Last active
April 14, 2023 07:01
-
-
Save GTRekter/577b2e3f6693adcadc0ad3b210e8feae to your computer and use it in GitHub Desktop.
This script checks if an Azure Active Directory is already connected to an organization in Azure DevOps. If it is, it skips the connection process. If it is not, it connects the organization to the Azure Active Directory.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PAT="" | |
ORG_NAME="ivanporta" | |
PROJECT_NAME="Sample" | |
DEFAULT_JSON='{ | |
"organization": { | |
"name": "portaivan", | |
"azure_active_directory": { | |
"tenant_id": "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" | |
} | |
} | |
}' | |
TENANT_ID=$(echo "$DEFAULT_JSON" | jq -r '.organization.azure_active_directory.tenant_id') | |
echo "Connecting to $TENANT_ID tenant Azure Active Directory" | |
echo "Check if the $ORG_NAME organization is already connected to Azure Active Directory" | |
RESPONSE=$(curl --silent \ | |
--write-out "\n%{http_code}" \ | |
--header "Authorization: Basic $(echo -n :$PAT | base64)" \ | |
--header "Content-Type: application/json" \ | |
"https://dev.azure.com/$ORG_NAME/_settings/organizationAad?__rt=fps&__ver=2") | |
HTTP_STATUS=$(tail -n1 <<< "$RESPONSE") | |
RESPONSE_BODY=$(sed '$ d' <<< "$RESPONSE") | |
if [ $HTTP_STATUS != 200 ]; then | |
echo "Error during the retrieval of the list of existing Azure Active Directories" | |
exit 1; | |
else | |
echo "The list of existing Azure Active Directories was retrieved successfully" | |
fi | |
if [[ $(echo "$RESPONSE_BODY" | jq -r '.fps.dataProviders.data."ms.vss-admin-web.organization-admin-aad-data-provider".orgnizationTenantData.domain') != "" ]]; then | |
DISPLAY_NAME=$(echo "$RESPONSE_BODY" | jq -r '.fps.dataProviders.data."ms.vss-admin-web.organization-admin-aad-data-provider".orgnizationTenantData.displayName') | |
ID=$(echo "$RESPONSE_BODY" | jq -r '.fps.dataProviders.data."ms.vss-admin-web.organization-admin-aad-data-provider".orgnizationTenantData.id') | |
DOMAIN=$(echo "$RESPONSE_BODY" | jq -r '.fps.dataProviders.data."ms.vss-admin-web.organization-admin-aad-data-provider".orgnizationTenantData.domain') | |
echo "The $ORG_NAME organization is already connected to the $DISPLAY_NAME ($ID) Azure Active Directory. Skipping..." | |
return 1 | |
else | |
echo "The $ORG_NAME organization is not connected to Azure Active Directory. Connecting..." | |
fi | |
RESPONSE=$(curl --silent \ | |
--request PATCH \ | |
--write-out "\n%{http_code}" \ | |
--header "Authorization: Basic $(echo -n :$PAT | base64)" \ | |
--header "Content-Type: application/json-patch+json" \ | |
--data-raw '[{"from":"","op":2,"path":"/TenantId","value":"'$TENANT_ID'"}]' \ | |
"https://vssps.dev.azure.com/$ORG_NAME/_apis/Organization/Organizations/Me?api-version=5.0-preview.1") | |
HTTP_STATUS=$(tail -n1 <<< "$RESPONSE") | |
RESPONSE_BODY=$(sed '$ d' <<< "$RESPONSE") | |
if [ $HTTP_STATUS != 200 ]; then | |
echo "Error during the connection to Azure Active Directory. $RESPONSE_BODY" | |
exit 1; | |
else | |
echo "Connection to Azure Active Directory was successful" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment