How to fetch Git Diff and update PR Description via Bash in Azure DevOps Server 2022 (On-Premise)?

by

Summary

The problem revolves around implementing an automated Pull Request (PR) review tool using Azure OpenAI in Azure DevOps Server 2022 (On-Premise). Key challenges include fetching the actual code changes from a PR and updating the PR description using a Service Principal with System.AccessToken for authentication. The environment is based on Linux agents, utilizing Bash/Shell scripts.

Root Cause

The root cause of the issue lies in two main areas:

  • Fetching Git Diff: The difficulty in capturing the actual code changes from the PR to send as a prompt to OpenAI.
  • Authentication and Authorization: The challenge of using System.AccessToken correctly to authenticate and authorize the update of the PR description via the Azure DevOps REST API.

Why This Happens in Real Systems

This issue occurs in real systems due to:

  • Complexity of Git Operations: Understanding and implementing Git commands like git diff to fetch the correct changes.
  • REST API Authentication: The nuances of authenticating with Azure DevOps REST API using System.AccessToken, especially when the Service Principal does not have “Basic” access.
  • Environment Constraints: The limitations imposed by using Linux-based build agents and the requirement to use Bash/Shell scripts.

Real-World Impact

The real-world impact includes:

  • Inefficient PR Review Process: Without automation, the PR review process can be time-consuming and prone to human error.
  • Security Risks: Incorrect use of authentication tokens can lead to security vulnerabilities.
  • Development Delays: The inability to automate tasks can delay development and deployment cycles.

Example or Code

# Fetching the diff
PR_DIFF=$(git diff origin/main...HEAD)

# Updating the PR description
curl -X PATCH \
  -H "Authorization: Bearer $SYSTEM_ACCESSTOKEN" \
  -H "Content-Type: application/json" \
  "$COLLECTION_URL/$PROJECT/_apis/git/repositories/$REPO_ID/pullRequests/$PR_ID?api-version=7.0" \
  -d "{\"description\": \"AI Summary: $PR_DIFF\"}"

How Senior Engineers Fix It

Senior engineers address these challenges by:

  • Understanding Git Internals: Correctly using git diff with the appropriate parameters to fetch the actual code changes.
  • Mastering REST API Documentation: Carefully reading and implementing the Azure DevOps REST API documentation for authentication and updating PR descriptions.
  • Testing and Validation: Thoroughly testing the scripts and API calls to ensure they work as expected in different scenarios.

Why Juniors Miss It

Junior engineers might miss these points due to:

  • Lack of Experience with Git: Limited understanding of Git commands and their applications.
  • Insufficient Knowledge of REST APIs: Inadequate familiarity with REST API concepts, authentication methods, and error handling.
  • Inadequate Testing: Failure to thoroughly test scripts and API calls, leading to unexpected errors in production environments.