How to publish Synapse workspace with Pull Request generated

Question

We are using Git integration to publish workspaces templates to workspace_publish branch. We recently received S360 item regarding the commitWithoutPullRequest voliation from AzDO Production Readiness Check. Please suggest how to generate PR for the git push for template changes ? Thanks!

Answer 1

Hi Christine Han
This behavior is by design in Azure Synapse Analytics.

When you use Synapse Studio > Publish, the service automatically generates ARM templates and directly commits them to the configured publish branch (for example, workspace_publish). These commits are system-generated by the Synapse service and do not support Pull Request creation.

Currently, there is no supported way to generate a PR for publish-time template changes. The publish branch is intended to store deployment artifacts only and is not a collaboration or review branch. As a result, PR enforcement is not applicable to this branch.

For compliance tools such as AzDO Production Readiness Check / S360 that flag commitWithoutPullRequest, the recommended and supported approach is to:

Exclude the publish branch from PR enforcement policies

Enforce PRs only on collaboration branches (for example, main, develop, or the Synapse collaboration branch)

All user-authored changes should flow through PRs before publishing. The publish commit itself represents generated output, not a source change.

This model aligns with Microsoft’s documented Synapse CI/CD guidance and is the expected operational pattern.

Answer 2

Thaks Pilladi. We have found a solution by using two separate branches, one for publishing and one for the ADO build. So, we can apply the branch policies on the branch for ADO build. The issue is now resolved.

We’d also suggest that the Synapse Portal support generating pull requests during the publishing.