Azure Devops support

[mcdafydd]

This pull request adds support for using Azure Devops as a VCS provider.

[lkysow]

Can you help explain why users would rather link and comment on a work item for each pull request rather than comment directly on the PR?

[mcdafydd]

Can you help explain why users would rather link and comment on a work item for each pull request rather than comment directly on the PR?

I was following the idea in the Microsoft documentation here that recommends driving development from the work item, which seemed fine at the time given the lack of the PR comment webhook.

In our environment today, putting comments directly on the PR and more closely linking the Terraform plan with its execution makes sense. I can't think of a great reason we would need to run atlantis commands from a work item rather than a PR, but I imagine we will remain interested in linking our pull requests to a work item for tracking.

I'm happy to defer to more experienced teams doing this and adopt the recommended guidance. I started adding support for the new event payload to go-azuredevops. I don't suspect it'll take too much more work to finish it.

Thanks!

[mcdafydd]

I deployed a new branch from my fork just now azure-devops-pr-comment. I'll test it out a bit. The pull request comments are threaded. I'm creating a new thread for each response from atlantis for now, rather than sending the atlantis response into the same thread with the command, since I don't have an easy way to pass the thread and parent comment ID from the webhook payload over to the vcs.CreateComment() function. Also, this code only supports Resource Version 2.0 of the webhook payload (which seems to be the default).

The branch would still need some code removed presuming we move forward with this method for responding to comments.

Edit: removing quoting

[lkysow]

👍 I like going this route.

[mcdafydd]

@dedamico @naru014 @jpreese If you're interested in testing the changes, I'd love any feedback.
All work item comment connectivity is gone, so interaction is now solely through pull request creation, updates, and comments, similar to other VCS providers.

I ran into the issue yesterday where upon PR creation I immediately got back a comment saying the workspace was already locked. It was caused by a master branch policy that automatically adds reviewers. So when the PR was created, a "pullrequest.created" event was generated, and then about 1 second later a "pullrequest.updated" event was sent when the reviewers were added.

Is this a situation we want to improve in code at all or just document?

[lkysow]

Is this a situation we want to improve in code at all or just document?

Can we find out that what changed was just new reviewers? We should only act on pull request update events that are about pushing a new commit (or force pushing). We should detect this before it gets to the stage where it ends up triggering locking.

[mcdafydd]

Can we find out that what changed was just new reviewers? We should only act on pull request update events that are about pushing a new commit (or force pushing). We should detect this before it gets to the stage where it ends up triggering locking.

Ok, sounds good. Yes, I'm sure this is what triggered it. Looking at the webhook payloads, I think the primary way we can detect it is in the message text "changed the reviewer list". There's no clear field for this particular type of pullrequest.updated event type.

Here are the relevant log snippets. First, the PR opening webhook in the ADO event history:

Sent at: Saturday, October 5, 2019 12:41:20 AM
Message
Dev created pull request 11871 (PR title) in REPO

Atlantis receives it:

2019/10/05 00:41:20+0000 [INFO] middleware.go:38 server: POST /events – from 20.36.242.132:5952
2019/10/05 00:41:20+0000 [DBUG] events_controller.go:130 server: Handling AzureDevops post
2019/10/05 00:41:20+0000 [DBUG] events_controller.go:226 server: Request valid
2019/10/05 00:41:20+0000 [DBUG] events_controller.go:242 server: Handling as pull request event
2019/10/05 00:41:20+0000 [INFO] events_controller.go:547 server: Identified event as type "opened"
2019/10/05 00:41:20+0000 [INFO] events_controller.go:347 server: Executing autoplan
2019/10/05 00:41:20+0000 [INFO] middleware.go:42 server: POST /events – respond HTTP 200

Then the second PR updated event history log:

Sent at: Saturday, October 5, 2019 12:41:21 AM
Message
Dev changed the reviewer list for pull request 11871 (PR title) in REPO

and receipt:

2019/10/05 00:41:21+0000 [INFO] middleware.go:38 server: POST /events – from 20.36.242.132:5953
2019/10/05 00:41:21+0000 [DBUG] events_controller.go:130 server: Handling AzureDevops post
2019/10/05 00:41:21+0000 [DBUG] events_controller.go:226 server: Request valid
2019/10/05 00:41:21+0000 [DBUG] events_controller.go:242 server: Handling as pull request event
2019/10/05 00:41:21+0000 [INFO] events_controller.go:547 server: Identified event as type "updated"
2019/10/05 00:41:21+0000 [INFO] events_controller.go:347 server: Executing autoplan
2019/10/05 00:41:21+0000 [INFO] middleware.go:42 server: POST /events – respond HTTP 200
2019/10/05 00:41:21+0000 [DBUG] project_command_builder.go:102 org/project/REPO#11871: Got workspace lock
2019/10/05 00:41:21+0000 [WARN] project_command_builder.go:99 org/project/REPO#11871: Workspace was locked
2019/10/05 00:41:21+0000 [DBUG] project_command_builder.go:110 org/project/REPO#11871: 5 files were modified in this pull request
2019/10/05 00:41:21+0000 [INFO] working_dir.go:123 org/project/REPO#11871: Creating dir "/home/user/.atlantis/repos/org/project/REPO/11871/default"
2019/10/05 00:41:22+0000 [EROR] command_runner.go:410 org/project/REPO#11871: The default workspace is currently locked by another command that is running for this pull request–wait until the previous command is complete and try again

[lkysow]

Looks like you're right. We can do a string.Contains to look for a message that the source branch was updated. Or we could require users specify the webhook change type to only be source branch updated. However I like not requiring users to set this and us just detecting the right types for them.

[mcdafydd]

I just saw this feature too :). We would also need "Votes score changed" events for vcs.PullIsApproved(). I'm down to make it easier for users so will add something to match the event type and submit it soon.

[mcdafydd]

There were at least six valid pull request updated message strings that we would've wanted to accept, so I just ignored the one message we don't want for now.

[yradsmikham]

Can we get an update on this? Would love to see it merge soon! Thanks!

[lkysow]

Needs Code (Read & Write), I think for writing pr comments

[lkysow]

This was failing for me because my repo had a - in it. The regex could be fixed but is this necessary? Can a malformed repo name get in here?

[lkysow]

We need to iterate through the links and pull out the web url. THis URL is the json url. CAn be done later though

{
  "resource": {
    "comment": {
      "_links": {
        "pullRequests": {
          "href": "https://dev.azure.com/lkysow/_apis/git/pullRequests/1" <<<< need this
        }
      }
    },

[lkysow]

This isn't actually used in the UI right now.

[lkysow]

I think I can safely say that this is the best PR ever submitted to the Atlantis repo. Thanks for all your tireless work and bearing through the long review.