Skip to content

Automated Dependency Updates for Azure Pipelines

Categories: ci

Renovate supports updating Azure Pipelines dependencies.

Enabling

Azure Pipelines functionality is currently in beta testing, so you must opt-in to test it. To enable it, add a configuration like this to either your bot config or your renovate.json:

{
  "azure-pipelines": {
    "enabled": true
  }
}

If you find any bugs, please create a new discussion first. If you find that it works well, then let us know too.

File Matching

By default, Renovate will check any files matching any of the following regular expressions:

(^|/).azuredevops/.+\.ya?ml$
azure.*pipelines?.*\.ya?ml$

For details on how to extend a manager's fileMatch value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: azure-pipelines-tasks, git-tags.

Default config

{
  "fileMatch": [
    "(^|/).azuredevops/.+\\.ya?ml$",
    "azure.*pipelines?.*\\.ya?ml$"
  ],
  "enabled": false
}

Additional Information

The azure-pipelines manager is disabled by default. This is because there's no way for Renovate to know whether new task versions are yet available with the Azure DevOps environment, so new versions proposed by Renovate could fail.

To opt into running it, set the following:

{
  "azure-pipelines": {
    "enabled": true
  }
}

In most cases only major version numbers are specified in YAML when referencing a task version: NodeTool@0. By default, Renovate replaces these with the full version: NodeTool@0.216.0.

To use the standard convention for Azure Pipelines, add:

{
  "packageRules": [
    {
      "matchDatasources": ["azure-pipelines-tasks"],
      "extractVersion": "^(?<version>\\d+)"
    }
  ]
}

Renovate now updates container and repository resources from the resources block, plus tasks from steps blocks.

For example:

resources:
  repositories:
    - type: github
      name: renovate/renovate
      ref: refs/heads/main
    - type: github
      name: user/repo
      ref: refs/tags/v0.5.1
  containers:
    - container: linux
      image: ubuntu:24.04
    - container: python
      image: python:3.12@sha256:05855f5bf06f5a004b0c1a8aaac73a9d9ea54390fc289d3e80ef52c4f90d5585

stages:
  - stage: StageOne
    jobs:
      - job: JobOne
        steps:
          - task: Bash@3
            inputs:
              script: 'echo Hello World'

Read the resources block and the tasks block Azure Pipelines documentation for more information.

The azure-pipelines manager can process these files:

  • .azure-pipelines/**/*.yaml
  • .azure-pipelines.yaml
  • .azure-pipelines.yml
  • azure-pipelines/**/*.yaml
  • azure-pipelines.yaml
  • azure-pipelines.yml
  • azure-pipeline/**/*.yaml
  • azure-pipeline.yaml
  • azure-pipeline.yml

Warning

Renovate can't update (root) container-element in containers jobs, see issue #21987. Renovate can't read Azure repositories defined in resource blocks, see issue #15028.

Open items

The below list of features were current when this page was generated on October 12, 2024.

Feature requests

  • Support container jobs for azure-pipelines #21987