diff --git a/extension/README.md b/extension/README.md
index 342d9030..85d2fc68 100644
--- a/extension/README.md
+++ b/extension/README.md
@@ -51,8 +51,8 @@ This task makes use of a docker image, which may take time to install. Subsequen
|abandonUnwantedPullRequests|**_Optional_**. Determines whether to abandon unwanted pull requests. Defaults to `false`.|
|gitHubConnection|**_Optional_**. The GitHub service connection for authenticating requests against GitHub repositories. This is useful to avoid rate limiting errors. The token must include permissions to read public repositories. See the [GitHub docs](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token) for more on Personal Access Tokens and [Azure DevOps docs](https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml#sep-github) for the GitHub service connection.|
|gitHubAccessToken|**_Optional_**. The raw GitHub PAT for authenticating requests against GitHub repositories. Use this in place of `gitHubConnection` such as when it is not possible to create a service connection.|
-|azureDevOpsAccessToken|**_Optional_**. The Personal Access Token for accessing Azure DevOps. Supply a value here to avoid using permissions for the Build Service either because you cannot change its permissions or because you prefer that the Pull Requests be done by a different user. When not provided, the current authentication scope is used. In either case, be use the following permissions are granted:
- Code (Full)
- Pull Requests Threads (Read & Write).
See the [documentation](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=preview-page#create-a-pat) to know more about creating a Personal Access Token|
|azureDevOpsServiceConnection|**_Optional_**. A Service Connection to use for accessing Azure DevOps. Supply a value here to avoid using permissions for the Build Service either because you cannot change its permissions or because you prefer that the Pull Requests be done by a different user. When not provided, the current authentication scope is used.
See the [documentation](https://learn.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops) to know more about creating a Service Connections|
+|azureDevOpsAccessToken|**_Optional_**. The Personal Access Token for accessing Azure DevOps. Supply a value here to avoid using permissions for the Build Service either because you cannot change its permissions or because you prefer that the Pull Requests be done by a different user. When not provided, the current authentication scope is used. In either case, be use the following permissions are granted:
- Code (Full)
- Pull Requests Threads (Read & Write).
See the [documentation](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=preview-page#create-a-pat) to know more about creating a Personal Access Token.
Use this in place of `azureDevOpsServiceConnection` such as when it is not possible to create a service connection.|
|targetRepositoryName|**_Optional_**. The name of the repository to target for processing. If this value is not supplied then the Build Repository Name is used. Supplying this value allows creation of a single pipeline that runs Dependabot against multiple repositories by running a `dependabot` task for each repository to update.|
|targetUpdateIds|**_Optional_**. A semicolon (`;`) delimited list of update identifiers run. Index are zero-based and in the order written in the configuration file. When not present, all the updates are run. This is meant to be used in scenarios where you want to run updates a different times from the same configuration file given you cannot schedule them independently in the pipeline.|
|excludeRequirementsToUnlock|**_Optional_**. Space-separated list of dependency updates requirements to be excluded. See list of allowed values [here](https://github.com/dependabot/dependabot-core/issues/600#issuecomment-407808103). Useful if you have lots of dependencies and the update script too slow. The values provided are space-separated. Example: `own all` to only use the `none` version requirement.|
diff --git a/extension/task/task.json b/extension/task/task.json
index a6a12184..3492f76a 100644
--- a/extension/task/task.json
+++ b/extension/task/task.json
@@ -159,20 +159,20 @@
},
{
- "name": "azureDevOpsAccessToken",
- "type": "string",
+ "name": "azureDevOpsServiceConnection",
+ "type": "connectedService:Externaltfs",
"groupName": "advanced",
- "label": "Azure DevOps Personal Access Token.",
+ "label": "Azure DevOps Service Connection to use.",
"required": false,
- "helpMarkDown": "The Personal Access Token for accessing Azure DevOps repositories. Supply a value here to avoid using permissions for the Build Service either because you cannot change its permissions or because you prefer that the Pull Requests be done by a different user."
+ "helpMarkDown": "Specify a service connection to use, if you want to use a different service principal than the default to create your PRs."
},
{
- "name": "azureDevOpsServiceConnection",
+ "name": "azureDevOpsAccessToken",
"type": "string",
"groupName": "advanced",
- "label": "Azure DevOps Service Connection to use.",
+ "label": "Azure DevOps Personal Access Token.",
"required": false,
- "helpMarkDown": "Specify a service connection to use, if you want to use a different service principal than the default to create your PRs. Has no effect if azureDevOpsAccessToken is provided."
+ "helpMarkDown": "The Personal Access Token for accessing Azure DevOps repositories. Supply a value here to avoid using permissions for the Build Service either because you cannot change its permissions or because you prefer that the Pull Requests be done by a different user. Use this in place of `azureDevOpsServiceConnection` such as when it is not possible to create a service connection."
},
{
"name": "targetRepositoryName",
diff --git a/extension/task/utils/getAzureDevOpsAccessToken.ts b/extension/task/utils/getAzureDevOpsAccessToken.ts
index 81b373bc..970ecffc 100644
--- a/extension/task/utils/getAzureDevOpsAccessToken.ts
+++ b/extension/task/utils/getAzureDevOpsAccessToken.ts
@@ -14,14 +14,14 @@ import {
*/
export default function getAzureDevOpsAccessToken() {
let systemAccessToken: string = getInput("azureDevOpsAccessToken");
- if(systemAccessToken) {
+ if (systemAccessToken) {
debug("azureDevOpsAccessToken provided, using for authenticating");
return systemAccessToken;
}
let serviceConnectionName: string = getInput("azureDevOpsServiceConnection");
- if(serviceConnectionName) {
- debug(`Loading authorization for service connection ${serviceConnectionName}`);
+ if (serviceConnectionName) {
+ debug("TFS connection supplied. A token shall be extracted from it.");
return getEndpointAuthorizationParameter(serviceConnectionName, "AccessToken", false);
}
diff --git a/extension/task/utils/getGithubAccessToken.ts b/extension/task/utils/getGithubAccessToken.ts
index 9606ea17..3d886930 100644
--- a/extension/task/utils/getGithubAccessToken.ts
+++ b/extension/task/utils/getGithubAccessToken.ts
@@ -44,16 +44,17 @@ function getGithubEndPointToken(githubEndpoint: string): string {
* @returns the Github access token
*/
export default function getGithubAccessToken() {
- let githubAccessToken: string = getInput("gitHubAccessToken");
-
- if (!githubAccessToken) {
- const githubEndpointId = getInput("gitHubConnection");
+ let gitHubAccessToken: string = getInput("gitHubAccessToken");
+ if (gitHubAccessToken) {
+ debug("gitHubAccessToken provided, using for authenticating");
+ return gitHubAccessToken;
+ }
- if (githubEndpointId) {
- debug("GitHub connection supplied. A token shall be extracted from it.");
- githubAccessToken = getGithubEndPointToken(githubEndpointId);
- }
+ const githubEndpointId = getInput("gitHubConnection");
+ if (githubEndpointId) {
+ debug("GitHub connection supplied. A token shall be extracted from it.");
+ gitHubAccessToken = getGithubEndPointToken(githubEndpointId);
}
- return githubAccessToken;
+ return gitHubAccessToken;
}