Azure DevOps
This section shows you how to integrate SCM with Azure DevOps using StackSpot Workflow.
Integrating your
Currently, StackSpot supports five workflows:
- Application Creation
- Infrastructure Creation
- Plugin Application
- Action Execution
- Workflow Execution
Prerequisites
1. Create a repository for your pipelines
To integrate SCM with StackSpot, first create a dedicated repository in your organization for pipelines. Once you define your pipelines, you can trigger them remotely via API, passing the required input data for each workflow.
You can sign in to Azure DevOps with a Microsoft or GitHub account. Then, create an organization and a project:
In Azure DevOps, your Organization matches your username, and your Project matches your repository name. Use the following URL format to access them:
https://dev.azure.com/[ORGANIZATION-NAME]/[PROJECT-NAME]
For example:
https://dev.azure.com/my-username/my-workflow-repo
You can also use an existing project.
2. Generate a Personal Access Token in Azure DevOps
Only users in the ‘Project Collection Administrators’ group can generate tokens. To check your permissions, go to the ‘Permissions’ section in Azure.
- Go to
https://dev.azure.com/{Your_Organization}and sign in. - Click 'User Settings' in the top-right menu, then select 'Personal access tokens'.
- Click 'New Token' and fill in the following fields:
- Name: Enter a name for your token.
- Organization: Select your organization.
- Expiration (UTC): Set an expiration date.
- Scopes: Choose 'Full access' for total access, or 'Custom defined' to select permissions. If you choose 'Custom defined', select:
- Auditing: Read Audit Log
- Build: Read & execute
- Code: Read & Write
- Packaging: Read & Write
- Pipeline Resources: Use & manage
- Project and Team: Read, write & manage
- Release: Read, write & execute
- Services Connections: Read, query & manage
- Click 'Create'. The token will appear only once—copy and save it.
Create the repository and pipelines manually
Complete these steps using the STK CLI. To create pipelines automatically, make sure you:
Step 1. In your terminal, using STK CLI, run:
mkdir <repo-name>
cd <repo-name>
Example:
mkdir repo-runner-actions
cd repo-runner-actions
Step 2. Inside the folder, create a file named "stackspot.yml" with the following content:
trigger: none
pr: none
parameters:
- name: workflow_execution_id
displayName: Workflow Execution ID
type: string
default: ''
- name: workflow_inputs
displayName: Workflow Inputs
type: string
default: ''
variables:
LANG: 'C.UTF-8'
LANGUAGE: 'C.UTF-8'
LC_ALL: 'C.UTF-8'
PYTHONIOENCODING: 'utf-8'
HTTP_ENABLE_DEBUG: 'false'
stages:
- stage: ResumeWorkflow
displayName: Stackspot Resume Workflow
jobs:
- job: RunWorkflow
displayName: Run workflow
pool:
vmImage: 'ubuntu-latest'
steps:
- script: |
cd /tmp
curl -fsSL https://stk.stackspot.com/install.sh | bash
echo "~/.stk/bin" >> $HOME/.bashrc
~/.stk/bin/stk --version
~/.stk/bin/stk upgrade
displayName: '[StackSpot] Install CLI'
- script: ~/.stk/bin/stk login -id $(STK_CLIENT_ID) -key $(STK_CLIENT_KEY) -r $(STK_REALM)
displayName: '[StackSpot] Login'
- script: ~/.stk/bin/stk resume workflow ${{ parameters.workflow_execution_id }}
displayName: '[StackSpot] run workflow'
Step 3. Commit your changes:
git init
git remote add origin https://<org>@dev.azure.com/<org>/<project_name>/_git/<repo_name>
git add .
git commit -m "Setup Runner"
git push
Example:
git init
git remote add origin https://stackspot-azure@dev.azure.com/stackspot-azure/stackspot/_git/stackspot
git add .
git commit -m "Setup Runner"
git push
Register the stackspot.yml file in your Azure DevOps pipeline
After you create the repository and pipeline files, register the stackspot pipeline:
Step 1. Go to the project with your repository in Azure DevOps.
Step 2. Click 'Pipelines', then 'New pipeline'.
Step 3. Choose 'Azure Repos Git'.
Step 4. Select the repository you created.
Step 5. Click 'Existing Azure Pipelines YAML file'. For 'Path', select /stackspot.yml.
Step 6. On the Review your pipeline YAML screen, click 'Variables', then 'New variable'.
Step 7. Add two variables. For the first:
- Name: Enter
secret_cli_loginexactly. - Value: Leave blank.
- Check both:
- 'Keep this value secret'
- 'Let users override this value when running this pipeline' Click 'OK'.
Step 8. Repeat for the second variable:
- Name: Enter
secret_gitexactly. - Value: Leave blank.
- Check both options above. Click 'OK', then 'Save'.
Step 9. Azure DevOps gives your pipeline a random name. Rename it to 'stackspot':
- Go to Pipelines > all
- Find your pipeline, click 'more options', then 'Rename/move pipeline'
- Enter 'stackspot' as the name and click 'Save'
Now, copy your project URL for the next integration step.
Integrate Azure DevOps with StackSpot
Complete these steps in the StackSpot Portal.
Configure using Azure DevOps PAT (Personal Access Token)
For security purposes, credentials such as the Personal Access Token (PAT) are stored in an encrypted format on StackSpot. Once saved, this information cannot be viewed or retrieved through the platform.
Step 1. Go to the Account Portal, or after logging in to StackSpot Portal, click your profile avatar.
Step 2. Select 'Organization'.
Step 3. In the Account Portal, click StackSpot EDP and then, click ’SCM’;
Step 4. Click the 'Edit' button. For Select provider, choose Azure DevOps.
Step 5. For Authentication method, select PAT (Personal Access Token) and fill in:
- User: Your Azure DevOps username
- Token: The Personal Access Token you generated earlier
Click the 'Save' button.
Step 6. For Workflow Settings, choose how your organization will manage SCM access. Enable or disable 'Will the organization manage SCM access via User PAT?':
- Enabled: Each user manages their own Azure DevOps PAT.
- Disabled: The company manages Azure DevOps access.
If you enable this, each account member must set up their own SCM Access.
Step 7. For Workflow URL, enter the repository URL with your pipelines so StackSpot knows where your workflow is. For example: https://dev.azure.com/myazure-user/scm-azure-pipes.
You’ve finished your configuration!