Fresh/Brewed

Azure DevOps (VSTS) security and policies (part 3)

Published: Feb 28, 2019 by Isaac Johnson

We have now created a PR but there are some features we can explore that make it even more automated.

Auto-complete is a great feature that lets me, as the author, say “when all conditions are met, then just complete (merge) and be done”.  This lets me automate the post-approval activities and is fantastic when you have teams spread over the globe in different time zones.

The Auto-Complete window

We now see when my review user completes the review, it will get auto-merged.

The auto-complete pane is shown to all users

Approve versus Complete:

For those not as familiar with AzDO, this creates some confusion.  “Approve” is the verb that indicates I have reviewed the changes and approve their eventual merging into the destination (repo/branch).  However, nothing, by default, will happen when i approve (auto-complete not withstanding).  Which means when all conditions are met as set by the branch policy, someone will need to actually “Complete” the PR which:

  1. Merges the code
  2. Moves the PR status to Completed.

If the branch policies allow for it, after completing, someone will also need to delete the source branch.

Auto-Complete (example):

I, as an approver, log in and choose to Approve the change:

Click Approve to approve the PR

Almost immediately the branch has merged and the state has changed:

The green confirmation that the PR was completed

Because we set autocomplete with delete branch, the branch was deleted as well

Why we delete branches:

  1. The full history (unless you choose squash) is brought into the destination branch, so nothing is lost
  2. The PR as a completed item remains showing details about the approval process
  3. We can un-delete a branch: Search for the exact name and choose to search deleted branches.  Then choose the elipse menu to restore
Restoring a Deleted Branch

Problems with leaving branches that have already merged

  1. creates the opportunity for unmerged changes to propagate - that is, it is easy to keep pushing changes after the branch was merged - wheras if you delete, you’ll be notified that the branch doesn’t exist anymore
  2. Creates a messy list of active branches that becomes hard to navigate and later requires validation that all were handled.
tutorial vsts

Have something to add? Feedback? Try our new forums

Isaac Johnson

Isaac Johnson

Cloud Solutions Architect

Isaac is a CSA and DevOps engineer who focuses on cloud migrations and devops processes. He also is a dad to three wonderful daughters (hence the references to Princess King sprinkled throughout the blog).

Theme built by C.S. Rhymes