Skip to content

Instantly share code, notes, and snippets.

@ehrnst
Last active June 23, 2021 11:34
Show Gist options
  • Save ehrnst/c9581645736582545fce445fb21b4654 to your computer and use it in GitHub Desktop.
Save ehrnst/c9581645736582545fce445fb21b4654 to your computer and use it in GitHub Desktop.
Azure devops powershell automation
$uatServiceConnection = @"
{
"data": {
"subscriptionId": "bbd7a8c4-fc4c-4e00-a3dc-7caa5d8ea455",
"subscriptionName": "{SubscriptionName}",
"environment": "AzureCloud",
"scopeLevel": "Subscription",
"creationMode": "Manual"
},
"name": "{service-connection-name}",
"type": "AzureRM",
"url": "https://management.azure.com/",
"authorization": {
"parameters": {
"tenantid": "bbd7a8c4-fc4c-4e00-a3dc-7caa5d8ea455",
"serviceprincipalid": "{appRegistrationObjectId}",
"authenticationType": "spnKey",
"serviceprincipalkey": "{appRegistrationKey}"
},
"scheme": "ServicePrincipal"
},
"isShared": false,
"isReady": true,
"serviceEndpointProjectReferences": [
{
"projectReference": {
"id": "$($project.id)",
"name": "$($project.name)"
},
"name": "{service-connection-name}"
}
]
}
"@
Invoke-RestMethod -Method Post -Uri "https://dev.azure.com/{organization}/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4" -Body $uatServiceConnection -Headers $devOpsAuthHeader
# # # devops project creation
$devOpsAuthHeader = @{Authorization = 'Basic ' + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$($devOpsPAT)")) ; "Content-type" = "application/json" }
$projectConfig = @"
{
"name": "$devOpsProjectName",
"description": "$devOpsProjectDescription",
"capabilities": {
"versioncontrol": {
"sourceControlType": "Git"
},
"processTemplate": {
"templateTypeId": "adcc42ab-9882-485e-a3ed-7678f01f66bc"
}
}
}
"@
$request = Invoke-RestMethod -Method Post -Uri "https://dev.azure.com/{organization}/_apis/projects?api-version=6.0" -Body $projectConfig -Headers $devOpsAuthHeader
$status = $request.status
Write-Output "checking project creation status"
while ($status -ne "succeeded") {
$progress = Invoke-RestMethod -Method Get -Uri $($request.url) -Headers $devOpsAuthHeader
$status = $progress.status
if ($status -eq "failed") {
Write-Error -Message "Devops project creation failed $($PSItem.Exception.Message)"
}
}
# getting the current groups in DevOps to add our aad groups...
$projectDescriptor = (invoke-restmethod -Method Get -uri "https://vssps.dev.azure.com/{organization}/_apis/graph/descriptors/$($project.id)?api-version=6.0-preview.1"-Headers $devOpsAuthHeader).value
$projectGroups = (invoke-restmethod -Method Get -uri "https://vssps.dev.azure.com/{organization}/_apis/graph/groups?scopeDescriptor=$projectDescriptor&api-version=6.0-preview.1"-Headers $devOpsAuthHeader).value
$projectAdministratorDescriptior = ($projectGroups | Where-Object displayName -eq "Project Administrators").descriptor
$projectContributorDescriptior = ($projectGroups | Where-Object displayName -eq "Contributors").descriptor
$projectReadersDescriptior = ($projectGroups | Where-Object displayName -eq "Readers").descriptor
# add AAD groups to DevOps project groups
# administrator
$adminBody = @"
{
"originId": "$adminAADGroupId"
}
"@
Write-Host "adding administrators"
Invoke-RestMethod -Method Post -Uri "https://vssps.dev.azure.com/vipps/_apis/graph/groups?groupDescriptors=$projectAdministratorDescriptior&api-version=6.0-preview.1" -Body $adminBody -Headers $devOpsAuthHeader
# turning off boards feature
$boardsOff = @"
{
"featureId": "ms.vss-work.agile",
"scope": {
"userScoped": false,
"settingScope": "project"
},
"state": 0
}
"@
Write-Host "Turing off boards and test plans"
$feature = Invoke-RestMethod -Method Patch -Uri "https://dev.azure.com/{organization}/_apis/FeatureManagement/FeatureStates/host/project/$($project.id)/ms.vss-work.agile?api-version=4.1-preview.1" -Body $boardsOff -Headers $devOpsAuthHeader
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment