Uploading to LCS Dynamics using API
Trying to upload a file to the LCS Dynamics using API but keep getting failed due to permission errors.
I'm currently working on a project in LCS Dynamics 365, and Microsoft has made changes to the workflow of LCS, introducing multiple geolocations for creating and accessing projects. My project is heavily integrated with Azure DevOps, and I have to manually download the package from the build pipeline and add it to the shared asset library each time. Some of these files are quite large, and it can take up to 5-6 hours to upload them to the environment. Additionally, certain packages must be added to the asset library in multiple environments. I'm wondering if there's a way to use the LCS Dynamics API service to upload the file to single or multiple environments at once.
After referring to the Microsoft LCS API documentation, I came across a PowerShell script called Invoke-D365LcsUpload.ps1, which includes a function for uploading the file to the environment. However, despite attempting to execute the script multiple times, I encountered a permission error ("you don't have access to start/upload to the environment"). I've also tried using accounts with higher levels of privilege (project owner/environment manager), but I'm still facing the same error.
I'm exploring whether it's possible to:
- Directly upload to the LCS environment via Azure DevOps pipeline.
- Utilize the LCS Dynamics API to upload the packages.
or any other secure methods to accomplish the task
Instead of calling the LCS related API in PowerShell script, you can try to use the Azure DevOps extension "Dynamics 365 Finance and Operations Tools" Published by Microsoft. It provides the pipeline task "Dynamics Lifecycle Services (LCS) Asset Upload" (LCSAssetUpload@2) to upload assets to the LCS asset library.
Note: The LCSAssetUpload task is available for classic release pipelines and YAML pipelines, and not for classic build pipelines.
To use the LCSAssetUpload task in your pipeline, you can do like as below:
Install the "Dynamics 365 Finance and Operations Tools" extension to your Azure DevOps organization/collection.
Create a Dynamics Lifecycle Services service connection (LCS Connection). Provide the required information on the service connection. You just need to provide the valid
Username(e-mail address) andPassword, and a customizedService connection name. Ensure theUsernameandPasswordhave the access to the target LCS asset library.
In the pipeline, you can configure with the following steps in the same job.
- The build step to generate the asset files and output the files to a specified directory.
- Use the
ArchiveFiles@2task to archive the asset files as a ZIP from the build output directory, and save ZIP file to another path. - Use the
LCSAssetUploadtask to the ZIP file to LCS asset library.
variables: LCS_Connection: 'myLCS' LCS_ProjectId: 'xxxxxx' LCS_AssetName: 'xxxx' steps: - the build step to generate the asset files - task: ArchiveFiles@2 displayName: 'Archive Files' inputs: rootFolderOrFile: 'path/to/build/output/dir' includeRootFolder: false archiveType: 'zip' archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).zip' replaceExistingArchive: true - task: LCSAssetUpload@2 displayName: 'LCS Asset Upload' name: UploadAsset inputs: serviceConnectionName: '$(LCS_Connection)' projectId: '$(LCS_ProjectId)' assetPath: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).zip' assetName: '$(LCS_AssetName)' - script: echo "AssetId = $(UploadAsset.FileAssetId)" displayName: 'Verify Asset ID'
In addition, once the LCSAssetUpload task run successfully, it will generate an output variable (FileAssetId) to return the file asset ID of the uploaded asset. On the subsequent steps within the same job, if you wants to use the asset ID, you can reference the output variable using the expression $(UploadAsset.FileAssetId). The 'UploadAsset' is the customized name on the LCSAssetUpload task.
EDIT:
There is no method to bypassed MFA when the account used on the LCS Connection has MFA set.
As recommended in the documentation "Create a Lifecycle Services (LCS) connection in Azure Pipelines", you can try to set up a separate user account that does not have MFA set. For security purposes, you can set this account to have limited access and strong credentials that can regularly be rotated.
- Is there a short 7-digit version of $(SourceVersion) in Azure Devops?
- No template with an identifier of 'xamarinandroid' could be found
- Nuget restore fails on Azure Devops with message "unable to load the service index for source"
- Why does VS Code give linting errors for a valid Azure Pipelines YAML file?
- Azure Python Functions requirements.txt ignored when deployed from DevOps
- No pool was specified, although a pool is specified in the Azure pipeline
- How to set the iteration field automatically to latest iteration?
- Pass parameter to a different-project pipeline via REST api using System.AccessToken
- Azure DevOps share wiki as dedicated webpages
- Azure Devops: dotnet publish can't find the package because it's searching in the wrong source
- roleAssignment with current user id
- Can I use MSI Token for Azure DevOps REST APIs?
- Azure Deploy Code To Service Using ARM Template From VSTS Git Code
- AzureDevOps RestAPI does not return groups that are a member of a certain group
- Benefits of using Fabric-ADO Pipeline over Inbuilt MS Fabric Deployment pipeline
- Dependencies azure devops yaml
- Assigning tags to APIs in Azure APIM via Devops Pipeline
- Pull bicep modules from ACR to consume using AzurePowershell@5 task in Azure pipeline
- Azure DevOps pipeline trigger not working
- MS Fabric project Deployment using Azure Pipelines
- Azure self hosted agent failing to pick up jobs
- How to parameterize azure agent.name in azure pipeline?
- Getting "Unable to complete authentication for user due to looping logins" while making an api call through postman to azure
- Service Connection permissions error when trying to access Azure Key vault secrets from within an Azure DevOps pipeline with the task AzureKeyVault@2
- Download a Zip File from Azure DevOps Git Repo Using Azure DevOps SDK
- Use variables in Approval and Check Azure Devps Pipeline
- Is it possible to create a pull request for an azure dev ops repo in vs code?
- Azure devops pipeline stages template nesting
- How to pass specific values for Get-AzSubscription
- How to "swap" staging and production slots in release pipeline?