How do I use secret variables in TFS 2015 vNext Build Definitions? - password-encryption

I'm using one of my vNext Build Definitions to publish the assemblies to a NuGet repository, after a successful build. The NuGet repository requires my credentials for me to publish.
If I click on the lock next to my password variable and mask the password, publication fails. If I leave my password, visible to all developers as free text, publication succeeds.
I assume that when I click on the lock that the password is still saved, but encrypted. I base this assumption on the MSDN documentation Use Variables [in TFS 2015].
Do I need to somehow decrypt this password with another build step, or should I just trust that no ill will come to me in this unsecured scenario?

When setting up the build you can pass your secret variable in as a build argument like this:
$(secretBuildVarName)
I used this blog post to solve this issue for myself:
Battling TFS Builds and Powershell

Related

How to set up an OAuth credential with existing API keys with same SHA-1 and package name for Android?

I added logo for my OAuth Consent screen and Google want to verify it. I tried to prepare it for verification but when I want to submit I am getting this information:
You need to set up an OAuth credential for this project before you can submit for verification
Ok, I go to credentials, click Create credential, I fill all forms and when I want to create I am getting this error:
The request failed because the Android package name and fingerprint are already in use
How to do it without removing API keys?
I will be glad if I could remove logo but I try to find how to do it and I found it's impossible without removing API keys.
As per the error you can’t have 2 projects of the same package name. If you want to delete the same also it takes a few days to get deleted fully from developers' console.
Try Below Solutions:
Solution 1 : Try to create a new project with a different package name.
Solution 2: Try to generate a new SHA-1 key by custom signing the application by generating a signed apk from the Android studio.
Please refer to the Signin APK for more information.

WindowsIdentity object works on IIS Express (Visula Studio) but does not work on IIS (10)

BC users need to retrieve files from a non-cloud file store. There is a simple webservice on the storage computer that can provide contents of the files. WS gets a user name. Users exists as users on the computer/LAN, where the files are stored, so the webservice is able to check whether the user has read permission on the file or not.
WS cannot get a user password, so I cannot make any impersonation, but the webservice runs in context with privileges able to read all these documents and can check permissions by user name.
I found a solution, how to check file permissions by user name. Solution works well in development environment (IIS Express in Visual Studio) but fails on IIS (production environment). The problem seems to be the initialization of the WindowsIdentity object, where proces on IIS fails with the message: "A specified logon session does not exist. It may already have been terminated."
Constructor of WindowsIdentity object probably calls some AD service and some restriction in IIS it rejects.
Do you have any suggestions on what to set up in IIS or what to do to make permission checking work?

Bitbucket/Atlassian login fails in Visual Studio 2017 when pushing to git repo

I'm trying to push my commits to my Bitbucket repository from Visual Studio 2017, and a window opens where it asks for my credentials. I'm pretty sure they're correct and I'm able to log in via browser. How do I fix this?
Atlassian (company which develops Bitbucket) has changed their authentication some time ago, and so you must enter your email address now instead of your account name to log in. You may need to log into your Bitbucket account via browser and create/update to an Atlassian account.
Additionally, if your repository is configured to log in with your username, and the authentication window appears with your account name already typed into the first input field, you'll need to remove it from your git config (in your repository's .git\config file) like so:
https://AccountName#bitbucket.org/AccountName/project1.git
change to
https://bitbucket.org/AccountName/project1.git
Next time you try to push, the authentication window shows up with both fields empty, enter your email address and password, and it should work.
As of today (Jul 21, 2022), when you try to push changes to git remote from the "Git changes" window in Visual Studio, it opens up a login screen which does not have OAuth.
So instead, if you open up the Terminal (CTRL + </kbd>) and try to push it from there using git push`, it will open up a different login screen which has OAuth.
Not sure why this is the behavior, but that's how it is in the current date, and I'm guessing its going to be changed in the future.
Old
Bitbucket now has a feature called App Passwords for authentication purposes. You can create a new App Password and use that to login to bitbucket to commit your changes. Your username will remain the same
Similar issue is mentioned here as well.

TFS 2015 not able to queue build using TFS2010 controller

we have upgraded from TFS2010 to TFS2015.
And connected the TFS2010 XAML build controller to TFS2015.
when we try to queue the build , we are not able to see the build controller in the drop down of build controller.
we could see that the Build controller registered and in running state.
I am getting error "TF900560: Could not start build: Object reference not set to an instance of an object.
"
This issue was caused because we have used the TFS controller which is cloned from the current production. Therefore, it is always suggested to reconfigure the build controller rather than using a cloned one.
Please check below items to narrow down the issue:
Check your TFS server an agent server to make sure the machines are
not running out of disk space. In this case, you can try clearing up some space on the servers.
Change the agent service account as another user account which has
admin privileges.
Restart the TFS and Agent servers.
UPDATE1:
Seems it should be the permission issue, just try to compare the permissions of Contributors and Project Administrators groups , then set the correct permission for Contributors group.
You can also try to clean the caches for your IE or change another browser even client to check that again.
UPDATE2:
As you mentioned in below comments "few users from same contributors group are able to queue the build".
So you can compare the permission settings between the vaild and invalid users in Contributors group. Then debug accrodingly. (Switch to Users tab in below screenshot --> Select the specific user to check the permission settings)

what is the proper way to change a users password in TFS 2013

I don't see a way through the website administration pages. If I am wrong, please correct me. Most of the searches I found, include ones on this site, said that TFS doesn't have anything built in to change the password.
I have users set up in their own group in Windows and those users have access to certain projects.
A user forgot his password so I was trying to reset it for him. I didn't find anything on the TFS administration webpages and the only place I know to change it is his user in Windows.
When I right click on the user and click change password, I get this message:
If I do it this way, will it update the TFS info? Is this the proper way to change the user's password in TFS 2013?
TFS doesn't have anything built in to change the password.
Correct. Per the TFS Authentication and Access page, there are no authentication options 'local' to TFS itself. A standard implementation of Basic authentication uses Windows user accounts, so changing their Windows user credentials will work correctly in TFS.
This does not "update" TFS; TFS simply queries the respective authority in workgroup/domain environments, and authentication will be successful as long as the user's Windows credentials are entered correctly.