...
1[CmdletBinding(SupportsShouldProcess = $true)]
2param(
3 [Parameter(Mandatory = $true)]
4 [string]$Organization,
5
6 [Parameter(Mandatory = $true)]
7 [string]$Project,
8
9 [Parameter(Mandatory = $true)]
10 [int]$DefinitionId,
11
12 [Parameter(Mandatory = $true)]
13 [int]$RunId,
14
15 [Parameter(Mandatory = $true)]
16 [int]$DaysValid,
17
18 [Parameter(Mandatory = $false)]
19 [string]$OwnerId = "azure-sdk-pipeline-automation",
20
21 [Parameter(Mandatory = $false)]
22 [string]$AccessToken = $env:DEVOPS_PAT
23)
24
25Set-StrictMode -Version 3
26
27. (Join-Path $PSScriptRoot common.ps1)
28
29$unencodedAuthToken = "nobody:$AccessToken"
30$unencodedAuthTokenBytes = [System.Text.Encoding]::UTF8.GetBytes($unencodedAuthToken)
31$encodedAuthToken = [System.Convert]::ToBase64String($unencodedAuthTokenBytes)
32
33if ($isDevOpsRun) {
34 # We are doing this here so that there is zero chance that this token is emitted in Azure Pipelines
35 # build logs. Azure Pipelines will see this text and register the secret as a value it should *** out
36 # before being transmitted to the server (and shown in logs). It means if the value is accidentally
37 # leaked anywhere else that it won't be visible. The downside is that when the script is executed
38 # on a local development box, it will be visible.
39 Write-Host "##vso[task.setvariable variable=_throwawayencodedaccesstoken;issecret=true;]$($encodedAuthToken)"
40}
41
42
43LogDebug "Checking for existing leases on run: $RunId"
44$existingLeases = Get-RetentionLeases -Organization $Organization -Project $Project -DefinitionId $DefinitionId -RunId $RunId -OwnerId $OwnerId -Base64EncodedAuthToken $encodedAuthToken
45
46if ($existingLeases.count -ne 0) {
47 LogDebug "Found $($existingLeases.count) leases, will delete them first."
48
49 foreach ($lease in $existingLeases.value) {
50 LogDebug "Deleting lease: $($lease.leaseId)"
51 Delete-RetentionLease -Organization $Organization -Project $Project -LeaseId $lease.leaseId -Base64EncodedAuthToken $encodedAuthToken
52 }
53
54}
55
56LogDebug "Creating new lease on run: $RunId"
57$lease = Add-RetentionLease -Organization $Organization -Project $Project -DefinitionId $DefinitionId -RunId $RunId -OwnerId $OwnerId -DaysValid $DaysValid -Base64EncodedAuthToken $encodedAuthToken
58LogDebug "Lease ID is: $($lease.value.leaseId)"
View as plain text