Azure DevOps
Azure Project Level Permissions
The user who performs the actions below to connect to Azure DevOps must have project administrator permissions in Azure.
Integrating with a VCS provider unlocks the ability to use GitOps workflows, import modules, enable Open Policy Agent, and much more.
Azure requirements
To enable the integration, there are a few key requirements before going through the authentication flow:
- Ensure the "Third-party application access via OAuth" setting is enabled in the organization policies by going to:
- Organization settings
- Click on policies.
- The account that is used to create the integration, must have project administrator permissions for the project you are integrating with.
Setting up the Integration:
- Go to "Integrations" at the account scope and select Azure DevOps.
- Enter the provider name, copy the callback URL, and click the “register a new OAuth application” link.
Only two scopes are required for Scalr, Code (read) and Code (status):
Click Create and then copy the Application ID and Client Secret:
Go back to Scalr, enter the Id and secret. Upon clicking “create” a redirection back to Azure DevOps occurs to complete the authorization.
Pull Request Comments
If enabled, Scalr will send results back as pull request comments to Azure DevOps after a dry run has been executed based on a PR being opened and after the apply finished. To enable comments, go to the Azure integration and enable the pull request comments checkbox:
If you have an existing integration with Azure DevOps, you will need to reauthenticate the integration.
Once this is enabled, you will start seeing the comments posted to pull requests for all new pull requests:
Scalr will also update the comments with the apply results after the run has finished. There is a separate checkbox, "Send the apply summary back to PR comments", that must be enabled for this to work.
Updated about 2 months ago