Azure DevOps Install

Creating the Azure App

1. Sign in to Azure Portal:

   • Go to Azure Portal.

   • Sign in with your Azure account credentials.

2. Register a New Application:

   • In the Azure Portal, select App registrations.

   • Click on the + New registration button at the top of the App registrations page.

1. Enter Application Details:

   • Name: Enter a name for your application ("Nullify").

   • Supported Account Types: Choose the option for who can use the application:

     • Accounts in this organizational directory only (single tenant)

2. Register the Application:

   • Click Register to create the application. This action will register the application with Azure and generate a unique Application (client) ID and Directory (tenant) ID.

   • Record the client_id and tenant_id.

1. Create Client Secret:

   • In the left-hand menu of your app's registration page, select Certificates & secrets.

   • Under Client secrets, click on New client secret.

   • Provide a description for the secret (e.g., "Nullify App") and select an expiration period (e.g., 6 months, 12 months, 24 months).

   • Click Add.

   • After creating the client secret, it will be displayed only once. Make sure to copy and securely store this value immediately. This is your client_secret. Make sure you copied the secret value and not the secret id.
2. Configure API Permissions:

   • Go to API Permissions in the left menu.

   • Click + Add a permission and select APIs my organization uses.

   • Search for and select Azure DevOps.

   • Choose the following permissions:

     • vso.code_manage: Allows managing code in Azure Repos.

     • vso.serviceendpoint_manage: Allows creating webhooks.

     • vso.profile: View users' basic profile.

   • Click Add permissions to apply these permissions to your application.

   • Select the Microsoft Graph API and choose "Delegated Permissions".

   • Add the following permissions:

     • email

     • openid

     • profile

     • User.Read

   • Click Add permissions to apply these permissions to your application.

   • Grant admin consent for Default Directory
3. Authentication

   • In the left menu, click on Authentication.

   • Under Platform configurations click ``+ Add a platform` and choose Web application.

   • Under Web Redirect URIs, add the following: https://your-company.auth.ap-southeast-2.amazoncognito.com/oauth2/idpresponse (we will provide you with this).
4. Provide Credentials to Nullify

Please provide Nullify with the following credentials to complete your installation:

• Client ID

• Client Secret

• Tenant ID

Add the Nullify App to your DevOps Organization

1. Add Nullify as a User:

   • Go to your Azure DevOps organization.

   • Navigate to Organization settings.

   • Select Users from the left-hand menu.

   • Click on Add users.

   • In the search box, type "Nullify" and select the Nullify service principal.

   • Set the Access Level to Basic.

   • Note: If you encounter an error saying "can't be added at this time," keep trying as it may be a temporary glitch.

Configure Webhooks for Azure DevOps

The Nullify Dashboard can create all the necessary webhooks needed. You can do this across the whole organization or at the repository level. You can also create the webhooks manually.

Automatic webhook creation

1. Give Nullify permissions to create webhooks Add the Nullify Service Principal User as an Administrator to your Azure DevOps organization. (This can be temporary until after the webhooks are created.)

   • Go to the Project Settings of the project you want to create webhooks for.

   • Navigate to Permissions.

   • Add the Nullify service principal to the Project Collection Administrators group.

1. Create webhooks via the Nullify dashboard

• Log in to your Nullify dashboard (https://app.your-company.nullify.ai)

• Option 1: Creating webhooks across the organization.

  • Go to the Configure tab and under the Info menu, click on Initialize Azure Webhooks.
• Option 2: Creating webhooks per repo

  • Go to the Configure tab and under the Repositories menu, you will see a list of repositories with the column Is Initialized?

  • This column indicates whether webhooks have been configured for that repository.

  • Click on the Initialize button to create webhooks.

1. You may now remove administrator privilages for Nullify from the DevOps organization.

Manual webhook creation

1. Create a Service Hook Subscription:

   • Go to your Azure DevOps organization.

   • Navigate to the project where you want to configure the webhook.

   • Select Project Settings from the bottom left corner.

   • Under General, select Service hooks.

   • Click on + Create subscription.

2. Select the Service:

   • In the list of services, select Web Hooks.

   • Click Next.

3. Configure the Trigger:

   • Choose the following events that will trigger the webhook: Code Pushed, Pull request commented on, Pull Request created, Pull Request updated, Repository created. Azure only allows one event to be selected at a time so you will need to do do steps 1-4 for each event type.

   • Click Next.

4. Configure the Action:

   • Enter the URL of the webhook endpoint provided by Nullify.

   • The URL is of the form https://api.<your-organization>.nullify.ai/core/azure/webhook

   • Basic authentication username is nullify.

   • Basic authentication password is the webhook shared secret provided to you by Nullify.

   • Click Finish to create the webhook subscription.