Azure DevOps (Microsoft Entra ID OAuth) migrate components

[michelle0927]

Resolves #18106

Summary by CodeRabbit

• New Features

  • Added new Azure DevOps event source for real-time event notifications through webhook subscriptions.
  • Implemented dynamic event type selection with options sourced from Azure DevOps.
  • Webhooks automatically emit events with generated metadata upon subscription activation.

• Chores

  • Updated package version to 0.1.0 and added required platform dependency.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
pipedream-docs-redirect-do-not-edit	Ignored			Dec 12, 2025 7:12pm

[coderabbitai]

Walkthrough

This PR extends the Azure DevOps Microsoft Entra ID OAuth component with event subscription capabilities. It adds API helper methods for managing subscriptions, a new event source that creates and manages webhook subscriptions, and updates the package version and dependencies accordingly.

Changes

Cohort / File(s)	Summary
App Integration components/azure_devops_microsoft_entra_id_oauth/azure_devops_microsoft_entra_id_oauth.app.mjs	Added _baseUrl() and _makeRequest() helpers for authenticated API calls. Implemented listEventTypes(), createSubscription(), and deleteSubscription() methods. Added dynamic eventType prop with options sourced from list endpoint. Removed authKeys() method.
Package Metadata components/azure_devops_microsoft_entra_id_oauth/package.json	Bumped version from 0.0.1 to 0.1.0. Added @pipedream/platform dependency (^3.1.1).
Event Source components/azure_devops_microsoft_entra_id_oauth/sources/new-event/new-event.mjs	New source implementing Azure DevOps event subscriptions. Includes activate() hook to create webhooks, deactivate() hook to delete subscriptions, generateMeta() for event metadata, and run() method to emit incoming events.

Sequence Diagram(s)

sequenceDiagram
    actor User
    participant Pipedream as Pipedream Workflow
    participant DB as Database
    participant ADOAPI as Azure DevOps API
    participant WebhookSvc as Webhook Service

    User->>Pipedream: Activate source with eventType
    Pipedream->>ADOAPI: POST /hooks/subscriptions (webhook payload)
    ADOAPI-->>Pipedream: Return subscriptionId
    Pipedream->>DB: Store subscriptionId
    
    alt Event Received
        WebhookSvc->>Pipedream: HTTP POST webhook event
        Pipedream->>Pipedream: generateMeta(event body)
        Pipedream->>User: Emit event with metadata
    end
    
    User->>Pipedream: Deactivate source
    Pipedream->>DB: Retrieve subscriptionId
    Pipedream->>ADOAPI: DELETE /hooks/subscriptions/{subscriptionId}
    ADOAPI-->>Pipedream: Success
    Pipedream->>DB: Clear subscriptionId

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Azure DevOps API integration: Verify _makeRequest() helper correctly constructs authenticated requests with organization and OAuth token
• Subscription lifecycle: Ensure activate() hook properly constructs webhook payload with HTTP endpoint, and deactivate() correctly cleans up subscriptions
• Event metadata generation: Validate generateMeta() correctly extracts id, createdDate, and generates appropriate summary/timestamp
• Database persistence: Confirm _getHookId() and _setHookId() properly handle subscription ID storage and retrieval
• Dependency compatibility: Verify @pipedream/platform ^3.1.1 is compatible with existing component requirements

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: migrating Azure DevOps components to use Microsoft Entra ID OAuth instead of the deprecated OAuth method.
Description check	✅ Passed	The PR description is minimal but references the linked issue (#18106) which contains the detailed requirements and context for the migration.
Linked Issues check	✅ Passed	The PR implements all required components from issue #18106: adds Azure DevOps Microsoft Entra ID OAuth app with event type prop, creates subscription management methods, and implements the new-event source with proper activation/deactivation lifecycle.
Out of Scope Changes check	✅ Passed	All changes are directly related to implementing the Azure DevOps Microsoft Entra ID OAuth app and its components as required by issue #18106; no unrelated modifications are present.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch issue-18106

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between da3b9b7 and 156b4b2.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (3)

• components/azure_devops_microsoft_entra_id_oauth/azure_devops_microsoft_entra_id_oauth.app.mjs (1 hunks)
• components/azure_devops_microsoft_entra_id_oauth/package.json (2 hunks)
• components/azure_devops_microsoft_entra_id_oauth/sources/new-event/new-event.mjs (1 hunks)

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2024-12-12T19:23:09.039Z

Learnt from: jcortes
Repo: PipedreamHQ/pipedream PR: 14935
File: components/sailpoint/package.json:15-18
Timestamp: 2024-12-12T19:23:09.039Z
Learning: When developing Pipedream components, do not add built-in Node.js modules like `fs` to `package.json` dependencies, as they are native modules provided by the Node.js runtime.

Applied to files:

• components/azure_devops_microsoft_entra_id_oauth/package.json

📚 Learning: 2024-10-10T19:18:27.998Z

Learnt from: GTFalcao
Repo: PipedreamHQ/pipedream PR: 14265
File: components/the_magic_drip/sources/common.mjs:35-43
Timestamp: 2024-10-10T19:18:27.998Z
Learning: In `components/the_magic_drip/sources/common.mjs`, when processing items in `getAndProcessData`, `savedIds` is intentionally updated with IDs of both emitted and non-emitted items to avoid emitting retroactive events upon first deployment and ensure only new events are emitted as they occur.

Applied to files:

• components/azure_devops_microsoft_entra_id_oauth/sources/new-event/new-event.mjs

📚 Learning: 2025-09-15T22:01:11.472Z

Learnt from: GTFalcao
Repo: PipedreamHQ/pipedream PR: 18362
File: components/leonardo_ai/actions/generate-image/generate-image.mjs:103-105
Timestamp: 2025-09-15T22:01:11.472Z
Learning: In Pipedream components, pipedream/platform's axios implementation automatically excludes undefined values from HTTP requests, so there's no need to manually check for truthiness before including properties in request payloads.

Applied to files:

• components/azure_devops_microsoft_entra_id_oauth/azure_devops_microsoft_entra_id_oauth.app.mjs

📚 Learning: 2024-10-08T15:33:38.240Z

Learnt from: GTFalcao
Repo: PipedreamHQ/pipedream PR: 12697
File: components/salesforce_rest_api/sources/common-webhook-methods.mjs:1-71
Timestamp: 2024-10-08T15:33:38.240Z
Learning: The `common-webhook-methods.mjs` object is designed to be extended, similar to an abstract class, and intentionally does not implement certain methods like `generateWebhookMeta` and `getEventType` to enforce implementation in subclasses.

Applied to files:

• components/azure_devops_microsoft_entra_id_oauth/azure_devops_microsoft_entra_id_oauth.app.mjs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Lint Code Base
• GitHub Check: Publish TypeScript components
• GitHub Check: Verify TypeScript components
• GitHub Check: pnpm publish

🔇 Additional comments (8)

components/azure_devops_microsoft_entra_id_oauth/azure_devops_microsoft_entra_id_oauth.app.mjs (5)

18-20: LGTM!

The base URL construction correctly uses the organization from the auth configuration.

---

44-50: LGTM!

The subscription creation method correctly delegates to the POST endpoint.

---

51-57: LGTM!

The subscription deletion method correctly constructs the DELETE request.

---

21-36: No action needed. API version 7.1 is correct for Microsoft Entra ID OAuth with Azure DevOps REST API and is officially supported in 2024-2025. The implementation follows Microsoft's recommended approach for Entra ID OAuth integration.

---

37-43: No action needed on this endpoint.

The /hooks/publishers/tfs/eventtypes endpoint is the current, documented Azure DevOps REST API endpoint for retrieving webhook event types. The "tfs" publisher identifier is the standard publisher name for Azure DevOps (not a legacy identifier), and it works seamlessly with Microsoft Entra ID OAuth authentication. The endpoint compatibility is not affected by the authentication method used.

components/azure_devops_microsoft_entra_id_oauth/sources/new-event/new-event.mjs (3)

1-20: LGTM!

The component structure and prop definitions follow Pipedream conventions correctly.

---

44-50: LGTM!

The hookId persistence methods correctly use the db service.

---

59-63: LGTM!

The run method correctly emits webhook events with generated metadata, following standard Pipedream patterns.

[luancazarine]

Hi @michelle0927, LGTM! Ready for QA!

[vunguyenhung]

For Integration QA:

• Source Test Report: https://www.notion.so/APP-Azure-DevOps-Microsoft-Entra-ID-OAuth-Sources-2c7bf548bb5e81108c66c5c8b4493357