Skip to content

Automated Dependency Updates for Azure Pipelines

Categories: ci

Renovate supports updating Azure Pipelines dependencies.

Enabling

Azure Pipelines functionality is currently in beta testing, so you must opt-in to test it. To enable it, add a configuration like this to either your bot config or your renovate.json:

{
  "azure-pipelines": {
    "enabled": true
  }
}

If you find any bugs, please create a new discussion first. If you find that it works well, then let us know too.

File Matching

By default, Renovate will check any files matching any of the following regular expressions:

/(^|/).azuredevops/.+\.ya?ml$/
/azure.*pipelines?.*\.ya?ml$/

For details on how to extend a manager's managerFilePatterns value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: azure-pipelines-tasks, git-tags.

Dependency types

This manager extracts the following depType values:

depType Description
docker A Docker image reference in a container: field in Azure Pipelines
gitTags A Git repository resource referenced by tag (e.g. refs/tags/v1.0.0)

Default config

{
  "managerFilePatterns": [
    "/(^|/).azuredevops/.+\\.ya?ml$/",
    "/azure.*pipelines?.*\\.ya?ml$/"
  ],
  "enabled": false
}

Additional Information

The azure-pipelines manager is disabled by default. This is because there's no way for Renovate to know whether new task versions are yet available with the Azure DevOps environment, so new versions proposed by Renovate could fail.

To opt into running it, set the following:

{
  "azure-pipelines": {
    "enabled": true
  }
}

In most cases only major version numbers are specified in YAML when referencing a task version: NodeTool@0. By default, Renovate replaces these with the full version: NodeTool@0.216.0.

To use the standard convention for Azure Pipelines, add:

{
  "packageRules": [
    {
      "matchDatasources": ["azure-pipelines-tasks"],
      "extractVersion": "^(?<version>\\d+)"
    }
  ]
}

Renovate now updates container and repository resources from the resources block, plus tasks from steps blocks.

For example:

resources:
  repositories:
    - type: github
      name: renovate/renovate
      ref: refs/heads/main
    - type: github
      name: user/repo
      ref: refs/tags/v0.5.1
  containers:
    - container: linux
      image: ubuntu:24.04
    - container: python
      image: python:3.14@sha256:ffebef43892dd36262fa2b042eddd3320d5510a21f8440dce0a650a3c124b51d

stages:
  - stage: StageOne
    jobs:
      - job: JobOne
        steps:
          - task: Bash@3
            inputs:
              script: 'echo Hello World'

Read the resources block and the tasks block Azure Pipelines documentation for more information.

The azure-pipelines manager can process these files:

  • .azure-pipelines/**/*.yaml
  • .azure-pipelines.yaml
  • .azure-pipelines.yml
  • azure-pipelines/**/*.yaml
  • azure-pipelines.yaml
  • azure-pipelines.yml
  • azure-pipeline/**/*.yaml
  • azure-pipeline.yaml
  • azure-pipeline.yml

Warning

Renovate can't update (root) container-element in containers jobs, see issue #21987. Renovate can't read Azure repositories defined in resource blocks, see issue #15028.

Open items

The below list of features were current when this page was generated on April 10, 2026.

Feature requests

  • Support container jobs for azure-pipelines #21987