We’re facing a critical traceability issue with our change management process in Azure DevOps 2023. Change requests created in the change-mgmt module are not properly linking to release definitions, which is causing audit failures. Our compliance team needs full traceability from change request through release deployment.
We’ve created a custom work item template for change requests with required fields for release tracking, but the links aren’t being established automatically. When we run board queries to verify the relationship chain, change requests show as orphaned - not connected to any releases or deployments.
We’ve tried using the REST API to create links programmatically, but the relationship isn’t persisting correctly. Compliance tags are set on both change requests and releases, but the pipeline queries can’t find the connection. This is blocking our SOC2 audit. Has anyone successfully implemented automated change request linking to release pipelines in ado-2023?
The issue is that custom fields don’t create work item relationships - they’re just data fields. You need to use the proper link types in Azure DevOps. Change requests should use ‘Affects’ or ‘Related’ link types to connect to releases. The REST API call needs to use the relations array, not custom fields.
For SOC2 compliance, we implemented a pipeline decorator that automatically creates work item links when a release runs. The decorator queries for change requests tagged with the release ID and establishes the link using the Azure DevOps API. This ensures every deployment has traceability back to approved changes. Without this automation, manual linking is too error-prone for audit requirements.
Compliance tags alone won’t create traceability - they’re metadata for filtering. You need actual work item links established through the relationship model. Set up a rule in your change-mgmt process that requires a release link before the change request can be approved. This enforces the relationship at the process level, not just the data level.
The REST API linking syntax for ado-2023 requires specific URL formats for release definitions. You can’t just use release IDs - you need the full vstfs:// URI format. The link operation also needs to be a PATCH request with proper JSON structure in the relations array. Common mistake is using POST instead of PATCH for work item updates.
Your work item template is missing the relationship definitions. Templates can include default links and link types. You should define a ‘Related’ link type that points to the release definition by default. Also, board queries need to use the Relations filter, not field queries, to find linked items. Check if your query is using [System.Links.LinkType] = 'Related' syntax.