search

Azure / azure-devops-cli-extension

Azure DevOps Extension for Azure CLI
https://docs.microsoft.com/en-us/cli/azure/ext/azure-devops/?view=azure-cli-latest
MIT License
632 stars 242 forks source link

[Bug] yaml pipelines created through cli have triggers enabled even when they defined as none #1024

Open frolov-andrey-elanco opened 4 years ago

frolov-andrey-elanco commented 4 years ago

Describe the bug I have a simple pipeline with below block configured as per documentation, that disables triggers:

trigger: none
pr: none

Pipeline created with below command: az pipelines create --name "${PIPELINE_NAME}" --branch "${TARGET_BRANCH_NAME}" --folder-path "${PIPELINE_PATH}" --org "${ORG_NAME}" --project "${PROJECT_NAME}" --repository "${TARGET_PIPELINE_REPOSITORY_URL}" --yaml-path "${TARGET_PIPELINE_DEFINITION_PATH}" --service-connection "${SERVICE_CONNECTION}" --skip-first-run true --queue-id "${QUEUE_ID}"

To Reproduce Azure Cli Version: 2.8.0 Azure-Devops extension version: 0.18.0

Steps to reproduce the behavior:

  1. Create a yaml pipeline definition with disabled triggers
  2. use az pipeline create to create a pipeline that points to the yaml file. See full command above.
  3. If you have admin permissions to the GitHub repository, it will create a pipeline that has both types of triggers ON. See screenshot below.
  4. If you do NOT have admin permissions in the GitHub repository, command will fail with error: Unable to configure a service on the selected GitHub repository. This is likely caused by not having the necessary permission to manage hooks for the selected repository. Which means it is tried to enable triggers. Why?

Expected behavior Pipeline that has triggers off in yaml definition should not create any hooks and keep them off.

Screenshots image

Additional context The scenario is following: ProjectA - holds the ownership of the GitHub repository and have it's own project in Azure DevOps. ProjectB - consumes code from ProjectA repository, has their own project in Azure DevOps under the same Org and need to run pipelines defined in ProjectA repository. We do not want to give admin rights to manage webhooks, especially while it looks like azure cli is trying to create them for pipeline that is supposed to have them disabled by design (manual trigger)

frolov-andrey-elanco commented 4 years ago

According to the code it appears that triggers block is always included into definition:

def _get_pipelines_trigger(repo_type):
    if repo_type.lower() == _GITHUB_REPO_TYPE:
        return [{"settingsSourceType": 2, "triggerType": 2},
                {"forks": {"enabled": "true", "allowSecrets": "false"},
                 "settingsSourceType": 2, "triggerType": "pullRequest"}]
    return [{"settingsSourceType": 2, "triggerType": 2}]

In that case it is likely a feature request to disable triggers and pass a null as it is shown in the definition after manual disable in the UI:

  "revision": 7,
  "tags": [],
  "triggers": null,
  "type": "build"