0

As written deploy pipelines can be pushed manually. I want to know if there is a way to stop the deploy from happening unless all pervious stages are done.

For example if I push deploy on Production, the Production deploy should check that Dev, Test, and Pre-Prod completed successfully before continuing.

I looked at deploy gates, but there does not seem to be anything in there for this condition.

I am actually surprised this is not part of the tool design. As written out of the box someone can push a deploy to Prod even if Dev, Test, and Pre-Prod aren't completed at all.

Does Microsoft just want us to rely on approvers to eyeball the situation? I am not sure how to constrain deploys for this particular condition.

user5855178
  • 567
  • 1
  • 7
  • 17

1 Answers1

1

You can link the stages together, so that the deployment happens first on dev, and only if that succeeds it will go to pre-prod, and then prod.

Pipeline stages

However, even with stage dependencies, I think you can still deploy at any stage at any time directly. To have more safeguards, you can add a script to your deployment steps that will check that previous steps are completed using Azure DevOps API.

alex
  • 12,464
  • 3
  • 46
  • 67
  • Yes that is the problem our Auditors complained about: you can just push the deploy button anyway, automation built in or not I am speechless that Microsoft missed this issue. The other issue is the approvers can assign the approval to anyone they please... major audit issue there too. – user5855178 Jan 15 '23 at 02:32