Add Human Intervention into an Azure Pipeline

Add Human Intervention into an Azure Pipeline

Introduction

In this blog post, I create an Azure Pipeline to monitor a GIT branch for changes and then build the code into a container, but what if you want to have a human confirm everything is correct before that item is pushed into the container registry?

To add a manual confirmation step before pushing the container to the registry in your Azure DevOps YAML pipeline, you can use the manual approval feature provided by environments in Azure DevOps.

An environment in Azure DevOps can represent a collection of resources like deployment targets, and it can have various checks including manual approvals.

Changes in Azure DevOps

Here’s how you can modify the YAML file to include a manual confirmation step:

  1. Define an Environment: First, you need to define an environment in your Azure DevOps project. This can be done in the Azure DevOps portal.
  2. Add the Environment to Your YAML: Modify the Docker stage to include a deployment job that targets the defined environment. The environment will enforce the manual approval.

The Modified YAML

trigger:
- main

resources:
- repo: self

variables:
  buildConfiguration: 'Release'
  dockerRegistryServiceConnection: 'yourDockerRegistryServiceConnection'
  imageName: 'yourImageName:$(Build.BuildId)'
  environmentName: 'yourEnvironmentName' # Define your environment name here

stages:
- stage: Build
  displayName: Build and Test
  # ... [Rest of your build and test jobs]

- stage: Docker
  displayName: Build and Push Docker Image
  jobs:
  - deployment: BuildPush
    displayName: Build and Push
    environment: $(environmentName) # Use the environment here
    pool:
      vmImage: 'ubuntu-latest'
    steps:
    - task: Docker@2
      displayName: Build Docker image
      inputs:
        command: build
        dockerfile: '**/Dockerfile'
        tags: |
          $(imageName)

    - download: none
      task: ManualValidation@0
      timeoutInMinutes: 1440 # Timeout for manual validation (24 hours)
      inputs:
        instructions: 'Please validate the build and approve for pushing to the registry.'

    - task: Docker@2
      displayName: Push Docker image
      inputs:
        command: push
        repository: $(imageName)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(imageName)

In this modified YAML:

  • The environment field is added to the Docker stage. Replace yourEnvironmentName with the name of the environment you created in Azure DevOps.
  • The ManualValidation task is used to pause the pipeline and wait for manual approval.
  • The timeoutInMinutes property is set for the manual validation task, specifying how long the pipeline should wait for an approval before timing out.

Remember, you need to set up the environment in Azure DevOps and configure the approval checks for that environment. This setup is done through the Azure DevOps web interface, not directly in the YAML file.

You can find the official DevOps Pipeline documentation here: – https://learn.microsoft.com/en-us/azure/devops/pipelines/?view=azure-devops

Stephen

Hi, my name is Stephen Finchett. I have been a software engineer for over 30 years and worked on complex, business critical, multi-user systems for all of my career. For the last 15 years, I have been concentrating on web based solutions using the Microsoft Stack including ASP.Net, C#, TypeScript, SQL Server and running everything at scale within Kubernetes.