I have been looking at using azure devops invoke in our organisation and you guys have a fantastic functionality!
I have one rather significant issue, however. Cancelled builds seem to show up as failed. This makes my pipeline red most of the time as we tend to let our pull request builds cancel mid-way through as we dont have them as a required pass to complete the PR.
.
Many thanks,
We suppose that you could check the two factors below.
1.If your are using yaml pipeline, you could define with below to disable pull request triggers
pr: none # Disable pull request triggers.
2.You could disable the build validation policy below.
Check project setting> repositories>repo policies>branch policies>build validation, if this policy is enabled, then the pipeline will be triggered when pull request is created.
Related
I am triggering a Pipeline from another Pipeline over REST API, which works fine but one thing is annoying me.
I could not find a way to display with queued Pipeline original Commit Message of the Triggering pipeline.
There is a build in variable '$(Build.SourceVersionMessage)' which contains the information I need but I could not find a way to pass this information to triggered workflow so it can be displayed.
Following fields existing the REST API, I though the correct field would be 'triggerInfo' but that didn't changed anything in displayed build message.
Any idea how can I transfer this information and display it?
I currently have a task that I intend to run only once when a PR is created. Any pipeline runs due to new commits should not trigger the task. I was wondering if there is a way to detect the runs triggered by changes to code in the PR? When I use the predefined variable $(Build.Reason) I get back PullRequest for both builds(One triggered when PR is created and other when updates are made to PR).
This is what I have in my pipeline and I have enabled build validation for my pipeline.
trigger:
- master
pr:
- master
I don't think there's a way to differentiate the "PR is created" and "PR is updated" build reasons based only on the predefined variables.
However, you can choose a different route depending on what this task you should only run once is. If it is something that can be wrapped into a service with a public endpoint, you can try leveraging the Webhooks.
So, if this is an option for you, try the following:
wrap the functionality required to run only on the PR creation into the service with the public endpoint
create a webhook, choose "Pull request created" event type and enter the public URL of your service
As a result, your build logic won't branch depending on the build reason, and that specific action will be run by the webhook.
I understand it all sounds like a hack and unnecessary complexity, but it's up to you to decide whether it fits your case. At least, this is possible technically.
I created a pull request in Azure DevOps but the build was not started, it says "Required Check broken, Unable to queue PR Validation"
Any idea, how this could be resolved. Previously the build used to start automatically but this time it did not.
You can set a policy requiring PR changes to build successfully before the PR can complete.
The pipeline and the pull request pipeline should be created from same repositories if not you will face an error "Unable to queue PR validation."
Please find the Build Validation document and the related SO for complete information.
I would like some automated checks were done after MR is approved, because for those checks pipeline has to access protected variables.
If these checks fail, MR should be rejected.
In other words the desired sequence should be this:
MR created -> build -> run tests -> MR approved (no malicious exposure of protected variables)-> merged to protected branch -> run checks -> rollback on failure.
Is this possible?
You can do this by using the Gitlab API and adding two new jobs at the end of the pipeline.
The when keyword is one of the many ways to control which jobs are executed in a pipeline. Two of the available when options will be useful here. The first job to put at the end of your pipeline will be for the success condition:
approve_merge_request:
stage: approve_merge_request
when: on_success
script:
- # this will call the Gitlab Merge Requests API and approve it. More on this below
This parameter to when is actually the default, so you could leave the when off of this step and it would still work. I added it here for clarity. What it means is that this job will only run if every other job in the pipeline passed. However, if a job fails but has the allow_failure: true attribute, it is still considered a pass and this job will run (there's currently no way to detect that some jobs were allowed to fail in a when condition). In addition, jobs with when: manual that haven't run are considered passed, even though it could later fail. when: manual means the job has to be started by an API call or UI interaction by a user.
The second job will handle our failure condition:
reject_merge_request:
stage: approve_merge_request
when: on_failure
script:
- # this will call the Gitlab Merge Requests API and reject it. More on this below
This parameter to when means that this job will only run if at least one job prior to this has failed, and doesn't have allow_failure: true.
The Merge Requests API can be used to approve, reject, comment on, and merge a Merge Request, among other options. The full documentation is available here: https://docs.gitlab.com/ee/api/merge_requests.html. Unfortunately, the API to use the "approvals" feature of merge requests is available only to paying customers, but you can still get a similar result without the approvals.
You can approve a Merge Request (note, this doesn't merge it, that's "accepting" the merge request. Also, this is a paid feature so is only available to Starter or Bronze customers and above) with the API operation here: https://docs.gitlab.com/ee/api/merge_request_approvals.html#approve-merge-request. After you approve the Merge Request, you probably want to accept it, which will merge the source branch into the target branch. That operation is outlined below.
You can get all of the required ids from the predefined variables Gitlab CI gives you. The project ID can be retrieved from the variable $CI_PROJECT_ID. The Merge Request IID is different from the Merge Request ID. The "ID" version is a unique ID across your entire Gitlab instance, and the "IID" version is specific to the project it's in. For this operation we need the IID. You can get that with the variable $CI_MERGE_REQUEST_IID. You should check that each variable exists before trying to use it as it will cause issues in your API call. It will exist for all pipelines associated with a Merge Request that is open.
There isn't equivalent functionality in Gitlab Merge Requests to "reject" other than commenting and closing, which I outline below.
If you're not a paid customer, or you want to accept and merge the request, you want to use the Accept Merge Request operation here: https://docs.gitlab.com/ee/api/merge_requests.html#accept-mr. This uses the same variables from above.
Finally, if you're not a paid user but still want to "reject" the merge request, you can use the Notes API to add a comment to the Merge Request. The operation to add a comment to a merge request is here: https://docs.gitlab.com/ee/api/merge_requests.html#accept-mr.
After commenting, if you want to close the merge request, you can do so with the Update MR operation and setting the state_event to close: https://docs.gitlab.com/ee/api/merge_requests.html#update-mr
I am trying to find a way to reject a pull request into my master branch if there are still bug work items open in my back log in azure devops. I know I can create pre-deployment gates in the release pipeline to prevent release but I want to stop the build pipeline under that condition. to be more specific im trying to make sure my pull request to start my build to be later be released doesn't contain a critical bug in the back log items
How can I create some sort of policy for a pull request to be rejected if there are x amount of bug items in the back log
AFAIK, there is no such out of box way to do this.
To receive this, you could create a Build validation on the master branch:
Branches->master->Branch policies->Build validation
Then, create a build pipeline with Agentless job:
and select Shared Queries, set the Upper threshold for the Query work items task:
Now, we just need to create a Shared Query to get the all the open bug work items:
Hope this helps.