Error running rules #36
-
I have set up a pipeline variable containing a PAT that has Read access to most features. Some I have not enabled as the option is "Read and Manage". I keep getting the following error running Export-AzDevOpsRuleData 2023-10-12T20:06:46.5563006Z [31;1mException: [0m/home/vsts/.local/share/powershell/Modules/PSRule.Rules.AzureDevOps/0.1.1/Functions/DevOps.Repos.ps1:360 2023-10-12T20:06:46.5563419Z [36;1mLine | 2023-10-12T20:06:46.5563647Z [36;1m 360 | [0m [36;1mthrow $_.Exception.Message[0m 2023-10-12T20:06:46.5563966Z [36;1m | [31;1m ~~~~~~~~~~~~~~~~~~~~~~~~~~ 2023-10-12T20:06:46.5564862Z [31;1m[36;1m | [31;1mResponse status code does not indicate success: 401 (Unauthorized). |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 5 replies
-
Thanks so much for your detailed feedback. Due to the way PAT permissions are managed, it is currently not possible to use I am looking in to the possibilities for adding other authentication methods to the module in future so permissions can be managed on a more granular and read-only level. |
Beta Was this translation helpful? Give feedback.
Thanks so much for putting in the effort for such a detailed report. This really helps me to improve on what we already have. I have been calling those
Contribution/HierarchyQuery
endpoints as a result of some reverse engineering of an abandoned MSFT project and my own research after that for the new GHAS feature. The UI data retrieved here is uses in theAzure.DevOps.Pipelines.Settings.*
set of rules and additionaly the set of rules on GitHub Advanced security on repositories.I've done some research for alternatives. Mainly because I fully agree that for enterprise use, this module should use minimum privileges possible and read-only as I have no ambition to let the module do any automa…