Reputation: 1
Enforce Azure DevOps Pipeline Approval Requirement at the Project Level
In Azure DevOps, is it possible to enforce a pipeline approval requirement at the project level? The purpose of this would be to ensure that all current and created pipelines within the project automatically have the approval requirement enforced.
Enforcing this at the project level would allow us to more efficiently meet compliance requirements for pipeline approvals on in-scope pipelines for projects with many pipelines running.
Alternatively, if we cannot enforce the pipeline approval requirement globally for the project, could we run a report to view the approval requirements for all pipelines within a project? Ultimately, we would like to avoid having to open every pipeline and view the approval requirements to validate that the rule is enforced during control operation.
Upvotes: 0
Views: 134
Answers (1)
Reputation: 96
The following solution currently works only with YAML pipelines:
You can do it by using Azure DevOps Environments as target for each deployment stage that require approval. So you will have stages for example DEV, SIT, UAT and PROD.
Using environment approvals abstracts the approval definition from Pipelines to Environments. Each YAML pipeline that is targeting environment for deployment has to evaluate all approvals and checks before the deployment. Therefore all existing and future pipelines that will utilize these environments will have to go through same approvals that are centrally managed through environment definition.
Environments have their own sets of permissions providing additional flexibility.
More about Azure DevOps Environment with VMs can be found here: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments-virtual-machines?view=azure-devops
More about environment approvals can be found here: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass
Here you can find differences between deployment groups ans environments, they are more like replacement for deployment group: https://developercommunity.visualstudio.com/t/deployment-groups-vs-environments/901600
Upvotes: 0
Related Questions
- Python: how to know which database I am connecting to?
- How put db connection in seperate file and use in another file in python
- Python : How to switch from one database to another depending upon filedate in the query through 'pyodbc.connect' or something?
- Reusing database connection for multiple requests
- Connection Management Working with Database in Python
- Design a connection to multiple databases in Python
- How to properly handle database connections?
- Database connection wrapper
- Python database connection
- python and DB connection abstraction?