Use gates and approvals to control your deployment
Azure Pipelines | Azure DevOps Server 2020 | Azure DevOps Server 2019 | TFS 2018
In Microsoft Team Foundation Server (TFS) 2018 and previous versions, build and release pipelines are called definitions, runs are called builds, service connections are called service endpoints, stages are called environments, and jobs are called phases.
By using a combination of manual deployment approvals, gates, and manual intervention in your release pipeline, you can quickly and easily configure your deployment to meet all the specific pre-deployment requirements for your DevOps CI/CD workflow.
In this tutorial, you will learn about:
- Pre-deployment gates
- Manual intervention
- Manual validation
- Deployment logs
Complete the Define your multi-stage continuous deployment (CD) pipeline tutorial.
A work item query. You can create a new query here: Create managed queries with the query editor if you don't already have one.
Set up gates
You can use gates to ensure that the release pipeline meets specific criteria before deployment without requiring user intervention.
Select Releases, and then select your release pipeline and then Edit to open the pipeline editor.
Select the pre-deployment icon for your stage to open the pre-deployment conditions panel, and then select the toggle button to Enable gates.
Enter the delay time before the added gates are evaluated. This time is to allow gate functions to initialize and stabilize before returning results.
Select Add, and then choose the Query Work Items task.
Select an existing work item query or create your own. Depending on how many work items you expect the query to return, set your maximum and minimum thresholds.
Select the Evaluation options section, and then specify the timeout and the sampling interval. The minimum values you can specify are 6-minutes timeout and 5-minutes sampling interval.
Select Save when you are done.
Set up manual intervention
Depending on the scenario, sometimes you may need to add manual intervention to your release pipeline. You can do this by adding the Manual Intervention task to your pipeline.
Select your release pipeline, and then select Tasks and choose your stage.
Select the ellipses (...) from your stage definition, and then select Add agentless job.
The Manual Intervention task can only be used in an agentless job.
Drag and drop the agentless job to the start of the deployment process. Select the + sign, and then select Add the Manual Intervention task.
Configure the task by entering the Instructions to be displayed when it the task is triggered.
You can specify a list of users to be notified when the deployment is pending manual approval. You can also specify a timeout and the action (approve or reject) that occur if no intervention within the timeout period. See the Manual Intervention task for more details.
Select Save when you are done.
Set up manual validation
You can use the manual validation task in your YAML to pause the pipeline run and wait for manual approval. Manual validation is especially useful in scenarios where you want to pause a pipeline and validate configuration settings or build packages before starting a computation-intensive job.
waitForValidation job pauses the run and triggers a prompt within the Pipeline UI to review and validate the task. The email addresses listed in
notifyUsers receive a notification to approve or deny the pipeline run.
pool: vmImage: ubuntu-latest jobs: - job: waitForValidation displayName: Wait for external validation pool: server timeoutInMinutes: 4320 # job times out in 3 days steps: - task: ManualValidation@0 timeoutInMinutes: 1440 # task times out in 1 day inputs: notifyUsers: | firstname.lastname@example.org instructions: 'Please validate the build configuration and resume' onTimeout: 'resume'
View deployment logs
Deployment logs can be very useful when debugging deployment issues. You can also use the logs to audit the run and verify approvals and how they were granted and by whom.
Select Releases, and then select your release pipeline.
This view will show you a live status of each stage in your pipeline. The QA stage in this example is pending intervention. Select Resume.
Enter your comment, and then select Resume
Return to your release pipeline. The QA stage deployment succeeded and the pre-deployment approvals are triggered for the Production stage.
Select Approve and enter your comment and then select Approve to continue deployment.
Return to your release pipeline. The live status indicates that the gates are being processed for the Production stage before the release continues.
Return to your release pipeline, and hover over the stage you want to audit and then select Logs to view the logs.