Introduction
In this blog post, I create an Azure Pipeline to monitor a GIT branch for changes and then build the code into a container, but what if you want to have a human confirm everything is correct before that item is pushed into the container registry?
To add a manual confirmation step before pushing the container to the registry in your Azure DevOps YAML pipeline, you can use the manual
approval feature provided by environments in Azure DevOps.
An environment in Azure DevOps can represent a collection of resources like deployment targets, and it can have various checks including manual approvals.
Changes in Azure DevOps
Here’s how you can modify the YAML file to include a manual confirmation step:
- Define an Environment: First, you need to define an environment in your Azure DevOps project. This can be done in the Azure DevOps portal.
- Add the Environment to Your YAML: Modify the Docker stage to include a deployment job that targets the defined environment. The environment will enforce the manual approval.
The Modified YAML
trigger:
- main
resources:
- repo: self
variables:
buildConfiguration: 'Release'
dockerRegistryServiceConnection: 'yourDockerRegistryServiceConnection'
imageName: 'yourImageName:$(Build.BuildId)'
environmentName: 'yourEnvironmentName' # Define your environment name here
stages:
- stage: Build
displayName: Build and Test
# ... [Rest of your build and test jobs]
- stage: Docker
displayName: Build and Push Docker Image
jobs:
- deployment: BuildPush
displayName: Build and Push
environment: $(environmentName) # Use the environment here
pool:
vmImage: 'ubuntu-latest'
steps:
- task: Docker@2
displayName: Build Docker image
inputs:
command: build
dockerfile: '**/Dockerfile'
tags: |
$(imageName)
- download: none
task: ManualValidation@0
timeoutInMinutes: 1440 # Timeout for manual validation (24 hours)
inputs:
instructions: 'Please validate the build and approve for pushing to the registry.'
- task: Docker@2
displayName: Push Docker image
inputs:
command: push
repository: $(imageName)
containerRegistry: $(dockerRegistryServiceConnection)
tags: |
$(imageName)
In this modified YAML:
- The
environment
field is added to the Docker stage. ReplaceyourEnvironmentName
with the name of the environment you created in Azure DevOps. - The
ManualValidation
task is used to pause the pipeline and wait for manual approval. - The
timeoutInMinutes
property is set for the manual validation task, specifying how long the pipeline should wait for an approval before timing out.
Remember, you need to set up the environment in Azure DevOps and configure the approval checks for that environment. This setup is done through the Azure DevOps web interface, not directly in the YAML file.
You can find the official DevOps Pipeline documentation here: – https://learn.microsoft.com/en-us/azure/devops/pipelines/?view=azure-devops