Maintain password for TFS Release Management

问题

I'm developing Release pipeline for our internal LOB applications using TFS 2015 Update2 Release Management. There are various tasks like "Windows Machine File Copy" and "Run PowerShell on Target machines" which needs admin credentials to be passed as input parameters. These admin credentials have Administrative access on target nodes. I'm using Windows service accounts for these. We have an organizational security policy to rotate passwords every year.

With that in mind, it is cumbersome to update hundreds of TFS release definitions for new password every year.

Do you have a better idea to handle this?

Thanks for your help and suggestions.

回答1:

You can update release definitions programmatically via the REST API, which is well-documented and fairly straightforward.

Ex (note that this is for Update 3 and later, per the documentation, the API in TFS 2015.2 may differ slightly):

PUT https://fabfiber.vsrm.visualstudio.com/DefaultCollection/ff213d65-d61d-447c-b39d-d16f21b18364/_apis/release/definitions/28?api-version=3.0-preview.1

Content-Type: application/json

{ "id": 28, "name": "Fabrikam.CD", "createdOn": "2016-04-11T11:04:05.197Z", "createdBy": { "id": "52a5bc8d-4730-400a-95c7-7276d4ae5953", "displayName": "Chuck Reinhart", "uniqueName": "chuckreinhart@outlook.com", "url": "https://fabfiber.vssps.visualstudio.com/_apis/Identities/52a5bc8d-4730-400a-95c7-7276d4ae5953", "imageUrl": "https://fabfiber.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=52a5bc8d-4730-400a-95c7-7276d4ae5953" }, "environments": [ { "name": "Dev", "rank": 1, "deployStep": { "tasks": [] }, "owner": { "id": "52a5bc8d-4730-400a-95c7-7276d4ae5953", "displayName": "Chuck Reinhart", "uniqueName": "chuckreinhart@outlook.com", "url": "https://fabfiber.vssps.visualstudio.com/_apis/Identities/52a5bc8d-4730-400a-95c7-7276d4ae5953", "imageUrl": "https://fabfiber.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=52a5bc8d-4730-400a-95c7-7276d4ae5953" }, "queueId": 2, "demands": [], "conditions": [], "variables": {}, "runOptions": {}, "environmentOptions": { "emailNotificationType": "Always", "skipArtifactsDownload": false, "timeoutInMinutes": 0 }, "executionPolicy": { "concurrencyCount": 0, "queueDepthCount": 0 }, "preDeployApprovals": { "approvals": [ { "rank": 1, "isAutomated": true, "isNotificationOn": false } ], "approvalOptions": null }, "postDeployApprovals": { "approvals": [ { "rank": 1, "isAutomated": true, "isNotificationOn": false } ], "approvalOptions": null } } ], "artifacts": [ { "alias": "FabrikamCI", "type": "Build", "definitionReference": { "project": { "name": "Fabrikam", "id": "ff213d65-d61d-447c-b39d-d16f21b18364" }, "definition": { "name": "Fabrikam.CI", "id": "1" } }, "isPrimary": false } ], "variables": {}, "triggers": [], "revision": 1, "releaseNameFormat": "", "retentionPolicy": { "daysToKeep": 60 } }

来源：https://stackoverflow.com/questions/39148302/maintain-password-for-tfs-release-management

标签

powershell

tfs

tfs2015

release-management

ms-release-management