How to: Create repository and branch policies on Azure DevOps using Azure DevOps CLI

Vinicius Moura
3 min readMay 10, 2020

Learn how you use Azure DevOps CLI to create repository and respective branch policies

Continuing to explore Azure DevOps CLI, in this post I will show you how to create one repository and respective branch policies on Azure DevOps. To do this, I used again PowerShell to automate this procedure (see original GitHub repository here):

After execution, we will see this result:

In this script, I’m using az repos instructions and I’ll show bellow all commands that I’ve used:

az repos create --name $RepoName --project $Project --organization $Organization | ConvertFrom-Json
az repos policy approver-count create --allow-downvotes false --blocking true --branch $branchName --creator-vote-counts false --enabled true --minimum-approver-count 1 --repository-id $repoId --reset-on-source-push false  --project $Project --organization $Organization | ConvertFrom-Json
az repos policy work-item-linking create --blocking true --branch $branchName --enabled true --repository-id $repoId --project $Project --organization $Organization | ConvertFrom-Json
az repos policy comment-required create --blocking true --branch $branchName --enabled true --repository-id $repoId --project $Project --organization $Organization | ConvertFrom-Json
az repos policy required-reviewer create --blocking true --branch $branchName --enabled true --repository-id $repoId --message "master" --required-reviewer-ids $Reviewers  --project $Project --organization $Organization| ConvertFrom-Json

To check all policies created, just access branches on your respective repository and verified each policy (Branch policies option):

One important policy that we can use will valid any pull requests. After creating a repository, include the respective source code, you will be able to create a Build Definition. With this definition, use the command az repos policy build to create to link this build with the repository.

az repos policy build create --blocking true --branch $branchName --build-definition-id $BuildDefinitionId --display-name 'Build to Pull Requests' --enabled true --manual-queue-only false --queue-on-source-update-only false --repository-id $repoId --valid-duration 0  --project $Project --organization $Organization | ConvertFrom-Json