I need to do this to make CMake FetchContent_MakeAvailable work. I don't want to modify the CMakeLists.txt file too much and don't want to put my PAT in it for every URL either. I'm also trying to aim for not writing to disk if possible.
Currently, I'm using a PAT that grants read access to all the Git repositories in my organization. Before CMake configure, the pipeline sets everything up with the following Pipeline YAML:
parameters:
variables:
- group: Git PAT Keys
- group: Git Repository URLs
# ...
- script: |
export GIT_BASE64_AUTH=$(printf ":%s" "${DEVOPS_TOKEN}" | base64)
export GIT_CONFIG_COUNT=2
export GIT_CONFIG_KEY_0=http.${DEVOPS_URL}.extraheader
export GIT_CONFIG_KEY_1=http.${SYSTEM_COLLECTIONURI}.extraheader
export GIT_CONFIG_VALUE_0='Authorization: Basic '${GIT_BASE64_AUTH}
export GIT_CONFIG_VALUE_1='Authorization: Basic '${GIT_BASE64_AUTH} # Makes git config not complain
# TODO: Switch between these depending on Git version on host or in container
# Writes to pipeline global environment variables for job.
# Must explicitly map DevopsHttpAuthHeader as $GIT_CONFIG_VALUE_<0|1...> to steps that require it
# Only works on Git versions 2.31 and above. Doesn't persist on disk.
echo "##vso[task.setvariable variable=GIT_CONFIG_COUNT;]${GIT_CONFIG_COUNT}"
echo "##vso[task.setvariable variable=GIT_CONFIG_KEY_0;]${GIT_CONFIG_KEY_0}"
echo "##vso[task.setvariable variable=GIT_CONFIG_KEY_1;]${GIT_CONFIG_KEY_1}" # Makes git config not complain.
echo "##vso[task.setvariable variable=DevopsHttpAuthHeader;issecret=true;]${GIT_CONFIG_VALUE_0}"
# Writes to the global Git config file.
# Works on Git versions before and after 2.31 with the downside of writng and potentially persisting to disk across pipeline runs.
git config --global ${GIT_CONFIG_KEY_0} "${GIT_CONFIG_VALUE_0}"
git config --global ${GIT_CONFIG_KEY_1} "${GIT_CONFIG_VALUE_1}"
displayName: 'Setup GIT with PAT for Azure DevOps'
env:
DEVOPS_TOKEN: $(ADO_PAT)
DEVOPS_URL: $(ADO_URL)
- task: CMake@1
# ...
env:
GIT_CONFIG_VALUE_0: $(DevopsHttpAuthHeader)
GIT_CONFIG_VALUE_1: $(DevopsHttpAuthHeader)
The PATs and URLs are stored in libraries that are imported at the top. It also automatically sets a configuration up by getting my organization URL (visualstudio.com for me), just in case.