Skip to content

ci: migrate from Azure Pipelines to GitHub Actions#196

Open
Saturate wants to merge 5 commits intomainfrom
migrate-to-github-actions
Open

ci: migrate from Azure Pipelines to GitHub Actions#196
Saturate wants to merge 5 commits intomainfrom
migrate-to-github-actions

Conversation

@Saturate
Copy link
Copy Markdown
Collaborator

@Saturate Saturate commented Feb 2, 2026
edited
Loading

Replaces Azure Pipeline with GitHub Actions to remove dependency on Azure tenant owner for CI/CD access. This unblocks deployments when the tenant admin is unavailable.

The workflow reads publisher and extension metadata directly from vss-extension.json instead of requiring them as secrets. It implements the same versioning logic as the old pipeline by extracting semver from branch/tag names and appending commit count. Publishing uses tfx-cli with a Personal Access Token from marketplace.visualstudio.com/manage, so no tenant access is needed.

Changes

  • Removed Azure Pipeline files (azure-pipelines.yml, build_job.yml, publish_job.yml)
  • Added GitHub Actions workflow at .github/workflows/build-and-publish.yml
  • Workflow reads metadata from vss-extension.json instead of requiring secrets
  • Uses Node 20
  • Same deployment logic: feature/* → Development, hotfix/* → Hotfix, tags → Release

Testing

  • Build part works
  • Update AZURE_DEVOPS_PAT secret
  • Publish new version successfully

@ejohn20 - This PR needs you to set up secrets before it can work:

  1. Go to https://github.com/dependency-check/azuredevops/settings/secrets/actions
  2. Add AZURE_DEVOPS_PAT:
  3. Optionally add AZURE_DEVOPS_SHARE_WITH (comma-separated org names for dev/hotfix builds)

See .github/SETUP.md for details.

@Saturate
ci: migrate from Azure Pipelines to GitHub Actions
f163629 
Replaces Azure Pipeline with GitHub Actions to remove dependency on Azure tenant owner for CI/CD access. This unblocks deployments when the tenant admin is unavailable.

The workflow reads publisher and extension metadata directly from vss-extension.json instead of requiring them as secrets. It implements the same versioning logic as the old pipeline by extracting semver from branch/tag names and appending commit count. Publishing uses tfx-cli with a Personal Access Token from marketplace.visualstudio.com/manage, so no tenant access is needed.

The workflow matches the original behavior: feature/* branches publish to Development, hotfix/* to Hotfix, and tags to Release with GitHub releases.
@Saturate Saturate requested review from a team, alxmancini, pippolino and tlogik as code owners February 2, 2026 19:43
@Saturate Saturate mentioned this pull request Feb 2, 2026
Open
@Saturate Saturate mentioned this pull request Feb 3, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alxmancini alxmancini Awaiting requested review from alxmancini alxmancini is a code owner

@pippolino pippolino Awaiting requested review from pippolino pippolino is a code owner

@tlogik tlogik Awaiting requested review from tlogik tlogik is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Saturate