Azure DevOps Project + Repo + Pipeline
Bootstraps an Azure DevOps project with an initialized Git repository and a YAML build pipeline — repeatable team setup as code.
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-29 · how we verify
Documentation
azure-devops
Bootstraps an Azure DevOps project end-to-end: a private project, a
clean-initialized Git repository, and a YAML build (pipeline) definition
wired to that repo. One module call gets a team from nothing to a ready-to-push
repo with a pipeline pointing at azure-pipelines.yml. Works with Terraform
and OpenTofu (>= 1.6), microsoft/azuredevops provider >= 1.0, < 2.0.
Uses the microsoft/azuredevops provider (the Azure DevOps Services / Server API), not
hashicorp/azurerm. Authenticate with theAZDO_ORG_SERVICE_URLandAZDO_PERSONAL_ACCESS_TOKENenvironment variables.
Usage
provider "azuredevops" {}
# export AZDO_ORG_SERVICE_URL="https://dev.azure.com/<your-org>"
# export AZDO_PERSONAL_ACCESS_TOKEN="<pat>"
module "devops" {
source = "./azure-devops"
project_name = "payments-platform"
repo_name = "payments-api"
pipeline_name = "payments-api-ci"
visibility = "private"
}
Creates the payments-platform project, a payments-api Git repo (with an
initial commit on refs/heads/main), and a payments-api-ci pipeline that runs
azure-pipelines.yml from that repo's default branch.
The build definition is metadata: it references
azure-pipelines.ymlbut that file does not need to exist when the definition is created. Push the YAML later and the pipeline resolves it at run time.
Inputs
| Name | Type | Default | Description |
|---|---|---|---|
project_name | string | — | Azure DevOps project name |
repo_name | string | — | Git repository name |
pipeline_name | string | — | YAML build definition name |
description | string | "Managed by Terraform …" | Project description |
visibility | string | "private" | private or public |
version_control | string | "Git" | Git or Tfvc |
work_item_template | string | "Agile" | Agile, Basic, CMMI, Scrum |
default_branch | string | "refs/heads/main" | Repo default branch + pipeline trigger ref |
yml_path | string | "azure-pipelines.yml" | Pipeline YAML path in the repo |
features | map(string) | {} | Per-project toggles (boards/repositories/pipelines/testplans/artifacts => enabled/disabled) |
Outputs
| Name | Description |
|---|---|
project_id | Project GUID |
project_name | Project name |
repository_id | Repository GUID |
repository_url | Repository browser (web) URL |
repository_clone_url | Repository HTTPS clone URL |
build_definition_id | Pipeline (build definition) ID |
Requirements
| Requirement | Version |
|---|---|
| Terraform / OpenTofu | >= 1.6 |
microsoft/azuredevops | >= 1.0, < 2.0 |
Verification
Static-validated (fmt, validate, tflint). Live apply/destroy testing pending cloud sandbox availability — see catalog status.
License
Commercial — IaC Bazaar EULA. © IaC Bazaar. Original work (not derived from a third-party module).