rfennell/Set-Azure DevOpsBrnachPolicies.ps1

## Set-Azure DevOpsBrnachPolicies.ps1
param
(
    [parameter(Mandatory=$true,HelpMessage="The target Azure DevOps Instance")]
    $org,

    [parameter(Mandatory=$true,HelpMessage="The new project name")]
    $projectName,

    [parameter(Mandatory=$true,HelpMessage="A PAT with access to target org")]
    $pat
)

$ErrorActionPreference = "continue"

# Update the branch policies for all repos in the project

# We could use the command `az repos` to set policies https://docs.microsoft.com/en-us/cli/azure/repos?view=azure-cli-latest
#  az repos policy approver-count update --project <projectname> --blocking true --enabled true --branch main --repository-id <guid> --minimum-approver-count w --reset-on-source-push true  --creator-vote-counts false --allow-downvotes false
# However, this command requires you set the policies for specific repos in the project
# Using the REST API we are able to passing the 'null' value for the repo to set the policies for all repos in the project
# The JSON payload can be discovered by viewing the setting of the policy in the Azure portal with the browser development tools loaded

write-host "Set the branch policies for all repos" -ForegroundColor Green

$jsonBodies = @{}
$jsonBodies.Add("Require reviewer", '{"type":{"id":"fa4e907d-c16b-4a4c-9dfa-4906e5d171dd"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"allowDownvotes":false,"blockLastPusherVote":false,"creatorVoteCounts":false,"requireVoteOnLastIteration":false,"resetOnSourcePush":true,"resetRejectionsOnSourcePush":true,"minimumApproverCount":2,"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')
$jsonBodies.Add("Linked work items", '{"type":{"id":"40e92b44-2fe1-4dd6-b3d8-74a9c21d0c6e"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')
$jsonBodies.Add("Check comments", '{"type":{"id":"c6a1889d-b943-4856-b76f-9e46bb6b0df2"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')

# Setup the REST call details used for all the branch policey update API calls
$headers = @{ Accept="application/json" }
$headers["Accept-Charset"] = "utf-8"
$encodedPat = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$pat"))
$headers["Authorization"] = "Basic $encodedPat"
$uri = "$fullOrgUrl/$projectName/_apis/policy/Configurations?api-version=6.1-preview.1"

$jsonBodies.getEnumerator() | foreach {
    write-host "  - Set the branch policy - $($_.Key)" -ForegroundColor Green
    $p1 = Invoke-RestMethod $uri -Method "POST" -Headers $headers -ContentType "application/json" -Body ([System.Text.Encoding]::UTF8.GetBytes($_.Value))
}
	param
	(
	[parameter(Mandatory=$true,HelpMessage="The target Azure DevOps Instance")]
	$org,

	[parameter(Mandatory=$true,HelpMessage="The new project name")]
	$projectName,

	[parameter(Mandatory=$true,HelpMessage="A PAT with access to target org")]
	$pat
	)

	$ErrorActionPreference = "continue"

	# Update the branch policies for all repos in the project

	# We could use the command `az repos` to set policies https://docs.microsoft.com/en-us/cli/azure/repos?view=azure-cli-latest
	# az repos policy approver-count update --project <projectname> --blocking true --enabled true --branch main --repository-id <guid> --minimum-approver-count w --reset-on-source-push true --creator-vote-counts false --allow-downvotes false
	# However, this command requires you set the policies for specific repos in the project
	# Using the REST API we are able to passing the 'null' value for the repo to set the policies for all repos in the project
	# The JSON payload can be discovered by viewing the setting of the policy in the Azure portal with the browser development tools loaded

	write-host "Set the branch policies for all repos" -ForegroundColor Green

	$jsonBodies = @{}
	$jsonBodies.Add("Require reviewer", '{"type":{"id":"fa4e907d-c16b-4a4c-9dfa-4906e5d171dd"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"allowDownvotes":false,"blockLastPusherVote":false,"creatorVoteCounts":false,"requireVoteOnLastIteration":false,"resetOnSourcePush":true,"resetRejectionsOnSourcePush":true,"minimumApproverCount":2,"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')
	$jsonBodies.Add("Linked work items", '{"type":{"id":"40e92b44-2fe1-4dd6-b3d8-74a9c21d0c6e"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')
	$jsonBodies.Add("Check comments", '{"type":{"id":"c6a1889d-b943-4856-b76f-9e46bb6b0df2"},"revision":1,"isDeleted":false,"isBlocking":true,"isEnabled":true,"settings":{"scope":[{"repositoryId":null,"refName":"refs/heads/main","matchKind":"Exact"}]}}')

	# Setup the REST call details used for all the branch policey update API calls
	$headers = @{ Accept="application/json" }
	$headers["Accept-Charset"] = "utf-8"
	$encodedPat = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$pat"))
	$headers["Authorization"] = "Basic $encodedPat"
	$uri = "$fullOrgUrl/$projectName/_apis/policy/Configurations?api-version=6.1-preview.1"

	$jsonBodies.getEnumerator() \| foreach {
	write-host " - Set the branch policy - $($_.Key)" -ForegroundColor Green
	$p1 = Invoke-RestMethod $uri -Method "POST" -Headers $headers -ContentType "application/json" -Body ([System.Text.Encoding]::UTF8.GetBytes($_.Value))
	}