pr-agent/docs/docs/installation/azure.md

## Azure DevOps Pipeline

You can use a pre-built Action Docker image to run PR-Agent as an Azure devops pipeline.
add the following file to your repository under `azure-pipelines.yml`:

```yaml
# Opt out of CI triggers
trigger: none

# Configure PR trigger
pr:
  branches:
    include:
    - '*'
  autoCancel: true
  drafts: false

stages:
- stage: pr_agent
  displayName: 'PR Agent Stage'
  jobs:
  - job: pr_agent_job
    displayName: 'PR Agent Job'
    pool:
      vmImage: 'ubuntu-latest'
    container:
      image: codiumai/pr-agent:latest
      options: --entrypoint ""
    variables:
      - group: pr_agent
    steps:
    - script: |
        echo "Running PR Agent action step"

        # Construct PR_URL
        PR_URL="${SYSTEM_COLLECTIONURI}${SYSTEM_TEAMPROJECT}/_git/${BUILD_REPOSITORY_NAME}/pullrequest/${SYSTEM_PULLREQUEST_PULLREQUESTID}"
        echo "PR_URL=$PR_URL"

        # Extract organization URL from System.CollectionUri
        ORG_URL=$(echo "$(System.CollectionUri)" | sed 's/\/$//') # Remove trailing slash if present
        echo "Organization URL: $ORG_URL"

        export azure_devops__org="$ORG_URL"
        export config__git_provider="azure"

        pr-agent --pr_url="$PR_URL" describe
        pr-agent --pr_url="$PR_URL" review
        pr-agent --pr_url="$PR_URL" improve
      env:
        azure_devops__pat: $(azure_devops_pat)
        openai__key: $(OPENAI_KEY)
      displayName: 'Run Qodo Merge'
```

This script will run Qodo Merge on every new merge request, with the `improve`, `review`, and `describe` commands.
Note that you need to export the `azure_devops__pat` and `OPENAI_KEY` variables in the Azure DevOps pipeline settings (Pipelines -> Library -> + Variable group):

![Qodo Merge](https://codium.ai/images/pr_agent/azure_devops_pipeline_secrets.png){width=468}

Make sure to give pipeline permissions to the `pr_agent` variable group.

> Note that Azure Pipelines lacks support for triggering workflows from PR comments. If you find a viable solution, please contribute it to our [issue tracker](https://github.com/Codium-ai/pr-agent/issues)

## Azure DevOps from CLI

To use Azure DevOps provider use the following settings in configuration.toml:

```toml
[config]
git_provider="azure"
```

Azure DevOps provider supports [PAT token](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows) or [DefaultAzureCredential](https://learn.microsoft.com/en-us/azure/developer/python/sdk/authentication-overview#authentication-in-server-environments) authentication.
PAT is faster to create, but has build in expiration date, and will use the user identity for API calls.
Using DefaultAzureCredential you can use managed identity or Service principle, which are more secure and will create separate ADO user identity (via AAD) to the agent.

If PAT was chosen, you can assign the value in .secrets.toml.
If DefaultAzureCredential was chosen, you can assigned the additional env vars like AZURE_CLIENT_SECRET directly,
or use managed identity/az cli (for local development) without any additional configuration.
in any case, 'org' value must be assigned in .secrets.toml:

```toml
[azure_devops]
org = "https://dev.azure.com/YOUR_ORGANIZATION/"
# pat = "YOUR_PAT_TOKEN" needed only if using PAT for authentication
```

## Azure DevOps Webhook

To trigger from an Azure webhook, you need to manually [add a webhook](https://learn.microsoft.com/en-us/azure/devops/service-hooks/services/webhooks?view=azure-devops).
Use the "Pull request created" type to trigger a review, or "Pull request commented on" to trigger any supported comment with /<command> <args> comment on the relevant PR. Note that for the "Pull request commented on" trigger, only API v2.0 is supported.

For webhook security, create a sporadic username/password pair and configure the webhook username and password on both the server and Azure DevOps webhook. These will be sent as basic Auth data by the webhook with each request:

```toml
[azure_devops_server]
webhook_username = "<basic auth user>"
webhook_password = "<basic auth password>"
```

> :warning: **Ensure that the webhook endpoint is only accessible over HTTPS** to mitigate the risk of credential interception when using basic authentication.
azure 2024-08-10 21:30:18 +03:00			`## Azure DevOps Pipeline`
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
docs: rebrand from Qodo Merge to PR-Agent in installation guides 2025-01-22 21:28:29 +02:00			`You can use a pre-built Action Docker image to run PR-Agent as an Azure devops pipeline.`
azure 2024-08-10 21:30:18 +03:00			add the following file to your repository under `azure-pipelines.yml`:
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
azure 2024-08-10 21:30:18 +03:00			```yaml
			`# Opt out of CI triggers`
			`trigger: none`

			`# Configure PR trigger`
			`pr:`
			`branches:`
			`include:`
			`- '*'`
			`autoCancel: true`
			`drafts: false`

			`stages:`
			`- stage: pr_agent`
			`displayName: 'PR Agent Stage'`
			`jobs:`
			`- job: pr_agent_job`
			`displayName: 'PR Agent Job'`
			`pool:`
			`vmImage: 'ubuntu-latest'`
			`container:`
			`image: codiumai/pr-agent:latest`
			`options: --entrypoint ""`
			`variables:`
			`- group: pr_agent`
			`steps:`
			`- script: \|`
			`echo "Running PR Agent action step"`

			`# Construct PR_URL`
			`PR_URL="${SYSTEM_COLLECTIONURI}${SYSTEM_TEAMPROJECT}/_git/${BUILD_REPOSITORY_NAME}/pullrequest/${SYSTEM_PULLREQUEST_PULLREQUESTID}"`
			`echo "PR_URL=$PR_URL"`

			`# Extract organization URL from System.CollectionUri`
			`ORG_URL=$(echo "$(System.CollectionUri)" \| sed 's/\/$//') # Remove trailing slash if present`
			`echo "Organization URL: $ORG_URL"`

			`export azure_devops__org="$ORG_URL"`
			`export config__git_provider="azure"`
Format files by `pre-commit run -a` Signed-off-by: Yu Ishikawa <yu-iskw@users.noreply.github.com> 2024-10-30 09:56:03 +09:00
azure 2024-08-10 21:30:18 +03:00			`pr-agent --pr_url="$PR_URL" describe`
			`pr-agent --pr_url="$PR_URL" review`
			`pr-agent --pr_url="$PR_URL" improve`
			`env:`
			`azure_devops__pat: $(azure_devops_pat)`
			`openai__key: $(OPENAI_KEY)`
Qodo Merge rename 2024-09-29 17:15:49 +03:00			`displayName: 'Run Qodo Merge'`
azure 2024-08-10 21:30:18 +03:00			```
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
Qodo Merge rename 2024-09-29 17:15:49 +03:00			This script will run Qodo Merge on every new merge request, with the `improve`, `review`, and `describe` commands.
azure 2024-08-10 21:30:18 +03:00			Note that you need to export the `azure_devops__pat` and `OPENAI_KEY` variables in the Azure DevOps pipeline settings (Pipelines -> Library -> + Variable group):
Update azure.md 2024-11-21 09:24:45 +02:00
docs: rebrand from Qodo Merge Pro to Qodo Merge throughout documentation 2025-01-22 21:18:08 +02:00			`![Qodo Merge](https://codium.ai/images/pr_agent/azure_devops_pipeline_secrets.png){width=468}`
azure 2024-08-10 21:30:18 +03:00
			Make sure to give pipeline permissions to the `pr_agent` variable group.

Update azure.md 2024-11-21 09:24:45 +02:00			`> Note that Azure Pipelines lacks support for triggering workflows from PR comments. If you find a viable solution, please contribute it to our [issue tracker](https://github.com/Codium-ai/pr-agent/issues)`
azure 2024-08-10 21:30:18 +03:00
			`## Azure DevOps from CLI`
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00
			`To use Azure DevOps provider use the following settings in configuration.toml:`
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
			```toml
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`[config]`
			`git_provider="azure"`
			```

			`Azure DevOps provider supports [PAT token](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows) or [DefaultAzureCredential](https://learn.microsoft.com/en-us/azure/developer/python/sdk/authentication-overview#authentication-in-server-environments) authentication.`
Format files by `pre-commit run -a` Signed-off-by: Yu Ishikawa <yu-iskw@users.noreply.github.com> 2024-10-30 09:56:03 +09:00			`PAT is faster to create, but has build in expiration date, and will use the user identity for API calls.`
chore: fix some typos Signed-off-by: veryyet <zhengxingru@outlook.com> 2024-03-21 14:41:29 +08:00			`Using DefaultAzureCredential you can use managed identity or Service principle, which are more secure and will create separate ADO user identity (via AAD) to the agent.`
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00
Format files by `pre-commit run -a` Signed-off-by: Yu Ishikawa <yu-iskw@users.noreply.github.com> 2024-10-30 09:56:03 +09:00			`If PAT was chosen, you can assign the value in .secrets.toml.`
			`If DefaultAzureCredential was chosen, you can assigned the additional env vars like AZURE_CLIENT_SECRET directly,`
chore: fix some typos Signed-off-by: veryyet <zhengxingru@outlook.com> 2024-03-21 14:41:29 +08:00			`or use managed identity/az cli (for local development) without any additional configuration.`
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`in any case, 'org' value must be assigned in .secrets.toml:`
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
			```toml
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`[azure_devops]`
			`org = "https://dev.azure.com/YOUR_ORGANIZATION/"`
			`# pat = "YOUR_PAT_TOKEN" needed only if using PAT for authentication`
			```

docs: reorganize installation documentation structure 2025-01-23 08:45:47 +02:00			`## Azure DevOps Webhook`
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00
Format files by `pre-commit run -a` Signed-off-by: Yu Ishikawa <yu-iskw@users.noreply.github.com> 2024-10-30 09:56:03 +09:00			`To trigger from an Azure webhook, you need to manually [add a webhook](https://learn.microsoft.com/en-us/azure/devops/service-hooks/services/webhooks?view=azure-devops).`
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`Use the "Pull request created" type to trigger a review, or "Pull request commented on" to trigger any supported comment with /<command> <args> comment on the relevant PR. Note that for the "Pull request commented on" trigger, only API v2.0 is supported.`

			`For webhook security, create a sporadic username/password pair and configure the webhook username and password on both the server and Azure DevOps webhook. These will be sent as basic Auth data by the webhook with each request:`
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
			```toml
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`[azure_devops_server]`
			`webhook_username = "<basic auth user>"`
			`webhook_password = "<basic auth password>"`
			```
Improve markdown docs formatting for consistency and readability 2025-04-18 02:03:47 +08:00
Add documentation portal with MKDocs 2024-03-06 21:52:11 +02:00			`> :warning: Ensure that the webhook endpoint is only accessible over HTTPS to mitigate the risk of credential interception when using basic authentication.`