We have a requirement in my project where we need to find out the repository access for users in Azure DevOps using cli.
We were able to find out the top-level access for all the users, using this CLI command as provided in the official azure-cli documents.
Command-1
az devops user list --org {Organisation-Name} --query members[].[username,emailid,accesslevel] -o table
The above command returns the following output:
Username EmailId AccessLevel
------------------------------------------
John Doe john.doe#abc.com Basic
Rick Stein rick.stein#abc.com Stakeholder
....
Next using the user's email-id extracted from the list above, we are able to find out the granular level of repository access for each individual user as follows:
Command #2:
az devops user show --org {Organisation Name} --user john.doe#abc.com --query "[Username:user.name,ProjectRepoName:repo.access]"
The corresponding output -
{
"Username": "John Doe",
"ProjectRepoName": [
"Develop.Env1",
"Test.Env3",
"UAT.Env2"
]
}
This activity gives the required data on an individual user level. However, we want the data for all the users that are provided by the user list from command one as mentioned above.
Is there a way in which we can combine both the az devops user list & az devops user show commands in a single command via a script, that would traverse all the users in the user list and for each user, using the show command provide the details of the repo access, that can then be stored as a json/table output?
Note: one approach that we can think of is- to filter out the name/email from the list generated using command-1 and pass that list in the user section of the second command. However, the user section takes only one value at a time so not sure, how can this be achieved using CLI operations.
Any help or suggestions on this is highly appreciated. Thanks in advance.
The resolution of this issue was by using the foreach loop logic and making use of the appropriate format for filtering the output for command one.
The snippet of the working code-
.......
$listOfMails = (az devops user list --org {Organisation-Name} --query members[].emailid -o table)
foreach($email in $listOfEmails)
{
(az devops user show --org {Organisation Name} --user ($email) --query "[Username:user.name,ProjectRepoName:repo.access]")
}
...
This resulted in the successful extraction of data, as per requirement.
Related
I'm trying to create a sentinel alert by using the below az-cli command :
az sentinel alert-rule action create --action-name
--resource-group
--rule-name
--workspace-name
[--etag]
[--logic-app-resource-id]
[--trigger-uri]
Have followed this article but it doesn't have any examples for the command https://learn.microsoft.com/en-us/cli/azure/sentinel/alert-rule/action?view=azure-cli-latest#az-sentinel-alert-rule-action-create
What should be provided as parameter to action-name ?
az sentinel alert-rule action create --action-name
--resource-group
--rule-name
--workspace-name
[--etag]
[--logic-app-resource-id]
[--trigger-uri] ```
Here --eta, --logic-app-resource-id, --trigger-uri paramters are optional where --action-name is the action group name.
For action name, go to the Azure Portal > Monitor > Alerts > Action Groups > create an action group for which resource that alert rules should be created:
I was trying to integrate apache-jmeter with jenkins pipeline.We are using apache-jmeter version 5.1 and intalled the performance plugin version 3.0 in jenkins.
D:\apache-jmeter-5.1\bin\jmeter.bat -Jjmeter.save.saveservice.output_format=xml -n -t C:\Users\temp\Downloads\tests.jmx -l C:\Users\temp\Downloads\tests.jtl """
Main goal is to get aggregate report for each individual thread group. Have tried 3 different alternatives which are mentioned below:
bat """ D:\apache-jmeter-5.1\bin\FilterResults.bat --output-file C:\Users\temp\Downloads\filteredout.csv --input-file C:\Users\temp\Downloads\tests.jtl --include-labels "Result1,Result2,Result3,Result4" """
Using the above command to get the aggregate report by passing the input as jtl file,the outputfile filteredout.csv is not getting generated.But while using the --exclude-labels the output file is getting generated but it is not the aggregate report, getting report in the form of jtl.
bat """ D:\apache-jmeter-5.1\bin\JMeterPluginsCMD.bat --generate-csv C:\Users\temp\Downloads\aggregatereport.csv --input-jtl C:\Users\temp\Downloads\tests.jtl --plugin-type AggregateReport """
Using the above command to get the aggregate report by passing the input as jtl file, getting aggregate report with 90,95,99 percentile lines but not getting the thread group name.
bat """ java -jar D:\apache-jmeter-5.1\lib\cmdrunner-2.2.jar --tool Reporter --generate-csv C:\Users\temp\Downloads\AggregateReportnew.csv --input-jtl C:\Users\temp\Downloads\tests.jtl --plugin-type AggregateReport"""
Using the above command to get the aggregate report by passing the input as jtl file,getting aggregate report with 90,95,99 percentile lines but not showing report for each individual group.
Using Filter Results Tool version 2.2,Synthesis Report version 2.2,JMeterPluginsCMD Command Line Tool version 2.2 .
Is there any chance that my idea will be possible in realtime? If so please help with this issue
How about adding the Thread Group Name as the prefix/postfix to the Samplers labels using i.e. __threadGroupName() function
This way you will be able to distinguish samplers originating from different thread groups:
If you have a lot of samplers you can append the name of the Thread Group in the runtime using i.e. JSR223 PostProcessor and the following Groovy code:
prev.setSampleLabel(prev.getSampleLabel(true))
I am trying to append the list of account Ids since I don't have access to organization, but whenever i am doing it, previous accounts get replaced with new account ID and i only want to append them.
Please let me know how to do it.
aws configservice put-configuration-aggregator --configuration-aggregator-name test-config --account-aggregation-sources "[{\"AccountIds\": [\"xxxxxx\",\"xxxx\"],\"AwsRegions\": [\"us-east-1\"]}]"
From the documentation
accountIds that are passed will be replaced with existing accounts. If you want to add additional accounts into the aggregator, call DescribeAggregator to get the previous accounts and then append new ones.
References :
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configservice/put-configuration-aggregator.html
So you can first call DescribeAggregator1 to get the previous accounts and store them in some variable.
Then append new accounts to previous accounts variable via jq.
Append JSON Object via jq
Note - I have added links for AWS CLI V2.
I am trying to create an az cli query that can evaluate if I am logged into the correct tenant and subscription. I know I have to use the ? and && operators but have not been able to get them in the correct combination yet that will work. When I query for just a single value using the line below, works fine:
az account list --query "[?id=='my_subscription_id']" --output json
But when I try either of the lines below, it tells me it is invalid jmespath_type value:
az account list --query "[?id=='my_subscription_id' && ?tenantId=='my_tenant_id']" --output json
az account list --query "[(?id=='my_subscription_id') && (?tenantId=='my_tenant_id')]" --output json
when I try the line below, it gives me the error ] was unexpected at this time:
az account list --query "[(?id=='my_subscription_id')&&(?tenantId=='my_tenant_id')]" --output json
I know this can be done, just can't seem to find the right mixture yet.
UPDATED INFO:
Upon further testing, I made some progress but still not exactly what I was expecting. Assume that the tenant ID is 123, the subscription ID of the sub I am wanting is ABC and my account also has access to the subscription ID EFG. When running the command below:
az account list --query "[].{subscriptionId:id,tenantId:tenantId}"
I get the output:
{
"subscriptionId": "ABC",
"tenantId": "123"
},
{
"subscriptionId": "EFG",
"tenantId": "123"
}
I would expect that running the command below, would return just the single record that matches:
az account list --query "[?id == 'ABC' && tenantid == '123'].{subscriptionId:id,tenantId:tenantId}" --output json
But, it does not. It returns [].
Running the command below returns the single record that matches both conditions:
az account list --query "[?id == 'ABC' || tenantid == '123'].{subscriptionId:id,tenantId:tenantId}" --output json
Based on the documentation, && is an AND, and || is an OR. I would think when running the command line that has the || in it would return BOTH records but it only returns the one that contains both values.
I am trying to create an az cli query that can evaluate if I am logged
into the correct tenant and subscription.
In fact, one subscription can only trust one tenant, so you can just filter the subscription Id, it will get the only one match tenant ID. Read more details in this blog.
A directory is the Azure AD service and each directory may have one or
more domains. An Azure subscription has a trust relationship with
Azure Active Directory which means that the subscription trusts Azure
AD to authenticate users, services, and devices.
A directory can have many subscriptions associated with it, but only
one tenant. Multiple subscriptions can trust the same Azure AD
directory, but each subscription can only trust a single directory.
In this case, you have known the subscription Id. You also got the output of the subscription id and tenant Id mapping records. You can get accurate results by filtering your subscription Id like this. Or use it as you knew it: az account list --query "[?id=='my_subscription_id']" --output json
Then you can verify if you have logged in the correct tenant.
az account list --query "[].{SubID:id,TenantID:tenantId}[?SubID=='my_subscription_id']" -o table
result
In Enovia Mql, if we want to print the details of a connection between a person and its company object what is the command. For Ex: Business objects can be explored using "Expand", similarly what is the way for Admin Objects?
I think we need some clarification on question as when you talk about "connection between a person and its company object" that means you are talking about business objects.
But for admin objects query is different.
I will try to answer both the questions.
A. Admin object query
print person PERSONNAME;
B. Business object information:
as you need all connection information below query will help you.
expand bus Person PERSONNAME - type Company select rel id attribute.value;
as we have mentioned "type Company" the expand will only consider connected Company type of objects.
"select rel" clause selects information from relationships.
You can add any selectable for relationship in above query.
also for more information on expand you can use following query in mql and check expand bus section.
help bus;
Please try to perform below query:
Print person XYZ selectable;
Thanks_Sachin
May be it would be good if you have mentioned specific admin object names.
As per current schema design admin objects are not connected in the way business object are connected. But admin objects are referenced/added to another admin object.
For example Attribute admin object is added to type object.
print type Part select attribute
Similarly type admin object is added into policy admin object.
Print policy Engineering selet type store format;
In above example we can see type ,store and format admin objects being referenced from policy.
Similar way each admin object is referenced/added to another admin object