Azure DevOps
kind: azuredevops
Description
The Azure DevOps SCM plugin is used to manage git repositories hosted on Azure DevOps. Depending on the stage, it can be used for different purposes:
condition
When used in a condition, the SCM block fetches files or metadata from the specified Azure DevOps repository.
target
When used in a target, the SCM block pushes changes to that repository.
By default, the Azure DevOps SCM uses a working branch workflow: it creates a temporary branch, commits the changes, and opens a pull request targeting the branch defined in the configuration.
Parameters
| Name | Type | Description | Required |
|---|
Authentication
Updatecli supports Personal Access Token (PAT) authentication for interacting with Azure DevOps. You can authenticate using environment variables or directly in your manifest.
1. Personal Access Token via Environment Variables
Set the following environment variables to enable PAT authentication:
UPDATECLI_AZURE_DEVOPS_TOKEN: Your Azure DevOps Personal Access TokenUPDATECLI_AZURE_DEVOPS_USERNAME: Your Azure DevOps username
Example:
export UPDATECLI_AZURE_DEVOPS_TOKEN="your-pat-token"
export UPDATECLI_AZURE_DEVOPS_USERNAME="your-username"Note | When these variables are set, Updatecli will use them for all Azure DevOps operations. |
2. Personal Access Token via Manifest
You can specify your Personal Access Token directly in your Updatecli manifest under the spec.token and spec.username fields:
scms:
default:
kind: azuredevops
spec:
organization: myorg
project: myproject
repository: myrepo
token: "{{ requiredEnv `UPDATECLI_AZURE_DEVOPS_TOKEN` }}"
username: "{{ requiredEnv `UPDATECLI_AZURE_DEVOPS_USERNAME` }}"Warning | For security reasons, it is recommended to use environment variables or secret management tools (like SOPS) instead of hardcoding tokens in your manifest. |
Precedence and Fallback
Updatecli will use the first valid authentication method it finds, in the following order:
Personal Access Token via environment variables
Personal Access Token via manifest
If no valid authentication is found, Updatecli will fail with an error.
Further Reading
Tip: For best security and maintainability, prefer using environment variables for authentication, and avoid hardcoding secrets in your manifests.
CommitMessage
Updatecli uses conventional commits as describe on www.conventionnalcommits.org.
The goal is to add human and machine readable meaning to commit messages
By default, Updatecli generates a commit message using the default type "chore" and split long title message into the body like:
Author: olblak <updatecli@updatecli.io>
Date: Tue May 4 15:41:44 2021 +0200
chore: Update key "dependencies[0].version" from file "charts/jenkins/r...
... equirements.yaml"
Made with ❤️️ by updatecliExample
This pipeline automatically updates the Golang version in an Azure DevOps repository. Updatecli retrieves the latest matching Golang version and opens a pull request that updates the build workflow file accordingly. It creates the pull request on a temporary working branch, following the Azure DevOps workflow.
# updatecli.yaml
name: Update a file and open an Azure DevOps Pull Request
scms:
default:
kind: azuredevops
spec:
organization: myorg
project: myproject
repository: myrepo
branch: main
token: '{{ requiredEnv "UPDATECLI_AZURE_DEVOPS_TOKEN" }}'
username: '{{ requiredEnv "UPDATECLI_AZURE_DEVOPS_USERNAME" }}'
user: updatecli
email: updatecli@example.com
sources:
golang:
name: Get the latest Golang version
kind: golang
spec:
versionfilter:
kind: semver
pattern: "1.24.x"
targets:
golang-version:
name: 'deps(golang): Bump Golang version to {{ source "golang" }}'
kind: yaml
scmid: default
spec:
file: .github/workflows/*.yaml
key: '$.jobs.build.steps[?(@.uses =~ /^actions\/setup-go/)].with.go-version'
searchpattern: true
actions:
default:
kind: azuredevops/pullrequest
scmid: default
spec:
title: 'deps(golang): Bump Golang version'