Azure DevOps Community Forums

Hi team,

I'm working on a custom build task for Azure DevOps that needs to send notifications to GitHub whenever a pipeline run completes (either success or failure). I've looked into the GitHub API and Azure DevOps extension APIs, but I'm struggling to find a clean way to achieve this. Specifically, I want to post a commit status or a comment on a pull request.

Are there any existing community extensions or best practices for this kind of integration? Any guidance on how to authenticate with GitHub from within a custom Azure DevOps task would be greatly appreciated.

// Pseudocode example of what I'm trying to do
async function process(inputs) {
    const githubToken = getSecret('GitHubPAT'); // Need to securely get this
    const repoUrl = inputs.githubRepoUrl;
    const commitSha = inputs.commitSha;
    const pipelineResult = inputs.pipelineResult; // 'succeeded', 'failed', etc.

    await sendGitHubStatus(githubToken, repoUrl, commitSha, pipelineResult);
}

Thanks in advance!

Hello John,

This is a common requirement. For posting commit statuses, the standard Azure DevOps GitHub integration usually handles this well. If you're building a custom task, you might want to leverage service connections.

When configuring your Azure DevOps pipeline, you can set up a GitHub service connection. This connection stores your Personal Access Token (PAT) securely. Your custom task can then use this service connection to authenticate with GitHub.

Here’s a general approach:

1. Create a GitHub Service Connection: In your Azure DevOps project settings, go to "Service connections" and create a new one of type "GitHub". You'll need a GitHub PAT with sufficient scopes (e.g., `repo` and `admin:repo_hook`).
2. Access the Service Connection in your Task: Your custom task can access the credentials stored in the service connection using the Azure DevOps REST API or SDK. The `azure-pipelines-task-lib` npm package provides utilities for this.
3. Use the GitHub API: Once authenticated, you can use libraries like `axios` or `node-fetch` in your Node.js task to make requests to the GitHub API (e.g., `POST /repos/{owner}/{repo}/statuses/{sha}`).

For commenting on PRs, you would typically use the GitHub API endpoint for creating comments on commits or pull requests.

Let me know if you need more specific code examples for accessing service connection details within a task.

Thanks Sarah!

The service connection approach sounds promising. I was trying to embed the PAT directly in the pipeline variables, which is definitely not ideal.

Could you point me to any documentation or examples on how `azure-pipelines-task-lib` helps in accessing service connection details? I'm using TypeScript for my task.