Azure Pipelines
Azure Pipelines automatically builds and tests code projects. It supports all major languages and project types and combines continuous integration, continuous delivery, and continuous testing to build, test, and deliver your code to any destination.
To learn more about Azure Pipelines, see What is Azure Pipelines? and Configuring CI/CD Pipelines as Code with YAML in Azure DevOps
Task 1: Creating a service connection to Azure
-
Open the Azure cloud shell. Select Bash when prompted to choose shell. Create storage in your subscription if it is not present
-
Enter the following command by replacing ServicePrincipalName with your desired value.
az ad sp create-for-rbac -n ServicePrincipalName
-
It will give you a JSON output as shown in the image. Copy the output to a notepad or text file. You will need them later.
-
Now, we need to grant contributor permission to the service principal. For that, go to the Subscriptions section in the Azure portal
-
In the left pane, select Access control(IAM) and then click on Add role assignment option that is available under Grant access to this resource section.
-
Choose Contributor role under the Privileged administrator roles and click on Next
-
Now, using + Select Members select the service principal that has been created and click on Next. Review + assign now to finish role assignment.
-
Enter the following command to get Azure SubscriptionID and copy the subscription ID and name to Notepad.
az account show
-
Now, open Azure DevOps and open your project.
-
Open Project settings
-
Navigate to Service connections
-
Click on New Service connection -> Azure Resource Manager -> Service Principal (manual).
Fill the information from the previously created service principal:
-
Subscription ID and name: can be found in the keyvault resource overview page.
-
Service Principal Id = AppId in the copied notes.
-
Service Principal key = Password in the copied notes. TenantId, copy from the notes.
-
Provide a name to the service connection and a description is optional
Click on Verify to check it works, give the connection a name and click Verify and Save.
Task 2: Configure the approvals and checks using Environments
-
Navigate to Pipelines section and select Environments
-
Select Production environment
-
Navigate to Approvals and checks and select Approvals
-
Choose an approver and click on create
-
To select additional checks, click on + button
-
Select Required tempalte and click on Next
-
Click on + button to add tempalte
-
Input the values in the Required YAML template fields and click on Add required template button
- Choose Azure Repos radio button
- Repository: eShoponweb
- Ref: refs/heads/main
- Path to required YAML template: template.yaml
-
Repository will be pointing to the main branch, click on Create button
Task 3: Updating details in the pipeline
-
Navigate to the Pipelines section
-
Go to All and click on eShopOnWeb
-
Click on Edit option available at the right-top
-
Collapse the Build stage as we have to change some configurations in the DEV stage
-
Now click on Settings option available on the top of AzureResourceDeployment Task
-
On the right pane, for Azure subscription field choose the service connection name that you created earlier from the drop-down.
-
Do the same thing for AzureWebApp task
For your information:
- Resource group: Value we are passing in the variable section
-
Location: Southeast Asia is selected. You can change it as per your preference.
-
Also, as we are using ARM template here to create resources we need to pass both template file and parameter file location
Task 4: Queuing the pipeline
Once the details are updated you can continue running the pipeline. This will run both build and deployment.
-
Save the modified pipeline.
-
Click on Run
-
Leave the default branch as main and Run
-
You will be able to see Build stage will run first and deployment to DEV will happen after that.
-
Once after build and release get succeeded. Navigate to Azure portal and Browse the application
-
This will open the application in the new tab