We have a hosted GitHub Enterprise (GHE) account which needs to integrate with Azure Pipelines. I have installed the Azure Pipelines app from the GitHub Marketplace for our GHE account. The installation of the Azure Pipelines app asks to select an Azure DevOps project and GHE repo to setup the integration. This results in one pipeline being connected to a GHE repo.
But my question is, how to we setup other pipelines within Azure DevOps to use repos in GHE?
Nowhere in the Azure Pipelines interface can I find an option to select a GHE repo. Only public GitHub and GitHub Enterprise (on-prem) server repos. It seems that only the Azure Pipelines app setup wizard allows you to configure a pipeline with a GHE.
I can't imagine that we would have to initiate the setup wizard of the Azure Pipelines app every time we want to connect a pipeline to a GHE repo. That wouldn't even be possible, because most coworkers won't have the permissions to do that. What am I missing?
Remark: I realize that we could create a service connection in Azure DevOps using on a Personal Access Token or username+password. But that's tied to someone's personal account. If that person would leave, the connection is broken. Unless you create a service/dummy account, which doesn't seem very elegant.
If you use GitHub Enterprise, then you can integrate with Azure AD. Then based on group membership you can assign access to repositories with the help of Github Teams.
Then based on those permissions the repos to which somebody has access will be visible during the setup of the Azure DevOps pipeline.
Some useful resources:
https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/github-tutorial
https://github.blog/2019-09-24-azure-active-directory-team-synchronization-now-available-with-enterprise-cloud/
https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/about-teams
https://enterprise.github.com/support
I found out the cause of the issue.
First of all, when you install the Azure Pipelines app from the GitHub marketplace, you first need to make sure that you select your GitHub organisation and not your personal account.
Secondly, during the installation you are taken to Azure DevOps to setup your project. Two different authorization pages will be shown; "Azure Pipelines by Microsoft would like to [...]" and the page for OAuth authorization. As can be seen in below image, there is a small grant button that's easily overlooked. You need to press that button before you press the large green that says "Authorize AzurePipelines"
I am now able to select my GitHub Enterprise repositories when I create a new pipeline in Azure DevOps. I simply choose GitHub as the source where my repository lives.
Related
My wish is to have the contributions I make to a repo in Azure DevOps show up on my GitHub profile.
Is there a way to link this up properly?
The email I use for credentials when authenticating towards Azure DevOps is different than my GitHub connected email.
I have tried to use the same credentials for both but to no avail. Maybe I'm missing something.
Hopefully, someone out there has got this working.
Thanks a bunch in advance!
Firstly, you should understand that GitHub and Azure DevOps are independent systems. Azure DevOps has provided some functions e.g REST API,UI function to get repository from GitHub. But It’s a one-way data transfer from GitHub to Azure DevOps.
There is no supported REST API or UI functions that can sync repo changes from to Azure DevOps to your GitHub according DevOps documents at present.
I am afraid that your GitHub contributions graph can’t get credited when you push a change to the Azure DevOps repo.
My organization recently changed from using personal GitHub accounts to using GitHub Enterprise Managed Users. Since that change our pipeline continuous integration (in Azure Devops) has stopped working. We can still run the builds manually without issue, but it isn't even attempting to start the builds automatically. I've created new personal access tokens for the pipelines, but that hasn't fixed the continuous integration. Does anyone have any suggestions on what I should look at to get this working again?
Instead of relying on user-authenticates service connections between GitHub and Azure Pipelines, I recommend switching over go the Github App for Azure Pipelines to control what repositories Azure Pipelines can access:
https://github.com/apps/azure-pipelines
That will drastically simplify access maintenance between GitHub and Azure Pipelines and will break the reliance on personal or enterprise managed accounts.
I wound up fixing this by going to the repository in Git Hub, go to settings on the repository, and then to Web Hooks. In there, the hook that Azure Pipelines uses had an error on it because when our tech group migrated the repo they did not bring the secret over. To fix it I just had to delete the web hook, go to the pipeline and a button appeared to restore the connection.
I created a classic CI azure pipeline for a .net application present in GitHub repo and enabled continuous integration in triggers and also added 2 branches in branch filters. But when my team members made some changes and make commits, my pipeline is not triggering and build is not created. I can't understand what might be the problem as I'm new to azure pipelines
Here is some troubleshooting advices, and you can click this document for more detailed information:
Are you using the GitHub app connection to connect the pipeline to GitHub? If you are using a GitHub app connection, follow these steps:
Is the mapping set up properly between GitHub and Azure DevOps? Open a
pull request in your GitHub repository, and make the comment /azp
where. This reports back the Azure DevOps organization that the
repository is mapped to.
If no organizations are set up to build this repository using the app,
go to
https://github.com/<org_name>/<repo_name>/settings/installations and
complete the configuration of the app.
If a different Azure DevOps organization is reported, then someone has
already established a pipeline for this repo in a different
organization. We currently have the limitation that we can only map a
GitHub repo to a single DevOps org. Only the pipelines in the first
Azure DevOps org can be automatically triggered. To change the
mapping, uninstall the app from the GitHub organization, and
re-install it. As you re-install it, make sure to select the correct
organization when you are redirected to Azure DevOps.
Are you using OAuth or PAT to connect the pipeline to GitHub? If you are using a GitHub connection, follow these steps:
OAuth and PAT connections rely on webhooks to communicate updates to
Azure Pipelines. In GitHub, navigate to the settings for your
repository, then to Webhooks. Verify that the webhooks exist. Usually
you should see three webhooks - push, pull_request, and issue_comment.
If you don't, then you must re-create the service connection and
update the pipeline to use the new service connection.
Select each of the webhooks in GitHub and verify that the payload that
corresponds to the user's commit exists and was sent successfully to
Azure DevOps. You may see an error here if the event could not be
communicated to Azure DevOps.
Is your pipeline paused or disabled? Open the editor for the pipeline, and then select Settings to check. If your pipeline is
paused or disabled, then triggers do not work.
Have you used variables in defining the trigger or the paths? That is not supported.
Have you excluded the branches or paths to which you pushed your changes? Test by pushing a change to an included path in an included
branch. Note that paths in triggers are case-sensitive. Make sure that
you use the same case as those of real folders when specifying the
paths in triggers.
Updates:
You don't need to change webhooks in github, what you need to do is that go to github Settings -> Webhooks, check whether there are "Recent Deliveries". If there are errors in recent deliveries, the cause of the question is indicated.
If Azure DevOps and GitHub are properly connected, GitHub will automatically generate Webhooks. As shown below:
The content of "Payload URL" is:
https://dev.azure.com/{organization}/_apis/public/hooks/externalEvents?publisherId=github&channelId={channelId}&api-version=6.1-preview
Please note that a GitHub repository can only connect to one Azure DevOps organization. If you have connected to more than one organizations, keep the only one you are using currently.
In DevOps click Pipelines on the left-hand side navigation
Select your pipeline.
Click Edit
Then in the new window pane (top left), you'll see a tab for triggers.
This is where you can configure the continuous integration settings to trigger builds on push / pull requests etc.
Here's an example
Continues integration is enabled for the development branch, thus any push to that branch will trigger a build.
At the company, we will change the URL for the Azure Devops workspace from https://oldname.visualstudio.com to https://dev.azure.com/newname. We have a lot of connections to Slack in Azure DevOps using two approaches. Older links via service hooks in Azure Devops, new links are via slack applications Azure Repos and Azure Pipelines.
Service hooks in Azure DevOps use Slack's Incoming webhooks, so they will not be affected. However, Microsoft prefers to use its Slack Azure Repos and Azure Pipelines extensions, and the way they work is not clear. E.g. Azure Repos is set up in Slack via /azrepos subscribe [https://oldname.visualstudio.com/projecturl] and this step automatically set the address to azdevchatops.azure.com in Azure Devops Service hooks settings.
So it looks like you need to reconfigure all subscriptions in Azure Repos and Azure Pipelines after changing the Azure DevOps URL. But that is a presumption. It is not mentioned in the documentation and that is why I ask. We have enough connections and that means a lot of manual work to configure everything in Slack via /azrepos subscriptions and /azpipelines subscriptions again.
Does anyone have the experience that when using Azure Repos and Azure Pipelines as Slack Apps, everything has to be reconfigured in Slack as soon as the Azure DevOps workspace address changes?
Notification integration is seamless. Notifications work when you change the name (and URL) of Azure DevOps organisation.
I tested just now and everything is ok.
Note: there are another problem. After Azure Devops organisation URL change you need to reinstall/register build agents again to the new URL. If you use hosted Azure Pipelines in cloud, you need in Project Settings > Agent Pools > Azure Pipelines > Agents disable Hosted Agent and enabled again here. Otherwise, CI / CD pipelines do not work.
In the company, we will change the slack workspace URL from https://oldname.slack.com to https://newname.slack.com. We have a lot of connections from Azure DevOps online service to Slack using two approaches. Older links via service hooks in Azure Devops, new links are via slack applications Azure Repos and Azure Pipelines.
Thanks to Slack support, I know that Slack hooks are not affected if they were created after 2015. Which is the way Azure Devops uses for Service Hooks to Slack.
But I don't know if the Azure Repos and Azure Pipelines configurations will not be affected. E.g. Azure Repos is set up in Slack via /azrepos subscribe [dev.azure.com/projecturl] and this step automatically set the address to azdevchatops.azure.com in Azure Devops Service hooks settings. If Azure Repos is working somewhere with a Slack workspace URL, so I need to set up Azure Repos and Azure Pipelines in Slack again after changing the slack workspace url, that's what I don't know and what I'm asking.
We do not need to reconfigure notification in the slack workspace.
As test result, I create notifications via /azpipelines subscribe [dev.azure.com/projecturl] to check the pipeline status, I can successfully receive the notification in the slack.
Then I changed the workspace name and workspace URL to the new ones, and re-run the pipeline. I can still receive notifications, you could check the pic below.