azure-pipelines-agent
auth
Our great sponsors
azure-pipelines-agent | auth | |
---|---|---|
15 | 13 | |
1,673 | 826 | |
1.3% | 4.7% | |
9.1 | 7.6 | |
5 days ago | 13 days ago | |
C# | TypeScript | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
azure-pipelines-agent
-
GitHub Actions Are a Problem
> GitHub Actions is based on Visual Studio Team Foundation Server's CI, and later Azure DevOps
Yes and no, ADO Agent (https://github.com/microsoft/azure-pipelines-agent) is far more secretive and "black-box" alike.
-
GitHub Actions could be so much better
Fun fact: Microsoft had a plan to provide that!
They canned it.
https://github.com/microsoft/azure-pipelines-agent/pull/2687...
- Self-hosted Devops agent: managed ID?
- Can anyone help me out
-
Pipeline to spawn build agent on Azure
You will need to download the agent (https://github.com/microsoft/azure-pipelines-agent/releases/latest ) and run the configure command.
-
Azure Pipelines - Node.js 16 and custom pipelines task extensions
A GitHub issue was opened to track support for different Node versions with custom tasks, but it remained unresolved for a long time. In October 2022 it was announced that Node.js 16 support was available.
-
AZ Modules gone on MS Hosted Devops Agents?
Even thought im in the EU datacenter, my hosted agent is version 2.213.2, which is also the latest version of the agent taht was released by MS - https://github.com/microsoft/azure-pipelines-agent
-
Hosting Azure DevOps Pipelines agents on GitHub Codespaces
{ "name": "AzurePipelines", "dockerFile": "Dockerfile", // Configure tool-specific properties. "customizations": { // Configure properties specific to VS Code. "vscode": { // Add the IDs of extensions you want installed when the container is created. "extensions": [ "ms-vscode.azurecli", "ms-vscode.powershell", "hashicorp.terraform", "esbenp.prettier-vscode", "tfsec.tfsec" ] } }, // Use 'forwardPorts' to make a list of ports inside the container available locally. // "forwardPorts": [], // Use 'postStartCommand' to run commands each time the container is successfully started.. "postStartCommand": "/home/vscode/azure-pipelines/start.sh", // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root. "remoteUser": "vscode", // Amend Azure Pipelines agent version and arch type with 'ARCH' and 'AGENT_VERSION'. https://github.com/microsoft/azure-pipelines-agent/releases. "build": { "args": { "UPGRADE_PACKAGES": "true", "ARCH": "x64", "AGENT_VERSION": "2.206.1" } }, "features": { "terraform": "latest", "azure-cli": "latest", "git-lfs": "latest", "github-cli": "latest", "powershell": "latest" } }
-
Unpopular opinion: As a hobbyist and professional, I kind of prefer Azure DevOps.
Looks like they are working on it:https://github.com/microsoft/azure-pipelines-agent/issues/3922
-
ADO pipelines not rendering PS 7.2 new color escape sequences
Thanks for sharing this. As mentioned in this GitHub issue, the build pipeline does render PS 7.2 new color escape sequences, however release pipeline does not.
auth
-
Push code with GitHub Actions to Google Cloud’s Artifact Registry
This workflow will authenticate with Google Cloud using the Google Cloud auth GitHub Action and use Docker to authenticate and push to the registry. To make this workflow work (or flow?) we need to set up some Google Cloud resources and add in those values for our environment variables. Make sure to add in the value for PROJECT_ID where you have permission to create resources. The value for IMAGE_NAME can be anything — it’ll be created the first time this workflow runs:
-
GitHub Actions could be so much better
The issue of integration with other tools is also quite strange. Of course, this is not directly related to github actions. For example, what needs to be done to use cloud run https://github.com/google-github-actions/auth#setting-up-wor...
- you must have the "bigquery.datasets.create" permission on the selected project
-
IAM Best Practices [cheat sheet included]
While it is commonly associated with AWS, and their AWS IAM service, IAM is not limited to their platform. All cloud providers, such as Google Cloud and Azure DevOps, offer IAM solutions that allow users to access resources and systems. If you are looking for specific AWS IAM best practices, look no further than our AWS IAM Security Best Practices article:\ For the rest of this article, we will look at the generic best practices that have evolved over the last decade around each part of the basic question we started with, "who can access what?":
-
How would I use Github Actions to run a Python Script to make changes to a Google Sheets Spreadsheet?
I found this but I don't quite get how it works. I haven't done all the steps yet but I get how to set it up. I just don't understand how this just magically authenticates future steps since my code still needs a token. Should I use this to authenticate the script? If so, how do I do it and what would I need in my code? If not what should I use instead?
-
Cloud Incident Response
Cloud Identity and Access Management: This service provides fine-grained control over who has access to what resources within an organization's Google Cloud environment. It can be used to quickly revoke access to compromised accounts or limit access to sensitive resources. https://cloud.google.com/iam
-
Advanced GitHub Actions - Conditional Workflow
I use google-github-actions/auth in the first step in my job to authenticate to GCP. At this point, I have 6 different GitHub secrets to test out the concept. Each branch has two secrets with the format BRANCH_WIP and BRANCH_SA.
-
Learning Journal 3: Brainstorm a deployment process from GitHub to Google App Engine and Cloud SQL (Part 2)
There are 2 core parts authentication to GCP and App Engine deployment. Authentication is performed using auth, while a deployment uses deploy-appengine.
-
CI/CD from GitHub to Google Cloud Platform(GAE)
You should have a look at using workload identity federation and OIDC tokens. There’s a guide on https://github.com/google-github-actions/auth It means you no longer need to hardcode service account credentials in GitHub secrets anymore.
-
Learning Journal 2: Brainstorm a deployment process from GitHub to Google App Engine and Cloud SQL (Part 1)
Yes, there is a deploy-appengine action that automates the whole App Engine deployment process. Indeed, it uses gcloud commands underneath too. Either way, both approaches need an auth action to authenticate to GCP before any task can be performed.
What are some alternatives?
actions-runner-controller - Kubernetes controller for GitHub Actions self-hosted runners
Aegis - A free, secure and open source app for Android to manage your 2-step verification tokens.
runner - The Runner for GitHub Actions :rocket:
angular-auth-oidc-client - npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
github-act-runner - act as self-hosted runner
google-auth-library-nodejs - 🔑 Google Auth Library for Node.js
act - Run your GitHub Actions locally 🚀
harden-runner - Network egress filtering and runtime security for GitHub-hosted and self-hosted runners
actions-runner-
configure-aws-credentials - Configure AWS credential environment variables for use in other GitHub Actions.
goonstation - Repository for the Goonstation branch of SS13