| 1 |
You grant only the minimum access level necessary and follow the principle of lease privilege. |
☐ |
Add Users & Securing your projects |
|
| 2 |
You do NOT store Personal Identifiable Information (PII) in Azure DevOps. |
☐ |
Data privacy and availability |
|
| 3 |
You do NOT store controlled document information in a wiki. |
☐ |
Using Wikis |
|
| 4 |
You do NOT publish packages with pre-release tags to organisation feeds. |
|
Publishing to shared organisation feeds |
|
| 5 |
Projects have at least two Project Administrators |
☐ |
Assign project admins |
|
| 6 |
You disable extensions that send telemetry or access repositories. |
☐ |
Disable telemetry and data access |
|
| 7 |
You remove unused features |
☐ |
Remove unused features |
|
| 8 |
You follow our conventions and naming standards |
☐ |
All |
|
| 9 |
You tag releases and generate automatic release notes |
☐ |
Package naming conventions |
|
| 10 |
You use Semantic Versioning (SemVer 2.0.0). |
☐ |
How do you version your code? |
|
| 11 |
You follow a branching and release strategy |
☐ |
How do you branch and release? |
|
| 12 |
You link work items to git commits. |
☐ |
Configure repository settings for commit linking |
|
| 13 |
You use Azure Pipelines to automate build, test, & deployments |
☐ |
Automating builds and deployments |
|
| 14 |
Deployment to production requires a pre-approval check. |
☐ |
Core pipeline characteristics |
|
| 15 |
You share code using Azure Artifacts |
☐ |
Sharing code |
|