Run Git commands in a script
TFS 2017 | TFS 2015
Note
In Microsoft Team Foundation Server (TFS) 2018 and previous versions, build and release pipelines are called definitions, runs are called builds, service connections are called service endpoints, stages are called environments, and jobs are called phases.
For some workflows, you need your build pipeline to run Git commands. For example, after a CI build on a feature branch is done, the team might want to merge the branch to main.
Git is available on Microsoft-hosted agents and on on-premises agents.
Enable scripts to run Git commands
Note
Before you begin, be sure your account's default identity is set with:
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
Grant version control permissions to the build service
Go to the Version Control control panel tab
- Azure Repos:
https://dev.azure.com/{your-organization}/{your-project}/_admin/_versioncontrol
- On-premises:
https://{your-server}:8080/tfs/DefaultCollection/{your-project}/_admin/_versioncontrol
If you see this page, select the repo, and then select the link:
On the Version Control tab, select the repository in which you want to run Git commands, and then select Project Collection Build Service. By default, this identity can read from the repo but can’t push any changes back to it.
Grant permissions needed for the Git commands you want to run. Typically you'll want to grant:
- Create branch: Allow
- Contribute: Allow
- Read: Allow
- Create tag: Allow
When you're done granting the permissions, make sure to select Save changes.
Enable your pipeline to run command-line Git
On the variables tab set this variable:
Name | Value |
---|---|
system.prefergit |
true |
On the options tab, select Allow scripts to access OAuth token.
Make sure to clean up the local repo
Certain kinds of changes to the local repository aren't automatically cleaned up by the build pipeline. So make sure to:
- Delete local branches you create.
- Undo git config changes.
If you run into problems using an on-premises agent, make sure the repo is clean:
On the repository tab, set Clean to true.
On the variables tab, create or modify the
Build.Clean
variable and set it tosource
Examples
List the files in your repo
Make sure to follow the above steps to enable Git.
On the build tab add this task:
Task | Arguments |
---|---|
Utility: Command Line List the files in the Git repo. |
Tool: git Arguments: ls-files |
Merge a feature branch to main
You want a CI build to merge to main if the build succeeds.
Make sure to follow the above steps to enable Git.
On the Triggers tab, select Continuous integration (CI) and include the branches you want to build.
Create merge.bat
at the root of your repo:
@echo off
ECHO SOURCE BRANCH IS %BUILD_SOURCEBRANCH%
IF %BUILD_SOURCEBRANCH% == refs/heads/main (
ECHO Building main branch so no merge is needed.
EXIT
)
SET sourceBranch=origin/%BUILD_SOURCEBRANCH:refs/heads/=%
ECHO GIT CHECKOUT MAIN
git checkout main
ECHO GIT STATUS
git status
ECHO GIT MERGE
git merge %sourceBranch% -m "Merge to main"
ECHO GIT STATUS
git status
ECHO GIT PUSH
git push origin
ECHO GIT STATUS
git status
On the build tab add this as the last task:
Task | Arguments |
---|---|
Utility: Batch Script Run merge.bat. |
Path: merge.bat |
FAQ
Can I run Git commands if my remote repo is in GitHub or another Git service such as Bitbucket Cloud?
Yes
Which tasks can I use to run Git commands?
How do I avoid triggering a CI build when the script pushes?
Add ***NO_CI***
to your commit message. Here are examples:
git commit -m "This is a commit message ***NO_CI***"
git merge origin/features/hello-world -m "Merge to main ***NO_CI***"
How does enabling scripts to run Git commands affect how the build pipeline pulls in build sources?
When you set system.prefergit
to true
, the build pipeline uses command-line Git instead of LibGit2Sharp to clone or fetch the source files.
Do I need an agent?
You need at least one agent to run your build or release.
I'm having problems. How can I troubleshoot them?
See Troubleshoot Build and Release.
I can't select a default agent pool and I can't queue my build or release. How do I fix this?
See Agent pools.
My NuGet push task is failing with the following error: "Error: unable to get local issuer certificate". How can I fix this?
This can be fixed by adding a trusted root certificate. You can either add the NODE_EXTRA_CA_CERTS=file
environment variable to your build agent, or you can add the NODE.EXTRA.CA.CERTS=file
task variable in your pipeline. See Node.js documentation for more details about this variable. See Set variables in a pipeline for instructions on setting a variable in your pipeline.
I use TFS on-premises and I don't see some of these features. Why not?
Some of these features are available only on Azure Pipelines and not yet available on-premises. Some features are available on-premises if you have upgraded to the latest version of TFS.