Post

Azure DevOps Commit Message Validator and PR Linker GitHub Action

Enforce that each commit in a pull request has AB# in the commit message and link all of the work items to the pull request

Overview

I was with a client recently that was using GitHub for source control and GitHub Advanced Security, and Azure DevOps for Boards and Pipelines. Integrating GitHub with Azure DevOps is relatively simple for linking commits and pull requests, but there were a few pieces that we wanted to improve on. One was making sure / enforcing in the pull request that each commit contains an Azure Boards work item link with AB#123 in the commit message. We also found that commits that contained work item links weren’t automatically linked to the pull request. The pull request needs to contain AB#123 in the pull request title or body in order for the link to be automatically created.

Because of these limitations, I built an action to be ran in a pull request to make sure that all commits have a AB#123 link in the commit message, as well as link all corresponding work items to the pull request.

Using the Action

The action loops through each commit and:

  1. makes sure it has AB#123 in the commit message
  2. if yes, add a GitHub Pull Request link to the work item in Azure DevOps

Prerequisites

  1. Create a repository secret titled AZURE_DEVOPS_PAT - it needs to be a full PAT
  2. Pass the Azure DevOps organization to the azure-devops-organization input parameter (line no. 14 below)

YML

This should only be triggered via pull requests.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
name: pr-commit-message-enforcer-and-linker

on:
  pull_request:
    branches: [ "main" ]

jobs:
  pr-commit-message-enforcer-and-linker:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3
    - name: Azure DevOps Commit Validator and Pull Request Linker
      uses: joshjohanning/azdo_commit_message_validator@v1
      with:
        azure-devops-organization: myorg # The name of the Azure DevOps organization
        azure-devops-token: ${{ secrets.AZURE_DEVOPS_PAT }} # "Azure DevOps Personal Access Token (needs to be a full PAT)
        fail-if-missing-workitem-commit-link: true # Fail the action if a commit in the pull request is missing AB# in the commit message
        link-commits-to-pull-request: true # Link the work items found in commits to the pull request

Branch Protection Policy

After you create the workflow, you can add this as a status check to the branch protection policy on your default branch. If you aren’t seeing the pr-commit-message-enforcer-and-linker job name, you might have to create a pull request that triggers the job first and then add the branch protection policy. Branch protection policy Configuring the status check in the branch protection policy

Once added, if commit message(s) don’t contain an AB#123 link, the pull request will be blocked from merging. Status checks failing on pull request The status checks on the pull request are failing because of missing work item links in the commit message(s)

Screenshots

If a commit in the pull request is missing AB# in the commit message, the action will fail: Blocking the pull request because it's missing work item links Blocking the pull request because it’s missing work item links

The action will link all work items found in commits to the pull request: Linking the work items to the pull request Linking the work items to the pull request

The pull request showing along with the commit on the work item in Azure DevOps: Pull request Pull request link on a work item in Azure DevOps

Summary

The gist is that it makes sure that all commits in the pull request have an AB# link in the commit message, and that all work items found in the commits are linked to the pull request. I’m working with an undocumented API that I describe a bit more in the README of the repository if you’re interested. Test it out - feedback’s always welcome!

This post is licensed under CC BY 4.0 by the author.