We are using Azure Devops to store our repo (Git) and run a pipeline. The project type is .Net.

On recent PR that trigger pipeline, we noticed the pipeline failed because the developer removed a necessary file (PS script file).

Is there a way to prevent it -> somehow define that the pipeline will always "guard" some files in the main, and not let them be modified from other branches?

CodePudding user response：

You can get really close to your goal by adding a branch policy called Automatic Code Reviewers based on specific files or directories. You can set the reviewer to a specific person or group of people, and any time a PR is modifying the "protected" file(s) the PR will not be able to be completed until one of those people approves the PR. If none of those people approve it the PR will not get completed. The nice thing about this is when you purposefully do wish to modify the file(s), you still can, but you just need to request that a certain group of people also approve the PR.

Tip: I recommend using groups for automatic code reviewers instead of specific people, even if the group has only one person in it. That way an admin can add/remove people from that group as needed, for example when certain people who normally approve the PRs are on out of office. It feels a little cleaner to adjust group membership temporarily, than to adjust the branch policies themselves on a regular basis.