-
-
Save andrewmatveychuk/54bedbf5e891a8318a7f2eb765ddab16 to your computer and use it in GitHub Desktop.
| $patToken = $env:SYSTEM_ACCESSTOKEN | ConvertTo-SecureString -AsPlainText -Force | |
| $credential = New-Object System.Management.Automation.PSCredential($env:SYSTEM_ACCESSTOKEN, $patToken) | |
| Register-PackageSource -ProviderName 'PowerShellGet' -Name <YOUR_REPOSITORY_NAME> -Location <REPOSITORY_LOCATION> -Credential $Credentials | |
| Find-Module -Name 'YOUR_MODULE_NAME' -Credential $credential | |
| Install-Module -Name 'YOUR_MODULE_NAME' -Credential $credential |
Hi Elliott!
Yes, it still works for me.
Here is the extract from my PSDepend definition:
MyModule = @{
DependencyType = 'Command'
Source = '
if (-not (Get-Module -Name "MyModule" -ListAvailable)) {
$password = $env:PAT | ConvertTo-SecureString -AsPlainText -Force
$credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $env:PAT, $password
if (-not (Get-PackageSource -name "MyGallery" -ErrorAction SilentlyContinue)) {
Register-PackageSource -Trusted -ProviderName "PowerShellGet" -Name "MyGallery" -Location "https://pkgs.dev.azure.com/NNNNN/YYYYY/_packaging/MyGAllery/nuget/v2/" -Credential $credentials
}
Install-Module -Name "MyModule" -Repository "MyGallery" -Credential $credentials
Get-Module -Name "MyModule" -ListAvailable
}
'
}
And here is the Enter-Build section from the InvokeBuild script I use to build the module:
Enter-Build {
if (-not (Get-Module -Name PSDepend -ListAvailable)) {
Install-Module PSDepend -Force
}
Import-Module PSDepend
# Set access token to be used for dependency handling
if ($PAT) {
$env:PAT = $PAT # Export to environment variable to be referenced in PSDepend configuration
}
Invoke-PSDepend -Force
}
}
And, finally, here is how it is being invoked in the pipeline:
- task: PowerShell@2
displayName: Analyze code with PSScriptAnalyzer
inputs:
targetType: 'inline'
pwsh: true
script: Invoke-Build -Task Analyze -PAT $(System.AccessToken) -Verbose
workingDirectory: $(System.DefaultWorkingDirectory)
Note that you should grant your pipeline access to the feed with your private package so that it can authenticate to it by using the system access token.
P.S. It's not ideal to pass the access token insecurely via the environment variable, but as it is used in the pipeline context only, I'm okay with that.
Andrew thanks for the detailed response, it was helpful for my troubleshooting! I think my issue was with how I implemented your script which resulted in a scoping issue with the $Credential parameter. Seems to be working now, thanks!
Also I agree with your comment about using $(System.AccessToken) but I do like that I don't need to manage another PAT.
I like to do this download on my local machine. What to use as credentials ?
@Brilbroeder It depends on where your feed is hosted. If you use Azure DevOps Artifacts, then you should generate your access token: https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows
Here is the extract from my PSDepend definition:
And here is the Enter-Build section from the InvokeBuild script I use to build the module:
And, finally, here is how it is being invoked in the pipeline:
That's cool stuff.. i'm also using PSDepend & InvokeBuild but I never thought of using it like you did. GREAT Example.!! πβ¨π
Hey @ckolumbus,
Thanks for the feedback! π»
Hi there I am trying to figure out how to get my Azure DevOps pipeline to download the latest version of a PowerShell module from my Azure Artifacts repo. Does this still work for you? When I tried adding this as a step to my pipeline I still got prompted with