top of page
Search
Writer's pictureKristen
Aug 14, 20237 min read

Favorite Azure DevOps extensions


I am going to group these based on their "special purpose," as they truly do run the gamut. (I am also going to amuse myself in the process; sorry-not-sorry.)


99 problems but a build ain't one.

  1. Trigger build task – Allows for chaining different builds together within DevOps. This is something that DevOps itself supports OOB, but for some holes in their implementation, this task extension used to close those gaps. (This one is not a Microsoft extension but has been around for a while and has been safe. The developers are very responsive.)

  2. Trigger Azure DevOps Pipeline – I haven’t had to use this one in a while, but that is because I have structured my own team projects to not need to cross the boundaries that this one assists with. Without knowing how the IG organization is structured, I included it just in case. –I’ve also not worked in the legacy systems with a pipeline lately so that may have also contributed to me not using it lately. I honestly don’t recall. (Not a Microsoft extension. This one has fewer installations, but that may be due to the fact that it is Windows-specific.)

  3. Assembly info – Updates versions and assembly/company information during hte build. It handles versioning for both the assembly and the manifest and has an obscene number of installations. (Not a Microsoft extension but it has a good reputation and no risks reported.)

  4. Release Management Utility tasks – Collection of release-type utilities, sort of a power pack. It gives us tokenization, some PowerShell, rollback capabilities, and brings zip and unzip too. (Microsoft DevLabs)

  5. IIS Web App Deployment using WinRM – We need this one. This is the one that will let us use the Pipeline and still push the deployment to the on-premises server without extra hoops. It does databases too. It joins and connects with WinRM on the existing servers and thus allows the same operations and security groups to handle that part without us hijacking it or creating holes. (Microsoft)

  6. ARM outputs – This one is sort of cool, but you don’t realize that until you have had to deal with doing it manually. While you can build infrastructure with ARM templates (although I think we use Terraform for some reason?!?), if you build out whatever you need in the UI instead, you can download the template from the server. You will immediately think that you could have just done that before and not built anything painfully with templates and PowerShell. Then you will find out that, no, you couldn’t have, because it isn’t THE SAME ARM that you made. It is marginally different, and that margin makes you not able to use it reliably. This extension gives you what you wanted. (This is not a Microsoft extension, but it is highly ranked and supported.)

  7. InstallShield Build – Supports updating the InstallShield setup projects that we currently have for GP, i.e., allowing automation of tasks that were done on desktops. (Revenera extension, i.e., InstallShield organization)

  8. Replace tokens – Yes, please. This is how we support security and the environments. (Not a Microsoft extension but necessary and highly ranked/supported. It will only execute in a pipeline, so no risk to us in that way either.)

  9. Azure DevOps CLI – Because when all else fails, you go to the command line. (Microsoft)

'Cause you never know. (Chris Rock - Bigger and Blacker)

  1. Post to Slack – Just in case… (Not a Microsoft extension but I have used it several times and it seems to be the sanctioned one for Slack, as there are no others.)

  2. GitTools – Again, you never know. (This is by the GitTools organization.)

  3. Microsoft Teams Integration – Just like the slack one, but teams. I will say that this one is marginally “better” because of its integration WITH Teams. So, you can do things against the repositories and any other service (like commenting, creating tasks, and approving builds) FROM Teams. (Microsoft)

  4. Azure DevOps Extension Tasks – Vanity add because it lets you create your own extensions. So, if we felt special and made or customized an extension specifically for our own projects or teams, we could create and publish it for our own or someone else’s use. Similar functionality exists for creating a set of our own internal processes or tasks in a similar way, but they do not fully create a publishable “extension.” (Microsoft DevLabs)

  5. Code Search – Best. Extension. Ever. This lets you find a single value and search across the entire collection of repositories in the organization. It is invaluable for refactoring, impact analysis, research, etc. (Microsoft)

This one goes to 11. (Nigel Tufnel - This is Spinal Tap)

  1. Pull request dashboard – One-stop-shopping in the Azure DevOps UI. This is like the functionality that you are used to in Jira, but as with Jira, where your Pull Request link brings you to PRs under the current project or repository (which is the same in Azure DevOps), this extension gives you a page that has all PRs (for the projects to which you have visibility) in a single view. I use this one so often that I forget that it is an extension. (Not a Microsoft extension, but I have used it heavily.)

  2. Pull request merge conflict extension – This one does exactly what it says. You used to have to deal with these separately, but this lets you take care of it on the spot. (Microsoft DevLabs)

  3. Azure DevOps Migration Tools – Allows easy migration of project-level components across Azure DevOps projects. While you wouldn’t think that we would want this, I have used it before in refactoring and working with PoC projects. Currently, you would have to either fork out of the current repository, or create a branch, and then manage that branch to demo or vet large refactoring efforts and/or PoC projects. Using this way instead allows you to create a PoC project or larger refactoring initiative in a different project completely, and yet as it matures, you can merge or move it to the original project. You can do this manually, yes, but this allows you to pull work items, git commits, history, attachments, builds, repositories, test plans, etc., at once, while retaining the context and identities from the source. (Not a Microsoft extension. This is a nice-to-have when needed but not necessary all the time.)

  4. Folder Management – Just a nice fix for a gap in the repository management and editor to allow you to make changes online without having to clone and change locally and then commit and a PR and on and on… (Microsoft DevLabs)

  5. Tags Manager – You don’t know that you need this one until someone takes it away. I think Javier knows what I mean. This one is for work items, but someone is going to need it, I promise. (Not a Microsoft extension. This one is limited to adding tags to work items as a set though, so little risk.)

  6. Work item visualization – This one is for the backlog, again, but if someone is using that part, this is amazing –both for the dev teams and for product people. (Microsoft DevLabs)

I have a greater responsibility than you can possibly fathom. (Col. Nathan R. Jessep - A Few Good Men)

  1. Secure DevOps Kit CICD Extensions for Azure – Compliance scanning extension as part of an “infrastructure as code” aspect, that is usually not included in other static analysis tools. It supports ARM and furthers efforts for controls of the environment and infrastructure as well as the code itself. It is built on PowerShell modules from Microsoft. (Microsoft)

  2. OWASP dependency check – If you know OWASP, this one is somewhat self-explanatory. It is (or used to be) more up to date than off-the-shelf scanners and it focuses on software composition analysis. Aside from its primary use, I use this one for three other reasons: (1) it is especially helpful for distributed teams where it may not be obvious if new or existing packages are updated without visibility, (2) it gives developers exposure to OWASP if that does not already exist, and (3) through conducting the scan, you get a full listing of the utilities and packages in use (which will soon become a requirement as a basis for an SBOM). (OWASP)

  3. Snyk Security Scan – We already have the Jira or BitBucket version of this installed, so this is extending it to the Azure DevOps environment as well. Having it in both places has no bearing on anything in existence. (Snyk)

  4. Microsoft Security DevOps – Because more means less, in these cases (more scans equal less issues) –and it supports SARIF format. (Microsoft)

  5. SARIF SAST Scan Tab – You don’t know that you want and need this until you have it. Someone on the architecture team should look. (Microsoft DevLabs)

...I was so busy keeping my job, I forgot to do my job. (President Andrew Shepherd - The American President)

  1. Generate release notes – Creates release notes for you. Gotta love it. –This will be especially helpful if/when we are splitting between Jira and Azure DevOps. (This is not a Microsoft extension, but I have used it heavily and it is a huge timesaver. The developer is an organization that has other extensions on these lists as well.)

  2. Contributions graph – Makes a graph of what was changed and by who. HOWEVER, this is not intended to be used for some sort of performance analysis or view to a person’s work or velocity. I have used it in the past with teams to identify the things that get done that may not be *on the radar* or are just one-offs that may go unnoticed. With the graph, you can find those, but more importantly (to me) was to be able to somewhat quantify that amount of work coming in to determine if “we have a problem.” (This is not a Microsoft extension but is secure and reputable. I have used it multiple times and it is very valuable when dealing with legacy applications and tenured employees.)

  3. Dependency tracker – Mainly for story tracking and task dependencies, so less useful for us out of the gate, but maybe… (Microsoft)

  4. Azure DevOps Open in Excel – It lets you open queries in Excel. We don’t need this right away, but business groups love it. Where right now, in Jira, we pulled that query of support tickets, then exported it, and then made notes and such there, with this extension and in DevOps, you can just open the query directly in Excel and then if you make changes, you can “Publish” them back to the backlog. (Microsoft DevLabs)

  5. Wiki PDF Export tasks – I cannot even say how long and how much I use this one. It does not only work for Wikis either. It will crawl anywhere you tell it to and gather up the file types that you tell it to, and compiles all into a nice PDF that can be published or downloaded. I seriously have it in every single project. Ever. It will organize and respect any ".order" files provided, creates a table of contents, renders sequence and mermaid diagrams, and supports embedded or standalone images. (This is not a Microsoft extension, but I will beg for this one. I use it constantly.)

  6. PR Reviewer with Azure OpenAI GPT – I have not used this one, but I WANT TO! (This one is obviously experimental but would be great to be able to use as such for ourselves.)


Recent Posts

See All

KYT: Azure DevOps

If you ever had the experience of complaining and had someone else [genius] tell you that if it mattered to you so much, fix it yourself...

SSDLC

Introduction To start from a common understanding, SSDLC is the acronym for Secure Software Development Lifecycle. In today's world, you...

Comments

© 2018-2023 By Kristen Swearingen - swearingen.me | MiddleChild Tech | eruditeMETA. All rights reserved.

This publication may not be reproduced or distributed in any form with the author's prior written permission. It consists of opinions of the author's research and experience, which should not be construed as statements of fact. While the information contained in this publication has been created and cited where obtained from sources believed to be reliable, the author disclaims all warranties as to the accuracy, completeness, or adequacy of such information. Although this post and cited research may address legal and financial issues, the author does not provide legal or investment advice and its publication should not be construed as such. Your access and use of this publication is governed by the Usage Policy for swearingen.me | MiddleChild Tech | eruditeMETA,, respectively. The author prides his/her/their self on his/her/their reputation for independence and objectivity. The research and publication(s) are produced independently by its authors and organization without input or influence from any third party. For further information, see the Guiding Principles on Independence and Objectivity.

bottom of page