Recently had to update some Azure DevOps release pipelines based off new infrastructure. I needed to create new release definitions and there appears to be no option to do this through Azure CLI currently.
The alternative option is to call the Azure DevOps REST API.
The above script assumes you've already logged in with az login
or with the --use-device-code
argument and an incognito/private browser window if you're testing with different credentials.
az login --scope https://management.core.windows.net/.default
We could use straight curl
, but az rest
has some built in authentication logic and probably some header or URI parameter setting with --resource
flag.
You'll want to update the request body for the PAT with the proper scope
and other properties like validTo
if the PAT is supposed to be re-used in your use-case.
I took this opportunity to export our existing Release Pipelines to source control.
Concerns
- The script assumes you've already authenticated mentioned above, however to fully automate the process without authentication via the browser an SPN or specific
--username <username> --password <password>
arguments. Since we have SSO/SAML for our logins, we may have to go with--service-principal
route. Alternatively if we run the script through Azure DevOps we might be able to use the--identity
flag.