The security model is intended for Azure applications which does not meet the needs of DevOps automation. Particularly annoying is the need to embed passwords in the scripts.
Azure DevOps supports the creation of Personal Access Tokens (PATs), with specific permissions. Something like that is required.
My workaround is to create user variables with the username and password, e.g. -u $env:artifactUserName -p $env:artifactPassword.