Feature Description
Introduce an optional azure sync mode that, in addition to (or instead of) creating GitHub issues, pushes alert data to Azure DevOps Boards as work items. This enables teams whose primary backlog lives in Azure DevOps to track GitHub security alerts natively without switching tools.
Problem / Opportunity
Many enterprise teams use Azure DevOps Boards as their canonical work-tracking system. The current workflow only creates GitHub issues, meaning these teams must either duplicate effort or ignore the automation entirely. An Azure sync mode would extend the reach of the alerts-to-issue workflow to Azure-centric organisations, complementing the existing Microsoft Teams notification support (issue #19).
Acceptance Criteria
- A new optional workflow input sync_target (values: github (default), azure, both) is added.
- When sync_target is azure, the workflow creates/updates Azure DevOps work items corresponding to alert parent/child issues.
- Azure connection is configured via repository/org secrets: AZURE_DEVOPS_ORG_URL, AZURE_DEVOPS_PROJECT, AZURE_DEVOPS_PAT.
- Work item fields mapped: Title, Description, Severity (→ Priority), State (open/closed), and a GitHub Alert URL custom field (see linked feature for child–alert link).
- Existing GitHub-only behaviour is fully preserved when sync_target: github.
Proposed Solution
Add an AzureSyncClient class in src/ that wraps the Azure DevOps REST API (using the azure-devops PyPI package). The main workflow conditionally instantiates this client based on sync_target. Work item upsert logic (create if missing, update if state/severity changed) mirrors the existing GitHub issue upsert pattern.
Dependencies / Related
No response
Additional Context
No response
Feature Description
Introduce an optional azure sync mode that, in addition to (or instead of) creating GitHub issues, pushes alert data to Azure DevOps Boards as work items. This enables teams whose primary backlog lives in Azure DevOps to track GitHub security alerts natively without switching tools.
Problem / Opportunity
Many enterprise teams use Azure DevOps Boards as their canonical work-tracking system. The current workflow only creates GitHub issues, meaning these teams must either duplicate effort or ignore the automation entirely. An Azure sync mode would extend the reach of the alerts-to-issue workflow to Azure-centric organisations, complementing the existing Microsoft Teams notification support (issue #19).
Acceptance Criteria
Proposed Solution
Add an
AzureSyncClientclass insrc/that wraps the Azure DevOps REST API (using theazure-devopsPyPI package). The main workflow conditionally instantiates this client based onsync_target. Work item upsert logic (create if missing, update if state/severity changed) mirrors the existing GitHub issue upsert pattern.Dependencies / Related
No response
Additional Context
No response