[Recap] Day 3: CI, Dependency Management Strategy [Azure DevOps] [AZ-400]

This blog post will go through some quick tips, including Q/A and related blog posts on the topics that we covered in the Azure DevOps Engineer Day 3 Live Session, which will help you gain a better understanding and make it easier for you to learn the Azure DevOps Engineer, clear the [AZ400] Certification & get a better-paid job.

This week’s Day 3 Live Session started with Module 3- Implement Continuous Integration and Module 4- Implement Dependency Management. We covered topics like Why Key vault ,Difference Between IAAS and PAAS ,What is Compute, Storage and Network, Action Repository ,NuGet Package ,NuGet ,Azure Artifact ,Artifacts Feeds ,Azure Pipelines.

We also covered hands-on Lab 5, Lab 6, Lab 7 out of our 22+ step-by-step, hands-on labs.

The previous week, In Day 2 session, we got an overview of concepts of What is Azure pipeline?, Azure DevOps Security:, What is defense in depth model?, Layers of defense in depth, Source Control, Azure Repos, Branching, Pull Request, Feature Branch, Git Branching Workflow, GitHook, Branch Lock.

A week before, In Day 1 session, we got an overview of DevOps, DevOps as a Job Role, Components that form DevOps, Types of Teams in DevOps Organizations, Types of DevOps Projects, Azure DevOps Work Items, What is Azure DevOps?, Features of Azure DevOps?, Azure Boards?, Azure Repos?, Microsoft hosted agent, Self hosted agent, Why Organizations choose DevOps?,

Why Key vault

It offers a secure and centralized storage for managing and protecting sensitive information such as passwords, connection strings, API keys, certificates, and encryption keys.

Here are some reasons why Key Vault is commonly used:

1. Key Management: Key Vault simplifies key management tasks by providing a secure and scalable solution. It allows you to create, import, store, and manage cryptographic keys used for data encryption, signing, and authentication.

2. Secret Storage: Key Vault enables secure storage and management of application secrets. Instead of storing sensitive information directly in code or configuration files, you can securely store secrets in Key Vault and retrieve them programmatically when needed. This helps prevent accidental exposure of secrets and improves security posture.

3. Centralized Control: Key Vault offers a central location to manage access policies and permissions for keys and secrets. It allows you to control who can access and manage sensitive information, providing granular access control and auditing capabilities.

4. Hardware Security Modules (HSM): Key Vault integrates with Azure Dedicated HSM, which provides FIPS 140-2 Level 3 validated hardware security modules. HSMs offer enhanced protection for cryptographic keys by securely storing them within tamper-resistant hardware.

5. Integration with Azure Services: Key Vault seamlessly integrates with various Azure services, including Virtual Machines, Azure Functions, Azure App Service, Azure Kubernetes Service (AKS), and more. It allows these services to securely access keys and secrets without exposing sensitive information in their configurations.

6. Compliance and Auditing: Key Vault helps organizations meet regulatory and compliance requirements. It provides logging and auditing capabilities, allowing you to track key and secret operations for compliance reporting.

Overall, Azure Key Vault is a valuable tool for securely managing cryptographic keys and secrets, providing enhanced security, centralized control, and seamless integration with Azure services.

Difference Between IAAS and PAAS

Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) are both cloud computing models that offer different levels of abstraction and service capabilities.

1. Definition:
–IaaS: Infrastructure as a Service provides virtualized services over the Internet.. It offers virtualized hardware resources such as servers, storage, and networking components.
– PaaS: Platform as a Service provides a platform and environment for developing, deploying, and managing applications over the internet. It includes a preconfigured computing platform, operating system, and development tools.

2. Resource Control:
– IaaS: With IaaS, users have more control over the underlying infrastructure. They can manage and control the operating systems, applications, and configurations on the provided virtual machines.
– PaaS: PaaS abstracts the underlying infrastructure, allowing users to focus more on application development and deployment. Users have less control over the underlying infrastructure and can only control the deployment and configuration of their applications.

3. Scalability:
– IaaS: IaaS allows for horizontal scalability, where users can scale their infrastructure up or down by adding or removing virtual machines or resources.
– PaaS: PaaS provides both horizontal and vertical scalability. Users can scale their applications by adding more resources within the platform or by replicating the application across multiple instances.

4. Development Focus:
– IaaS: IaaS is suitable for users who require complete control over the infrastructure and need flexibility to install and configure their own software stack. It is commonly used by developers who want to build and manage their own applications.
– PaaS: PaaS is designed for developers who want to focus on coding and application development without worrying about the underlying system.. It provides a platform with prebuilt components and services, making it easier to develop, deploy, and scale applications.

5. Maintenance and Management:
– IaaS: Users are responsible for managing the operating systems, applications, security patches, and backups of the virtual machines.
– PaaS: The provider manages the underlying infrastructure, including operating system updates, security patches, and backups. Users are responsible for managing their applications and data.

In summary, IaaS provides virtualized infrastructure resources, giving users more control and flexibility, while PaaS offers a platform for application development and deployment, abstracting the infrastructure and allowing users to focus on their code. The choice between IaaS and PaaS depends on specific requirements, control needs, and the level of focus on application development.

What is Compute, Storage and Network

Compute: In Azure, compute refers to the resources responsible for running applications and executing code. Azure provides various compute options to cater to different needs:

Virtual Machines (VMs): Azure VMs are similar to physical computers but are virtualized in the cloud. They allow you to run applications on Windows or Linux operating systems with full control over the virtual machine configuration.

Azure Functions: Azure Functions is a serverless compute service that enables you to run code in the form of small, stateless functions. It automatically scales based on the incoming workload and charges you only for the actual execution time.

Azure App Service: App Service is a platform-as-a-service (PaaS) offering that allows you to host and manage web applications without managing the underlying infrastructure.

Azure Container Instances (ACI): ACI allows you to run containers on Azure without managing the underlying container orchestration infrastructure. It provides a quick and simple way to deploy and manage containers.

Azure Kubernetes Service (AKS): AKS is a container management service that simplifies the deployment, management, and evaluation of containers using Kubernetes.

Storage: Azure offers a range of storage services to store and manage data:

Azure Blob Storage: Blob Storage provides scalable object storage for unstructured data such as images, videos, documents, and backups.

Azure File Storage: File Storage offers fully managed network file shares that can be accessed using the standard Server Message Block (SMB) protocol. It is suitable for shared file storage across multiple VMs.

Azure Queue Storage: Queue Storage provides a messaging queue for reliable messaging between components of an application, allowing asynchronous communication.

Azure Table Storage: Table Storage is a NoSQL key-value store suitable for storing structured data in a schema-less format.

Azure Disk Storage: Disk Storage provides managed disks for attaching to Azure VMs. It offers both standard and premium performance options.

Network: Azure provides various networking services for connecting and securing your applications:

Virtual Network (VNet): VNet allows you to create isolated private networks in Azure. It provides a foundation for deploying VMs, containers, and services securely.

Azure Load Balancer: Load Balancer distributes incoming network traffic across multiple VMs or services to improve availability and scalability.

Azure Application Gateway: Application Gateway is a web traffic load balancer that provides advanced application delivery and routing capabilities for web applications.

Azure VPN Gateway: VPN Gateway enables secure connectivity between on-premises networks and Azure VNets over the public internet or private connections like Azure ExpressRoute.

Github Action

It allows you to automate various tasks, such as building, testing, and deploying software applications, directly from your GitHub repositories. GitHub Actions enable you to define custom workflows using YAML syntax, which can be triggered by events like code pushes, pull requests, or scheduled intervals.

Here are some key features and concepts related to GitHub Actions:

Workflows: Workflows are a set of configurable automated tasks that are executed based on specified events or triggers. Workflows are defined in YAML files stored within your repository.

Actions: Actions are the individual tasks that make up a workflow. They can be predefined actions provided by the GitHub community or custom actions created by you. Actions are reusable units of code and can perform tasks like building code, running tests, deploying applications, or sending notifications.

Events: Workflows can be triggered by various events, such as pushing code changes, creating or closing pull requests, or scheduling a specific time.

Workflow Execution: When an event occurs that matches the defined triggers, GitHub will automatically execute the associated workflow. Workflows run on GitHub-hosted virtual machines or self-hosted machines and can perform operations within the repository, access external APIs, or interact with other GitHub repositories.

Workflow Syntax: Workflows are defined using YAML syntax, which allows you to specify the sequence of steps and actions to be executed. The syntax includes defining jobs, steps, and actions, along with conditions, dependencies, and outputs.

Workflow Visualization: GitHub provides a visual representation of your workflow, showing the sequence of jobs, their status, and any dependencies between them. This helps you understand the execution flow and identify issues if any step fails.

Integration with the GitHub Ecosystem: GitHub Actions seamlessly integrates with other GitHub features and services. For example, you can trigger workflows based on pull request events, use environment variables and secrets to securely store sensitive information, and publish artifacts or release assets directly to your repository.

Repository

The Repository is a space or place where generally a developer stores the code and appropriately manages the code with proper version control.

Azure Repo is also a kind of Repository. Azure Repos is a combination of a version control tool that helps to manage code. There are mainly 2 Version Control Tool that Azure Repo provides, Git and Team Foundation Version Control.

Where Git is Distributed Version Control, and TFVC is Centralized Version Control System.

Check more about Azure Repos.

NuGet Package

NuGet package is an individual ZIP file with the .nupkg extension that holds compiled code (DLLs), other files associated with that code, and a detailed manifest that includes data like the package’s version number.

Developers with code to share, build packages and distribute them to a public or private host. Package consumers get these packages from suitable hosts, combine them with their projects, and then call a package’s functionality in their project code. NuGet itself then manages all of the intermediate details.

Question 1: How does Package interact with code repo like Github or Azure Repo?

Answer: The Packages are kept ready in the DevOps Environment, and the Developer will take the Package from the DevOps environment, develop the code in their personal computer and then commit the code to GitHub. And packages also get committed with the code in Git because the packages get packed with the Source Code.

Check more about Azure Repos.

Question 2: Only DLL packages can be pushed?

Answer: Which type of package gets pushed is dependent on the kind of Feed you want to connect to. It is dll for .Net Feed, .nupkg is for the NuGet Package, and like this, every package has different extensions.

NuGet

NuGet is the package handler for .NET. It allows developers to create, distribute, and utilize useful .NET libraries. NuGet client tools give the ability to produce and utilize these libraries as “packages.” Visual Studio is the commonly used tool for NuGet Package.

Question 3: What if this custom package has a dependency on some other NuGet packages?

Answer: If there is a dependency on another package, then you have to install both Packages. When you are installing the Package, it’ll show an error that there is a dependency on another package or install another package before installing it.

Sometimes, all the dependent packages get installed automatically when you install the package; a common example is Visual Studio.

Azure Artifact

Azure Artifacts helps to make your workflow seamless with deeply integrated package management and lets you create and share Maven, npm, NuGet, and Python package feeds from public and private sources. Your packages are protected as Azure Artifacts keeps all your public packages safe in your feed.

Check more about Azure Artifacts.

Artifacts Feeds

Artifacts Feeds are organizational constructs that allow you to store, manage, and group your packages and control who to share it with. Feeds are not package-type dependent. You can store all the following package types in a single feed: npm, NuGet, Maven, Python, and Universal packages.

In Public feeds, you can share your packages publicly with anyone on the Internet. Anyone who isn’t part of your organization can also access the package, and also they don’t need to have an Azure DevOps Account to access the package.

Question 4: Is Artifactory a private or public Package feed?

Answer: Artifactory is a self-hosted private feed of Maven Package Type.

Self-hosted private feeds are those feeds that are managed on a personal server.

Question 5: Does Public Package mean it is open source?

Answer: No, the Public Package does not mean that it’s an open-source package. The Public Package is packaged accessible to everyone, they can read the package and download it, but they can’t see the source code used to create it.

Question 6: As DevOps engineers, are we responsible for identifying the package, or will it be done by the software engineer or the solution architect?

Answer: The developer is the person who identifies the package, builds the package. As a DevOps Engineer, you need to provide an environment where the Developer can build, manage and version the packages. As a DevOps Team member, your responsibility is to provide required apps/tools to developers when creating a package and managing it.

Question 7: Packages built based on OS / Framework dependencies?

Answer: Yes, the Packages build based on OS / Framework dependencies because all the packages can’t run on every available platform.

Question 8: Which Visual Studio ( trial or community version) for a personal laptop?

Answer: For Learning and personal use, you should use the Community version as it’s free to use, and it also provides many features of the Visual Studio Professional Version and Enterprise Version.

The Community version of Visual Studio is primarily designed for students, any open-source projects, academic usage, individual developers who don’t want to purchase a subscription for Visual Studio.

Check more about Visual Studio Versions here.

Question 9: What is the IDE clone option?

Answer: IDE Clone is an option by which you can clone your Repo in your Integrated Development Environment, i.e., Visual Studio/ Visual Studio Code/ Android Studio. IDE is a software development tool in which developers develop their code, publish, manage and do all the other software development tasks.

Question 10: Does Continuous Deployment and Continuous Release both are the same?

Answer: Continuous Release is not the proper term in Azure Pipeline; the correct term is Continuous Deployment.

Continuous Delivery is a software development practice where you build software to be released to production at any time. The benefit of continuous delivery is that the code is ready to deploy at all times. The Quality Assurance team tests if each feature is working or not, and then they manually deploy it to production on-demand. So, every change is not deployed to production.

Continuous deployment means that every change you make goes through the pipeline, and if it passes all the tests, it automatically gets released or deployed into production.

Check more on Azure DevOps CI/CD.

Azure Pipelines

Microsoft Azure Pipelines is a cloud service that you can utilize to build, test, and deploy your code project automatically. You can also make it feasible for other users. And it operates with just about any language or project type.

Check more on Azure Pipeline.

Question 12: Why were NuGet and NuGet restore used in the Job?

Answer: We have used a .Net Framework Solution to compile a .Net Framework; NuGet is required. We have also selected an ASP. Net Template, to build a solution, these packages are required in the Pipeline and the Agent to run the Pipeline. And when you do a compilation of Pipeline, NuGet Restore will take place.

Quiz Time (Sample Exam Questions)!

With our Microsoft Azure DevOps training program, we cover 150+ sample exam questions to help you prepare for the certification AZ-400.

Check out one of the questions and see if you can crack this…

Question-

Which of the following can be applied to ensure that the application does not get promoted to the next stage in the pipeline if it has active bugs assigned to it?

A. Creating a trigger

B. Creating a deployment gate

C. Creating a pre-deployment approval

D. Creating a post-deployment approval

The right answer will be revealed in my next week’s email.

Here is the answer to the question shared last week (Scroll down at the end of this post for the question).

Question- Your company uses Azure DevOps for the management of build and release pipelines for applications. A Git repository is used for application source control. You have to implement a pull request strategy that reduces the history volume in the master branch.

You decide to implement a pull request strategy that uses fast-forward merges.

Would this fulfill the requirement?

A. Yes

B. No

Answer: A

Explanation:
Yes, this can be used to reduce the history volume. Here the new commit will not store the combined history.

References

• [AZ-400] Microsoft Azure DevOps Certification Exam: Everything You Need To Know
• [AZ-400] Microsoft Azure DevOps Training: Step By Step Activity Guides/Hands-On Lab Exercise
• Microsoft Azure DevOps Engineer (AZ-400) Q/A: Day1 Live Session Review
• Day 2 [AZ-400] Azure DevOps Engineer Live Session Recap and Q/A: Source Control, Azure Repos, Migrating from TFVC to Git, Pull Requests, Git Hooks, Git Versioning
• Branching Strategy DevOps | Git Branching Model | Git Branch Policy | Restoring A Deleted Branch
• [AZ-400] Microsoft Azure DevOps Solutions: Artifacts
• Creating Azure CI CD Pipeline with DevOps Starter

Next Task For You

Begin your journey toward Mastering Azure Cloud and landing high-paying jobs. Just click on the register now button on the below image to register for a Free Class on Mastering Azure Cloud: How to Build In-Demand Skills and Land High-Paying Jobs. This class will help you understand better, so you can choose the right career path and get a higher paying job.