Release and pipelines events available in the audit logs - Sprint 163 Update
In the Sprint 163 Update of Azure DevOps, we've added release and pipelines events to the audit logs. In addition, you can now use service connections to reference repositories in another organization in a YAML pipeline.
Check out the Features list below for more.
- Get compact and organized notifications in the Microsoft Teams app from Azure Boards, Azure Pipelines and Azure Repos
- Delete bulk subscriptions created in a Microsoft Teams or Slack channel
Installing .NET 4.6.2 or higher is required for VSTest task to work properly on build agents.
- Use pipeline decorators to inject steps automatically in a deployment job
- Allow repository references to other Azure Repos organizations
- Step targeting and command isolation
- Builds and releases auditing
- Enhancements to evaluate artifacts checks policy in pipelines
Get compact and organized notifications in the Microsoft Teams app from Azure Boards, Azure Pipelines, and Azure Repos
Previously, you had to manually keep track of notifications received in your Microsoft Teams channel. Often, notifications from different pipelines, work items or pull requests are posted in the channel simultaneously making it difficult to organize them and resulting in vertical growth of a channel.
We're excited to announce threaded notifications in the Microsoft Teams app for Azure Boards, Azure Pipelines and Azure Repos. Now, all notifications related to a pipeline, work item or pull request will be threaded together to better organize notifications and provide a compact view of timeline and latest status.
You won't need to make any changes to start using this feature.
Here all notifications related to a the pull request are threaded together in the Azure Repos app for Microsoft Teams.
Delete bulk subscriptions created in a Microsoft Teams or Slack channel
Currently, you can create bulk subscriptions in the Azure Pipelines and Azure Repos app for Microsoft Teams and Slack. Now, you can quickly delete all the subscriptions created for individual pipelines or repositories in a channel. You can use the unsubscribe all command to delete all subscriptions in a channel for a given project. For more details, see the documentation here.
To delete all the subscriptions in a channel for a given project in the Azure Pipelines app for Microsoft Teams use the following command.
@azure pipelines unsubscribe all https://dev.azure.com/myorg/myproject
Use pipeline decorators to inject steps automatically in a deployment job
You can now add pipeline decorators to deployment jobs. You can have any custom step (e.g. vulnerability scanner) auto-injected to every life cycle hook execution of every deployment job. Since pipeline decorators can be applied to all pipelines in an organization, this can be leveraged as part of enforcing safe deployment practices.
Allow repository references to other Azure Repos organizations
Previously, when you referenced repositories in a YAML pipeline, all Azure Repos repositories had to be in the same organization as the pipeline. Now, you can point to repositories in other organizations using a service connection. For example:
resources: repositories: - repository: otherrepo name: ProjectName/RepoName endpoint: MyServiceConnection steps: - checkout: self - checkout: otherrepo
MyServiceConnection points to another Azure DevOps organization and has credentials which can access the repository in another project. Both repos,
otherrepo, will end up checked out.
MyServiceConnection must be an Azure Repos / Team Foundation Server service connection, see the picture below.
Step targeting and command isolation
Azure Pipelines supports running jobs either in containers or on the agent host. Previously, an entire job was set to one of those two targets. Now, individual steps (tasks or scripts) can run on the target you choose. Steps may also target other containers, so a pipeline could run each step in a specialized, purpose-built container.
This feature is in public preview. If you have any feedback or questions about this feature, let us know in the Developer Community.
Containers can act as isolation boundaries, preventing code from making unexpected changes on the host machine. The way steps communicate with and access services from the agent is not affected by isolating steps in a container. Therefore, we're also introducing a command restriction mode which you can use with step targets. Turning this on will restrict the services a step can request from the agent. It will no longer be able to attach logs, upload artifacts, and certain other operations.
Here's a comprehensive example, showing running steps on the host in a job container, and in another container:
resources: containers: - container: python image: python:3.8 - container: node image: node:13.2 jobs: - job: example container: python steps: - script: echo Running in the job container - script: echo Running on the host target: host - script: echo Running in another container, in restricted commands mode target: container: node commands: restricted
Builds and releases auditing
We're happy to let you know that Release and Pipeline events are now available in the audit logs. These events can be accessed from Organization Settings -> Auditing.
The following events are available now:
- Agent pool - create, delete, adding an agent (private agents) and removing and agent
- Service Connection - execution, create, delete, and update
- Variable Group - create, delete and update
- Release - deleted, approval completed and definition update
- RM stage completed
- Deployment job completed
Enhancements to evaluate artifacts checks policy in pipelines
We've enhanced the evaluate artifact check to make it easier to add policies from a list of out of the box policy definitions. The policy definition will be generated automatically and added to the check configuration which can be updated if needed.
These features will roll out over the next two to three weeks.
Head over to Azure DevOps and take a look.
How to provide feedback
We would love to hear what you think about these features. Use the help menu to report a problem or provide a suggestion.
You can also get advice and your questions answered by the community on Stack Overflow.