docs: add additional Azure Repos App docs (#677)

docs/features/config_file.mdx

@@ -131,14 +131,14 @@ projects:
 
 To use config files in your repos, follow these steps:
 
-### 1. Source Control Integrations (GitHub and GitLab App)
+### 1. Source Control Integrations (GitHub, Azure Repos and GitLab App)
 
 When integrating Infracost with systems like GitHub or GitLab, we recommend the following order of precedence:
 
 1. **Infracost Cloud’s Org Settings > Default Repo Config File**: Set a default config file for all repos in your organization. This is useful if a lot of your repos have a similar structure since it applies globally, and individual repos can override it.
   <img
     src={useBaseUrl('img/infracost-cloud/default-repo-config-file.png')}
-    alt="Default config file used by all repos in the GitHub App or GitLab App integration"
+    alt="Default config file used by all repos in the GitHub, Azure Repos or GitLab App integration"
   />
 2. **Repo Settings in Infracost Cloud**: For specific repos, customize the config in the **Repo Settings** tab, which takes precedence over the default Org config.
 3. **`infracost.yml` or `infracost.yml.tmpl` in the repo root**: If needed, store a config file in the root of your repo. This file will be used only if there is no config set in Infracost Cloud, since the Cloud settings take precedence.
@@ -351,7 +351,7 @@ projects:
     </tr>
     <tr>
       <td><code>dependency_paths</code></td>
-      <td>Optional. <span style={{textDecoration: "underline"}}>Only applicable for GitHub App and GitLab App users</span>. Array of strings. Array of file or directory paths that should trigger project estimates. If this is specified, code changes to the <code>path</code> target will <b>NOT</b> trigger cost estimates unless the <code>path</code> is included in <code>dependency_paths</code>. All paths are relative to the working directory of your <code>infracost.yml</code> file. Supports glob patterns, for example:
+      <td>Optional. <span style={{textDecoration: "underline"}}>Only applicable for GitHub, Azure Repos and GitLab App users</span>. Array of strings. Array of file or directory paths that should trigger project estimates. If this is specified, code changes to the <code>path</code> target will <b>NOT</b> trigger cost estimates unless the <code>path</code> is included in <code>dependency_paths</code>. All paths are relative to the working directory of your <code>infracost.yml</code> file. Supports glob patterns, for example:
       <pre>
 {`dependency_paths:
   - "config/**.json"

docs/features/environment_variables.md

@@ -99,7 +99,7 @@ TF_CLI_CONFIG_FILE="$HOME/.terraformrc-custom" infracost breakdown \
 
 ## Environment variables to override cloud provider region
 
-The following environment variables can be used with `infracost breakdown` and `diff` commands to override the cloud provider region. GitHub App users can set these from Org Settings > Integrations > GitHub App > Run configurations. These environment variables cannot currently be set in the [config file](/docs/features/config_file/) as they apply to all projects, not individual ones.
+The following environment variables can be used with `infracost breakdown` and `diff` commands to override the cloud provider region. GitHub, Azure Repos and GitLab App users can set these from Org Settings > Integrations > Your App Integration > Run configurations. These environment variables cannot currently be set in the [config file](/docs/features/config_file/) as they apply to all projects, not individual ones.
 
 - `INFRACOST_AWS_OVERRIDE_REGION` for AWS
 - `INFRACOST_AZURE_OVERRIDE_REGION` for Azure

docs/infracost_cloud/finops_policies.md

@@ -11,7 +11,7 @@ Infracost enables you to pro-actively check FinOps best practices in the enginee
 
 ## Usage
 
-This section assumes you have already setup the Infracost source control integration with [GitHub or GitLab](/docs/integrations/cicd/#source-control-integrations-recommended) (or added Infracost to your CI/CD pipeline).
+This section assumes you have already setup the Infracost source control integration with [GitHub , Azure Repos or GitLab](/docs/integrations/cicd/#source-control-integrations-recommended) (or added Infracost to your CI/CD pipeline).
 
 ## 1. See policy failures on repos
 

docs/infracost_cloud/guardrails.md

@@ -80,17 +80,26 @@ The following screenshot shows an example pull request comment with a custom mes
 
 This feature works by failing the CI/CD pipeline that runs Infracost (`infracost comment` will `exit 1`). Depending on how you have configured your source control system this blocks the pull request from being merged, but your source control system admins can usually override this during urgent cases.
 
-#### Setup
-
-To setup this feature, you should:
+To setup this feature follow the instructions below for your source control system.
 
 1. Enable the "Block pull request from being merged" option when you create the guardrail.
 
   <img src={useBaseUrl("img/infracost-cloud/guardrails/actions.png")} alt="Blocking pull requests" />
 
-2. If you are using the GitHub App integration, in your GitHub repository, go to Settings > Branches > and tick the "Require status checks to pass before merging" option under Protect matching branches. GitLab users should follow [this doc](https://docs.gitlab.com/ee/user/project/merge_requests/status_checks.html#block-merges-of-merge-requests-unless-all-status-checks-have-passed) to setup a similar configuration.
+2. Configure your source control system to require status checks to pass before merging pull requests.
+
+    **GitHub App**:
+      1. Go to Settings > Branches > and tick the "Require status checks to pass before merging" option under Protect matching branches.
+      <img src={useBaseUrl("img/infracost-cloud/guardrails/github-require-status-pass.png")} alt="Configure GitHub to require status checks to pass before pull requests can be merged" />
+
+    **Azure Repos App**:
+      1. Go to Project Settings > Repositories > Policies
+      2. Add a new or edit the existing Branch Policy for your default branches
+      3. Add a new Status Check for `checks/infracost`, and set it to Required.
+      <img src={useBaseUrl("img/infracost-cloud/guardrails/azure-repos-require-status-pass.png")} alt="Configure Azure Repos to require status checks to pass before pull requests can be merged" />
 
-  <img src={useBaseUrl("img/infracost-cloud/guardrails/github-require-status-pass.png")} alt="Configure GitHub to require status checks to pass before pull requests can be merged" />
+    **GitLab App**:
+      1. Follow [this doc](https://docs.gitlab.com/ee/user/project/merge_requests/status_checks.html#block-merges-of-merge-requests-unless-all-status-checks-have-passed) to setup a similar configuration.
 
 #### Example output
 
@@ -108,7 +117,7 @@ If someone with admin access on GitHub or GitLab overrides the guardrail and mer
 
 ## How Guardrails work
 
-Cost thresholds are currency-independent, a guardrail with a threshold of 2000 would be triggered by a pull request that increases your monthly costs by $2001 or €2001. 
+Cost thresholds are currency-independent, a guardrail with a threshold of 2000 would be triggered by a pull request that increases your monthly costs by $2001 or €2001.
 
 The following example describes how guardrails work. Let's say you have two guardrails:
 1. A guardrail called "20 percent threshold" that notified FinOps when a pull request (PR) increases costs by more than 20%. This keeps them in the loop and avoids surprising them as this is an anticipated change being made by engineering.

docs/infracost_cloud/key_concepts.md

@@ -49,7 +49,7 @@ From the Members page, you can invite your team members to join your organizatio
 
 ## Repos
 
-Repos, short for code repositories, is where your code lives in GitHub, GitLab or any other source control system. A repo contains one or more projects. Infracost Cloud lets you track how the costs and policy issues of repos and projects change over time.
+Repos, short for code repositories, is where your code lives in GitHub, Azure Repos, GitLab or any other source control system. A repo contains one or more projects. Infracost Cloud lets you track how the costs and policy issues of repos and projects change over time.
 
 ## Projects
 

docs/integrations/azure_repos_app.md

@@ -31,11 +31,11 @@ There are two key benefits of using the Azure Repos App over manual CI/CD integr
 
 5. The Infracost Azure Repos App also requires **admin consent** during setup. This step ensures that the app has the necessary permissions to manage service hooks and policies across the selected projects. [Learn more about admin consent](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/user-admin-consent-overview#admin-consent).
 
-6. During setup, Infracost will need a temporary Personal Access Token (PAT) with additional permissions to do the following. The PAT can be deleted in Azure Repos after the setup is done.
+6. During setup, Infracost will need a short-lived Personal Access Token (PAT) with additional permissions to do the following. The PAT can be deleted in Azure Repos after the setup is done.
    - Create an Azure Active Directory (AAD) group that can manage service hooks and branch policies.
    - Add the Infracost service principal to this group.
    - Add selected projects to this group so Infracost can manage webhooks and policies in those projects.
-   Ensure that the temporary PAT belongs to an Owner or Project Collection Administrator and has the following scopes:
+   Ensure that the short-lived PAT belongs to an Owner or Project Collection Administrator and has the following scopes:
       - **Graph (Read & Manage)** - to create the Infracost group.
       - **Identity (Read)** - to find the group’s identity descriptor.
       - **Security (Manage)** - to assign service hooks permissions to the group.

docs/integrations/cicd.mdx

@@ -54,11 +54,17 @@ Infracost supports direct integration with GitHub and GitLab. We recommend these
       link: "/docs/integrations/github_app",
       newWindow: false
     },
+    {
+      image: "/docs/img/services/azure-repos.svg",
+      text: "Azure Repos (Azure DevOps Services)",
+      link: "/docs/integrations/azure_repos_app",
+      newWindow: false
+    },
     {
       image: "/docs/img/services/gitlab.svg",
       text: "GitLab.com & self-managed",
       link: "/docs/integrations/gitlab_app",
-      newWindow: true
+      newWindow: false
     },
 ]}/>