Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ABS2024: Top 10 Best Practices for YAML Pipelin...

ABS2024: Top 10 Best Practices for YAML Pipelines in Azure DevOps

⭐️ Top 10 Best Practices for YAML Pipelines in Azure DevOps#
Azure Pipelines definitions can be defined with the new YAML standard since some time. We are sure that many have already created their first pipelines or migrated existing pipelines. So it’s high time to look at the most important best practices from our wealth of experience together. This session will show the top 10 best practices from many customer projects related to YAML pipelines. Among other things, topics such as splitting pipelines (chained builds), using templates, as well as ensuring enterprise specifications and quality assurance will be covered.
🙂 MARC MÜLLER ⚡️ Principal Consultant @ 4tecture GmbH

More Decks by Azure Zurich User Group

Other Decks in Technology

Transcript

  1. Multi-Stage Yaml Pipeline Stage Job Task Task Job Task Task

    Stage Job Task Task Stage Job Task Task Stage Job Task Task Job Task Task Job Task Task
  2. Azure Pipelines Azure Artifacts Service Connection Environments Hosted / private

    Agent Container Jobs Pipeline Secrets Azure KeyVault Azure Repo App Code IaC Azure Resources Version / Branch Compile / Package Deploy Tasks Stages Variables / Secrets Pipeline Infrastructure Execution on target Approvals Checks Deployment Strategy Templates Tests / Test-Results
  3. Platform CD Service CD Base Infrastructure Template Resource Template Resource

    Template Dev/Test Prod Service CI Build Stage PR Stage Testing PreProd Prod Compile Service DB Schema Compile System Tests Infrastructure Artifacts Pipeline Artifacts Task / Job Templates Task / Job Templates Resource Groups, vNets, VMs, Azure SQL, CosmosDB, … App Deployment, DB instance, DB Schema, Managed Identities, Storage, … Deplyoment Verification
  4. Base Infrastructure CD Service CD Base Infrastructure Template Resource Template

    Resource Template Dev/Test Prod Service CI Build Stage PR Stage Testing PreProd Prod Compile Service DB Schema Compile System Tests Infrastructure Artifacts Pipeline Artifacts Task / Job Templates Task / Job Templates Resource Groups, vNets, VMs, Azure SQL, CosmosDB, … App Deployment, DB instance, DB Schema, Managed Identities, Storage, … Deplyoment Verification Secret Provider [Secret Variables, Variable Groups, KeyVault, Managed Identiy] Secret Provider [Secret Variables, Variable Groups, KeyVault, Managed Identiy]
  5. Azure DevOps Variable Groups Pipeline Definition YAML File Pipeline Settings

    Secret Variable Service Connection Task Task Pipelines Agent Runtime Logging Secret Variable Key Vault Link Azure Key Vault Managed Identities Application AppSettings KeyVault Client Get Token by Managed Identity
  6. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

    ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
  7. Method: POST URI: https://dev.azure.com/4tecture-demo/_apis/public/distributedtask/webhooks/prupdated?api-version=6.0-preview HTTP Version: 1.1 Headers: { Content-Type:

    application/json; charset=utf-8 } Content: { "subscriptionId": "1de80ac8-b9a7-42d0-a2fe-5441c2b7ffc2", "notificationId": 14, "id": "af07be1b-f3ad-44c8-a7f1-c4835f2df06b", "eventType": "git.pullrequest.updated", "publisherId": "tfs", "message": { "text": "Jamal Hartnett marked the pull request as completed", "html": "Jamal Hartnett marked the pull request as completed", "markdown": "Jamal Hartnett marked the pull request as completed" }, "detailedMessage": { "text": "Jamal Hartnett marked the pull request as completed\r\n\r\n- Merge status: Succeeded\r\n- Merge commit: eef717(https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079/commi "html": "Jamal Hartnett marked the pull request as completed\r\n<ul>\r\n<li>Merge status: Succeeded</li>\r\n<li>Merge commit: <a href=\"https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e- 0462c7748079/commits/eef717f69257a6333f221566c1c987dc94cc0d72\">eef717</a></li>\r\n</ul>", "markdown": "Jamal Hartnett marked the pull request as completed\r\n\r\n+ Merge status: Succeeded\r\n+ Merge commit: [eef717](https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079 }, "resource": { "repository": { "id": "4bc14d40-c903-45e2-872e-0462c7748079", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/git/repositories/4bc14d40-c903-45e2-872e-0462c7748079", "project": { "id": "6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "name": "Fabrikam", "url": "https://fabrikam.visualstudio.com/DefaultCollection/_apis/projects/6ce954b1-ce1f-45d1-b94d-e6bf2464ba2c", "state": "wellFormed", "visibility": "unchanged", "lastUpdateTime": "0001-01-01T00:00:00" }, "defaultBranch": "refs/heads/master", "remoteUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_git/Fabrikam" }, "pullRequestId": 1, "status": "completed", "createdBy": { "displayName": "Jamal Hartnett", "url": "https://fabrikam.vssps.visualstudio.com/_apis/Identities/54d125f7-69f7-4191-904f-c5b96b6261c8", "id": "54d125f7-69f7-4191-904f-c5b96b6261c8", "uniqueName": "[email protected]", "imageUrl": "https://fabrikam.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=54d125f7-69f7-4191-904f-c5b96b6261c8" }, "creationDate": "2014-06-17T16:55:46.589889Z", "closedDate": "2014-06-30T18:59:12.3660573Z", "title": "my first pull request", "description": " - test2\r\n", "sourceRefName": "refs/heads/mytopic",
  8. Pipeline Agent Docker Network Container Pipeline Job Build Container Publish

    Container Container Job Container API App Container SQL Server Deploy DB Run Test Docker Registry
  9. Matrix → run test in different environments in parallel Dynamic

    service container selection based on matrix variable