Uploading to LCS Dynamics using API
Trying to upload a file to the LCS Dynamics using API but keep getting failed due to permission errors.
I'm currently working on a project in LCS Dynamics 365, and Microsoft has made changes to the workflow of LCS, introducing multiple geolocations for creating and accessing projects. My project is heavily integrated with Azure DevOps, and I have to manually download the package from the build pipeline and add it to the shared asset library each time. Some of these files are quite large, and it can take up to 5-6 hours to upload them to the environment. Additionally, certain packages must be added to the asset library in multiple environments. I'm wondering if there's a way to use the LCS Dynamics API service to upload the file to single or multiple environments at once.
After referring to the Microsoft LCS API documentation, I came across a PowerShell script called Invoke-D365LcsUpload.ps1, which includes a function for uploading the file to the environment. However, despite attempting to execute the script multiple times, I encountered a permission error ("you don't have access to start/upload to the environment"). I've also tried using accounts with higher levels of privilege (project owner/environment manager), but I'm still facing the same error.
I'm exploring whether it's possible to:
- Directly upload to the LCS environment via Azure DevOps pipeline.
- Utilize the LCS Dynamics API to upload the packages.
or any other secure methods to accomplish the task
Instead of calling the LCS related API in PowerShell script, you can try to use the Azure DevOps extension "Dynamics 365 Finance and Operations Tools" Published by Microsoft. It provides the pipeline task "Dynamics Lifecycle Services (LCS) Asset Upload" (LCSAssetUpload@2) to upload assets to the LCS asset library.
Note: The LCSAssetUpload task is available for classic release pipelines and YAML pipelines, and not for classic build pipelines.
To use the LCSAssetUpload task in your pipeline, you can do like as below:
Install the "Dynamics 365 Finance and Operations Tools" extension to your Azure DevOps organization/collection.
Create a Dynamics Lifecycle Services service connection (LCS Connection). Provide the required information on the service connection. You just need to provide the valid
Username(e-mail address) andPassword, and a customizedService connection name. Ensure theUsernameandPasswordhave the access to the target LCS asset library.
In the pipeline, you can configure with the following steps in the same job.
- The build step to generate the asset files and output the files to a specified directory.
- Use the
ArchiveFiles@2task to archive the asset files as a ZIP from the build output directory, and save ZIP file to another path. - Use the
LCSAssetUploadtask to the ZIP file to LCS asset library.
variables: LCS_Connection: 'myLCS' LCS_ProjectId: 'xxxxxx' LCS_AssetName: 'xxxx' steps: - the build step to generate the asset files - task: ArchiveFiles@2 displayName: 'Archive Files' inputs: rootFolderOrFile: 'path/to/build/output/dir' includeRootFolder: false archiveType: 'zip' archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).zip' replaceExistingArchive: true - task: LCSAssetUpload@2 displayName: 'LCS Asset Upload' name: UploadAsset inputs: serviceConnectionName: '$(LCS_Connection)' projectId: '$(LCS_ProjectId)' assetPath: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).zip' assetName: '$(LCS_AssetName)' - script: echo "AssetId = $(UploadAsset.FileAssetId)" displayName: 'Verify Asset ID'
In addition, once the LCSAssetUpload task run successfully, it will generate an output variable (FileAssetId) to return the file asset ID of the uploaded asset. On the subsequent steps within the same job, if you wants to use the asset ID, you can reference the output variable using the expression $(UploadAsset.FileAssetId). The 'UploadAsset' is the customized name on the LCSAssetUpload task.
EDIT:
There is no method to bypassed MFA when the account used on the LCS Connection has MFA set.
As recommended in the documentation "Create a Lifecycle Services (LCS) connection in Azure Pipelines", you can try to set up a separate user account that does not have MFA set. For security purposes, you can set this account to have limited access and strong credentials that can regularly be rotated.
- How to Migrate TFVS project to Azure Git Repos from different Organization
- How to branch from non-default branch in Azure DevOps GitHub.com integration?
- Can't provide NuGet package source credentials to Azure Function
- Azure Pipelines: How to make a task dependent on a previous task?
- How to use multiple environments from one Azure pipeline?
- Azure DevOps pipeline continues to run despite removing schedule
- How to prevent creating a new branch of a certain branch
- Azure Active Directory App service Principal create new client secret
- Azure Devops Pipeline - Use Microsoft Visual Studio Installer Projects
- Azure DevOps yaml - Get current date with MMM (month short name)
- Accessing azure custom field using OData query
- build validation and status check policy on branch for Python code
- How to connect to Azure VM Windows Admin Center from Azure DevOps without enabling PSRemoting in VM
- Bash Task in Azure DevOps not able to recognize variable in set in Classic Release pipeline
- Is it possible to have a link to raw content of file in Azure DevOps
- USING RUNTIME VARIABLES IN AZURE YAML CHECKOUT
- How to configure Dependabot on Azure DevOps to create only one PR for minor/patch updates
- Pass an array of string to a powershell script from a yaml template
- Repository permanency between stages in an Azure DevOps pipeline
- Deploying Container App with Arm Template via Azure Devops: UNAUTHORIZED: authentication required
- NU1301: Unable to load the service index for source, even after setting up Personal Access Token
- How to deploy files to a server
- Azure Pipelines: git lfs not known with explicit declaration but UI config
- Comparison of string parameters always return false in Azure DevOps 2022
- Create Azure Devops pipeline without code checkout
- Increment Azure Pipelines version number with commits
- Azure Devops odata query returns UserEmail:Unknown
- In Azure Dev Ops, given a branch name, how I do I get the corresponding Pull Request (if one exists)
- Terraform Initialize Error on Azure Devops release pipeline
- How to use an Azure Devops Release task to execute a Azure Pipeline