Azure DevOps servicesBeginner22 min read

What Is Bug in DevOps?

Reviewed byJohnson Ajibi· Senior Network & Security Engineer · MSc IT Security
On This Page

Quick Definition

A bug is a mistake in software code that makes the program do something wrong. It can cause a feature to stop working, show wrong information, or crash entirely. Bugs are found during testing or by users, and developers fix them by updating the code.

Commonly Confused With

BugvsDefect

In everyday language, bug and defect are often used interchangeably. However, in some formal testing methodologies, a defect refers specifically to a deviation found during testing that is confirmed by a test team, while a bug can refer to any error in code, even one found by a developer during coding. In Azure DevOps, the work item type is named Bug, not Defect, so the exam uses Bug.

A developer finds a null reference while writing a unit test; that is a bug. A tester finds a broken link and logs it in Azure Boards; that is also a bug.

BugvsIssue

Issue is a broader term that can include bugs, feature requests, questions, or tasks. In some organizations, an issue is anything that needs attention. In Azure DevOps, an Issue is a separate work item type with its own state model, often used for project risks or problems that are not necessarily software bugs. The exam distinguishes between the two.

The team is waiting for a third-party API key; that is an issue. A login button that throws an error is a bug.

BugvsError

An error often refers to a software event, such as an exception being thrown or a validation failure. A bug is the root cause in the code that leads to that error. For example, a runtime error like IndexOutOfBoundsException is the symptom; the bug is the missing bounds check. In exam questions, pay attention to whether they ask about the symptom (error) or the cause (bug).

A user sees Error 500 on the screen. That is an error. The bug is the incorrect database query that caused the server to crash.

BugvsStory

A story (user story) is a work item that describes a feature or functionality from the end-user perspective. It represents planned work. A bug represents unplanned work. In Azure Boards, stories and bugs are different work item types with separate backlogs. Mixing them up can distort velocity tracking and sprint planning.

As a customer, I want to view my order history is a story. The order history page not loading is a bug.

Must Know for Exams

For the AZ-400 Microsoft Azure DevOps Solutions exam, the concept of a bug is central to several skill areas. The exam objectives explicitly include managing work items, configuring boards, and implementing feedback mechanisms. Bugs are a primary work item type in Azure Boards. You need to understand how to create, customize, and query bug work items. The exam tests your knowledge of work item templates, states, transitions, and how to link bugs to test cases, tasks, and pull requests.

In the area of testing and quality, the AZ-400 exam covers shift-left testing, where bugs are detected during development rather than after deployment. You must know how to configure automated tests in Azure Pipelines to fail builds when tests fail, and how to automatically create bug work items from test failures. The exam also covers the concept of quality gates-policies that prevent a build from progressing to the next stage if a certain threshold of bugs exists. You might see questions about configuring branch policies that require a minimum number of passing tests before a pull request can be merged.

Another key exam area is monitoring and feedback. Azure Monitor and Application Insights can detect application errors and performance issues in production. The exam expects you to know how to configure alerts that automatically create bug work items. You also need to understand the difference between a bug and an unplanned work item, and when to use each. The exam may ask about risk management and rollback strategies for deploying hotfixes that address critical bugs. Mastering the bug work item lifecycle in Azure DevOps is a must to pass the AZ-400 exam.

Simple Meaning

Imagine you are following a recipe to bake a cake. You carefully measure the flour, sugar, and eggs, but you accidentally write down salt instead of sugar in your notes. When you bake the cake, it tastes terrible. That mistake in your notes is like a bug in software. The code is the recipe, and the bug is a wrong instruction that makes the final product behave badly.

In software, a bug is an error in the code that was written by a developer. It might be a simple typo, like typing a plus sign instead of a minus sign, or a more complex logic error, like telling the program to check the wrong condition before making a decision. When the program runs, it follows the instructions exactly, even the wrong ones. So if the instructions say to add salt instead of sugar, the program will faithfully add salt, and the result will be wrong.

Bugs can cause many different problems. A bug might make a button unclickable, show incorrect data on a screen, or even cause the entire application to crash. Some bugs are obvious and happen every time you perform a certain action. Others are tricky and only show up under very specific conditions, like when the server is under heavy load or when a user enters a very long name. Finding and fixing these hidden bugs is a big part of software testing and quality assurance.

Think of a bug like a typo in a school report. If you write your report and accidentally type tehm instead of them, a person reading it can usually still understand what you meant. But a computer program is not that forgiving. The computer does exactly what the code says. If the code says tehm, the program might not know what that word means and could crash or show an error. That is why even tiny mistakes in code can have big consequences.

Full Technical Definition

In software engineering, a bug is a deviation from the expected behavior of a system, caused by an error in the source code, design, or configuration. Bugs are classified by severity (how badly they affect the system) and priority (how urgently they need to be fixed). Common severity levels include critical (causes data loss or system crash), major (key feature broken), minor (cosmetic issue), and trivial (almost no impact).

Bugs originate from multiple sources. Specification bugs occur when requirements are misinterpreted or incomplete. Design bugs happen when the architecture or algorithm is flawed, even if the code is written correctly. Coding bugs are actual mistakes in implementation, such as off-by-one errors in loops, null pointer dereferences, race conditions in multithreaded code, or syntax errors caught by the compiler. Configuration bugs arise when environment settings, database connection strings, or feature flags are set incorrectly.

The process of managing bugs is central to Azure DevOps and the Azure Boards work tracking system. In Azure DevOps, a bug is a specific type of work item. Teams can customize bug work item fields to include reproduction steps, expected vs. actual behavior, severity, priority, and linked test cases. Bugs can be logged manually by testers or automatically from test failures during pipeline runs. Azure DevOps supports integration with automated test results so that a failing test can create a bug work item directly.

Bugs are tracked through a defined lifecycle. When first created, a bug is in the New or Proposed state. A developer triages it, sets priority, and moves it to Approved or Committed. During active development, the bug is in the In Progress state. Once fixed, the developer resolves it and moves it to Resolved. The tester then verifies the fix and either closes it or reactivates it if the fix is incomplete. In Azure Boards, each state transition can be configured to enforce policies, such as requiring a linked pull request before resolution.

In the context of the AZ-400 exam, which covers DevOps practices, bug management is tied to continuous integration and continuous delivery (CI/CD). A key concept is shift-left testing, where bugs are detected as early as possible in the development lifecycle. Automated tests in a CI pipeline catch code bugs before they reach production. If a bug escapes to production, an incident management process is triggered, and a hotfix may be deployed through a separate pipeline. The exam also covers the use of work item templates and automated bug creation from Azure Monitor alerts or Application Insights failure detections.

Real-Life Example

Think about using a navigation app on your phone to drive to a new restaurant. You type in the address, and the app calculates a route. Everything looks good until you reach a point where the app tells you to turn left onto a street that has a big sign saying No Left Turn. You cannot go that way, so you have to go straight and find another way around. That wrong instruction from the app is a bug.

In real life, the navigation app developers write code that uses map data and traffic rules to give you directions. Maybe the map data is outdated and still shows that street as having a left turn allowed, or maybe the developer made a logical error when coding how to handle one-way streets. The app is not doing anything wrong on purpose; it is just following its code exactly. But because the code contains a mistake, the directions are wrong.

Just like you have to ignore the bad direction and find a workaround, users of buggy software often have to find workarounds. They might learn that pressing a certain button twice makes it work, or that they have to refresh the page before clicking submit. These workarounds are not fixes; they are ways to avoid the bug. The real fix happens when a developer finds the wrong code, corrects it, and deploys a new version of the app. You update your app, and the next time you drive to a restaurant, the directions work perfectly. That update contained the bug fix.

Why This Term Matters

In any IT environment, bugs degrade the quality of software and directly impact user satisfaction, business revenue, and even safety. For a business, a critical bug in an e-commerce website might prevent customers from completing purchases, resulting in lost sales. A bug in a banking application could show incorrect balances, eroding customer trust. In healthcare systems, a bug could lead to incorrect patient data, with serious consequences. Understanding bugs is fundamental to every role in IT, from developer to tester to operations engineer.

Bugs are not just a development problem; they affect the entire software delivery lifecycle. A bug found in production costs significantly more to fix than one found during design or coding. This is the basis for the concept of cost of change. That is why modern DevOps practices emphasize testing early and often. Automated testing in CI pipelines catches bugs as soon as code is committed, reducing the cost and effort to fix them. Bug management is also a key part of measuring software quality. Metrics like bug reopen rate, mean time to resolve, and escaped defects per release are used to assess team performance and process maturity.

For IT professionals, understanding how to report, triage, and fix bugs is essential. A developer must know how to reproduce a bug, isolate its root cause, write a fix, and verify it. A tester must know how to write clear reproduction steps and distinguish between a bug and a feature request. An operations engineer must know how to respond to production bugs, roll back a faulty deployment, or apply a hotfix. Azure DevOps provides the tools to manage this lifecycle efficiently, making bug tracking a core skill for anyone using the platform.

How It Appears in Exam Questions

In the AZ-400 exam, bug-related questions often appear in scenario-based formats. A typical question might describe a team that uses Azure Boards to track work. The scenario says that a tester finds a critical defect in the staging environment. The question asks you to select the correct sequence of actions to log, assign, and track that defect to resolution. Options might include creating a bug work item, setting severity to critical, linking it to a test case, and assigning it to a developer. You need to know the correct state transitions and recommended field values.

Another common question pattern involves automated bug creation from pipeline failures. The question describes a build pipeline that runs unit tests. A test fails, and the team wants an automatic work item created. You might be asked to configure a step in the pipeline that uses the Work Item Creator task or to enable the Create work item on failure option in the test results settings. These questions test your practical knowledge of Azure Pipelines integration with Azure Boards.

Troubleshooting questions also appear. For example, a scenario says that a bug work item is stuck in the Resolved state and not moving to Closed. The question asks why, and options might include that no test case is linked, or that the resolved bug has not been verified by a tester. You are expected to know the state machine of a bug work item, including which roles can transition it to which states. Some questions focus on linking: they may ask which work item types should be linked to a bug (e.g., test case, task, pull request) and what type of link to use (e.g., Related, Tested By, Fixed By).

Study AZ-400

Test your understanding with exam-style practice questions.

Practise

Example Scenario

Contoso, a retail company, is developing a new online shopping cart feature for their e-commerce website. During testing, Sarah, the test engineer, notices that when a user adds exactly 10 items to the cart, the cart page shows an error message Unexpected error occurred. The cart does not display the total price, and the user cannot proceed to checkout. Sarah creates a bug work item in Azure Boards. She writes Reproduction Steps: 1. Log in as any user. 2. Add any product to the cart. 3. Repeat step 2 until the cart contains 10 items. 4. Click on the cart icon. Actual Result: Error message appears, no total shown. Expected Result: Cart shows all 10 items with correct total and checkout button. She sets Severity to 1 - Critical and Priority to 1 - High because this blocks a key user action.

The bug moves to the New state. The development team triages it during their daily stand-up. They assign it to Raj, a developer, who sets it to Committed. Raj opens the code and finds that the cart display logic uses an array indexed from 0 to 9. When the array has 10 items, the index 10 is out of bounds, causing an unhandled exception. He writes a fix to handle the array correctly, tests it locally, and commits the code to a feature branch. The commit message includes #1234 to link the commit to the bug work item. Raj creates a pull request and sets the bug to In Progress. After the pull request is approved and merged, the CI pipeline runs all automated tests, including a new test for 10 items in the cart. All tests pass. Raj resolves the bug and moves it to Resolved.

Sarah picks up the resolved bug. She verifies the fix in the staging environment by following the same reproduction steps. The cart now works correctly with 10 items. She moves the bug to Closed. The bug lifecycle is complete.

Common Mistakes

Confusing a bug with a feature request.

A bug is a deviation from expected behavior that was already defined. A feature request is asking for new functionality that was not previously specified. Treating a feature request as a bug leads to confusing work item tracking and incorrect priority assignments.

If the software behaves differently than the agreed-upon requirements, it is a bug. If the behavior is as designed but the user wants something new, it is a feature request. Use a separate work item type for each.

Setting a bug to Resolved without linking a pull request or code fix.

A bug in Resolved state should have a proven fix. Without a linked code change, there is no traceability. The tester cannot easily verify what was changed, and the audit trail is broken.

Always link the bug to the pull request that contains the fix. In Azure DevOps, use the Related or Fixed By link type. Ensure the commit message references the bug ID.

Failing to include clear reproduction steps in a bug report.

If a developer cannot reproduce the bug, they cannot fix it. Vague reports like the page crashes sometimes waste everyone's time. The bug may be closed as unreproducible, leaving the problem unresolved.

Write step-by-step instructions starting from a known initial state. Include specific input values, the exact actions, and the exact error messages. Use screenshots or screen recordings when possible.

Assigning a bug to a developer without triaging priority first.

Not all bugs are equally important. A cosmetic typo on an internal admin page should not delay a critical payment processing fix. Assigning blindly overloads developers with low-value work.

During triage, evaluate severity and priority. Use a framework like MoSCoW (Must have, Should have, Could have, Won't have). Assign only after setting priority and confirming the bug is in the team's backlog.

Closing a bug without verifying the fix in the environment where it was originally found.

A fix that works in the development environment might fail in staging or production due to different data, configurations, or dependencies. Closing without verification risks the bug persisting in production.

Always move the bug to Resolved first, then have a tester verify it in the appropriate environment (usually staging or a test environment that mirrors production). Only then close the bug.

Exam Trap — Don't Get Fooled

{"trap":"Thinking that a bug should always be resolved by fixing the code, and that a bug work item must be closed only after the fix is deployed to production.","why_learners_choose_it":"In many traditional software lifecycles, a bug is closed after the fix is released to production. Learners naturally assume that standard applies to Azure Boards as well.

Also, the term resolved can mislead people into thinking the fix is complete and live.","how_to_avoid_it":"In Azure DevOps, the Resolved state means the fix has been implemented and verified by the developer (and often by automated tests), but it has not yet been verified by a tester in a non-production environment. The Closed state is used after a tester or quality assurance person has verified the fix.

The fix may or may not be in production at that point. Remember that the state model is about work item lifecycle, not deployment status."

Step-by-Step Breakdown

1

Bug Discovery and Logging

A bug is identified by a tester, developer, user, or automated monitoring system. In Azure DevOps, a bug work item is created in the New state. Essential fields are filled: Title, Description (with reproduction steps), Severity (e.g., Critical, Major, Minor), and Priority (1-4). The bug may be linked to a test case (Tested By) or a failing build.

2

Triage and Prioritization

A project lead or triage team reviews the new bug. They confirm it is a valid bug, not a duplicate, and not a feature request. They assign a priority level based on business impact. For example, a bug blocking a release candidate is priority 1. The bug is then assigned to a developer or development sprint.

3

Bug Assignment and Active Development

The developer picks up the bug (moves it to In Progress). They reproduce the issue using the provided steps, then debug the code to find the root cause. Once identified, they write a code fix and run unit tests to ensure the fix works. The fix is committed to a feature branch with a commit message referencing the bug ID (e.g., Fixes #1234).

4

Code Review and Pull Request

The developer creates a pull request (PR) to merge the fix into the main branch. The PR is linked to the bug work item using the Fixed By link type. Team members review the code. Automated CI pipelines run tests against the PR. If all checks pass and reviews are approved, the PR is merged. The merge automatically triggers the CI pipeline again.

5

Bug Resolution and Verification

After the fix is merged, the developer marks the bug as Resolved. This state indicates the developer believes the fix is correct. A tester then picks up the resolved bug, deploys the latest build to a staging environment, and executes the original reproduction steps. If the issue no longer occurs, the tester moves the bug to Closed. If the issue persists, they reactivate it (moves back to New or Active).

Practical Mini-Lesson

When working with bugs in Azure DevOps, professionals need to think about the entire lifecycle, not just logging and fixing. The goal is to minimize the time a bug remains open, especially critical ones. This requires clear communication between testers and developers. A well-written bug report includes the environment information (browser, OS, version), the exact steps to reproduce, and the actual vs. expected behavior. Screenshots or screen recordings are extremely helpful. In Azure Boards, you can attach files and images directly to the bug work item.

For configuration context, you should know how to customize the bug work item template. In Azure DevOps, you can add custom fields, change the state model, and define rules for transitions. For example, you may require that a bug cannot be moved to Resolved without a linked pull request. This enforces traceability. You can also create queries to track bug trends, such as bugs closed this sprint, bugs by severity, or bugs without an assignee.

What can go wrong in practice? One common problem is bug aging-bugs that stay open for many sprints. They accumulate and become technical debt. Another is bug inflation, where testers log every minor UI glitch as a critical bug, desensitizing the team to real critical issues. To avoid this, teams use severity and priority definitions that everyone agrees on. For example, a critical bug causes data loss or blocks a primary workflow, while a minor bug is a cosmetic issue that does not affect functionality.

Another practical issue is the bug fix that introduces a regression. A fix for one bug might break another feature if the code change was not thoroughly tested. That is why automated regression test suites are important. In Azure Pipelines, you can configure build validation that runs a full suite of tests for every PR. This helps catch regressions before the fix is merged. Professionals also use feature flags to roll out bug fixes gradually, allowing quick rollback if something goes wrong.

Memory Tip

Bug lifecycle: Discover, Triage, Fix, Verify, Close. Think of the words DT Fixed VC to remember the five steps.

Covered in These Exams

Current Exam Context

Current exam versions that test this topic — use these objectives when studying.

Related Glossary Terms

Frequently Asked Questions

What is the difference between severity and priority in a bug work item?

Severity measures the technical impact of the bug (how bad it is), while priority measures business urgency (how quickly it needs to be fixed). A bug can have high severity (e.g., crashes the app) but low priority (e.g., happens rarely in an unused feature).

Can a bug be automatically created from a test failure in Azure Pipelines?

Yes. You can configure the failing test results to automatically create a bug work item. This is done using a task like Publish Test Results with the option to create a work item on failure, or by using a custom script with the Azure DevOps REST API.

What state should a bug be in after a developer fixes it?

The developer should set the bug to Resolved. This indicates the fix is implemented and ready for verification. A tester then verifies the fix in a non-production environment. If the fix works, the tester closes the bug.

How do I link a bug to a pull request in Azure DevOps?

When creating or editing a pull request, in the Related Work Items section, you can search for and select the bug work item. Use the Fixed By link type. You can also mention the bug ID in the commit message using the # symbol.

What is a bug vs. an issue in Azure DevOps?

A bug is a specific work item type for an error in code that causes incorrect behavior. An issue is a separate work item type used to track problems, risks, or impediments that are not necessarily code bugs, such as missing resources or blocked tasks.

Should I close a bug immediately after deploying the fix to production?

Not necessarily. The state model in Azure Boards is about the work item lifecycle, not deployment status. You should close a bug only after it has been verified by a tester in an appropriate environment, even if the fix is already deployed to production.

What are reproduction steps and why are they important?

Reproduction steps are a clear list of actions that cause the bug to appear. They are important because they allow the developer to see the issue firsthand, verify the root cause, and test the fix. Without them, the bug may be closed as unreproducible.

Summary

A bug is a fundamental concept in software development, representing an error in code that causes unintended behavior. Managing bugs effectively is crucial for delivering high-quality software. In Azure DevOps, bugs are tracked as work items with a defined lifecycle from discovery to closure. The bug lifecycle includes creation, triage, assignment, fixing, resolution, verification, and closure. Each stage involves specific actions and state transitions that ensure traceability and accountability.

For IT certification learners targeting the AZ-400 exam, understanding bugs is essential because the exam covers Azure Boards, Azure Pipelines, testing integration, and feedback mechanisms. You will be tested on how to create, link, and manage bug work items, how to automate bug creation from test failures, and how to configure quality gates. Mastering these concepts will help you pass the exam and also prepare you for real-world DevOps roles where bug management is a daily task.

Remember that a bug is different from a feature request, an error, or an issue. Use the correct work item type in Azure Boards, write clear reproduction steps, and always verify fixes before closing. By following best practices for bug management, you contribute to a more reliable software product and a more efficient development team.