Run Git commands in a script

Azure Pipelines | Azure DevOps Server 2019 | TFS 2018 | TFS 2017 | TFS 2015


In Microsoft Team Foundation Server (TFS) 2018 and previous versions, build and release pipelines are called definitions, runs are called builds, service connections are called service endpoints, stages are called environments, and jobs are called phases.

For some workflows you need your build pipeline to run Git commands. For example, after a CI build on a feature branch is done, the team might want to merge the branch to master.

Git is available on Microsoft-hosted agents and on on-premises agents.

Enable scripts to run Git commands


Before you begin, be sure your account's default identity is set with:

git config --global ""
git config --global "Your Name"

Grant version control permissions to the build service

Go to the Version Control control panel tab ▼

  • Azure Repos:{your-organization}/{your-project}/_admin/_versioncontrol
  • On-premises: https://{your-server}:8080/tfs/DefaultCollection/{your-project}/_admin/_versioncontrol

manage project

If you see this page, select the repo, and then click the link:

control panel top to project

control panel project version control tab

On the Version Control tab, select the repository in which you want to run Git commands, and then select Project Collection Build Service. By default, this identity can read from the repo but cannot push any changes back to it.


Grant permissions needed for the Git commands you want to run. Typically you'll want to grant:

  • Create branch: Allow
  • Contribute: Allow
  • Read: Allow
  • Create tag: Allow

When you're done granting the permissions, make sure to click Save changes.

Enable your pipeline to run command-line Git

On the variables tab set this variable:

Name Value
system.prefergit true

Allow scripts to access the system token

Add a checkout section with persistCredentials set to true.

- checkout: self
  persistCredentials: true

Learn more about checkout.

On the options tab select Allow scripts to access OAuth token.

Make sure to clean up the local repo

Certain kinds of changes to the local repository are not automatically cleaned up by the build pipeline. So make sure to:

  • Delete local branches you create.
  • Undo git config changes.

If you run into problems using an on-premises agent, make sure the repo is clean:

Make sure checkout has clean set to true.

- checkout: self
  clean: true


List the files in your repo

Make sure to follow the above steps to enable Git.

On the build tab add this task:

Task Arguments

Utility: Command Line
List the files in the Git repo.
Tool: git

Arguments: ls-files

Merge a feature branch to master

You want a CI build to merge to master if the build succeeds.

Make sure to follow the above steps to enable Git.

On the Triggers tab select Continuous integration (CI) and include the branches you want to build.

Create merge.bat at the root of your repo:

@echo off
IF %BUILD_SOURCEBRANCH% == refs/heads/master (
   ECHO Building master branch so no merge is needed.
SET sourceBranch=origin/%BUILD_SOURCEBRANCH:refs/heads/=%
git checkout master
git status
git merge %sourceBranch% -m "Merge to master"
git status
git push origin
git status

On the build tab add this as the last task:

Task Arguments

Utility: Batch Script
Run merge.bat.
Path: merge.bat


Can I run Git commands if my remote repo is in GitHub or another Git service such as Bitbucket Cloud?


Which tasks can I use to run Git commands?

Batch Script

Command Line


Shell Script

How do I avoid triggering a CI build when the script pushes?

Add ***NO_CI*** to your commit message. Here are examples:

  • git commit -m "This is a commit message ***NO_CI***"
  • git merge origin/features/hello-world -m "Merge to master ***NO_CI***"

Add [skip ci] to your commit message or description. Here are examples:

  • git commit -m "This is a commit message [skip ci]"
  • git merge origin/features/hello-world -m "Merge to master [skip ci]"

You can also use any of the variations below. This is supported for commits to Azure Repos Git, Bitbucket Cloud, GitHub, and GitHub Enterprise Server.

  • [skip ci] or [ci skip]
  • skip-checks: true or skip-checks:true
  • [skip azurepipelines] or [azurepipelines skip]
  • [skip azpipelines] or [azpipelines skip]
  • [skip azp] or [azp skip]
  • ***NO_CI***

How does enabling scripts to run Git commands affect how the build pipeline gets build sources?

When you set system.prefergit to true, the build pipeline uses command-line Git instead of LibGit2Sharp to clone or fetch the source files.

Do I need an agent?

You need at least one agent to run your build or release.

I'm having problems. How can I troubleshoot them?

See Troubleshoot Build and Release.

I can't select a default agent pool and I can't queue my build or release. How do I fix this?

See Agent pools.

I use TFS on-premises and I don't see some of these features. Why not?

Some of these features are available only on Azure Pipelines and not yet available on-premises. Some features are available on-premises if you have upgraded to the latest version of TFS.