functions/azdo/_AddGroupMember.ps1
|
# <copyright file="_AddGroupMember.ps1" company="Endjin Limited"> # Copyright (c) Endjin Limited. All rights reserved. # </copyright> <# .SYNOPSIS Adds a member to an Azure DevOps project group. .DESCRIPTION Adds a member to an Azure DevOps project group. #> function _AddGroupMember { [CmdletBinding(SupportsShouldProcess)] param() Write-Verbose "Adding member: $($member.name) [$($member.type)]" switch ($member.type) { "user" { $addUserArgs = @( "devops security group membership add" "--organization $orgUrl" "--group-id `"$($existingGroup.descriptor)`"" "--member-id `"$($member.name)`"" ) if ($PSCmdlet.ShouldProcess($Name)) { Invoke-CorvusAzCli -Command $addUserArgs } else { Write-Host "[DRYRUN] Add member: $($member.name) [$($member.type)]" -f Magenta } } "group" { $groupListArgs = @( "ad group list" "--display-name `"$($member.name)`"" "--query `"[?displayName == '$($member.name)' && securityEnabled]`"" ) $aadObject = Invoke-CorvusAzCli -Command $groupListArgs -AsJson if ($aadObject) { # Register the AzureAD group with Azure DevOps and add it as a member $groupCreateArgs = @( "devops security group create" "--organization $orgUrl" "--origin-id $($aadObject.objectId)" "--groups `"$($existingGroup.descriptor)`"" "--scope organization" ) if ($PSCmdlet.ShouldProcess($Name)) { Invoke-CorvusAzCli -Command $groupCreateArgs } else { Write-Host "[DRYRUN] Add member: $($member.name) [$($member.type)]" -f Magenta } return $true } else { Write-Warning "The referenced group '$($member.name)' could not be found in Azure Active Directory - skipping" return $false } } } } |