Skip to content

feat: Add AzureDevops ScmProvider #557

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 22 commits into
base: main
Choose a base branch
from
Open

feat: Add AzureDevops ScmProvider #557

wants to merge 22 commits into from

Conversation

@eegseth
Copy link

@eegseth eegseth commented Oct 8, 2025

Adds Azure DevOps support as an SCM provider, with both PAT and Azure Workload Identity authentication methods.

Fixes #303

eegseth added 4 commits October 8, 2025 14:18
@eegseth
Add AzureDevops ScmProvider
b6fac38 
Signed-off-by: Endre Egseth <[email protected]>
@eegseth
Merge branch 'main' into main
5e947fb
@eegseth
Fix lint
dab7862 
Signed-off-by: Endre Egseth <[email protected]>
@eegseth
Fix lint
57a84c6 
Signed-off-by: Endre Egseth <[email protected]>
zachaller
zachaller reviewed Oct 8, 2025
View reviewed changes
eegseth added 3 commits October 8, 2025 15:56
@eegseth
Fix lint
b5e0f70 
Signed-off-by: Endre Egseth <[email protected]>
@eegseth
Ginkgo tests
5b749ee 
Signed-off-by: Endre Egseth <[email protected]>
@eegseth
Ginkgo tests 2
2b5f039 
Signed-off-by: Endre Egseth <[email protected]>
@codecov-commenter
Copy link

codecov-commenter commented Oct 9, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 19.00826% with 490 lines in your changes missing coverage. Please review.
✅ Project coverage is 47.06%. Comparing base (cc4a08d) to head (c6a606e).

Files with missing lines Patch % Lines
internal/scms/azuredevops/pullrequest.go 3.05% 286 Missing ⚠️
internal/scms/azuredevops/git_operations.go 41.77% 89 Missing and 3 partials ⚠️
internal/scms/azuredevops/commit_status.go 5.55% 85 Missing ⚠️
internal/utils/utils.go 10.00% 8 Missing and 1 partial ⚠️
internal/controller/commitstatus_controller.go 0.00% 7 Missing ⚠️
...ternal/controller/argocdcommitstatus_controller.go 0.00% 3 Missing ⚠️
...rnal/controller/changetransferpolicy_controller.go 0.00% 3 Missing ⚠️
internal/scms/azuredevops/token_manager.go 91.89% 2 Missing and 1 partial ⚠️
internal/controller/pullrequest_controller.go 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #557      +/-   ##
==========================================
- Coverage   50.90%   47.06%   -3.85%     
==========================================
  Files          35       39       +4     
  Lines        4186     4791     +605     
==========================================
+ Hits         2131     2255     +124     
- Misses       1801     2280     +479     
- Partials      254      256       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

crenshaw-dev
crenshaw-dev requested changes Oct 9, 2025
View reviewed changes
Copy link
Contributor

@crenshaw-dev crenshaw-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did a quick first pass, it's looking good!

@eegseth eegseth requested a review from crenshaw-dev October 10, 2025 12:41
eegseth and others added 8 commits October 10, 2025 15:39
@eegseth
Fix validation, function name and deep nesting
5ec2a69 
Signed-off-by: Endre Egseth <[email protected]>
@zachaller @eegseth
feat!: add performance tuning configurations and restructure Controll…
6888ee9 
…erConfiguration API (argoproj-labs#549)

* Add dynamic controller configuration with WorkQueue settings

- Implement dual-client approach for reading configuration during setup
- Add Direct methods to read from API server bypassing cache
- Support generic rate limiter types for different request types
- Update all controllers to use configurable WorkQueue settings
- Add comprehensive ControllerConfiguration.yaml documentation

Signed-off-by: Zach Aller <[email protected]>

* fix default config

Signed-off-by: Zach Aller <[email protected]>

* fix validation

Signed-off-by: Zach Aller <[email protected]>

* fix test

Signed-off-by: Zach Aller <[email protected]>

* use correct configuration

Signed-off-by: Zach Aller <[email protected]>

* review

Signed-off-by: Zach Aller <[email protected]>

* switch

Signed-off-by: Zach Aller <[email protected]>

* lint

Signed-off-by: Zach Aller <[email protected]>

* test depend on 7

Signed-off-by: Zach Aller <[email protected]>

* if required remove omitempty

Signed-off-by: Zach Aller <[email protected]>

* set reconcile routines to 1

Signed-off-by: Zach Aller <[email protected]>

* set reconcile routines to 1 for CTP

Signed-off-by: Zach Aller <[email protected]>

* remove lock logger

Signed-off-by: Zach Aller <[email protected]>

* cleanup

Signed-off-by: Zach Aller <[email protected]>

---------

Signed-off-by: Zach Aller <[email protected]>
@dependabot @eegseth
chore(deps): bump golang.org/x/time from 0.12.0 to 0.14.0 (argoproj-l…
dc39152 
…abs#559)

Bumps [golang.org/x/time](https://github.com/golang/time) from 0.12.0 to 0.14.0.
- [Commits](golang/time@v0.12.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @eegseth
chore(deps): bump gitlab.com/gitlab-org/api/client-go from 0.152.0 to…
31f6bb8 
… 0.154.0 (argoproj-labs#558)

chore(deps): bump gitlab.com/gitlab-org/api/client-go

Bumps [gitlab.com/gitlab-org/api/client-go](https://gitlab.com/gitlab-org/api/client-go) from 0.152.0 to 0.154.0.
- [Release notes](https://gitlab.com/gitlab-org/api/client-go/tags)
- [Changelog](https://gitlab.com/gitlab-org/api/client-go/blob/main/CHANGELOG.md)
- [Commits](https://gitlab.com/gitlab-org/api/client-go/compare/v0.152.0...v0.154.0)

---
updated-dependencies:
- dependency-name: gitlab.com/gitlab-org/api/client-go
  dependency-version: 0.154.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@zachaller @eegseth
feat: Add flag for ArgoCDCommitStatus manager to enable/disable local…
fb6c6f4 
… cluster (argoproj-labs#560)

* save point

Signed-off-by: Zach Aller <[email protected]>

* ginkgo tests

Signed-off-by: Zach Aller <[email protected]>

* clean up crd check

Signed-off-by: Zach Aller <[email protected]>

* clean up

Signed-off-by: Zach Aller <[email protected]>

* save point

Signed-off-by: Zach Aller <[email protected]>

* remove test

Signed-off-by: Zach Aller <[email protected]>

* rename

Signed-off-by: Zach Aller <[email protected]>

* cleanup

Signed-off-by: Zach Aller <[email protected]>

* cleanup

Signed-off-by: Zach Aller <[email protected]>

* required

Signed-off-by: Zach Aller <[email protected]>

* add config

Signed-off-by: Zach Aller <[email protected]>

* formate

Signed-off-by: Zach Aller <[email protected]>

---------

Signed-off-by: Zach Aller <[email protected]>
@zachaller @eegseth
chore: refactor settings manager to require functions (argoproj-labs#561
d3001d7 
)

Signed-off-by: Zach Aller <[email protected]>
@github-actions @zachaller @eegseth
docs: bump manifest versions to v0.14.0 (argoproj-labs#562)
d6df74f 
Co-authored-by: zachaller <[email protected]>
@eegseth
Regenerate build-installer
d322cd7 
Signed-off-by: Endre Egseth <[email protected]>
@eegseth
Regenerate deepcopy
fe49c66 
Signed-off-by: Endre Egseth <[email protected]>
crenshaw-dev
crenshaw-dev reviewed Oct 13, 2025
View reviewed changes
crenshaw-dev
crenshaw-dev reviewed Oct 13, 2025
View reviewed changes
crenshaw-dev
crenshaw-dev reviewed Oct 13, 2025
View reviewed changes
crenshaw-dev
crenshaw-dev reviewed Oct 13, 2025
View reviewed changes
@eegseth eegseth requested a review from crenshaw-dev October 15, 2025 07:03
@crenshaw-dev
Copy link
Contributor

crenshaw-dev commented Nov 6, 2025
edited
Loading

Apologies for the delayed review. There was something bothering me that I couldn't quite figure out, and I think I finally made sense of it.

All of the existing providers is accessible via one of two modes:

  1. ClusterScmProvider: created by an admin along with creds, accessible to tenants in any namespace
  2. ScmProvider: created by tenants in their own namespaces who must also provide their own credentials

This new provider breaks that binary. If I as a namespaced tenant can create an ScmProvider, I can take advantage of the creds (the workload identity) of the controller in the admin-controlled namespace.

I think that, for this PR, we should make Azure DevOps workload identity available only in ClusterScmProviders. In a follow up PR we can add workload identity support to ScmProviders in a way that requires the tenant to provide their own credentials.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zachaller zachaller zachaller left review comments

@crenshaw-dev crenshaw-dev Awaiting requested review from crenshaw-dev

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support Azure DevOps Repos

4 participants

@eegseth @codecov-commenter @crenshaw-dev @zachaller