GitHub Push Pipeline
Overview
This pipeline automates pushing content from Azure DevOps repositories to GitHub. It's designed to keep internal (Azure DevOps) and external (GitHub) versions of the repository in sync by pushing changes, creating branches, and opening pull requests.
Prerequisites
- GitHub App configured with appropriate permissions
- Variable group
ai-on-edge-secretscontaining: github-app-private-key: Private key for GitHub App authenticationgithub-app-client-id: Client ID for the GitHub AppgithubRepoUrl: URL to the target GitHub repository (with__token__placeholder)
Pipeline Triggers
- Manual trigger only: This pipeline must be run manually
Pipeline Resources
- Agent Pool:
ai-on-edge-managed-pool - VM Image:
ubuntu-latest
Pipeline Structure
Jobs
-
GitHubPush: Pushes changes from Azure DevOps to GitHub
- Creates GitHub access token using JWT authentication
- Sets up Git remote pointing to GitHub
- Pushes current branch to a new branch on GitHub (named
azdo-{BuildId}) - Opens a pull request in GitHub
-
Versioning: Updates version based on Git tag (runs only on
feat/gh-pushbranch)- Uses GitVersion to determine semantic version
- Creates and pushes a Git tag with the version
Usage
- Run the pipeline manually when you want to sync changes from Azure DevOps to GitHub
- Monitor the pipeline for successful completion
- Check GitHub for the newly created branch and pull request
Authentication
This pipeline uses GitHub App authentication:
- Creates a JWT token using the app's private key
- Exchanges the JWT token for an installation token
- Uses the installation token to authenticate Git operations
Notes
- The pipeline force-pushes to GitHub, overwriting the target branch if it exists
- The versioning job only runs when the source branch is
feat/gh-push - The pipeline depends on helper scripts in
scripts/github/directory
🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.