使用 PowerShell 下载安全文件 [英] Download secure file with PowerShell

问题描述

我正在尝试为 VSTS 创建一个新的发布任务，它需要下载一个 安全文件 来自库.但是，当我运行以下 PowerShell 脚本时，没有显示安全文件，但其中有两个.这可能是没有足够的权利吗?应该改变什么.

I'm trying to create a new release task for VSTS which needs to download a secure file from the library. However, when I run the following PowerShell script no secure files are displayed but there are two in there. Could this be not having enough rights? What should be changed.

另一个问题:当我能够列出安全文件时，我想下载特定的文件.我还没有找到任何关于如何做到这一点的例子.有谁知道一个例子?

Another question: when I'm able to list the secure files I want to download a specific one. I haven't found any examples on how to do that. Does anyone know of an example?

$url = "$($env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)$env:SYSTEM_TEAMPROJECTID/_apis/distributedtask/securefiles"

Write-Host "URL: $url"

$secureFiles = Invoke-RestMethod -Uri $url -Headers @{
    Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
}
Write-Host "SecureFiles: $secureFiles"

推荐答案

我能够使用 REST API、任务的访问令牌和应用程序/八位字节流的 Accept 标头下载安全文件.我启用了允许脚本访问 OAuth 令牌".这里我的 task.json 使用名为SecureFile"的安全文件.

I was able to download Secure Files using a REST API, the task's Access Token, and an Accept header for application/octet-stream. I enabled "Allow scripts to access the OAuth token". Here my task.json is using a secureFile named "SecureFile."

$secFileId = Get-VstsInput -Name SecureFile -Require
$secTicket = Get-VstsSecureFileTicket -Id $secFileId
$secName = Get-VstsSecureFileName -Id $secFileId
$tempDirectory = Get-VstsTaskVariable -Name "Agent.TempDirectory" -Require
$collectionUrl = Get-VstsTaskVariable -Name "System.TeamFoundationCollectionUri" -Require
$project = Get-VstsTaskVariable -Name "System.TeamProject" -Require
$filePath = Join-Path $tempDirectory $secName

$token= Get-VstsTaskVariable -Name "System.AccessToken" -Require
$user = Get-VstsTaskVariable -Name "Release.RequestedForId" -Require

$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $User, $token)))
$headers = @{
    Authorization=("Basic {0}" -f $base64AuthInfo)
    Accept="application/octet-stream"
} 

Invoke-RestMethod -Uri "$($collectionUrl)$project/_apis/distributedtask/securefiles/$($secFileId)?ticket=$($secTicket)&download=true&api-version=5.0-preview.1" -Headers $headers -OutFile $filePath

我正在使用$(Build.QueuedById)"来获取构建任务中的用户 ID，但老实说，我认为在那里使用什么字符串并不重要.

I am using "$(Build.QueuedById)" to get the user id in build tasks, but honestly I don't think it matters what string you use there.

如果您没有 Accept 标头，则会为您尝试下载的文件取回 JSON 元数据.

If you don't have the Accept header, you'll get JSON metadata back for the file you're attempting to download.

不幸的是，我是从其他 SO 帖子和 github 问题页面拼凑而成的；我找不到任何官方记录我在那里使用的 URL.

Unfortunately I cobbled this together from other SO posts and the github issues pages; I can't find anywhere official that documents the URL I'm using there.

这篇关于使用 PowerShell 下载安全文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！