I am aware of the Skipping CI for individual commits in Azure DevOps Pipelines, but I would like to know if it is possible to Skip CI for commits made by a specific Git user?
We have an external system making commits, and we can't simply add the message to the commit message, so it would be useful to just do it based on username.
It won't possible to configure this at the trigger level.
A workaround should be to cancel the pipeline based on a custom condition.
The identity of the user can be retrieved using environment variables Build.RequestedFor and Build.RequestedForId
https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#how-are-the-identity-variables-set
With this, you can create a custom condition for pipeline execution, based on what is documented here Is it possible to cancel a Azure DevOps pipeline Job programmatically?
It's a workaround, so pipeline will be executed anyway but it will be cancelled and won't execute all stages/jobs/steps.
There isn't such a feature in Azure DevOps Pipeline. However, as you have mentioned in Skipping CI, if the user is a script creating and pushing commits and you have control over it, you could decide whether to trigger the CI pipeline or not by inserting (or not) [ci skip] or [skip ci] in the commit message.
Otherwise, you have to ask the specific user to push the commits with [ci skip] or [skip ci] in the commit message.
However, the idea sounds good. You could submit a suggestion ticket to suggest the feature on: https://developercommunity.visualstudio.com/report?space=21&entry=suggestion
That will allow you to directly interact with the appropriate product group and make it more convenient for the product group to collect and categorize your suggestions.
Related
We have 3 repos in Azure DevOps. We use Azure Pipelines to run our CI/CD chain.
Repo A is a toolset used by the other repos.
Repo B uses A as submodule, and C uses A as git submodule.
When creating a PR in repo A, we want to trigger test Pipelines in repo B and C and have the status in repo A's PR. B and C's pipelines/runs should use the PR commit when running their tests. This to avoid that changes in repo A breaks repo B and C upon release.
Our problem is that we want to make sure to use the right commit of repo A (the one in the PR) and to get the test results for repo B and C in to the PR.
This should be possible through build-validation policies in a branch policy, but it won't be straight forward.
Under the hood, when you specify a build in the build-validation policy, azure-devops will queue the pipeline on a temporary branch /refs/pull/<id>/merge. It queues the pipeline with several additional variables that represent pull request meta-data. When that build completes, it sends a status message back to pull-request to indicate whether the conditions were met.
Microsoft has a few articles on how to create a custom PR server or using a Function App to create custom branch policies. These could be used as an approach, but both articles suggest that they invoke based on a webhook when the pull request is created. Both articles mention how to send custom PR Status messages back to the PR.
If you want more control over manually re-queueing the build-validation, you could in theory also create a pipeline that triggers the other pipelines in the other repos.
Define a build-validation pipeline that can be used to trigger the other pipelines. This is equivalent to using a Webhook/Function app, but the main difference is the UI in the Pull Request provides options to retrigger the build.
This build-validation pipeline reads the queue-time variables to identify which PR is being executed. You can add logic to this pipeline to use the Azure DevOps REST API to queue the pipelines in the other repos/projects. When queuing these pipelines, pass the details of the pull request meta-data as queue-time variables in the body of the message.
When the external pipeline runs, read the queue time parameters to record which PR initiated the build. Add some custom logic to include checking out the /refs/pull/<id>/merge branch for your submodules then Build + Test.
When the external pipeline completes, post the PR Status back to the originating PR.
Modify the branch policy to indicate the Build Status from the other pipelines as Required.
Not only is the build pipeline I save triggered, but all my others are triggered as well every time I edit the YAML of any of my pipelines. How might I make this not happen? It's inconvenient to have to manually stop all the running jobs that automatically are spawned by the saving of one of my many pipelines.
LATER ON: The "answer" below doesn't really answer the question. What I discovered is that the pipleline YAML is actually stored in the repository with the code it works on, so any change to a pipeline triggers all the pipelines triggered by changes to the repo. This is why ALL the pipelines then go into action. It's not what I want, but at least I understand it. I'm putting this here for anyone who stumbles across this via a search.
how do I disable triggering of a Azure DevOps build pipeline every time it is saved?
You can opt out of CI triggers entirely by specifying trigger: none.
Or you could set the specify trigger for each pipeline by filters, like: CI triggers, Batching CI runs, Paths:
Build Azure Repos Git or TFS Git repositories
Besides, you could also skipping CI for individual pushes by including [skip ci] in the message or description of any of the commits that are part of a push, and Azure Pipelines will skip running CI for this push. You can also use any of the following variations:
[skip ci] or [ci skip]
skip-checks: true or skip-checks:true
[skip azurepipelines] or [azurepipelines skip]
[skip azpipelines] or [azpipelines skip]
[skip azp] or [azp skip]
***NO_CI***
So ive been building a build pipeline, that is triggered whenever a pull request is done to master, so we have a branch policy such that the only change to the master branch is through pull requests.
I want the build pipeline to checkout the source branch of the PR and do some commits to the source branch as part of the build pipeline. I thought i could just use the Build.SourceBranchName variable but when the pipeline is triggered the SourceBranchName is master. So I could not use it.
Are there any easy ways of doing this?
I want the build pipeline to checkout the source branch of the PR
To checkout the source branch of the PR, you could use the predefined system variables about PR:
System.PullRequest.SourceBranch and System.PullRequest.TargetBranch
To get the branch that is being reviewed in a pull request, we should select the variable System.PullRequest.SourceBranch.
now the issue becomes that because of a new commit to the PR it runs
the pipeline again, this should not happen since i have [skip ci] in
the commit message.
As we know, the [skip ci] or [ci skip] is used to skip running CI, like the option
Enable continuous integration on UI:
However, our current scenario is branch policy for build validation instead of CI. This is very different from CI, although they seem to be doing the same build task. Branch policy is to protect our branches from being corrupted by incorrect submit. This is a verified operation instead of continuous integration.
Check the document Skipping CI for individual commits for some more details.
So, this is two different scenarios, we could not apply the CI settings to the branch policy.
Second, Branch policy is used to protect our branches, any commit requires validation by branch pliocy, although sometimes we can know that our modifications don't require build validation, but we're not sure if there are any where we overlook that cause our target branch to be broken. Skip unnecessary verification will bring us some construction convenience, but with the risk measurement it brings, these conveniences are negligible, so we don't recommend skipping the verification of the branch office strategy.
If skipping Build Validation is your insistence, you can try LJ’s suggestion.
We are utilizing Azure Devops (TFS) build pipeline for managing a Git Repository/branches/stages (Dev/test/prod) and one thing that came up is the concept of "cherry-picking" commits. However, the user would have to supposedly look at the commit hash code and pass it in as argument to deploy that specific commit should a use case scenario arise like that.
The project manager has asked if we can make some sort of GUI pop-up at a certain step of the build pipeline that displays the list of these commit hashes and allows a user to check the boxes for the ones they'd want to cherry-pick and deploy.
How can that be done? we are considering utilizing Java with TFS/Azure Devops API's, but not sure if we can pop-up something like that on the Azure Devops page mid-pipeline deployment.
Build pipeline is not user interactive while running. So you can not pop up a gui on a build pipeline.
If you want to check the commits and pass the commits to build pipeline to build. You can first go to the Commits under Repos and check for the commits of a branch.
Then when you queue your build pipeline. You can click the dropdown menu for Branch/tag, select Commits, and then enter the commit id you get from above step. The build pipeline will then build the commit you entered.
Is there a way I can set up a build in Azure DevOps to automatically run every time a PR is merged and completed and contains a specific keyword in the name? for example: "Some PR name here [RUN_BUILD_123]"
Edit:
The reason for this is because I have different builds on top of the same branch so instead of triggering all the builds I just want to trigger those that I know need to be rebuilt based on the particular projects getting changed.
A PR has a target-branch. If you want to trigger a build after a PR is completed just configure a build with a ci-trigger for that target-branch. You can't check for certain keywords in the PR-name unfortunately
Agree with D.J. For detailed setting, you can check the Enable continous intergration option in the Triggers settings, then select the target branch you want ci-trigger build in the Branch filters.This will automatically trigger the build after pr is completed.
But you can't do it if you want to include special keywords in pr name.
Topic is a bit old, but if there is anyone who want's to archive this stumbling over this topic - here is my approach how I would solve this:
The basic of all are scripted pipelines, so if you still do it in the GUI - that's wasted time. Create a .yml build and put it into your Git. The M$ documentation is really helpful with this.
Create the trigger for your branch
Put this on the first line, so the pipeline will be executed when master (or your branch) has a new commit
trigger:
branches:
include:
- master
Read out the commit message via the VSTS variables
Trigger the builds, based on their ID via REST API (you can use the pipeline token for authentication)