Masahigo / ado-dependabot-example

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Setting up "dependabot" to Azure Repos

This is an example on how to enable WhiteSource Renovate bot in a single Git repository hosted in Azure Repos. The renovate.json should be placed in the root of your repo and can be configured further by following the documentation.


Create the pipeline in Azure DevOps

# Login using your AAD account
az login

# Install Azure DevOps CLI
az extension add --name azure-devops

# Login to Azure DevOps using the extension - providing the PAT token created previously
az devops login

# Prepare your environment
AZURE_DEVOPS_ACCOUNT='<your ado org>/'
AZURE_DEVOPS_PROJECT='<your projects name in ado>'
GIT_REPO='<your azure repo name>'
GIT_BRANCH='<your default branch>'

az devops configure --defaults organization=<your ado org> project=<your projects name in ado>

# Create variable group for dependabot
az pipelines variable-group create --name dependabot --description "Pipeline variables for dependabot." --authorize true --variables LOG_LEVEL=debug ADO_REPO_NAME=$GIT_REPO

# Generate the Personal Access Token for following the instructions from here:
# Save it as secret variable 'GITHUB_COM_TOKEN'
GROUP_ID=$(az pipelines variable-group list --query "[?name=='dependabot']".id -o tsv)
az pipelines variable-group variable create --group-id $GROUP_ID --name GITHUB_COM_TOKEN --secret true

# Create subfolder for pipelines
az pipelines folder create --path "$FOLDER_PATH"

# Create pipeline for dependabot (WhiteSource Renovate)
# Before creating the pipeline, make sure to complete the following, manual step first from ADO UI
# 1) Project Settings: Code > Repositories
# 2) Select the git repo 
# 3) Users > Project Collection Build Service (Qurate)
# 4) Enable the following permissions: Contribute to pull requests, Create branch, Force push
PIPELINE_DESCRIPTION_DEPENDABOT='Pipeline for automated dependency updates (WhiteSource Renovate).'
az pipelines create --name "$PIPELINE_NAME_DEPENDABOT" \
  --repository "$GIT_REPO" \
  --repository-type tfsgit \
  --branch "$GIT_BRANCH" \
  --folder-path "$FOLDER_PATH"
