But it works on my PC!

The random thoughts of Richard Fennell on technology and software development

401.1 Permission error with on-premises TFS when accessing the API with a PAT

Background

If you are creating VSTS build extensions you will need to get the build or release’s PAT token if you wish to call the VSTS REST API.

This is done using a call like this (Node)

 

import tl = require('vsts-task-lib/task');

var auth = tl.getEndpointAuthorization('SYSTEMVSSCONNECTION', false);

if (auth.scheme === 'OAuth') {

var token = auth.parameters['AccessToken'];

 

or (PowerShell)

 

$vssEndPoint = Get-ServiceEndPoint -Name "SystemVssConnection" -Context $distributedTaskContext

$personalAccessToken = $vssEndpoint.Authorization.Parameters.AccessToken

 

You pop the resultant PAT into the headers of your REST web request and you are away and running.

The Problem

I hit a problem using this logic on VSTS Extension when they are run on TFS. On VSTS all was fine, but on TFS I got an unexpected 401.1 permission error on the first REST call i.e. I could not access the VSTS REST API

I tried setting fiddling with rights of my build user account, it was not that. Also I tried setting the ‘Allow scripts to access OAuth token’ property for the build/release agent

 

image

But this does not help either. This option just makes the PAT available as an environment variable, so you don’t need to use the code shown above.

And anyway – it was all worked on VSTS so it could not have been that!

Solution

The answer was I had basic authentication enabled on my Test TFS VM, as soon as this is disabled (the default) everything leapt into life.

image

Presenting at an event in Leeds - Making it easy to migrate your ALM process to the Cloud

Do you find your TFS server gets forgotten?

  • It is not owned by the IT department and the Development team don’t have the time to support it fully, it never gets patched or upgrades?
  • Or maybe you are adopting a cloud first strategy for all you systems?

Well maybe it is time to consider moving your on-premises TFS instance to VSTS?

On the 9th of May at the Crowne Plaza Hotel in Leeds I will be presenting at a Black Marble /Microsoft event where we will be looking at Microsoft’s new high fidelity VSTS database import tools that can be used to move a TFS instance to VSTS.

I will also be considering the pros and cons of the other migration options available to you. Hopefully making this a very useful session if you are considering a move to VSTS from TFS or any other source control ALM solution.

Hope to see you there, to register click here

 

image

New Cross Platform version of my Generate Release Notes VSTS Extension

My Generate Release Notes VSTS extension has been my most popular by a long way. I have enhanced it, with the help of others via pull requests, but there have been two repeating common questions that have not been resolved

  1. Is it cross platform?
  2. Why does it show different work items and commit associations to the VSTS Release Status UI?

Well the answer to the first is that the core of the logic for the extension came from a PowerShell script we used internally, so PowerShell was the obvious first platform, especially as though my PowerShell skills are not great, my Node was weaker!

The second issue is due to my original extension and VSTS’s UI doing very different things. My old extension was based around inspecting build results, so when working in a release it finds all the builds between the current release and last successful one and looks at the details of each build in turn, building a big list or changes. VSTS’s Release summary UI does not do this, it make a few current undocumented ‘compare this to that’ API calls to get the lists.

In an attempt to address both these questions I have over the past few weeks created a new Cross Platform Generate Release Notes Extension. Now don’t worry, the old one is still there and supported, they do different jobs. This new extension is cross platform and tries to use the same API calls the VSTS Release summary UI uses.

There are of course a few gotchas

  • I did have to adopt a work around for TFVC changeset history as Microsoft use an old internal API call, but that that was the only place I had to do this. So apologies if there are any differences in the changesets returned.
  • The template format is very similar to that used in my original Generate Release Notes VSTS extension, but due to the change from PowerShell to Node I had to move from $($widetail.fields.'System.Title') style to ${widetail.fields['System.Title']}

So I hope people find this new extension useful, I can now go off happily closing old Issues in GitHub

VSTS Build Task Development - Now that is a misleading error message !

I have been working on a new Node.JS based VSTS Build Extension, so loads of Node learning going on as it is a language I have not done much with in the past. I expect to get caught out in places, but I have just wasted a good few hours on this one!

I am working in VS Code using Typescript to generate my Node based task. Whilst hacking around I have been just running the script in the VS Code debugger, getting the logic right before packaging it up and testing within a VSTS Build extension.

Everything was working until I did a big refactor, basically moving functions to a module. I suddenly started getting the following error trying to make a REST call

Exception occured

Error: Error: Hostname/IP doesn't match certificate's altnames: "Host: richardfennell.vsrm.visualstudio.com. is not in the cert's altnames: DNS:*.vsrm.visualstudio.com, DNS:vsrm.visualstudio.com, DNS:*.app.vsrm.visualstudio.com, DNS:app.vsrm.visualstudio.com"

image

 

I looked for ages to see how I had broken the REST call, all to no avail. In the end I rolled back and had to step through the refactor in small steps (smaller steps I should probably have taken anyway)

In the end I found the issue. The problem was in my early testing I had hard coded my input parameters e.g.

var templateFile = "template.md”;

Whilst stating to wire up the code as a VSTS Task I had started to swap in calls to the VSTS task Library

import tl = require('vsts-task-lib/task');

Correction – all the tl.xxx calls seem to cause a problem, avoid them for local testing

Now for items such as logging this works fine whether the logic is running in VS Code’s debugger or on a VSTS Build Agent, so I could use the following line in VS Code or on a VSTS Build Agent.

tl.Debug(“My Message”);

Where it does not work is for Task inputs. I had assume that

var templateFile = tl.getInput("templatefile");

Would return null/undefined when running in the VS Code debugger, but no, it causes that strange exception.

Once I removed the all the getInput calls my error went away.

Hope this save someone else some time

Migrating projects from CodePlex to GitHub due to CodePlex shutting down at the end of year

It has just been announced by Microsoft that it’s Open Source service CodePlex is shutting down before the end of the year. The reality is that the Microsoft focused Open Source community, and Microsoft itself, have moved to GitHub a good while ago.

I think I, like most developers, have moved any active Open Source projects to GitHub a good while ago,  but I still had legacy ones on CodePlex.

Microsoft have provided a nicely documented process to move the key assets of projects, whether TFVC or Git based, to GitHub. This process worked for me. However, I will suggest a could of changes/additions

  1. I would not export the WIKI docs as detailed in the process. I don’t want my old CodePlex Wiki pages in the new GitHub code repository as a folder. I think it is better to move each page over to a GitHub WIki. I only had few pages, so I did this by hand. I used this nice little tools  from Dom Christie to convert the CodePlex HTML based pages to Markdown which I cut and pasted into the new repo’s Wiki, fixing URLs as I went.
  2. I decided I needed to consider release downloads. The process does not do address this area. I thought I should bring over at least the last set of release binaries for my projects as a Github Releases. The reason was that the chances are for any old inactive project on CodePlex you won’t have the tools to hand to re-build the code easily, so just in case it is best to keep the last built version to hand as a release
  3. The process does not bring over Issues, but this was not a problem for me, the projects I have been superseded by active ones already on Github, so the issues are irrelevant

So if you have old CodePlex projects and you don’t want them to disappear think about moving them before the service is shutdown, you have until December 2017.

Leeds venue for the Global DevOps Bootcamp

image

 

I m really pleased to say that we at Black Marble are hosting a Yorkshire venue for the upcoming Global DevOps Bootcamp, to quote the main bootcamp site…

“Global DevOps Bootcamp is a global event that will be held on Saturday June 17th and is all about DevOps on the Microsoft Stack. Centrally organized by Xpirit and Solidify and offered to you by Black Marble. During this 1-day event we will join (Microsoft) DevOps communities all around the world to talk, learn and play with DevOps concepts.

Goals of the GlobalDevOpsBootcamp:
* DevOps in general
* Insights into where we are heading when it comes to DevOps and new technologies
* Get people's hands dirty and let them play with all the good Microsoft DevOps stuff

This year’s theme will be "From server to serverless in a DevOps world".
We will kick off with an introduction of no one less than
Donovan Brown, followed by a keynote from the local partner about where we are heading with DevOps.

After that it’s time to get your hands dirty! Competing in groups you will transform an existing “traditional” application into a fully-fledged, containerized or Serverless application. Naturally you need to take care of all the DevOps practices like monitoring, pipelines and collaboration.”

 

 There is a specific site register for the Black Marble venue