Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add authentication for service connection in Azure DevOps #536

Open
Varorbc opened this issue Jan 12, 2024 · 5 comments
Open

Add authentication for service connection in Azure DevOps #536

Varorbc opened this issue Jan 12, 2024 · 5 comments

Comments

@Varorbc
Copy link

Varorbc commented Jan 12, 2024

Add authentication for service connection in Azure DevOps
@baronfel
Copy link
Member

@Varorbc do you have an example or sample showing this not working? We currently support authentication via Azure Managed Identities, and my understanding was that this was the enabler for AzDo connections.

@Varorbc
Copy link
Author

Varorbc commented Jan 15, 2024

@baronfel

/usr/share/dotnet/sdk/8.0.100/Containers/build/Microsoft.NET.Build.Containers.targets(202,5): error CONTAINER1013: Failed to push to the output registry: CONTAINER1008: Failed retrieving credentials for "index.docker.io": No matching auth specified for registry 'index.docker.io' in Docker config. [/home/vsts/work/1/s/WebApplication1/WebApplication1.csproj]

azure-pipelines.yml

- task: DotNetCoreCLI@2
  inputs:
    command: publish
    projects: '**/*.csproj'
    publishWebProjects: false
    arguments: --configuration Release /p:PublishProfile=DefaultContainer

WebApplication1.csproj

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <Nullable>enable</Nullable>
    <ImplicitUsings>enable</ImplicitUsings>
    <InvariantGlobalization>true</InvariantGlobalization>
    <DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
    <ContainerRegistry>index.docker.io</ContainerRegistry>
  </PropertyGroup>

  <ItemGroup>
    <ContainerEnvironmentVariable Include="ASPNETCORE_HTTPS_PORTS">
      <Value>8081</Value>
    </ContainerEnvironmentVariable>
  </ItemGroup>

</Project>

image

@baronfel
Copy link
Member

I notice that index.docker.io is specified both in your csproj as well as in the service connection - is the service connection URL hard coded in this case? Does pushing to index.docker.io work if you try publishing locally?

@Varorbc
Copy link
Author

Varorbc commented Jan 15, 2024

I notice that index.docker.io is specified both in your csproj as well as in the service connection - is the service connection URL hard coded in this case?

I used to use this task and didn't need to define a registry address in csproj.

Does pushing to index.docker.io work if you try publishing locally?

Okay, but authorization is required. What I'm not sure about now is how to use authorization in the service connection

@mmoles-Growlink
Copy link

mmoles-Growlink commented Jul 1, 2024
edited
Loading

This Works. The env is required to pass the credentials over.

- task: DotNetCoreCLI@2
    inputs:
      command: 'publish'
      publishWebProjects: false
      projects: '.\MyModule.csproj'
      arguments: '-r linux-arm -c Release /t:PublishContainer'
      zipAfterPublish: false
    env:
      SDK_CONTAINER_REGISTRY_UNAME: $(ACR_USER)
      SDK_CONTAINER_REGISTRY_PWORD: $(ACR_PASSWORD)

An alternative

- task: AzureCLI@2
    inputs:
      azureSubscription: '<mySubscription>'
      scriptType: 'ps'
      scriptLocation: 'inlineScript'
      inlineScript: |
                az acr login --user ${env:ACR_USER} --password  ${env:vACR_PASSWORD}  --name mycontainers
                dotnet publish ".\MyModule.csproj"  -r linux-arm -c Release /t:PublishContainer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@baronfel @Varorbc @mmoles-Growlink