Approvals and Checks at repository level in Azure DevOps
I am using 'Approvals and Checks' in Environments on a pipeline level, but it will be better if it can be on a repository level so that the owner/admin of a repository can define how and who can access it.
The problem though is it does not seem to work. It looks straight forward configuring it on a repository level (Project>Repositories>Policies>select any branch>Approvals and Checks>All approvers must approve), but the pipeline completes its run without asking for an approval. Any thoughts on this?
Also, I don't think it applies on a branch level, could be for the whole repository.
I was able to reproduce your problem by adding an Approval + Check condition on the repository and then queuing a pipeline that uses that repository. It does not appear that the checks can be applied to pipelines that reside within the repository.
Conceptually, it appears that this feature is intended when you are sharing a repository with others. To trigger the Approval + Checks, the pipeline must reside in a separate repository and the pipeline must consume the protected repository as a resource:
resources:
repositories:
- repository: external
type: git
name: second-repo
steps:
- checkout: external # triggers checks
Regarding branch-level checks, although the user-interface appears to support creating an Approvals + Check at the branch-level, it appears to be applied to all branches.
Incidentally, I also tried this using a pipeline that refers to templates in a shared repository. The checks were also not applied:
resources:
repositories:
- repository: external
type: git
name: second-repo
steps:
- template: shared-steps.yml@external # does not trigger checks
- Use current date in a variable in a yaml pipeline
- Azure DevOps - Create a work item from incoming email
- Get changed files list for one Pull Request
- Azure Template with a script can't find the script when the template is used in a different repo
- Approvals and Checks at repository level in Azure DevOps
- How to properly upgrade from PublishCodeCoverageResults@1 to PublishCodeCoverageResults@2?
- Azure Functions V4 not showing functions via Linux
- Unable to expand variable '...' . A cyclical reference was detected
- Unable to View / Access Repositories from Azure Data Factory
- How to run a bash script with arguments in azure devops pipeline?
- Azure YAML Pipelines: How to refer a project and repo in another project in Azure DevOps
- Pipeline is not triggered for the Pull Request on Azure DevOps Pipeline
- How to replace mermaid diagrams with images, keeping them in markdown format to provide easy preview in TFS/Azure DevOps Server?
- Separate pipeline for each branch
- AADSTS50011: The redirect URI specified in the request does not match the redirect URIs configured for the app
- How do I make Azure DevOps's Pipeline Cache store its result even if a step fail (like tests)?
- Unrecognized value: 'matrix' in Azure Devops Template
- dotnet\sdk\3.0.100\NuGet.targets(123,5): error : Ambiguous project name
- ADO - REST - Cannot find a way to get pipeline creator id
- How to Compare Variables in the Azure Library-Variable Group
- Is it possible to build multi-architecture docker images via pipeline
- Is there a way with Azure Devops Pipeline to trigger on pull request completion?
- How to manage multiple environments on Azure DevoOps for React JS application
- "Default" project-named Repo deletion by terraform in code
- Azure Devops Pipeline conditional expression
- How can I delete an Azure DevOps build definition that it claims is retained by a release?
- How to link test results to user story in Azure DevOps (VSTS)?
- YAML CI is flattening file structure
- How to add new secrets (from Azure Key Vault) to the variable group in Azure Devops
- Best practice for SPA rollback on Azure Static Webapp with Azure Devops Deployment?