@pulumi/azuredevops

import * as pulumi from "@pulumi/pulumi"; /** * Manages a branch control check on a resource within Azure DevOps. * * ## Example Usage * * ### Protect a service connection * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuredevops from "@pulumi/azuredevops"; * * const example = new azuredevops.Project("example", {name: "Example Project"}); * const exampleServiceEndpointGeneric = new azuredevops.ServiceEndpointGeneric("example", { * projectId: example.id, * serverUrl: "https://some-server.example.com", * username: "username", * password: "password", * serviceEndpointName: "Example Generic", * description: "Managed by Pulumi", * }); * const exampleCheckBranchControl = new azuredevops.CheckBranchControl("example", { * projectId: example.id, * displayName: "Managed by Pulumi", * targetResourceId: exampleServiceEndpointGeneric.id, * targetResourceType: "endpoint", * allowedBranches: "refs/heads/main, refs/heads/features/*", * timeout: 1440, * }); * ``` * * ### Protect an environment * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuredevops from "@pulumi/azuredevops"; * * const example = new azuredevops.Project("example", {name: "Example Project"}); * const exampleEnvironment = new azuredevops.Environment("example", { * projectId: example.id, * name: "Example Environment", * }); * const exampleCheckBranchControl = new azuredevops.CheckBranchControl("example", { * projectId: example.id, * displayName: "Managed by Pulumi", * targetResourceId: exampleEnvironment.id, * targetResourceType: "environment", * allowedBranches: "refs/heads/main, refs/heads/features/*", * }); * ``` * * ### Protect an agent queue * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuredevops from "@pulumi/azuredevops"; * * const example = new azuredevops.Project("example", {name: "Example Project"}); * const examplePool = new azuredevops.Pool("example", {name: "example-pool"}); * const exampleQueue = new azuredevops.Queue("example", { * projectId: example.id, * agentPoolId: examplePool.id, * }); * const exampleCheckBranchControl = new azuredevops.CheckBranchControl("example", { * projectId: example.id, * displayName: "Managed by Pulumi", * targetResourceId: exampleQueue.id, * targetResourceType: "queue", * allowedBranches: "refs/heads/main, refs/heads/features/*", * }); * ``` * * ### Protect a repository * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuredevops from "@pulumi/azuredevops"; * * const example = new azuredevops.Project("example", {name: "Example Project"}); * const exampleGit = new azuredevops.Git("example", { * projectId: example.id, * name: "Example Empty Git Repository", * initialization: { * initType: "Clean", * }, * }); * const exampleCheckBranchControl = new azuredevops.CheckBranchControl("example", { * projectId: example.id, * displayName: "Managed by Pulumi", * targetResourceId: pulumi.interpolate`${example.id}.${exampleGit.id}`, * targetResourceType: "repository", * allowedBranches: "refs/heads/main, refs/heads/features/*", * }); * ``` * * ### Protect a variable group * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azuredevops from "@pulumi/azuredevops"; * * const example = new azuredevops.Project("example", {name: "Example Project"}); * const exampleVariableGroup = new azuredevops.VariableGroup("example", { * projectId: example.id, * name: "Example Variable Group", * description: "Example Variable Group Description", * allowAccess: true, * variables: [ * { * name: "key1", * value: "val1", * }, * { * name: "key2", * secretValue: "val2", * isSecret: true, * }, * ], * }); * const exampleCheckBranchControl = new azuredevops.CheckBranchControl("example", { * projectId: example.id, * displayName: "Managed by Pulumi", * targetResourceId: exampleVariableGroup.id, * targetResourceType: "variablegroup", * allowedBranches: "refs/heads/main, refs/heads/features/*", * }); * ``` * * ## Relevant Links * * - [Define approvals and checks](https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass) * * ## Import * * Importing this resource is not supported. */ export declare class CheckBranchControl extends pulumi.CustomResource { /** * Get an existing CheckBranchControl resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CheckBranchControlState, opts?: pulumi.CustomResourceOptions): CheckBranchControl; /** * Returns true if the given object is an instance of CheckBranchControl. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is CheckBranchControl; /** * The branches allowed to use the resource. Specify a comma separated list of allowed branches in `refs/heads/branch_name` format. To allow deployments from all branches, specify ` * ` . `refs/heads/features/* , refs/heads/releases/*` restricts deployments to all branches under features/ or releases/ . Defaults to `*`. */ readonly allowedBranches: pulumi.Output<string | undefined>; /** * The name of the branch control check displayed in the web UI. */ readonly displayName: pulumi.Output<string | undefined>; /** * Allow deployment from branches for which protection status could not be obtained. Only relevant when verifyBranchProtection is `true`. Defaults to `false`. */ readonly ignoreUnknownProtectionStatus: pulumi.Output<boolean | undefined>; /** * The project ID. */ readonly projectId: pulumi.Output<string>; /** * The ID of the resource being protected by the check. */ readonly targetResourceId: pulumi.Output<string>; /** * The type of resource being protected by the check. Possible values are: `endpoint`, `environment`, `queue`, `repository`, `securefile`, `variablegroup`. */ readonly targetResourceType: pulumi.Output<string>; /** * The timeout in minutes for the branch control check. Defaults to `1440`. */ readonly timeout: pulumi.Output<number | undefined>; /** * Validate the branches being deployed are protected. Defaults to `false`. */ readonly verifyBranchProtection: pulumi.Output<boolean | undefined>; /** * The version of the check. */ readonly version: pulumi.Output<number>; /** * Create a CheckBranchControl resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: CheckBranchControlArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering CheckBranchControl resources. */ export interface CheckBranchControlState { /** * The branches allowed to use the resource. Specify a comma separated list of allowed branches in `refs/heads/branch_name` format. To allow deployments from all branches, specify ` * ` . `refs/heads/features/* , refs/heads/releases/*` restricts deployments to all branches under features/ or releases/ . Defaults to `*`. */ allowedBranches?: pulumi.Input<string>; /** * The name of the branch control check displayed in the web UI. */ displayName?: pulumi.Input<string>; /** * Allow deployment from branches for which protection status could not be obtained. Only relevant when verifyBranchProtection is `true`. Defaults to `false`. */ ignoreUnknownProtectionStatus?: pulumi.Input<boolean>; /** * The project ID. */ projectId?: pulumi.Input<string>; /** * The ID of the resource being protected by the check. */ targetResourceId?: pulumi.Input<string>; /** * The type of resource being protected by the check. Possible values are: `endpoint`, `environment`, `queue`, `repository`, `securefile`, `variablegroup`. */ targetResourceType?: pulumi.Input<string>; /** * The timeout in minutes for the branch control check. Defaults to `1440`. */ timeout?: pulumi.Input<number>; /** * Validate the branches being deployed are protected. Defaults to `false`. */ verifyBranchProtection?: pulumi.Input<boolean>; /** * The version of the check. */ version?: pulumi.Input<number>; } /** * The set of arguments for constructing a CheckBranchControl resource. */ export interface CheckBranchControlArgs { /** * The branches allowed to use the resource. Specify a comma separated list of allowed branches in `refs/heads/branch_name` format. To allow deployments from all branches, specify ` * ` . `refs/heads/features/* , refs/heads/releases/*` restricts deployments to all branches under features/ or releases/ . Defaults to `*`. */ allowedBranches?: pulumi.Input<string>; /** * The name of the branch control check displayed in the web UI. */ displayName?: pulumi.Input<string>; /** * Allow deployment from branches for which protection status could not be obtained. Only relevant when verifyBranchProtection is `true`. Defaults to `false`. */ ignoreUnknownProtectionStatus?: pulumi.Input<boolean>; /** * The project ID. */ projectId: pulumi.Input<string>; /** * The ID of the resource being protected by the check. */ targetResourceId: pulumi.Input<string>; /** * The type of resource being protected by the check. Possible values are: `endpoint`, `environment`, `queue`, `repository`, `securefile`, `variablegroup`. */ targetResourceType: pulumi.Input<string>; /** * The timeout in minutes for the branch control check. Defaults to `1440`. */ timeout?: pulumi.Input<number>; /** * Validate the branches being deployed are protected. Defaults to `false`. */ verifyBranchProtection?: pulumi.Input<boolean>; }