Skip to content

Automated Dependency Updates for Azure Pipelines

Categories: ci

Renovate supports updating Azure Pipelines dependencies.

Enabling

Azure Pipelines functionality is currently in beta testing, so you must opt-in to test it. To enable it, add a configuration like this to either your bot config or your renovate.json:

{
  "azure-pipelines": {
    "enabled": true
  }
}

If you find any bugs, please create a new discussion first. If you find that it works well, then let us know too.

File Matching

By default, Renovate will check any files matching any of the following regular expressions:

(^|/).azuredevops/.+\.ya?ml$
azure.*pipelines?.*\.ya?ml$

For details on how to extend a manager's fileMatch value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: azure-pipelines-tasks, git-tags.

Default config

{
  "fileMatch": [
    "(^|/).azuredevops/.+\\.ya?ml$",
    "azure.*pipelines?.*\\.ya?ml$"
  ],
  "enabled": false
}

Additional Information

The azure-pipelines manager is disabled by default. This is because there's no way for Renovate to know whether new task versions are yet available with the Azure DevOps environment, so new versions proposed by Renovate could fail.

To opt into running it, set the following:

{
  "azure-pipelines": {
    "enabled": true
  }
}

In most cases only major version numbers are specified in YAML when referencing a task version: NodeTool@0. By default, Renovate replaces these with the full version: NodeTool@0.216.0.

To use the standard convention for Azure Pipelines, add:

{
  "packageRules": [
    {
      "matchDatasources": ["azure-pipelines-tasks"],
      "extractVersion": "^(?<version>\\d+)"
    }
  ]
}

Renovate now updates container and repository resources from the resources block, plus tasks from steps blocks.

For example:

resources:
  repositories:
    - type: github
      name: renovate/renovate
      ref: refs/heads/main
    - type: github
      name: user/repo
      ref: refs/tags/v0.5.1
  containers:
    - container: linux
      image: ubuntu:24.04
    - container: python
      image: python:3.13@sha256:bc78d3c007f86dbb87d711b8b082d9d564b8025487e780d24ccb8581d83ef8b0

stages:
  - stage: StageOne
    jobs:
      - job: JobOne
        steps:
          - task: Bash@3
            inputs:
              script: 'echo Hello World'

Read the resources block and the tasks block Azure Pipelines documentation for more information.

The azure-pipelines manager can process these files:

  • .azure-pipelines/**/*.yaml
  • .azure-pipelines.yaml
  • .azure-pipelines.yml
  • azure-pipelines/**/*.yaml
  • azure-pipelines.yaml
  • azure-pipelines.yml
  • azure-pipeline/**/*.yaml
  • azure-pipeline.yaml
  • azure-pipeline.yml

Warning

Renovate can't update (root) container-element in containers jobs, see issue #21987. Renovate can't read Azure repositories defined in resource blocks, see issue #15028.

Open items

The below list of features were current when this page was generated on November 21, 2024.

Feature requests

  • Support container jobs for azure-pipelines #21987