I am configuring a deployment group phase inside my release definition at VSTS.
I added a PowerShell script task that is supposed to start a process (.exe console app) on the target machine.
I have tested the PowerShell script manually on the target PC and it is working great:
start-process -filepath c:\myfolder\myprogram.exe
But when the release runs, the script seems not to be working. It executes properly but my process is not initiated.
There is no error message on the release log.
How can I fix that?
The deployment group agent must be running as Interactive mode. Article: Configure the agent
Download agent (Agent queues admin page> Click Download agent)
Run Command Line as administrator
Run .\config.cmd --machinegroup command
Specify Server URL, PAT token, Project Name, Deployment Group Name, Agent name
Press Enter (N) when it asks if you want to run the agent as a service
Call .\run.cmd to start agent
Modify release definition, specify that deployment group for Run on deployment group.
--machinegroup no longer support in the Agent installation,
So go with below,
.\config.cmd --deploymentgroup --deploymentgroupname "{Deployment Group Name}" --agent $env:COMPUTERNAME --runasservice --work "{Working Folder}" --url "{VSTS/Azure DevOps URL}" --projectname "{Project Name}" --auth PAT --token "{Token generated from azure DevOps portal with relevant release permissions}"
Related
We are trying to integrate MicroFocus UFT testing into an Azure DevOps CI\CD pipeline using a self-hosted EC2 build agent (let's call the build agent UftServer). UftServer has MicroFocus UFT One installed and the pipeline uses the MicroFocus Azure DevOps extension see here to start the test.
Everything works as expected when a full screen RDP session is open to UftServer. When the pipeline runs, we can watch UFT One open our application and run the specified test. Results post back to Azure DevOps with pass\fail and life is good.
However, when the RDP session is closed, the UFT pipeline step fails to execute the test. It mentions a credentials error, but the problem clearly seems to be the closed RDP session.
From the test results we assume that a full screen RDP session needs to be active for UFT One to execute the tests properly (it detects the screen resolution so that it knows where certain menus are in our application).
So, rather than open the RDP session to UftServer from my local system (which won't necessarily be open when the pipeline runs), we created a second build agent RDPLauncher in the pipeline (also self hosted EC2), and execute the following script on it before launching the UFT test on UftServer:
$RemoteUftServer = "UftServerIp"
$RemoteUftUser = "Administrator"
$RemotePwSecretId = "uft"
$RemoteUftPw = ((Get-SECSecretValue -SecretId $RemotePwSecretId).SecretString | ConvertFrom-Json).password
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f #to disable cert check
cmdkey /generic:"$RemoteUftServer" /user:"$RemoteUftUser" /pass:"$RemoteUftPw" #to set RDP creds
mstsc /v:"UftServerIp" /admin /f
Write-Host "mstsc command ran successfully, qwinsta results:"
qwinsta
When we run this script manually RDPed into RDPLauncher, the full screen RDP session to the UftServer opens as expected and runs the test.
Further, we can disconnect from RDPLauncher and the RDP session from RDPLauncher to UftServer remains open and the pipeline still runs successfully.
It is great to not have the RDP session open from my local system, but the pipeline still lacks a critical automation piece.
When the pipeline runs the above script on RDPLauncher (rather than me running it manually RDPed into RDPLauncher), it succeeds, but then the UFT test fails as if the session isn't open.
So, from the pipeline, how do we remotely open the full screen RDP session from RDPLauncher to UftServer?
The script above works when I run it from RDPLauncher, but doesn't seem to have the same effect when the Azure DevOps Agent service runs it from the pipeline.
Both build agents are running Windows 10.
Any help is appreciated :)
I suggest you to first configure everything before the pipeline run.
1, Remember the credential.
2, After the above steps, click remember your password after you input the password.
And then, in your pipeline, only need a pipeline definition like the below will be able to connected to the remote server with rdp file(no need other interactive steps.):
trigger:
- none
pool: VMAS #This is a self hosted agent pool, the pipeline is runnning based on a server in this agent pool, and the rdp file is also in this server.
steps:
- script: |
# echo %username%
# mkdir "C:/xxxyyyzzz"
C:\Users\Administrator\Desktop\VM.rdp # Here is the path of the rdp file on my side.
displayName: 'Run a one-line script'
In an azure devops build pipeline running on a self-hosted windows agent, I am trying to execute a tool that run a docker container.
Unfortunately I get this error :
Failed to start: failed to create container: Error response from daemon: CreateFile c:\Users\BUILDAGENT\.aerokube\selenoid: Access is denied.
The build agent is configured with its own windows local user "BUILDAGENT", so he has permissions on the C:\Users\BUILDAGENT\ folder
Looking at the process manager, I see that except com.docker.service, the others docker processes are running with the user that launched the Docker Desktop (my coworker).
If I restart windows and relaunch docker myself, the settings selected by my coworker ("Disk Image Location" for instance), are not restored...
Is there a way to make docker run as a daemon on startup with a specific user (service or system user, but not mine or my coworker) ?
Once this is done I guess I just have to give permissions for that specific user on the C:\Users\BUILDAGENT\ folder to solve my issue, right ?
Update :
I added my BUILDAGENT user in docker-users group, and it solves the permission issue, but I still would like to run docker as a service, instead of login as my local user to launch it with its GUI...
but I still would like to run docker as a service, instead of login as my local user to launch it with its GUI
You could try to create a task scheduler to run docker with that specific user when your PC starts.
Please check this thread How to create an automated task using Task Scheduler on Windows 10 for some more details.
In this case, docker will start automatically every time you start your computer.
I need to stop and start IIS server for TFS build. When do this using .bat file iisreset /stop, similarly for start.
When I do this I get
Access denied, you must be an administrator of the remote computer to use this command. Either have your account added to the administrator local group of the remote computer or to the domain administrator global group.
Please note: This is Windows server 2019
I am already admin of this machine.
I have given read/write access to everyone in this folder.
I have unset EnableLUA to '0' in the registry as told in link for site
Above all these, I restarted machine.
I still get error in TFS build.
When you start a build in TFS the execution of that build is effectively done by a build agent. A build agent is just a service running on any particular machine. So, your batch file that shall start/stop the IIS service will be executed by whatever build agent is running your particular build.
This in terms means that your batch file is executed by the user that is used to run the build service. If that user does not have the necessary admin rights you face this particular error message.
What you need to do is make sure that all accounts that you use to run your build agents have administrative permissions on whatever machine you want to start/stop IIS.
You are trying to do IISRESET in your batch script. You need to be an Administrator as basic right to execute IISRESET command. So the account which the build is running needs to be part of the Admin group on the box.
Other approach is to stop and start w3svc using sc config commands or NET STOP WAS /Y and NET START W3SVC
Both of your answers are correct, I added the 'Network Service' of TFS to admin group of machine. Then build was success. Administrative tools>Computer Management> Local Users and Groups>Groups>
Inside Administrators and Users add 'Network Services'. If you don't find 'Network Service' then change location to your computer node and add them.
i'm facing a problem with VSTS agent state is offline i installed the agent through cmd under the right pool and downloaded after that but it still offline any help please ?
If the build agent is running as interactive mode, you need to start agent by running run.cmd file:
Open Command line as administrator
Run run.cmd file (under agent folder)
If the build agent is running as service, you can check whether the related service is running in Services.
Context:
Created a Domain Controller with Active Directory Setup.
Created another Server with Jenkins-2 installed.(DNS Points correctly to the Domain Controllers)
Installed the Active Directory Plugin
Installed the Powershell Plugin
Created a Powershell Job, with command
Copy-Item -Path \\SFTPServer\Docs\file.txt $Home
Steps:
List item Logged in to Jenkins Server Machine with credentials of globomantics.local\administrator
List item Started Jenkins to be available on localhost:8080
List item Logged in into Jenkins using credentials of globomantics.local\someunderprivilegeduser
List item Run the above created Powershell Job
What happens:
Powershell window appears and runs the command .. in the context of AD User globomantics.local\administrator
What is required:
Powershell command runs in the context of globomantics.local\someunderprivilegeduser
I understand that when we logged into jenkins using globomantics.local\someunderprivilegeduser, a kerberos ticket is generated on this machine. How can i use that ticket to run this powershell command? OR if my approach is completely wrong, what else to do?
Note: let's say globomantics.local\someunderprivilegeduser is NOT allowed to read \\SFTPServer\Docs\file.txt, In this case the Powershell Job should fail. BUT, since the job runs in the context of globomantics.local\administrator, the Job runs successfully.