Azure DevOps Discovery
Azure DevOps can also be discovered, adding valuable tasks to correlate organisational policies, pipeline failires, and code changes with other infrastructure in your environment.
Authentication Methods
The Azure DevOps indexer supports four authentication methods, tried in order of preference:
Personal Access Token (PAT) - Recommended for Development
Best for: Local development, testing, individual developer use
Kubernetes Secret (Recommended for Production PAT Usage)
cloudConfig:
azure:
devops:
organizationUrl: "https://dev.azure.com/your-organization"
patSecretName: "azure-devops-pat"
Supported secret keys: personalAccessToken
, pat
, token
, or access_token
Direct Configuration (Development Only)
cloudConfig:
azure:
devops:
organizationUrl: "https://dev.azure.com/your-organization"
personalAccessToken: "your-personal-access-token"
Service Principal - Recommended for Production
Best for: Production environments, CI/CD pipelines, enterprise deployments
cloudConfig:
azure:
tenantId: "your-tenant-id"
clientId: "your-client-id"
clientSecret: "your-client-secret"
devops:
organizationUrl: "https://dev.azure.com/your-organization"
DefaultAzureCredential - Automatic Fallback
Best for: Azure-hosted environments, Azure CLI users
No additional configuration needed. Uses:
Azure CLI login (
az login
)Managed Identity (when running in Azure)
Environment variables
Indexed Resources and Hierarchical Structure
The Azure DevOps indexer discovers and indexes resources with a clear hierarchical structure:
Resource Hierarchy
All resources follow the pattern: {organization}/{project}/{resource}
(or {organization}/{project}
for projects, or {organization}
for organizations)
Examples:
Organization:
your-organization
Project:
your-organization/your-project
Repository:
your-organization/your-project/your-repository
Pipeline:
your-organization/your-project/your-pipeline
Release:
your-organization/your-project/your-release
Organizations
Properties: name, url, organization
Qualified Name:
{organization_name}
Relationships: Contains projects
Use Case: Organization-level health monitoring and governance
Projects
Properties: id, name, description, state, revision, url, visibility, organization
Qualified Name:
{organization}/{project_name}
Relationships: Contains repositories, pipelines, and releases
Repositories
Properties: id, name, url, default_branch, size, remote_url, organization
Qualified Name:
{organization}/{project_name}/{repository_name}
Relationships: Belongs to a project
Pipelines
Properties: id, name, url, revision, organization
Qualified Name:
{organization}/{project_name}/{pipeline_name}
Relationships: Belongs to a project
Releases
Properties: id, name, url, revision, organization
Qualified Name:
{organization}/{project_name}/{release_name}
Relationships: Belongs to a project