Azure DevOps Cheat Sheet

Overview

Azure DevOps is a comprehensive suite of development tools by Microsoft that covers the entire software development lifecycle. It provides five core services: Azure Repos (Git repositories), Azure Pipelines (CI/CD), Azure Boards (work item tracking and Kanban boards), Azure Artifacts (package management for NuGet, npm, Maven, Python), and Azure Test Plans (manual and automated testing). It can be used as a cloud-hosted service (dev.azure.com) or self-hosted via Azure DevOps Server.

Azure Pipelines supports YAML-based pipeline definitions with multi-stage deployments, approval gates, environment-based targeting, and template reuse. Pipelines can build and deploy to any cloud or on-premises target—not just Azure. The service offers Microsoft-hosted agents (Linux, Windows, macOS) and self-hosted agent pools. Azure DevOps integrates with GitHub, Slack, Teams, and hundreds of marketplace extensions.

Installation

Azure CLI with DevOps Extension

# Install Azure CLI
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

# Add DevOps extension
az extension add --name azure-devops

# Login and configure
az login
az devops configure --defaults organization=https://dev.azure.com/myorg project=MyProject

Configure Personal Access Token

# Set PAT for CLI authentication
export AZURE_DEVOPS_EXT_PAT=your-personal-access-token

# Or configure interactively
az devops login

Core CLI Commands

Command	Description
az devops project list	List all projects
az devops project create --name <name>	Create a new project
az repos list	List repositories
az repos create --name <name>	Create a new repository
az pipelines list	List pipelines
az pipelines run --name <pipeline>	Trigger a pipeline run
az boards work-item create --type Task --title "..."	Create work item
az artifacts universal publish	Publish universal package

Azure Pipelines (YAML)

Basic CI Pipeline

# azure-pipelines.yml
trigger:
  branches:
    include:
      - main
      - release/*
  paths:
    exclude:
      - docs/*
      - README.md

pool:
  vmImage: 'ubuntu-latest'

variables:
  NODE_VERSION: '20.x'

stages:
  - stage: Build
    displayName: 'Build and Test'
    jobs:
      - job: BuildJob
        steps:
          - task: NodeTool@0
            inputs:
              versionSpec: $(NODE_VERSION)
            displayName: 'Install Node.js'

          - script: |
              npm ci
              npm run lint
              npm run build
              npm test -- --coverage
            displayName: 'Install, Build, Test'

          - task: PublishTestResults@2
            inputs:
              testResultsFormat: 'JUnit'
              testResultsFiles: '**/junit.xml'

          - task: PublishCodeCoverageResults@2
            inputs:
              summaryFileLocation: 'coverage/cobertura-coverage.xml'

          - task: PublishBuildArtifacts@1
            inputs:
              pathToPublish: 'dist'
              artifactName: 'app'

Multi-Stage CD Pipeline

stages:
  - stage: Build
    jobs:
      - job: Build
        pool:
          vmImage: 'ubuntu-latest'
        steps:
          - script: npm ci && npm run build
          - publish: dist
            artifact: app

  - stage: DeployStaging
    dependsOn: Build
    condition: succeeded()
    jobs:
      - deployment: DeployStaging
        environment: staging
        strategy:
          runOnce:
            deploy:
              steps:
                - download: current
                  artifact: app
                - task: AzureWebApp@1
                  inputs:
                    azureSubscription: 'my-connection'
                    appName: 'my-app-staging'
                    package: '$(Pipeline.Workspace)/app'

  - stage: DeployProduction
    dependsOn: DeployStaging
    condition: succeeded()
    jobs:
      - deployment: DeployProd
        environment: production
        strategy:
          runOnce:
            deploy:
              steps:
                - download: current
                  artifact: app
                - task: AzureWebApp@1
                  inputs:
                    azureSubscription: 'my-connection'
                    appName: 'my-app-prod'
                    package: '$(Pipeline.Workspace)/app'

Pipeline Templates

# templates/build-template.yml
parameters:
  - name: nodeVersion
    default: '20.x'
  - name: buildCommand
    default: 'npm run build'

steps:
  - task: NodeTool@0
    inputs:
      versionSpec: ${{ parameters.nodeVersion }}
  - script: |
      npm ci
      ${{ parameters.buildCommand }}

# azure-pipelines.yml
stages:
  - stage: Build
    jobs:
      - job: Build
        steps:
          - template: templates/build-template.yml
            parameters:
              nodeVersion: '20.x'
              buildCommand: 'npm run build:prod'

Azure Repos

# Clone a repo
az repos clone --repository my-repo

# Create pull request
az repos pr create \
  --title "Feature: Add auth module" \
  --description "Implements OAuth2 flow" \
  --source-branch feature/auth \
  --target-branch main \
  --reviewers user@example.com

# List pull requests
az repos pr list --status active

# Set branch policy
az repos policy approver-count create \
  --branch main \
  --repository-id <repo-id> \
  --minimum-approver-count 2 \
  --creator-vote-counts false \
  --blocking true \
  --enabled true

Azure Boards

# Create work items
az boards work-item create --type "User Story" --title "Implement login page" --assigned-to "user@example.com"
az boards work-item create --type Bug --title "Fix login redirect" --priority 1

# Query work items
az boards query --wiql "SELECT [System.Id], [System.Title] FROM WorkItems WHERE [System.State] = 'Active'"

# Update work item
az boards work-item update --id 123 --state "In Progress"

Configuration

Service Connections

# Create Azure RM service connection
az devops service-endpoint azurerm create \
  --name "azure-prod" \
  --azure-rm-service-principal-id <sp-id> \
  --azure-rm-subscription-id <sub-id> \
  --azure-rm-tenant-id <tenant-id>

Variable Groups

variables:
  - group: production-secrets
  - name: LOCAL_VAR
    value: 'some-value'

# Create variable group
az pipelines variable-group create \
  --name "production-secrets" \
  --variables DB_HOST=prod-db.example.com \
  --authorize true

Advanced Usage

Self-Hosted Agents

# Download agent
mkdir myagent && cd myagent
curl -O https://vstsagentpackage.azureedge.net/agent/3.232.1/vsts-agent-linux-x64-3.232.1.tar.gz
tar xzf vsts-agent-linux-x64-3.232.1.tar.gz

# Configure
./config.sh --url https://dev.azure.com/myorg --auth pat --token <PAT> --pool default

# Run as service
sudo ./svc.sh install
sudo ./svc.sh start

Container Jobs

jobs:
  - job: ContainerBuild
    pool:
      vmImage: 'ubuntu-latest'
    container:
      image: node:20-alpine
    steps:
      - script: |
          npm ci
          npm test

Environments and Approvals

# Environments with approval gates configured in UI
jobs:
  - deployment: Deploy
    environment: production
    strategy:
      canary:
        increments: [10, 50]
        deploy:
          steps:
            - script: echo deploying
        on:
          success:
            steps:
              - script: echo success
          failure:
            steps:
              - script: echo rollback

Troubleshooting

Issue	Solution
Pipeline stuck at approval	Check Environments in project settings for pending approvals
Agent offline	Verify agent service is running; check _diag/ logs on the agent machine
TF401019: authorization error	PAT expired or lacks required scopes; regenerate with correct permissions
YAML syntax errors	Use the Azure DevOps YAML editor with IntelliSense for validation
Artifacts not found in downstream stage	Ensure publish and download artifact names match
Slow pipeline execution	Use pipeline caching (Cache@2 task) for dependencies
Branch policy blocking merge	Verify all required checks pass; check minimum reviewer count