If you are a user of YAML pipelines in Azure DevOps , you might have encountered this annoying issue with the pipeline trigger. Let's discuss about this issue in detail and how a recently released feature will prevent this issue
Issue:
In YAML pipeline trigger section is used to specify when a pipeline should be executed
Consider the following snippet - In this scenario, the pipeline will be triggered for any changes to the main branch or branches that match the pattern releases/*
trigger:
- main
- releases/*
what if we omit the trigger section completely from a pipeline?.
you might expect the pipeline will not be triggered automatically however the exact opposite scenario will happen.
i.e. the pipeline will get triggered for changes to any branch This is a disastrous situation to be in, especially if the same pipeline is used to build as well as deploy.
A code from dev branch can get deployed to production in such cases. unfortunately, the default trigger is "all" and not "none"
Prevent unintended pipeline runs:
Recently a new pipeline setting has been introduced at both the project level and organisation level which can change the behaviour
If enabled, pipelines will not be triggered when the trigger section is missing. An explicit trigger specification will always be required.
To enable the setting at the Organization level, go to "Organization Settings" --> "Settings" --> under the Triggers section enable "Disable implied YAML CI trigger"
To enable the setting at the project level, go to "Project Settings" --> "Settings" --> under the Triggers section enable "Disable implied YAML CI trigger"
Summary:
This issue has been causing a lot of confusion due to unintended builds and deployments.
Many thanks to Azure DevOps Team for rolling out the settings. A simple setting can now help avoid lot of confusion.
Thanks for reading, Goodbye until next week!