https://github.com/ethomson/probot-azure-pipelines

A GitHub app for Azure Pipelines, powered by Probot
https://github.com/ethomson/probot-azure-pipelines

ci-cd probot vsts

Last synced: 3 months ago
JSON representation

A GitHub app for Azure Pipelines, powered by Probot

• Host: GitHub
• URL: https://github.com/ethomson/probot-azure-pipelines
• Owner: ethomson
• License: mit
• Created: 2018-09-02T08:10:14.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2019-01-04T22:00:38.000Z (about 6 years ago)
• Last Synced: 2024-09-27T08:02:26.291Z (3 months ago)
• Topics: ci-cd, probot, vsts
• Language: TypeScript
• Homepage:
• Size: 174 KB
• Stars: 7
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Probot for Azure Pipelines (probot-azure-pipelines)

[![Build Status](https://dev.azure.com/ethomson/probot-azure-pipelines/_apis/build/status/ethomson.probot-azure-pipelines)](https://dev.azure.com/ethomson/probot-azure-pipelines/_build/latest?definitionId=39)

A GitHub App for [Azure Pipelines](https://azure.microsoft.com/en-us/services/devops/pipelines/)

built with [Probot](https://github.com/probot/probot).

If you have GitHub repositories that store your code, and Azure Pipelines

build that perform continuous integration (CI) builds for validating pull

requests, then this app enables project contributors to requeue pull

requests builds just by typing `/rebuild` as a pull request comment.

![Example of GitHub pull request discussion](https://user-images.githubusercontent.com/1130014/45150803-9c5f5580-b1c4-11e8-8d71-36b86fae0342.png)

This is useful if you have occasionally flaky tests or infrastructure,

and it allows project contributors to requeue a build right from GitHub.

This lets you provide access to requeue a build without necessarily providing

people broader access to the build definition in Azure Pipelines.

Note that `/rebuild` is limited to project contributors on GitHub (people

listed in the contributors group, or who are part of a team for this

repository).

## Installation

Since this application will need access to queue builds on your behalf

in Azure Pipelines, you will need to set up your own instance of this

application.  There's no publicly available GitHub App instance that you

can just install.

### Create a GitHub App

You'll need to [Create a new GitHub App](https://github.com/settings/apps/new)

for your installation.  Most of the settings are straightforward, but there

are three important considerations:

* **Webhook URL**: This is the URL of your deployed application.  If

  you're deploying to Azure, for example, this will be

  `my-azure-pipelines-build-app.azurewebsites.net`.

* **Webhook secret**: Create a secret key of random data that will be used

  to authenticate to your application.

* **Private key**: Generate a new private key and save it to disk.

Make sure that this application is **private** since it will have access

to your Azure Pipelines account, and the ability to queue builds on your

behalf.

### Create an Azure DevOps Personal Access Token

A Personal Access Token (PAT) allows you to provide this app the ability

to queue builds on your behalf.  In the Azure DevOps portal, select your

settings in the upper right and select Security.

In the Personal Access Token section, click "Add" to create a new PAT.

Give it a description that is memorable, like "probot-azure-pipelines".

In "Authorized Scopes", change the option to selected scopes, then select

"Build (read and execute)".  Limiting the scope of an access token is

always good security posture.

Finally, save your new PAT in your password manager of choice.  You'll

need it again for deployment.

### Deploying to Azure using Azure Pipelines

It's easy to deploy this to an Azure app service running node.js on Linux.

(Make sure you're using node.js 8.9 or newer.)

1. Fork this repository on GitHub.

2. Set up a new Azure Pipelines build definition:

   1. **Location**: GitHub

   2. **Repository**: Select your fork of `probot-azure-pipelines`

   3. **Template**: Use the suggested Node.js-based build

   4. **Run**: Queue a build

3. Set up a new Azure Pipelines release definition:

   1. Create an **Azure App Service Deployment**

   2. Add an artifact: select the **build artifact** produced by your

      build pipeline

   3. Select your stage, and select the stage tasks.  You'll be prompted

      to enter your Azure subscription and app service name.  Change the

      App type to "Linux App" and select your app service name.

4. In the Azure portal, set up the configuration for your application.  In

   application settings, set:

   * **APP_ID**: the ID of your GitHub App

   * **WEBHOOK_SECRET**: the secret key for your GitHub App

   * **PRIVATE_KEY**: the private key file you downloaded when creating

     your GitHub App.

   

      Note that the private key is in PEM format, so it spans multiple lines.

      This environment variable needs to be on a **single line**.  Remove

      the line breaks and replace them with a backslash (`\`) followed by

      an `n`.  Probot will find a literal `\n` and replace it with newlines.

      You can achieve this with Perl:

      `perl -pe 's/\n/\\n/' < pemfile`

   * **AZURE_DEVOPS_URL**: the URL of the Azure DevOps account that contains

     the builds that are queued for your GitHub repository.

   * **AZURE_DEVOPS_PAT**: your Personal Access Token

### Deploy Manually

If you don't want to set up a Azure Pipelines build and release definition

into Azure, you can also build and run this application manually.

To download and build the latest release of this application:

```

git clone --branch latest https://github.com/ethomson/probot-azure-pipelines

cd probot-azure-pipelines

npm build

```

Refer to the [Probot Deployment

Guide](https://probot.github.io/docs/deployment/) for setting up your

deployment.  This is a standard Probot app, but does require two custom

environment variables:

* **AZURE_DEVOPS_URL**: the URL of the Azure DevOps account that

  contains the builds that are queued for your GitHub repository.

* **AZURE_DEVOPS_PAT**: your Personal Access Token

### Install for Your Repositories

In the GitHub settings page for your account (or the organization that you

created the GitHub App in), navigate to the GitHub App settings.  Then just

click install on the app.  Authorize it for all your repositories, or each

repository individually.

Now when you type `/rebuild` on a pull request, it should queue a rebuild.

## License

Copyright (c) Edward Thomson.  All rights reserved.  Available under the

MIT license.