Azure Devops自托管代理Docker容器连接问题
我已经将我的计算机用作连接到azure管道工作流的自托管代理。 我现在正试图在docker中运行一个自托管代理,以便以后在公司自己的windows 2019服务器上使用。 但我有连接问题 我正是这样做的: 但是,当我运行此程序时:Azure Devops自托管代理Docker容器连接问题,docker,api,rest,azure-devops,Docker,Api,Rest,Azure Devops,我已经将我的计算机用作连接到azure管道工作流的自托管代理。 我现在正试图在docker中运行一个自托管代理,以便以后在公司自己的windows 2019服务器上使用。 但我有连接问题 我正是这样做的: 但是,当我运行此程序时: docker build -t dockeragent:latest . docker run -e AZP_URL="https://[CompanyUrl].com/[Collection]" -e AZP_TOKEN="[PAT]&
docker build -t dockeragent:latest .
docker run -e AZP_URL="https://[CompanyUrl].com/[Collection]" -e AZP_TOKEN="[PAT]" -e AZP_AGENT_NAME="dockeragent" -e AZP_POOL="[Pool]" dockeragent:latest
我希望docker容器代理运行start.ps1脚本,转到power shell,配置代理并查看Azure管道的大型CLI绘图
但是,我得到的是这个错误
错误:
1. Determining matching Azure Pipelines agent...
Invoke-RestMethod : The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel.
At C:\azp\start.ps1:35 char:12
+ $package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64 ...
Write-Host "1. Determining matching Azure Pipelines agent..." -ForegroundColor Cyan
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$(Get-Content ${Env:AZP_TOKEN_FILE})"))
$package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64AuthInfo")} "$(${Env:AZP_URL})/_apis/distributedtask/packages/agent?platform=win-x64&`$top=1"
$packageUrl = $package[0].Value.downloadUrl
Write-Host $packageUrl
我知道这些特定的线路失败了。这是一个失败的RESTAPI调用
片段:
1. Determining matching Azure Pipelines agent...
Invoke-RestMethod : The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel.
At C:\azp\start.ps1:35 char:12
+ $package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64 ...
Write-Host "1. Determining matching Azure Pipelines agent..." -ForegroundColor Cyan
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$(Get-Content ${Env:AZP_TOKEN_FILE})"))
$package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64AuthInfo")} "$(${Env:AZP_URL})/_apis/distributedtask/packages/agent?platform=win-x64&`$top=1"
$packageUrl = $package[0].Value.downloadUrl
Write-Host $packageUrl
但我不明白的是,如果我只是在我的网络浏览器中复制粘贴URL
https://[CompanyUrl].com/[Collection]/\u API/distributedtask/packages/agent?platform=win-x64&`$top=1
它工作顺利,我从Get操作中看到了我的JSON数据。
它只是在容器内部不起作用。我迷路了
有什么提示吗
我的尝试:
1. Determining matching Azure Pipelines agent...
Invoke-RestMethod : The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel.
At C:\azp\start.ps1:35 char:12
+ $package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64 ...
Write-Host "1. Determining matching Azure Pipelines agent..." -ForegroundColor Cyan
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$(Get-Content ${Env:AZP_TOKEN_FILE})"))
$package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64AuthInfo")} "$(${Env:AZP_URL})/_apis/distributedtask/packages/agent?platform=win-x64&`$top=1"
$packageUrl = $package[0].Value.downloadUrl
Write-Host $packageUrl
http://[TFS扩展].[Server].com/[Collection]/\u api/distributedtask/packages/agent?platform=win-x64&`$top=1
它实际上起作用了,我没有得到上面的错误,所以现在我很困惑。
我希望它能够使用更安全的https链接。请尝试将
-SkipCertificateCheck
添加到Invoke RestMethod命令中
调用RestMethod“url”-SkipCertificateCheck
或者您可以尝试将以下行添加到strart.ps1文件中
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
有关更多信息,请参阅。YESSS!!!!!!!成功了,大块头!请注意,SkipCertificateCheck仅适用于powershell 6.0.0及以上版本,唉,我是个老犯规!XD我需要在ps1脚本的开头添加上述代码吗?