playbooks

home / skills / sanjay3290 / ai-skills / azure-devops

azure-devops skill

/skills/azure-devops

This skill helps you manage Azure DevOps projects, work items, repos, pipelines, and security settings using REST API across domains.

npx playbooks add skill sanjay3290/ai-skills --skill azure-devops

Review the files below or copy the command above to add this skill to your agents.

Files (18)
SKILL.md
16.4 KB
---
name: azure-devops
description: |
  Manage Azure DevOps projects, work items, repos, PRs, pipelines, wikis, test plans, security alerts,
  variable groups, environments/approvals, branch policies, and attachments. Use when user asks to: manage
  sprints, create/update work items, list repos, create PRs, run pipelines, search code, manage wiki pages,
  check security alerts, manage variable groups, approve deployments, or configure branch policies.
  Covers 13 domains with 99 tools via REST API.
license: Apache-2.0
metadata:
  author: sanjay3290
  version: "1.0"
---

# Azure DevOps

Full Azure DevOps integration using OAuth or PAT authentication and REST API v7.1.

## First-Time Setup

### Option 1: OAuth (Recommended)

Login with OAuth device code flow (shows "Visual Studio Code" prompt):
```bash
python scripts/auth.py login --org MyOrganization
```
Follow the URL and enter the device code to authorize. Tokens auto-refresh.

### Option 2: PAT

Login with a Personal Access Token:
```bash
python scripts/auth.py login --org MyOrganization --pat YOUR_PAT
```

Create a PAT at `https://dev.azure.com/{org}/_usersSettings/tokens` with these scopes:
- **Work Items**: Read & Write
- **Code**: Read & Write (for repos/PRs)
- **Build**: Read & Execute (for pipelines)
- **Wiki**: Read & Write
- **Test Management**: Read & Write
- **Advanced Security**: Read (for security alerts)
- **Project and Team**: Read
- **Identity**: Read (for user search)

### Common Commands

Check authentication status:
```bash
python scripts/auth.py status
```

Logout:
```bash
python scripts/auth.py logout
```

## Core (scripts/core.py)

```bash
# List all projects
python scripts/core.py list-projects
python scripts/core.py list-projects --top 10

# List teams in a project
python scripts/core.py list-teams --project MyProject

# Search for a user identity
python scripts/core.py get-identity --search "[email protected]"
```

## Work Items (scripts/work_items.py)

```bash
# Get a work item
python scripts/work_items.py get --project MyProject --id 123
python scripts/work_items.py get --project MyProject --id 123 --expand relations

# Create a work item
python scripts/work_items.py create --project MyProject --type "User Story" --title "New feature"
python scripts/work_items.py create --project MyProject --type Bug --title "Fix login" \
  --field System.Description "Login fails on timeout" \
  --field System.AssignedTo "[email protected]"

# Update a work item
python scripts/work_items.py update --project MyProject --id 123 \
  --field System.State "Active" \
  --field System.AssignedTo "[email protected]"

# Batch get multiple work items
python scripts/work_items.py batch-get --project MyProject --ids 1,2,3

# Add children to a parent
python scripts/work_items.py add-children --project MyProject --parent-id 100 --child-ids 101,102

# Link work items
python scripts/work_items.py link --project MyProject --source-id 100 --target-id 200
python scripts/work_items.py link --project MyProject --source-id 100 --target-id 200 \
  --link-type "System.LinkTypes.Dependency-Forward"

# Remove a link
python scripts/work_items.py unlink --project MyProject --source-id 100 --relation-index 0

# Comments
python scripts/work_items.py add-comment --project MyProject --id 123 --text "Working on this"
python scripts/work_items.py list-comments --project MyProject --id 123

# History
python scripts/work_items.py get-revisions --project MyProject --id 123

# List work item types
python scripts/work_items.py list-types --project MyProject

# My assigned items
python scripts/work_items.py my-items --project MyProject

# Items in an iteration
python scripts/work_items.py iteration-items --project MyProject --iteration-path "MyProject\\Sprint 1"

# Backlogs
python scripts/work_items.py list-backlogs --project MyProject --team "MyProject Team"

# Saved queries
python scripts/work_items.py list-queries --project MyProject
python scripts/work_items.py get-query --project MyProject --path "Shared Queries/Active Bugs"
python scripts/work_items.py run-query --project MyProject --query-id "guid-here"

# WIQL query
python scripts/work_items.py run-wiql --project MyProject \
  --query "SELECT [System.Id], [System.Title] FROM WorkItems WHERE [System.State] = 'Active'"

# Delete / recycle bin
python scripts/work_items.py delete --project MyProject --id 999
python scripts/work_items.py recycle-bin --project MyProject
```

## Git Repos & PRs (scripts/repos.py)

```bash
# List repositories
python scripts/repos.py list --project MyProject

# Get repo details
python scripts/repos.py get --project MyProject --repo my-repo

# Branches
python scripts/repos.py list-branches --project MyProject --repo my-repo
python scripts/repos.py create-branch --project MyProject --repo my-repo --name feature/new --source main

# Commits
python scripts/repos.py search-commits --project MyProject --repo my-repo --path /src --author "john" --top 10

# Pull requests
python scripts/repos.py list-prs --project MyProject --repo my-repo
python scripts/repos.py list-prs --project MyProject --status completed --top 5

python scripts/repos.py create-pr --project MyProject --repo my-repo \
  --source feature/new --target main --title "Add new feature" --description "Details here"

python scripts/repos.py get-pr --project MyProject --repo my-repo --pr-id 42

python scripts/repos.py update-pr --project MyProject --repo my-repo --pr-id 42 --title "Updated title"

# Reviewers
python scripts/repos.py list-reviewers --project MyProject --repo my-repo --pr-id 42
python scripts/repos.py add-reviewer --project MyProject --repo my-repo --pr-id 42 \
  --reviewer-id "guid" --vote 10

# PR comments
python scripts/repos.py list-threads --project MyProject --repo my-repo --pr-id 42
python scripts/repos.py create-thread --project MyProject --repo my-repo --pr-id 42 \
  --content "Looks good!" --file-path "/src/main.py" --line 25
python scripts/repos.py add-thread-comment --project MyProject --repo my-repo --pr-id 42 \
  --thread-id 1 --content "Fixed"

# Complete or abandon PR
python scripts/repos.py complete-pr --project MyProject --repo my-repo --pr-id 42
python scripts/repos.py complete-pr --project MyProject --repo my-repo --pr-id 42 \
  --merge-strategy rebase --keep-source
python scripts/repos.py abandon-pr --project MyProject --repo my-repo --pr-id 42

# Diff
python scripts/repos.py get-diff --project MyProject --repo my-repo --base main --target feature/new

# Browse files
python scripts/repos.py list-files --project MyProject --repo my-repo --path /src --branch main
```

## Iterations & Capacity (scripts/work.py)

```bash
# List iterations
python scripts/work.py list-iterations --project MyProject

# Create iteration
python scripts/work.py create-iteration --project MyProject --name "Sprint 5" \
  --start-date 2026-03-01 --finish-date 2026-03-14

# Get iteration details
python scripts/work.py get-iteration --project MyProject --iteration-id "guid"

# Team iterations
python scripts/work.py team-iterations --project MyProject --team "MyTeam" --timeframe current

# Assign iteration to team
python scripts/work.py assign-iteration --project MyProject --team "MyTeam" --iteration-id "guid"

# Capacities
python scripts/work.py get-capacities --project MyProject --team "MyTeam" --iteration-id "guid"
python scripts/work.py set-capacity --project MyProject --team "MyTeam" --iteration-id "guid" \
  --member-id "user-guid" --activity Development --capacity-per-day 6
```

## Pipelines & Builds (scripts/pipelines.py)

```bash
# Create pipeline
python scripts/pipelines.py create --project MyProject --name "CI" \
  --repo-id "repo-guid" --yaml-path "/azure-pipelines.yml"

# List builds
python scripts/pipelines.py list-builds --project MyProject --top 5
python scripts/pipelines.py list-builds --project MyProject --status completed --branch main

# Get build details and logs
python scripts/pipelines.py get-build --project MyProject --build-id 100
python scripts/pipelines.py build-logs --project MyProject --build-id 100
python scripts/pipelines.py build-logs --project MyProject --build-id 100 --log-id 3
python scripts/pipelines.py build-changes --project MyProject --build-id 100

# Pipeline definitions
python scripts/pipelines.py list-definitions --project MyProject
python scripts/pipelines.py list-definitions --project MyProject --name "CI"

# Run a pipeline
python scripts/pipelines.py run --project MyProject --pipeline-id 5 --branch develop
python scripts/pipelines.py run --project MyProject --pipeline-id 5 \
  --variable ENV production --variable DEPLOY true

# Pipeline runs
python scripts/pipelines.py get-run --project MyProject --pipeline-id 5 --run-id 200
python scripts/pipelines.py list-runs --project MyProject --pipeline-id 5 --top 10

# Stage management
python scripts/pipelines.py update-stage --project MyProject --build-id 100 --stage Deploy --state retry

# Artifacts
python scripts/pipelines.py get-artifacts --project MyProject --build-id 100

# Queue and cancel builds
python scripts/pipelines.py queue-build --project MyProject --definition-id 10 --branch main
python scripts/pipelines.py cancel-build --project MyProject --build-id 100

# Latest build status
python scripts/pipelines.py build-status --project MyProject --definition-id 10
```

## Search (scripts/search.py)

```bash
# Search code
python scripts/search.py code --project MyProject --query "TODO"
python scripts/search.py code --project MyProject --query "connectionString" --top 10

# Search wiki
python scripts/search.py wiki --project MyProject --query "deployment guide"

# Search work items
python scripts/search.py work-items --project MyProject --query "login bug"
```

## Wiki (scripts/wiki.py)

```bash
# List wikis
python scripts/wiki.py list --project MyProject

# Get wiki details
python scripts/wiki.py get --project MyProject --wiki-id MyProject.wiki

# List pages
python scripts/wiki.py list-pages --project MyProject --wiki-id MyProject.wiki
python scripts/wiki.py list-pages --project MyProject --wiki-id MyProject.wiki --path /Architecture

# Get page content
python scripts/wiki.py get-page --project MyProject --wiki-id MyProject.wiki --path /Home
python scripts/wiki.py get-page-content --project MyProject --wiki-id MyProject.wiki --path /Home

# Create or update a page
python scripts/wiki.py create-or-update-page --project MyProject --wiki-id MyProject.wiki \
  --path /NewPage --content "# New Page\n\nContent here"
```

## Test Plans (scripts/test_plans.py)

```bash
# Test plans
python scripts/test_plans.py list-plans --project MyProject
python scripts/test_plans.py get-plan --project MyProject --plan-id 1
python scripts/test_plans.py create-plan --project MyProject --name "Release 2.0 Tests"

# Test suites
python scripts/test_plans.py list-suites --project MyProject --plan-id 1
python scripts/test_plans.py get-suite --project MyProject --plan-id 1 --suite-id 2

# Test cases
python scripts/test_plans.py list-test-cases --project MyProject --plan-id 1 --suite-id 2
python scripts/test_plans.py add-test-cases --project MyProject --plan-id 1 --suite-id 2 --ids 100,101

# Test results
python scripts/test_plans.py list-results --project MyProject --run-id 50
python scripts/test_plans.py get-result --project MyProject --run-id 50 --result-id 1
```

## Advanced Security (scripts/security.py)

```bash
# List security alerts
python scripts/security.py list-alerts --project MyProject --repo my-repo
python scripts/security.py list-alerts --project MyProject --repo my-repo \
  --state active --severity high --type dependency

# Get alert details
python scripts/security.py get-alert --project MyProject --repo my-repo --alert-id 42
```

## Variable Groups (scripts/variable_groups.py)

```bash
# List variable groups
python scripts/variable_groups.py list --project MyProject

# Get a variable group
python scripts/variable_groups.py get --project MyProject --id 1

# Create a variable group
python scripts/variable_groups.py create --project MyProject --name "Deploy Vars" \
  --variable ENV production --variable REGION eastus --description "Deploy config"

# Update a variable group
python scripts/variable_groups.py update --project MyProject --id 1 --name "New Name" \
  --variable ENV staging

# Add/update a single variable (supports --secret for sensitive values)
python scripts/variable_groups.py add-variable --project MyProject --id 1 \
  --key API_KEY --value "secret123" --secret

# Remove a variable
python scripts/variable_groups.py remove-variable --project MyProject --id 1 --key OLD_VAR

# Delete a variable group
python scripts/variable_groups.py delete --project MyProject --id 1
```

## Environments & Approvals (scripts/environments.py)

```bash
# List environments
python scripts/environments.py list --project MyProject

# Create an environment
python scripts/environments.py create --project MyProject --name "Production" \
  --description "Production environment"

# Get environment details
python scripts/environments.py get --project MyProject --id 1

# List checks/approvals configured on an environment
python scripts/environments.py list-checks --project MyProject --id 1

# List pending approvals
python scripts/environments.py list-approvals --project MyProject
python scripts/environments.py list-approvals --project MyProject --state all

# Approve/reject
python scripts/environments.py approve --project MyProject --approval-id "guid" \
  --comment "Looks good"
python scripts/environments.py reject --project MyProject --approval-id "guid" \
  --comment "Needs fixes"

# Delete an environment
python scripts/environments.py delete --project MyProject --id 1
```

## Branch Policies (scripts/policies.py)

```bash
# List all policies
python scripts/policies.py list --project MyProject
python scripts/policies.py list --project MyProject --branch main --repo my-repo-id

# Get a policy
python scripts/policies.py get --project MyProject --id 1

# List available policy types
python scripts/policies.py list-types --project MyProject

# Create minimum reviewers policy
python scripts/policies.py create-min-reviewers --project MyProject \
  --repo-id "repo-guid" --branch main --min-reviewers 2 --reset-on-push

# Create build validation policy
python scripts/policies.py create-build-policy --project MyProject \
  --repo-id "repo-guid" --branch main --build-definition-id 10

# Update a policy (enable/disable/blocking)
python scripts/policies.py update --project MyProject --id 1 --enabled false
python scripts/policies.py update --project MyProject --id 1 --blocking true

# List policy evaluations for a PR
python scripts/policies.py list-evaluations --project MyProject --pr-id 42

# Delete a policy
python scripts/policies.py delete --project MyProject --id 1
```

## Work Item Attachments (scripts/attachments.py)

```bash
# Upload a file
python scripts/attachments.py upload --project MyProject --file ./report.pdf

# Attach an uploaded file to a work item
python scripts/attachments.py attach --project MyProject --id 123 \
  --url "https://dev.azure.com/org/project/_apis/wit/attachments/guid" \
  --comment "Test report"

# Upload and attach in one step
python scripts/attachments.py upload-and-attach --project MyProject --id 123 \
  --file ./screenshot.png --comment "Bug screenshot"

# List attachments on a work item
python scripts/attachments.py list --project MyProject --id 123

# Download an attachment
python scripts/attachments.py download --project MyProject \
  --url "https://dev.azure.com/org/project/_apis/wit/attachments/guid" \
  --output ./downloaded.pdf

# Remove an attachment by relation index
python scripts/attachments.py remove --project MyProject --id 123 --index 0
```

## Common Work Item Fields

| Field | Reference Name |
|-------|---------------|
| Title | `System.Title` |
| State | `System.State` |
| Assigned To | `System.AssignedTo` |
| Description | `System.Description` |
| Area Path | `System.AreaPath` |
| Iteration Path | `System.IterationPath` |
| Priority | `Microsoft.VSTS.Common.Priority` |
| Story Points | `Microsoft.VSTS.Scheduling.StoryPoints` |
| Tags | `System.Tags` |
| Repro Steps | `Microsoft.VSTS.TCM.ReproSteps` |
| Acceptance Criteria | `Microsoft.VSTS.Common.AcceptanceCriteria` |

## Link Types

| Link Type | Reference Name |
|-----------|---------------|
| Related | `System.LinkTypes.Related` |
| Parent → Child | `System.LinkTypes.Hierarchy-Forward` |
| Child → Parent | `System.LinkTypes.Hierarchy-Reverse` |
| Predecessor | `System.LinkTypes.Dependency-Forward` |
| Successor | `System.LinkTypes.Dependency-Reverse` |

## Token Management

Credentials stored securely using the system keyring:
- **macOS**: Keychain
- **Windows**: Windows Credential Locker
- **Linux**: Secret Service API

Service name: `azure-devops-skill`

Overview

This skill provides full Azure DevOps management via REST API using OAuth device flow or Personal Access Token authentication. It exposes scripts to manage projects, work items, repos, pull requests, pipelines, wikis, test plans, security alerts, variable groups, environments/approvals, branch policies, and attachments. Designed for automation and interactive agent workflows across 13 domains with extensive tooling.

How this skill works

The skill calls Azure DevOps REST API v7.1 through a collection of Python scripts. Authentication is supported with OAuth device code flow (recommended) or PAT; tokens auto-refresh for OAuth. Each script targets a domain (work items, repos, pipelines, etc.) and accepts clear command-line parameters for listing, creating, updating, running, and approving resources.

When to use it

  • Create or update work items, iterations, and backlogs.
  • Manage Git repos: branches, commits, and pull requests including reviewers and comments.
  • Run, monitor, and inspect pipeline builds, logs, artifacts, and stages.
  • Manage wikis, test plans, and test results.
  • Query or act on security alerts and configure branch policies.
  • Manage variable groups, environment approvals, and deployment checks.

Best practices

  • Prefer OAuth device flow for automated token refresh and least privilege.
  • Use specific project and repo flags to scope commands and avoid cross-project side effects.
  • Pass --top or pagination parameters when listing to control response sizes.
  • Use descriptive titles and fields when creating work items or PRs to ease traceability.
  • Treat secrets in variable groups as secret flags and limit access scope.
  • Validate pipeline runs and approval actions with get/list commands before approving or canceling.

Example use cases

  • Create a sprint iteration and assign it to a team with start/finish dates.
  • Create a bug work item, assign it, add comments, and link it to a parent story.
  • Create a feature branch, push changes, and open a pull request with reviewers and comments.
  • Queue a pipeline run with variables for environment and monitor logs until completion.
  • List and triage security alerts for a repository, then view alert details.
  • Create or update a wiki page with deployment or runbook content.

FAQ

How do I authenticate?

Use OAuth device code flow for recommended automatic refresh, or supply a PAT with required scopes for scripts to work.

Can I run pipelines with variables?

Yes. The run command supports passing variables (including multiple) and choosing branch or pipeline ID.