I am trying to setup a branch policy where the build validation before completing the pull request must ensure that build and release pipelines are successful. I can fail the CI pipeline but I want to fail the CI pipeline if the deployment fails. How do I do this?
I am having a separate Release pipeline outside of the CI pipelines .yaml.
Thanks
You can set build validation for target branch. It will force your chosen build pipeline to run with files provided by pull request.
https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops
For release pipeline, add Pull Request trigger and set target branch. It will use artifacts from your build pipeline.
If anything fails pull request will be stopped.
Additional note(not fully connected with your question). In Azure DevOps REST API there is endpoint that allow you to change pull request status for example to status "Abandoned" in special situations when you do not want to fail pipeline but want to stop pull request.
I can fail the CI pipeline but I want to fail the CI pipeline if the deployment fails.
Not sure how you used to fail the CI, but I have a method that could help you achieve do that once the deployment fail.
I wrote a simple extension, which it will add a post job into release pipeline. See my github repos merlinLia/PostJob-extension.
{
"id": "release-octane-pipeline-end-decorator",
"type": "ms.azure-pipelines.pipeline-decorator",
"targets": [
"ms.azure-release-pipelines-agent-job.post-job-tasks"
],
"properties": {
"template": "release-decorator.yml"
}
}
This will add additional customized post job release-decorator.yml in release pipeline, and it can only be ran after all of your defined tasks finished.
In your scenario, you can apply with this pipeline decorator. And add the condition into release-decorator.yml, for example, this customized post job can only be ran after your previous task failed.
And, in this customized post job definition, you could apply with your idea that make CI failed, including powershell script.
My extension just used for myself, so I did not public it in marketplace. You can refer to my code and create yourself one.
Update for the summary of my idea.
Since you just want a strict pull request policy that if the deployment failed, the pull request should not be allowed to completed.
Based on my suggestion, you can run one task after all deploy tasks finished. And in this task, it get the previous deploy tasks status firstly. When it get the order that previous task is failed, it will run one scripts to change the pull request status, like Abandoned.
Combine with my original idea, you could create a extension that it will inject one post-job into pipeline automatically. This job will do the work (modify pull request) automatically by setting condition into script, and this condition can be customized by yourself, including only some of projects can apply this post-job into pipeline.
The api of modify the PR is(it can be applied in pipeline of all projects since I get the parameters by using pre-defined variables):
PATCH
$($env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)$env:SYSTEM_TEAMPROJECTID/_apis/git/repositories/$($env:BUILD_REPOSITORY_ID)/pullrequests/$($env:BUILD_PULLREQUEST_ID)?api-version=5.1
Request body(Abandon):
{"status":2}
