Azure DevOps (VSTS) security and policies (part 3)

Published: Feb 28, 2019 by Isaac Johnson

We have now created a PR but there are some features we can explore that make it even more automated.

Auto-complete is a great feature that lets me, as the author, say “when all conditions are met, then just complete (merge) and be done”.  This lets me automate the post-approval activities and is fantastic when you have teams spread over the globe in different time zones.

The Auto-Complete window

We now see when my review user completes the review, it will get auto-merged.

The auto-complete pane is shown to all users

Approve versus Complete:

For those not as familiar with AzDO, this creates some confusion.  “Approve” is the verb that indicates I have reviewed the changes and approve their eventual merging into the destination (repo/branch).  However, nothing, by default, will happen when i approve (auto-complete not withstanding).  Which means when all conditions are met as set by the branch policy, someone will need to actually “Complete” the PR which:

  1. Merges the code
  2. Moves the PR status to Completed.

If the branch policies allow for it, after completing, someone will also need to delete the source branch.

Auto-Complete (example):

I, as an approver, log in and choose to Approve the change:

Click Approve to approve the PR

Almost immediately the branch has merged and the state has changed:

The green confirmation that the PR was completed

Because we set autocomplete with delete branch, the branch was deleted as well

Why we delete branches:

  1. The full history (unless you choose squash) is brought into the destination branch, so nothing is lost
  2. The PR as a completed item remains showing details about the approval process
  3. We can un-delete a branch: Search for the exact name and choose to search deleted branches.  Then choose the elipse menu to restore
Restoring a Deleted Branch

Problems with leaving branches that have already merged

  1. creates the opportunity for unmerged changes to propagate - that is, it is easy to keep pushing changes after the branch was merged - wheras if you delete, you’ll be notified that the branch doesn’t exist anymore
  2. Creates a messy list of active branches that becomes hard to navigate and later requires validation that all were handled.
tutorial vsts

Isaac Johnson

Isaac Johnson

Cloud Solutions Architect

Isaac is a CSA and DevOps engineer who focuses on cloud migrations and devops processes. He also is a dad to three wonderful daughters (hence the references to Princess King sprinkled throughout the blog).

Theme built by C.S. Rhymes