如何从本地 TFS2015 获取 PAT [英] How to get PAT from on-premise TFS2015
问题描述
我们希望将自定义步骤从 XAML 构建迁移到本地 TFS2015 中的新构建任务.我安装了 NodeJS 和 tfx-cli,但是当 tfx-cli 想要连接到 TFS 时,我需要提供 pat(个人访问令牌),但我找不到在哪里可以得到它.所有示例均适用于 VSO,但不适用于本地 TFS2015.是否可以从内部部署的 TFS2015 中获取 PAT?
We want to migrate our custom steps from XAML build to new build task in TFS2015 on-premise. I installed NodeJS and tfx-cli but when tfx-cli want to connect to TFS I need to provide pat (personal access token) but I cannot find where I can get it. All samples is for VSO but not for on-premise TFS2015. Is it possible to get PAT from on-premise TFS2015?
推荐答案
TFS 2015 不支持个人访问令牌,此功能是随 TFS 2017 引入的.与此同时,您需要配置基本身份验证并使用(仅当您的 TFS 服务器通过 SSL 运行时才启用基本身份验证),或者使用以下技巧来欺骗命令留置权工具通过让 NTLM 代理(如 Fiddler)为您处理身份验证来进行身份验证.
TFS 2015 doesn't support Personal Access Tokens, this feature was introduced with TFS 2017. In the mean time you'll either need to configure basic auth and use that (only enable basic auth if your TFS server is running over SSL), Or use the trick below to trick the command lien tools to authenticate by lettign an NTLM proxy (like Fiddler) handle the auth for you.
如果您不想在 TFS 服务器上配置基本身份验证(出于安全考虑,很多人不希望这样做),那么您可以使用一个巧妙的技巧让 Fiddler 处理您的身份验证:
If you do not want to configure Basic Authentication on your TFS server (which many people don't want due to security concerns), then you can use a neat trick to let Fiddler handle your authentication:
然后输入:
C:\>set http_proxy=http://localhost:8888
C:\>tfx login --auth-type basic --service-url http://jessehouwing:8080/tfs/DefaultCollection
系统会提示您输入用户名和密码,您输入的内容并不重要,fiddler 会在后台为您处理身份验证:
You'll be prompted for a username and a password, it doesn't really matter what you enter, fiddler will handle the authentication for you in the background:
如果您正在与自签名证书作斗争,这也是在本地 TFS 服务器上使用 tfx 时的常见问题,请确保您使用的是足够新的 Node 版本并将其指向额外的证书存储使用环境变量:
If you're battling self-signed certificates, which is also a common problem when using tfx against a on-premise TFS server, make sure you're using a recent enough version of Node and point it to an aditional cert store using environment variables:
从 Node.js 7.3.0(以及 LTS 版本 6.10.0 和 4.8.0)开始,现在可以使用环境变量向 Node.js 添加额外的知名证书.这对于在云或其他部署环境中将可信证书添加为策略问题(而不是显式编码)或在个人机器上(例如,为代理服务器添加 CA)非常有用.请参阅CLI 文档,了解有关使用 NODE_EXTRA_CA_CERTS 以及原始拉取请求的更多信息.
As of Node.js 7.3.0 (and the LTS versions 6.10.0 and 4.8.0) it is now possible to add extra well-known certificates to Node.js with an environment variable. This can be useful in cloud or other deployment environments to add trusted certificates as a matter of policy (as opposed to explicit coding), or on personal machines, for example, to add the CAs for proxy servers. See the CLI documentation for more information on using NODE_EXTRA_CA_CERTS, as well as the original pull-request.
加入:v7.3.0
设置后,众所周知的根"CA(如 VeriSign)将使用文件中的额外证书进行扩展.该文件应包含一个或多个 PEM 格式的受信任证书.如果文件丢失或格式错误,将使用 process.emitWarning() 发出一条消息(一次),否则会忽略任何错误.
When set, the well known "root" CAs (like VeriSign) will be extended with the extra certificates in file. The file should consist of one or more trusted certificates in PEM format. A message will be emitted (once) with process.emitWarning() if the file is missing or malformed, but any errors are otherwise ignored.
请注意,当为 TLS 或 HTTPS 客户端或服务器明确指定 ca 选项属性时,既不会使用众所周知的证书,也不会使用额外的证书.
Note that neither the well known nor extra certificates are used when the ca options property is explicitly specified for a TLS or HTTPS client or server.
这篇关于如何从本地 TFS2015 获取 PAT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
