14 KiB
14 KiB
name, description
| name | description |
|---|---|
| sprint-254-features | Azure DevOps Sprint 254-262 new features and enhancements (2025) |
🚨 CRITICAL GUIDELINES
Windows File Path Requirements
MANDATORY: Always Use Backslashes on Windows for File Paths
When using Edit or Write tools on Windows, you MUST use backslashes (\) in file paths, NOT forward slashes (/).
Examples:
- ❌ WRONG:
D:/repos/project/file.tsx - ✅ CORRECT:
D:\repos\project\file.tsx
This applies to:
- Edit tool file_path parameter
- Write tool file_path parameter
- All file operations on Windows systems
Documentation Guidelines
NEVER create new documentation files unless explicitly requested by the user.
- Priority: Update existing README.md files rather than creating new documentation
- Repository cleanliness: Keep repository root clean - only README.md unless user requests otherwise
- Style: Documentation should be concise, direct, and professional - avoid AI-generated tone
- User preference: Only create additional .md files when user specifically asks for documentation
Azure DevOps 2025 Latest Features (Sprints 254-262)
New Expression Functions (Sprint 248)
iif() - Ternary Conditional Operator
# Syntax: iif(condition, valueIfTrue, valueIfFalse)
variables:
environment: 'production'
# Use iif for conditional values
instanceCount: ${{ iif(eq(variables.environment, 'production'), 10, 2) }}
deploymentSlot: ${{ iif(eq(variables.environment, 'production'), 'production', 'staging') }}
steps:
- script: echo "Deploying ${{ variables.instanceCount }} instances to ${{ variables.deploymentSlot }}"
trim() - Remove Whitespace
parameters:
- name: branchName
type: string
default: ' feature/my-branch '
variables:
# Remove leading/trailing whitespace
cleanBranch: ${{ trim(parameters.branchName) }}
# Result: 'feature/my-branch' (no spaces)
New Predefined Variables (Sprint 253)
Build.StageRequestedBy
Who requested the stage execution:
stages:
- stage: Deploy
jobs:
- job: DeployJob
steps:
- script: |
echo "Stage requested by: $(Build.StageRequestedBy)"
echo "Stage requester ID: $(Build.StageRequestedById)"
displayName: 'Log stage requester'
# Use for approval notifications
- task: SendEmail@1
inputs:
to: 'approvers@example.com'
subject: 'Deployment requested by $(Build.StageRequestedBy)'
Stage Dependencies Visualization (Sprint 254)
View stage dependencies when stage is expanded in pipeline UI:
stages:
- stage: Build
jobs:
- job: BuildJob
steps:
- script: echo "Building..."
- stage: Test
dependsOn: Build # Shown visually when expanded
jobs:
- job: TestJob
steps:
- script: echo "Testing..."
- stage: Deploy_USEast
dependsOn: Test
jobs:
- job: DeployJob
steps:
- script: echo "Deploying to US East..."
- stage: Deploy_EUWest
dependsOn: Test # Parallel with Deploy_USEast - visualized clearly
jobs:
- job: DeployJob
steps:
- script: echo "Deploying to EU West..."
Benefits:
- Visual dependency graph in UI
- Easier debugging of complex pipelines
- Clear multi-region deployment patterns
- Identify parallel vs sequential stages
New OS Images
Ubuntu-24.04 (General Availability)
pool:
vmImage: 'ubuntu-24.04' # Latest LTS - Recommended
# OR use ubuntu-latest (will map to 24.04 soon)
# vmImage: 'ubuntu-latest'
steps:
- script: |
lsb_release -a
# Ubuntu 24.04 LTS (Noble Numbat)
Key Information:
- Ubuntu 24.04 is now generally available
ubuntu-latestwill soon map toubuntu-24.04(currentlyubuntu-22.04)- Ubuntu 20.04 fully removed April 30, 2025
Windows Server 2025 (Coming June 2025)
pool:
vmImage: 'windows-2025' # GA: June 16, 2025
steps:
- pwsh: |
Get-ComputerInfo | Select-Object WindowsProductName, WindowsVersion
Key Information:
- General availability: June 16, 2025
windows-latestwill map towindows-2025starting September 2, 2025- Windows Server 2019 extended support until December 31, 2025
macOS-15 Sequoia (Available)
pool:
vmImage: 'macOS-15' # Sequoia
steps:
- script: |
sw_vers
# macOS 15.x (Sequoia)
Key Information:
- macOS 13 Ventura deprecation starts September 1, 2025
- macOS 13 retirement planned for December 4, 2025
- Apple Silicon (ARM64) support in preview
⚠️ Deprecated and Retired Images
Fully Removed (2025):
- Ubuntu 20.04 - Removed April 30, 2025
- .NET 6 - Removed from Windows and Ubuntu images August 1, 2025
Extended Support:
- Windows Server 2019 - Extended until December 31, 2025
- Deprecation starts: June 1, 2025
- Brownout periods: June 3-24, 2025
- Final removal: December 31, 2025
Upcoming Deprecations:
- macOS 13 Ventura - Deprecation: September 1, 2025, Retirement: December 4, 2025
Migration Recommendations:
# Ubuntu Migration
# OLD (Removed)
pool:
vmImage: 'ubuntu-20.04'
# NEW (Recommended)
pool:
vmImage: 'ubuntu-24.04' # Best: explicit version
# OR
vmImage: 'ubuntu-latest' # Will map to 24.04 soon
# Windows Migration
# OLD (Being deprecated)
pool:
vmImage: 'windows-2019'
# NEW (Recommended)
pool:
vmImage: 'windows-2022' # Current stable
# OR wait for
vmImage: 'windows-2025' # GA June 2025
GitHub Integration Improvements
Auto-linked Pull Requests
GitHub branches linked to work items automatically link PRs:
# When PR is created for branch linked to work item,
# PR automatically appears in work item's Development section
trigger:
branches:
include:
- feature/*
- users/*
# Work item auto-linking based on branch name pattern
# AB#12345 in commits auto-links to work item 12345
"Integrated in build" Links
GitHub repos show which build integrated the PR:
pr:
branches:
include:
- main
- develop
# After PR merged, work item shows:
# "Integrated in build: Pipeline Name #123"
# Direct link to build that deployed the change
Stage-Level Variables
stages:
- stage: Build
variables:
buildConfiguration: 'Release'
platform: 'x64'
jobs:
- job: BuildJob
steps:
- script: echo "Building $(buildConfiguration) $(platform)"
- stage: Deploy
variables:
environment: 'production'
region: 'eastus'
jobs:
- job: DeployJob
steps:
- script: |
echo "Stage: $(System.StageName)"
echo "Requested by: $(Build.StageRequestedBy)"
echo "Deploying to $(environment) in $(region)"
Practical Examples
Multi-Region Deployment with New Features
parameters:
- name: deployToProd
type: boolean
default: false
variables:
# Use iif for conditional values
targetEnvironment: ${{ iif(parameters.deployToProd, 'production', 'staging') }}
stages:
- stage: Build
jobs:
- job: BuildApp
pool:
vmImage: 'ubuntu-24.04' # New image
steps:
- script: npm run build
- stage: Test
dependsOn: Build
jobs:
- job: RunTests
pool:
vmImage: 'ubuntu-24.04'
steps:
- script: npm test
- stage: Deploy_USEast
dependsOn: Test
condition: succeeded()
variables:
region: 'eastus'
jobs:
- deployment: DeployToUSEast
environment: ${{ variables.targetEnvironment }}
pool:
vmImage: 'ubuntu-24.04'
strategy:
runOnce:
deploy:
steps:
- script: |
echo "Deploying to $(region)"
echo "Requested by: $(Build.StageRequestedBy)"
- stage: Deploy_EUWest
dependsOn: Test # Parallel with Deploy_USEast
condition: succeeded()
variables:
region: 'westeurope'
jobs:
- deployment: DeployToEUWest
environment: ${{ variables.targetEnvironment }}
pool:
vmImage: 'ubuntu-24.04'
strategy:
runOnce:
deploy:
steps:
- script: |
echo "Deploying to $(region)"
echo "Requested by: $(Build.StageRequestedBy)"
# Stage dependencies visualized clearly in UI (Sprint 254)
Continuous Access Evaluation (Sprint 260 - August 2025)
Enhanced Security with CAE
Azure DevOps now supports Continuous Access Evaluation (CAE), enabling near real-time enforcement of Conditional Access policies through Microsoft Entra ID.
Key Benefits:
- Instant access revocation on critical events
- No waiting for token expiration
- Enhanced security posture
Triggers for Access Revocation:
- User account disabled
- Password reset
- Location or IP address changes
- Risk detection events
- Policy violations
Example Scenario:
# Your pipeline with CAE enabled automatically
stages:
- stage: Production
jobs:
- deployment: Deploy
environment: 'production'
pool:
vmImage: 'ubuntu-24.04'
strategy:
runOnce:
deploy:
steps:
- script: echo "Deploying..."
# If user credentials are revoked mid-deployment,
# CAE will instantly terminate access
Implementation:
- General availability: August 2025
- Phased rollout to all customers
- No configuration required (automatic for all Azure DevOps orgs)
- Works with Microsoft Entra ID Conditional Access policies
Security Improvements:
- Immediate response to security events
- Reduces attack window from hours/days to seconds
- Complements existing security features (Key Vault, branch policies, etc.)
OAuth Apps Deprecation (April 2025)
Important Change:
- Azure DevOps no longer supports new registrations of Azure DevOps OAuth apps (effective April 2025)
- First step towards retiring the Azure DevOps OAuth platform
- Existing OAuth apps continue to work
- Plan migration to Microsoft Entra ID authentication
Migration Recommendations:
# Use service connections with Microsoft Entra ID instead
- task: AzureCLI@2
inputs:
azureSubscription: 'service-connection' # Uses Managed Identity or Service Principal
scriptType: 'bash'
scriptLocation: 'inlineScript'
addSpnToEnvironment: true
inlineScript: |
az account show
SNI Requirement (April 2025)
Network Requirement:
- Server Name Indication (SNI) required on all incoming HTTPS connections
- Effective: April 23, 2025
- Affects all Azure DevOps Services connections
What to Check:
- Ensure clients support SNI (most modern clients do)
- Update legacy tools/scripts if needed
- Test connectivity before April 23, 2025
OAuth Apps Deprecation (Sprint 261 - September 2025)
Critical Security Change:
Azure DevOps is enforcing one-time visibility for OAuth client secrets:
- Newly generated client secrets displayed only once at creation
- Get Registration Secret API will be retired
- Change effective: September 2, 2025
- No new OAuth app registrations allowed
Migration Path:
# Replace OAuth apps with Microsoft Entra ID authentication
# Use service connections with Managed Identity or Service Principal
- task: AzureCLI@2
inputs:
azureSubscription: 'entra-id-service-connection'
scriptType: 'bash'
addSpnToEnvironment: true
inlineScript: |
az account show
# Authenticated via Entra ID
Action Required:
- Audit existing OAuth apps
- Plan migration to Entra ID authentication
- Update CI/CD pipelines to use service connections
- Document secret rotation procedures
Agent Software Version 4 (October 2024 - Current)
Major Upgrade:
The Azure Pipelines agent has been upgraded from v3.x to v4.x, powered by .NET 8:
Key Improvements:
- Built on .NET 8 for better performance and security
- Extended platform support including ARM64
- Improved reliability and diagnostics
- Better resource management
Platform Support:
- Linux: Debian 11 & 12, Ubuntu 24.04, 22.04, 20.04 (ARM64 supported)
- macOS: Intel and Apple Silicon (ARM64 supported)
- Windows: Windows Server 2019, 2022, 2025
ARM64 Support:
# Self-hosted ARM64 agent
pool:
name: 'arm64-pool'
demands:
- agent.os -equals Linux
- Agent.OSArchitecture -equals ARM64
steps:
- script: uname -m
displayName: 'Verify ARM64 architecture'
Note: ARM64 support is available for self-hosted agents. Microsoft-hosted ARM64 macOS agents are in preview.
Sprint 262 - GitHub Copilot Integration (2025)
AI-Powered Work Item Assistance (Private Preview):
Connect Azure Boards work items directly with GitHub Copilot:
Capabilities:
- Send work items to Copilot coding agent
- AI-assisted bug fixes
- Automated feature implementation
- Test coverage improvements
- Documentation updates
- Technical debt reduction
Usage Pattern:
- Create work item in Azure Boards
- Add detailed requirements in description
- Send to GitHub Copilot
- Copilot generates code changes
- Review and merge via standard PR process
Integration with Pipelines:
# Work items auto-link with PRs
trigger:
branches:
include:
- feature/*
# Mention work item in commit
# Example: "Fix login bug AB#12345"
# Automatically links PR to work item and tracks in build