Running YAML Azure Pipelines from a restricted GitHub Service Connection

Last week a colleague (hi Kapil!) ran into an interesting scenario:

what if I can’t use the GitHub app to integrate Azure Pipelines with my GitHub repository? All I have is a GitHub PAT.

The target GitHub repository contains the YAML Pipeline definitions, but it has no visibility towards Azure DevOps. All you have on the Azure DevOps side is a Service Connection created with a PAT.
This is a situation where the GitHub organisation restricts access to external parties, so they only release a PAT to allow for controlled access. It’s not an optimal situation IMHO, but we should make it work regardless.

If you choose the Azure Pipeline classic editor, you will be able to consume that Service Connection:

You will be surprised to discover that once you point it at the right source (your GitHub Service Connection mentioned above), you will have an option to use a YAML file:

All you then have to do is to set the path to your YAML definition, and the two will be integrated: