www.AGuideToCloud.com 400 Episode 1 Episode 400 - AZ Course Introduction Course www.AGuideToCloud.com
Susanth Susanth Sutheesh
AGuideToCloud @ Blog: AGuideToCloud.com Blog: Hello! Instructor Introduction Instructor Hello! www.AGuideToCloud.com
DevOps professionals streamline delivery by optimizing practices, practices, optimizing by delivery streamline professionals DevOps testing, continuous delivery, continuous monitoring, and feedback. and monitoring, continuous delivery, continuous testing,
and infrastructure that allow for continuous integration, continuous continuous integration, continuous for allow that infrastructure and improving communications and collaboration, and creating automation. automation. creating and collaboration, and communications improving The professionals design and implement strategies for application code code application for strategies implement and design professionals The DevOps Role Role DevOps www.AGuideToCloud.com 15% 15% 15% 25% 15% 10% 10% ------5 5 10 10 10 20 10 Weights
Study Areas Study
Define and implement Define implement and continuous integration Define implement and a continuous delivery and release management strategy Develop Strategy an Instrumentation Develop Reliabilitya Site Engineering (SRE) Strategy Develop and compliance plan a security source control Manage Facilitate communication and collaboration
400
-
Areas
Study AZ www.AGuideToCloud.com Designing and Implementing a Module Module 10: Designing a Release Strategy Module 11: Implementing Continuous Deployment Module 11: Azure Pipelines using Appropriate Module 12: Implementing an Deployment Pattern Module Module 8: Implementing Continuous Integration with Actions GitHub Module 7: Managing Application Module Configuration 7: Managing and Secrets Module Module 9: Dependency Management Strategy
Module Module 1: Planning for DevOps Module Module 6: Implementing Continuous Integration using Azure Pipelines Module 4: Working Module 4: with Working Git for Enterprise DevOps Module 5: Configuring Azure PipelinesModule 5: Configuring Module 3: Managing Technical Debt Module 3: Technical Managing Module Module 2: Getting Started with Source Control Course agenda Course www.AGuideToCloud.com for Implementing Implementing System Feedback Implementing Security in DevOps Code Bases Validating Implementing Implementing Feedback for Module Module 18: Mechanisms Module 19: Projects Module 20: Compliance Module Module 17: Development Teams
Tools Available with Azure Available with Tools using Azure Tools Azure using Module 14: Third Using Party Infrastructure as Code Module 13: Managing Infrastructure and Configuration Service Infrastructure Module Module 16: Creating and Managing Kubernetes Module Module 15: Managing Containers using Docker Course agenda (continued) agenda Course www.AGuideToCloud.com program. template. Azure DevOps account Azure DevOps Azure Account Azure Azure DevOps DemoAzure DevOps Generator PartsUnlimited
using the using Sign into the Sign Accept the terms of agreement createand a new Parts Unlimited project Sign up for free Sign Sign up for a free Sign
4. 3. 2.
1. Lab preparation Lab www.AGuideToCloud.com Case Studies choice - More than just More multiple questions!
Plan for 180 minutes
60 questions -
40 Exam Basics Exam www.AGuideToCloud.com 400 Episode 2 2 Episode 400 - What is DevOps? is What AZ www.AGuideToCloud.com What is DevOps? DevOps? is What www.AGuideToCloud.com Understand your Cycle Time Cycle your Understand www.AGuideToCloud.com Strive for Validated Learning Learning Validated for Strive www.AGuideToCloud.com Shorten Your Cycle Time Cycle Your Shorten www.AGuideToCloud.com Optimize Validated Learning Learning Validated Optimize www.AGuideToCloud.com Understanding the DevOps Journey DevOps the Understanding www.AGuideToCloud.com Step 1: Continuous Integration Integration Continuous 1: Step www.AGuideToCloud.com Step 2: Continuous Delivery Delivery Continuous 2: Step www.AGuideToCloud.com Step 2: Continuous Delivery Delivery Continuous 2: Step www.AGuideToCloud.com Step 3: Version Control Control Version 3: Step www.AGuideToCloud.com Step 4: Agile Planning Agile 4: Step www.AGuideToCloud.com Step 5: Monitoring and Logging and Monitoring 5: Step www.AGuideToCloud.com Step 6: Public and Hybrid Clouds Hybrid and Public 6: Step www.AGuideToCloud.com
) IaC Step 7: Infrastructure as Code ( Code as Infrastructure 7: Step www.AGuideToCloud.com Step 8: Microservices Architecture Architecture Microservices 8: Step www.AGuideToCloud.com Step 9: Containers 9: Step www.AGuideToCloud.com DevOps May Hurt at First at Hurt May DevOps www.AGuideToCloud.com 400 Episode 3 3 Episode 400 - AZ Planning for DevOps for Planning www.AGuideToCloud.com DevOps Transformation Planning Transformation DevOps www.AGuideToCloud.com
Focused on the transformation areas in their subject respected Well the business to Internal and external Availability of staff Availability and processes of current procedures Disruption To overcome the challenges, create a team that is: that team a create challenges, the overcome To There are several challenges when creating teams: creating when challenges several are There ❑ ❑ ❑ ❑ ❑ Separating Transformation Teams Teams Transformation Separating www.AGuideToCloud.com defined set of measurable outcomes, like: outcomes, measurable of set defined - hours work required by staff to no more than 10% of total working time working 10% of total to no more than by staffhours work required - of -
Remove all direct patching of production systems all direct patching Remove Reduce the time spent on fixing on fixing bugs by 60% Reduce the time spent by 70% work on unplanned Reduce the time spent Reduce the out
Projects must have a clearly a have must Projects ❑ ❑ ❑ ❑ Defining Shared Goals Shared Defining www.AGuideToCloud.com each – term goals goals term - achievable clear and measurable and clear
Measurable goals should have timelines that challenging yet yet challenging that timelines have should goals Measurable Timelines should be a constant series of short of series constant a be should Timelines Setting Timelines for Goals for Timelines Setting www.AGuideToCloud.com 400 Episode 4 Episode 400 - AZ DevOps Project Selection Project DevOps www.AGuideToCloud.com of existing software software existing of applications/systems. Brownfield software projects projects software Brownfield develop in the immediate presence immediate the in develop environment.
develop in a totally new new totally a in develop Greenfield software projects projects software Greenfield Greenfield and Brownfield Projects Defined Projects Brownfield and Greenfield www.AGuideToCloud.com Greenfield projects: Greenfield
Appears to be an easier starting point starting Appears to be an easier want. the way you the chance to implement everything offers slate blank A ❑ ❑ Choosing Greenfield Projects Projects Greenfield Choosing www.AGuideToCloud.com There is a common misconception a common that DevOps There is than Brownfield projects better suits Greenfield not the case is but this projects, Brownfield projects: Brownfield
Spending time maintaining existing Brownfield applications, limits the ability to the ability limits Brownfield applications, existing time maintaining Spending new code. work on Comes with the baggage of existing code bases, existing teams and often a often and teams existing bases, code of existing baggage the with Comes debt technical great amount of ❑ ❑ Choosing Brownfield Projects Brownfield Choosing www.AGuideToCloud.com Systems of Record: of Systems
Emphasize accuracy and security Emphasize accuracy data elements truth about Provide the carefully and slowly Historically evolve ❑ ❑ ❑ Choosing Systems of Record of Systems Choosing www.AGuideToCloud.com Both Both of systems are important types Systems of Engagement: of Systems
Use experimentation to solve new problems Use experimentation modified regularly Are are correct that the changes ensuring over makingchanges quickly Prioritize Are more exploratory Are ❑ ❑ ❑ ❑ Choosing Systems of Engagement of Systems Choosing www.AGuideToCloud.com Different types of staff members: staff of types Different
Early adopters Users Canaries ❑ ❑ ❑ Selecting Groups To Minimize Initial Resistance Resistance Initial Minimize To Groups Selecting www.AGuideToCloud.com
Ideal Target Improvements Target Ideal Ideal DevOps Team Members Team DevOps Ideal Ideal Scenarios Scenarios Ideal www.AGuideToCloud.com Faster Outcomes Faster
Deployment Size Lead Time Deployment Frequency Speed Deployment ❑ ❑ ❑ ❑ Identifying Project Metrics and KPIs and Metrics Project Identifying www.AGuideToCloud.com Efficiency
Application Application Usage Application Performance Server to Admin Ratio to Server Ratio to Customer Staff Member ❑ ❑ ❑ ❑ Identifying Project Metrics and KPIs and Metrics Project Identifying www.AGuideToCloud.com Quality and Security and Quality
Mean Time to Detection Mean Time Defect Escape Rate Escape Defect Availability Achievement SLA Application Rates Application Failure to Recover Mean Time Bug Report Rates Pass Rates Test Deployment Failure Rates Failure Deployment ❑ ❑ ❑ ❑ ❑ ❑ ❑ ❑ ❑ Identifying Project Metrics and KPIs and Metrics Project Identifying www.AGuideToCloud.com Culture
Retention RatesRetention Employee Morale ❑ ❑ Identifying Project Metrics and KPIs and Metrics Project Identifying www.AGuideToCloud.com 400 Episode 5 Episode 400 - AZ DevOps Team Structures Team DevOps www.AGuideToCloud.com Waterfall approach: Waterfall
development cost after delivery and additional Requires change requests Define, analyze, build and test, and deliver build Define, analyze, during over time, including which can change requirements, define Hard to accurately ❑ ❑ ❑ Agile Development Practices Defined Defined Practices Development Agile www.AGuideToCloud.com Agile approach: Agile term outcomes term -
At the end of each iteration, should have tested working working code have tested should iteration, At the end of each on shorter Is focused Emphasizes constantly adaptive planning, and early delivery with continual continual with delivery early and planning, adaptive constantly Emphasizes improvement iterations releases and based on methods are Development ❑ ❑ ❑ ❑ Agile Development Practices Defined Defined Practices Development Agile www.AGuideToCloud.com Comparison Comparison www.AGuideToCloud.com manifesto/ - agile - the - behind - the art of maximizing the the maximizing of art the - organizing teams organizing principles - - Continuous attention to technical technical to attention Continuous design good and excellence Simplicity done not work of amount self Use effective more become to how on Reflect Agile processes promote sustainable sustainable promote processes Agile development Measure progress through working software working through progress Measure 7 8 9 11 12 10 https://www.agilealliance.org/agile101/12 face conversation face - to - Work together throughout the project the throughout together Work Deliver working software frequently software working Deliver Build projects around motivated individuals motivated around projects Build Welcome changing requirements changing Welcome Use face Use Satisfy the customer through early and and early through customer the Satisfy software valuable of delivery continuous
6 5 4 3 2
1 Principles of Agile Development Development Agile of Principles www.AGuideToCloud.com Vertical Teams Structures Teams Vertical
Horizontal Teams Structures Teams Horizontal Vertical teams have been shown to provide stronger outcomes in Agile projects in outcomes provide stronger have been shown to teams Vertical Creating Organizational Structures for Agile Practices Agile for Structures Organizational Creating www.AGuideToCloud.com Some coaches are technical experts technical are coaches Some
Some coaches are focused on Agile processes Agile on focused are coaches Some Agile coaches have teaching and mentoring skills mentoring and teaching have coaches Agile Many teams hire external Agile coaches or mentors or coaches Agile external hire teams Many Agile coaches tend to be both trainers and consultants and trainers both be to tend coaches Agile Team members must learn as they work, and acquire skills from each other from skills and acquire they work, learn as members must Team Mentoring Team Members on Agile Practices Practices Agile on Members Team Mentoring www.AGuideToCloud.com Slack, Teams, Teams, Slack, Collaboration with with Collaboration – – More open workspaces, workspaces, open More – communication Asana, Glip, JIRA Glip, Asana, collective behavior collective functional teams teams functional - meeting etiquette, outsourcing, better better outsourcing, etiquette, meeting others, diversity of opinion, rewarding rewarding opinion, of diversity others, Collaboration tooling tooling Collaboration Cultural changes changes Cultural Cross team and and team -
team team -
collaboration cross Enabling in Enabling www.AGuideToCloud.com throughs, throughs, and - achieved. achieved.
Tools can often enhance the outcomes outcomes the enhance often can Tools Screen for recording Recording tools walk building bugs, demonstrations Physical Physical such tools as white boards, index cards, sticky notes Project Management tools such as Kanban planning, Boards for and visualization monitoring,
practices processes for agile agile for processes Selecting tools and and tools Selecting www.AGuideToCloud.com 400 Episode 6 Episode 400 - AZ What can Azure DevOps do? do? DevOps Azure can What www.AGuideToCloud.com Azure Artifacts Azure Azure Pipelines Azure Azure Test Plans Test Azure
Azure Repos Azure Azure Boards Azure What is Azure DevOps? DevOps? Azure is What
www.AGuideToCloud.com
Azure Boards Azure What can Azure DevOps do? do? DevOps Azure can What
www.AGuideToCloud.com
Azure Pipelines Azure What can Azure DevOps do? do? DevOps Azure can What
www.AGuideToCloud.com
Azure Repos Azure What can Azure DevOps do? do? DevOps Azure can What
www.AGuideToCloud.com
Azure Artifacts Azure What can Azure DevOps do? do? DevOps Azure can What
www.AGuideToCloud.com
Azure Test Plans Test Azure What can Azure DevOps do? do? DevOps Azure can What www.AGuideToCloud.com 400 Episode 7 Episode 400 - AZ Migrating to Azure DevOps DevOps Azure to Migrating www.AGuideToCloud.com Repos Artifacts Security
Actions Codespaces What can GitHub do? do? GitHub can What www.AGuideToCloud.com Flexible Cross Platform Cross Cloud Agnostic Cloud dotnet Organization? Organization? dotnet What If You are not a Microsoft / / Microsoft a not are You If What www.AGuideToCloud.com data
Azure DevOps Services uses either either uses Services DevOps Azure a Microsoft account or Azure Active Active Azure or account Microsoft a Directory, to protect and secure your your secure and protect to Directory, Strategy for Azure DevOps Azure for Strategy Designing an Authorization and Access Access and Authorization an Designing www.AGuideToCloud.com , BugZilla ClearQuest. Tools organize anything with anyone. with organize anything Migrating or Integrating Integrating or Migrating Solidify offers a tool for Jira to Azure DevOps migration. Azure DevOps tool for Jira to offers a Solidify Existing Work Management Management Work Existing Third party organizations offer commercial tooling tooling to assist offer commercial party organizations Third Trello integration tooling is a free, flexible, and visual way to and visual is a free, flexible, tooling integration Trello with migrating other work management tools like Aha, like tools other migrating work management with www.AGuideToCloud.com Other Tools Other Pester SoapUI Apache JMeter Apache Azure Test Plans Test Azure ▪ ▪ ▪ Test Management Tools Management Test Migrating or Integrating Existing Existing Integrating or Migrating www.AGuideToCloud.com 400 Episode 8 Episode 400 - AZ Module 01 Knowledge Check Knowledge 01 Module www.AGuideToCloud.com System of Record of Engagement ††System ❑ ❑ considered? Q1: Which of the following would a system would the following of Which Q1: that manages be in a warehouse inventory 01
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com ††Backlog Kanban Board ❑ ❑ left representing across columns to right called? this tool commonly stages. is What Q2: An Agile tool that is used that manage to tool Agile is used and An Q2: tasksfrom moving showing work by visualize 01
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com ††Greenfield project ††Greenfield Brownfield project ❑ ❑ Q3: In which Of the following would you find you find would the following Of In which Q3: of large amounts technicaldebt? 01
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Lead Time Measuring is how long from starting long it takes Measuring is how Lead Time item, until it is deployed. on a work Q4: As a project metric, what is Lead Time Time Lead As a project is what metric, Q4: measuring? 01
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com functional functional team? - A team that brings people with different functional functional that brings people with different team A together departments, fromand often different expertise, goal. to work toward a common Q5: What is a cross What Q5: 01
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 9 Episode 400 - AZ Getting Started with Source Control Control Source with Started Getting www.AGuideToCloud.com Introduction to Source Control Control Source to Introduction www.AGuideToCloud.com What is Source Control? Control? Source is What www.AGuideToCloud.com
Learning Efficiency Reusability Traceability Collaboration Collaboration Manageability Common Software Development Values Development Software Common www.AGuideToCloud.com version version is available to other other to teams is available Build on a standard set of a standard on technology Build in configurations Put application control infrastructure before changes Test to production deploying code Source for patterns building Deployment reused are services and applications on based applications Rearchitect needs business in Put system configurations control • • • • • • • Practices that contribute to success contribute thatPractices * The practices that define each stage highlightedare in bold font version control version
Build on a standard set of technologies set Build on a standard system operating standard a single on deploy Teams Teams deploy on a standard set systems set of operating standard on a deploy Teams Testing patterns for building applications or services are reused reused are or services applications patterns for building Testing other by teams provided to tooling improvements contribute Teams tool management by a configuration are managed Configurations teams use development Application Monitoring and alerting are configurable by the team operating the the by the team operating are configurable alerting and Monitoring service are reused or services applications for building patterns Deployment • • • • • • • • • Defining practices and associated practices associated and practices Defining Foundational Practices of DevOps of Practices Foundational
Stage 2 Stage
Stage 1 Stage Stage 0 Stage www.AGuideToCloud.com version version is available to other other to teams is available Build on a standard set of a standard on technology Build in configurations Put application control infrastructure before changes Test to production deploying code Source for building patterns Deployment reused are services and applications on based applications Rearchitect needs business in Put system configurations control • • • • • • • Practices that contribute to success contribute thatPractices * The practices that define each stage highlightedare in bold font version control version
Build on a standard set of technologies set standard on a Build system operating standard a single on deploy Teams Teams deploy on a standard set systems set of operating standard on a deploy Teams Teams contribute improvements to tooling provided by other other by teams provided to tooling improvements contribute Teams tool management by a configuration are managed Configurations teams use development Application Monitoring and alerting are configurable by the team operating the the the by team operating are configurable alerting and Monitoring service are reused or services applications patterns for building Deployment reused are or services applications patterns for building Testing • • • • • • • • • Defining practices and associated practices associated and practices Defining Foundational Practices of DevOps of Practices Foundational
Stage 2 Stage
Stage 1 Stage Stage 0 Stage www.AGuideToCloud.com Automate tasks Automate changes Maintains history of of history Maintains Collaboration
Work with versions with Work Benefits of Source Control Control Source of Benefits Create workflows Create www.AGuideToCloud.com
No matter your background or preferences, be a team player and follow agreed conventions and workflows and conventions agreed follow and player team a be preferences, or background your matter No Pay close attention to commit messages as these will tell you why a change was made was change a why you tell will these as messages commit to attention close Pay items work to changes code Link Verify your code change before pushing it to a repository; ensure it compiles and tests are passing are tests and compiles it ensure repository; a to it pushing before change code your Verify Update often and right before pushing to avoid merge conflicts merge avoid to pushing before right and often Update Make small changes small Make files personal commit Don’t Best Practices of Source Control Control Source of Practices Best www.AGuideToCloud.com 400 Episode 10 Episode 400 - AZ Types of Source Control Systems Systems Control Source of Types www.AGuideToCloud.com Audit and access control down to to down control access and Audit level file the types file merge to Hard Large integrated codebases integrated Large ▪ ▪ Best Used for ▪ Allows exclusive file locking file exclusive Allows Easily scales for very for codebases scales Easily large control permission Granular usage of monitoring Permits
▪ Strengths ▪ ▪ ▪ Centralized Version Control Control Version Centralized Centralized www.AGuideToCloud.com Workflow Workflow Make your changes, and make sure they work properly. work they sure make and changes, your other Make so server, central the to changes your in Check them. see can programmers Get the latest changes other people have made from the central central the from made have people other changes latest the Get server. ▪ ▪ ▪ A Typical Centralized Version Control Control Version Centralized Typical A www.AGuideToCloud.com Distributed Version Control Control Version Distributed www.AGuideToCloud.com systems: Control Control The act of cloning an entire repository gives distributed distributed gives repository entire an cloning of act The version control tools several advantages over centralized centralized over advantages several tools control version Advantages Over Centralized Version Version Centralized Over Advantages www.AGuideToCloud.com of that. of Control Control “central” repository, they just provide more options on top top on options more provide just they repository, “central” Distributed systems do not prevent you from having a single single a having from you prevent not do systems Distributed Disadvantages Compared to Centralized Version Version Centralized to Compared Disadvantages www.AGuideToCloud.com Git (distributed): Git development system development
Distributed Source Control system Control Source Distributed Each developer has a copy of the source repository on their their on repository source the of copy a has developer Each Git and TFVC and Git www.AGuideToCloud.com TFVC (centralized): TFVC
Local Workspaces Local Server Workspaces Server
▪ ▪ Git and TFVC and Git www.AGuideToCloud.com Why Git? Why 400 Episode 11 Episode 400 - AZ www.AGuideToCloud.com Community www.AGuideToCloud.com Distributed Development Development Distributed www.AGuideToCloud.com
based Development based - Trunk www.AGuideToCloud.com Pull Requests Pull www.AGuideToCloud.com Faster Release Cycle Release Faster www.AGuideToCloud.com
I have large Files large have I I can overwrite History overwrite can I I have a very large repo large very a have I I don’t have to use GitHub use to have don’t I There’s a steep learning curve learning steep a There’s Objections to using Git using to Objections www.AGuideToCloud.com 400 Episode 12 Episode 400 - AZ Introduction to Azure Repos & GitHub & Repos Azure to Introduction www.AGuideToCloud.com Set of version control tools to manage your code: your manage to tools control version of Set
Can connect from common development environments common development Can connect from to protect branches based management Policy version control: Offers two styles of Tightly integrated with other Azure DevOps features Azure DevOps other integrated with Tightly ❑ control Git: Distributed version Control (TFVC): version control Centralized Version Foundation Team ❑ ❑ ❑ What is Azure Repos? Azure is What www.AGuideToCloud.com
Semantic code search code Semantic Use your favorite tools favorite your Use Support for any Git client Git any for Support Automate with built0in CI/CD built0in with Automate
Web hooks and API integration integration API and hooks Web Collaborate to build better code better build to Collaborate Protect your code quality with branch policies branch with quality code your Protect Free private Git Repositories, pull requests and code search code and requests pull Repositories, Git private Free What do I get with Azure Repos? Repos? Azure with get I do What www.AGuideToCloud.com
source community source - Largest open Largest What is GitHub? is What www.AGuideToCloud.com
Coordinate Manage teams Manage Seamless code review code Seamless Securing software, together software, Securing Automate from code to cloud to code from Automate Code and documentation in one place one in documentation and Code Features of GitHub of Features www.AGuideToCloud.com 400 Episode 13 Episode 400 - AZ Migrating from TFVC to Git to TFVC from Migrating www.AGuideToCloud.com Migrating the Tip the Migrating www.AGuideToCloud.com Import Repository Import www.AGuideToCloud.com Authenticating to Your Git Repos Git Your to Authenticating www.AGuideToCloud.com 400 Episode 14 Episode 400 - AZ Module 02 Knowledge Check Knowledge 02 Module www.AGuideToCloud.com Accountability Traceability Automate tasks Reusability Collaboration Manageability Efficiency ❑ ❑ ❑ ❑ ❑ ❑ ❑ Q1: What are some of the of are some What Q1: benefits of source apply. Mark allthat control? 02
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Allows exclusive file locking file Allows exclusive Portable history Permits monitoring of usage of monitoring Permits support Complete offline support Cross platform ❑ ❑ ❑ ❑ ❑ apply. Q2: What are the benefits are the What Q2: of using Mark all that Control? Distributed Version 02
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com An enthusiastic growing user base An growing enthusiastic Easily scales for very large codebases very scales for Easily requests pull via model An code open review source friendly permission control Granular ❑ ❑ ❑ ❑ apply. Q3: What are the benefits are the What Q3: of using Mark all that Control? Centralized Version 02
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Source control is the practice of tracking and managing and managing of tracking practice is the Source control changes to code. Q4: What is source control? is source What Q4: 02
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 15 Episode 400 - AZ How to Structure Your Git Repo Git Your Structure to How www.AGuideToCloud.com stored.
A repository is a place where the history of your work is is work your of history the where place a is repository A Azure DevOps projects can contain multiple repositories multiple contain can projects DevOps Azure Mono vs Multi Repos Multi vs Mono www.AGuideToCloud.com Mono Repository Mono developer testing Better Reduced code complexity code reviews Effective Sharing common components of Easy refactoring Repo -
Repo or Multi or Repo
- Narrow clones Clear Clear ownership scale Better Multiple Repositories Multiple Mono www.AGuideToCloud.com Git Branching Workflows Branching Git www.AGuideToCloud.com
Is it easy to undo mistakes and errors with this workflow? workflow? this with errors and mistakes undo to easy it Is cognitive unnecessary new any impose workflow this Does team? the to overhead Does this workflow scale with team size? size? team with scale workflow this Does
3. 1. 2. What is a successful Git branch workflow? branch Git successful a is What www.AGuideToCloud.com
Workflow
based Development based - Gitflow Forking Workflow Forking Trunk Common branch Workflows branch Common Branching workflow types workflow Branching www.AGuideToCloud.com Merge Deploy Discuss your code and review a pull Open request
Add commits
branch
Feature Branch Workflow Branch Feature Create a www.AGuideToCloud.com How it works? works? it How – Create a branch a Create
Based Development Development Based - Trunk www.AGuideToCloud.com How it works? works? it How – Add Commits Add
Based Development Development Based - Trunk www.AGuideToCloud.com How it works? works? it How – Open a Pull Request Pull a Open
Based Development Development Based - Trunk www.AGuideToCloud.com How it works? works? it How – Discuss and review your code your review and Discuss
Based Development Development Based - Trunk www.AGuideToCloud.com How it works? works? it How – Deploy
Based Development Development Based - Trunk www.AGuideToCloud.com How it works? works? it How – Merge
Based Development Development Based - Trunk www.AGuideToCloud.com branch workflow branch 400 Episode 16 Episode 400 - AZ GitFlow www.AGuideToCloud.com to Develop and Master and Merge back Merge Hotfix Hotfix branch Issue with the the with Master? back back Merge Merge Merge Merge Complete Complete branch branch Feature Feature Release Release Create a Create a Create
branch Develop Develop Create a Create
Master Continuous Delivery Delivery Continuous www.AGuideToCloud.com Getting Started Started Getting www.AGuideToCloud.com Feature Branches Feature www.AGuideToCloud.com Release Branches Release www.AGuideToCloud.com side side -
repository
Forking vs Cloning vs Forking Forking workflow gives every developer their own server own their developer every gives workflow Forking Forking Workflow Forking www.AGuideToCloud.com Collaborating with Pull Requests Pull with Collaborating www.AGuideToCloud.com GitHooks 400 Episode 17 Episode 400 - AZ Why Care about about Care Why www.AGuideToCloud.com GitHooks www.AGuideToCloud.com So where do I start? start? I do where So www.AGuideToCloud.com 400 Episode 18 Episode 400 - AZ Fostering Inner Source Inner Fostering www.AGuideToCloud.com source software software source - development inside your firewall. your inside development
based pull request workflows allows anybody to contribute. to anybody allows workflows request pull based - Inner Source brings all the benefits of open of benefits the all brings Source Inner Fork Fostering inner source source inner Fostering www.AGuideToCloud.com What is Fork? Fork? is What
Sharing code between forks between code Sharing Choosing between branches and forks and branches between Choosing Implementing the fork workflow workflow fork the Implementing www.AGuideToCloud.com Create the fork the Create www.AGuideToCloud.com 400 Episode 19 Episode 400 - AZ Module 03 Knowledge Check Knowledge 03 Module www.AGuideToCloud.com repo - repo - Multiple ††Mono ❑ ❑ reviews,and sharing of common components? Q1: Which repository Which Q1: type offers the benefits effective code of reduced code complexity, 03
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com branching based development - ††Straight branching ††Straight Trunk workflow ††Toggle Gitflow Forking workflow ❑ ❑ ❑ ❑ ❑ Q2: What are What Q2: the three types of branching? Select three. 03
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com side. - GitHooks side or server - ? GitHooks A mechanism that allows arbitrary code to be run before, code to be run arbitrarythat allows mechanism A Use occur. events lifecycle certain Git or after, control your and consistency, ensure to enforce policies, client be either environment. Can Q3: What are What Q3: 03
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com updated binary assets, and use diffable plain text plain text and use diffable assets, updated binary information. for configuration as JSON, formats, such LFS. use Git For large files, Best practices: use a package management system for system a package management use Best practices: files, don't and other dependent DLLs, library files, or logs, tracing output diagnostic commit the binaries, frequently don't commit large, data from your builds, suggest for working with large files? suggest with for working Q4: What are some best best are some What Q4: practices when What do you Git? files in with working 03
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 20 Episode 400 - AZ Packaging Dependencies Packaging www.AGuideToCloud.com
Not all software is written by a single team single a by written is software all Not persons or teams other by created components on Dependencies Component based development is common is development based Component Modern software is complex is software Modern What is Dependency Management? Management? Dependency is What www.AGuideToCloud.com Versioning
sources Package Package
formats and
Standardization Elements of a Dependency Management Strategy Management Dependency a of Elements www.AGuideToCloud.com
Versioning Deployment Release ❑ Find components and source code that can have have can that code source and components Find independent: ❑ ❑ Identifying Dependencies Identifying www.AGuideToCloud.com
Package componentization Package Source componentization Source Source and Package Componentization Package and Source www.AGuideToCloud.com Decompose Your System Your Decompose www.AGuideToCloud.com
Independent code and components and code Independent Stable parts Stable High cohesion and low coupling low and cohesion High lifecycle Individual Duplicate code Duplicate Scanning your codebase for dependencies for codebase your Scanning www.AGuideToCloud.com 400 Episode 21 Episode 400 - AZ Package Management Package www.AGuideToCloud.com What is a Package? Package? a is What www.AGuideToCloud.com Python scripts Python Docker Docker images
Java Java packages Node.js modules Node.js .NET artifacts .NET
Universal Universal packages Types of Packages of Types Microsoft platform and and platform Microsoft www.AGuideToCloud.com Publish packages Publish tooling Choose Maintain local local Maintain cache installation
Consume packages Consume Manage feeds Manage packages list and Search feed from Package Feed Managers Feed Package www.AGuideToCloud.com
Private Public Package Sources Package www.AGuideToCloud.com https://pypi.org https://nuget.org https://npmjs.org https://search.maven.org https://hub.docker.com
Python Package Index Docker Hub Maven NPMjs NuGet Gallery Common Public Package Sources Package Public Common www.AGuideToCloud.com JitPack , , Azure Artifacts Azure , Bintray Gemfury MyGet MyGet , SaaS private feed Azure Artifacts, Artifacts, Azure Azure Artifacts, Artifacts, Azure NPMjs.org Artifacts, Azure Amazon Registry, Azure Container Hub, Docker Registry Container Elastic , Archiva cnpmjs.org , hosted private feed hosted private Server - Self Portus, Quay, Harbor Portus, Quay, PyPI NuGet server Sinopia Verdaccio Artifactory, Nexus,
Hosted and SaaS Based Package Sources Package Based SaaS and Hosted -
Package Package type Python Docker Maven NPM NuGet Self www.AGuideToCloud.com
Package Graph Package Upstream Sources Upstream Consuming Packages Consuming www.AGuideToCloud.com
Maven Universal Python NuGet NPM Create private and public package feeds for package types: package for feeds package public and private Create 3. 4. 5. 1. 2. Azure Artifacts Azure www.AGuideToCloud.com Publishing Packages Publishing www.AGuideToCloud.com 400 Episode 22 Episode 400 - AZ Module 04 Knowledge Check Knowledge 04 Module www.AGuideToCloud.com ††public private ❑ ❑ whatshould you visibility choose? Q1: If you are If you Q1: creating allow a feed that will yourself and those that inviteyou to publish, 04
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Yes No ❑ ❑ Q2: Can youQ2: create packagea feed for Maven Artifacts? Azure in 04
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com ††Python ††NuGet ††NPM ††Maven Universal ❑ ❑ ❑ ❑ ❑ Q3: What type What Q3: of package use you should for Machine learning training data and models? 04
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Publish a new version a new Publish Q4: If an existing If an Q4: package be to is found be fixed? should it how or buggy, broken 04
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com A published version should never be changed, only changed, be never should version published A later version replaced by a Q5: What is meant by saying by is meant What Q5: that a package be immutable? should 04
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 23 Episode 400 - AZ The concepts of pipelines in DevOps in pipelines of concepts The www.AGuideToCloud.com
A pipeline enables a constant flow of changes into into changes of flow constant a enables pipeline A production via an automated software production line production software automated an via production The Concept of Pipelines in DevOps in Pipelines of Concept The www.AGuideToCloud.com Automation Deployment Test Automation Test
Integration
and Continuous Continuous and
Build Automation Build The Concept of Pipelines in DevOps in Pipelines of Concept The www.AGuideToCloud.com Management Orchestrating it all: all: it Orchestrating Release and Pipeline Orchestration Pipeline and Release Your Pipeline Needs Platform Provisioning and Configuration and Provisioning Platform Needs Pipeline Your www.AGuideToCloud.com 400 Episode 24 Episode 400 - Azure Pipelines Azure AZ www.AGuideToCloud.com
and test your code project and make it available to other users. other to available it make and project code your test and Azure Pipelines is a cloud service that you can use to automatically build build automatically to use can you that service cloud a is Pipelines Azure Azure Pipelines Azure www.AGuideToCloud.com
Languages Package formats Package Application types Application Deployment targets Deployment Version control systems control Version Does Azure Pipelines work with my language and tools? tools? and language my with work Pipelines Azure Does www.AGuideToCloud.com Use CI and CD for your Project your for CD and CI Use www.AGuideToCloud.com Job Task Release Release Pipeline Trigger
Build Agent
Artifact Deployment Target Deployment Continuous Delivery Continuous Continuous Integration Continuous Azure Pipelines Key Terms Key Pipelines Azure www.AGuideToCloud.com hosted hosted - agents 400 Episode 25 Episode 400 - AZ Evaluate use of hosted vs self vs hosted of use Evaluate www.AGuideToCloud.com project. job at a time. a at job hosted agents hosted -
You generally need at least one agent to build or deploy your your deploy or build to agent one least at need generally You An agent is installable software that runs one build or deployment deployment or build one runs that software installable is agent An Microsoft vs Self vs Microsoft www.AGuideToCloud.com hosted agents hosted - Self
hosted agents hosted - Microsoft Two types of Agents Agents of types Two www.AGuideToCloud.com Agent Pools Agent www.AGuideToCloud.com Agent Machine Agent Pool B Pool Agent Agent Machine
Pool A Pool Agent Agent Pools Agent www.AGuideToCloud.com 10.15 10.14 Hosted Ubuntu 16.04 Ubuntu Hosted Hosted Ubuntu 18.04 Ubuntu Hosted Hosted macOS X Mojave Mojave X macOS Hosted Hosted macOS X Catalina Catalina X macOS Hosted Azure pipelines Azure –
Default
Hosted VS2017 VS2017 Hosted Hosted VS2019 VS2019 Hosted Hosted Ubuntu 20.04 Ubuntu Hosted Predefined agent pool pool agent Predefined www.AGuideToCloud.com Agent Queue 1 Machine Team Project B1 Project Team Build definition Build definition 1 Build definition 2 Agent Pool B Pool Team Project Collection B Collection Project Team Agent Queue 2
Build definition Build definition 4 Build definition Build definition 3 Team Project A2 Project Team Agent Machine
Team Project Collection A Collection Project Team Pool A Pool Queue 1 Team Project A1 A1 Project Team Build definition Build definition 1 Build definition 2 Agent Typical Situations for Agent Pools Agent for Situations Typical www.AGuideToCloud.com
Reader Administrator Service Account Service Security of Agent Pools Agent of Security www.AGuideToCloud.com 400 Episode 26 Episode 400 - AZ Pipelines and concurrency and Pipelines www.AGuideToCloud.com hosted CI/CD hosted - Self Hosted -
hosted CI/CD hosted
- Hosted vs Self vs Hosted - Microsoft Microsoft www.AGuideToCloud.com 5 4 Release waiting for approval Release CI (feature)Build 101 3 Release 11 11 Release FabrikamFiber 2 FabrikamFiber Build running Release running Release CI (master) Build 102 Release waiting for pipeline Release Queued Queued build waiting forpipeline
1
FabrikamFiber Parallel Jobs Parallel www.AGuideToCloud.com Estimating Parallel Jobs Parallel Estimating www.AGuideToCloud.com source source - Projects 400 Episode 27 Episode 400 - AZ Azure DevOps and Open and DevOps Azure www.AGuideToCloud.com Core CLI Core .Net
Source Projects Projects Source -
Supported services Supported Public versus private projects private versus Public A practical example: example: practical A Azure DevOps and Open and DevOps Azure www.AGuideToCloud.com Source Projects Projects Source -
pipelines that I can create? can I that pipelines Are there limits on who can use Azure Pipelines? Azure use can who on limits there Are release and builds of number the on limits any there Are How do I qualify for the free tier of public projects? public of tier free the for qualify I do How What about the option to pay for hosted agents by the minute? the by agents hosted for pay to option the about What As a Visual Studio Enterprise subscriber, do I get additional additional get I do subscriber, Enterprise Studio Visual a As Pipelines? Azure for jobs parallel Azure DevOps and Open and DevOps Azure www.AGuideToCloud.com Designer 400 Episode 28 Episode 400 - AZ Azure pipelines YAML vs Visual Visual vs YAML pipelines Azure www.AGuideToCloud.com Deploy to target to Deploy Continuous Continuous Deployment Release tasks Release Create artifact Create Test tasks Test Continuous Integration Continuous Build tasks Build
Push to code repo code Push to
Edit Code Edit Use Azure Pipelines with YAML with Pipelines Azure Use www.AGuideToCloud.com Deploy to target to Deploy Azure Pipelines Azure Push to code repo code Push to
Edit YAML file YAML Edit
Edit Code Edit Azure Pipelines and Visual Designer Visual and Pipelines Azure www.AGuideToCloud.com 400 Episode 29 Episode 400 - AZ Continuous Integration Overview Overview Integration Continuous www.AGuideToCloud.com Introduction to Continuous Integration Integration Continuous to Introduction www.AGuideToCloud.com
Version Control System Control Version Automated Build Process Build Automated Continues Integration System Integration Continues Package Management System Management Package The Four Pillars of Continuous Integration Integration Continuous of Pillars Four The www.AGuideToCloud.com inducing merges inducing -
Better managing technical debt and conducting code analysis reduction) code conducting and debt technical managing Better bug and deployment difficult, long, production Reducing before long health codebase in confidence Increasing Improving code quality based on rapid feedback rapid on based quality code Improving change code every for (risk testing problems automated of detection Triggering early and feedback rapid for times build Reducing
• • • • • • Benefits of Continuous Integration Continuous of Benefits www.AGuideToCloud.com Build Number Formatting Formatting Number Build www.AGuideToCloud.com Build Status Build www.AGuideToCloud.com Build Authorizations Timeouts Authorizations Build www.AGuideToCloud.com Build Badges Build www.AGuideToCloud.com 400 Episode 30 Episode 400 - AZ Implementing a Build Strategy Build a Implementing www.AGuideToCloud.com Configuring Agent Demands Agent Configuring www.AGuideToCloud.com Multiple Jobs in a Pipeline a in Jobs Multiple www.AGuideToCloud.com Parallel Jobs Parallel www.AGuideToCloud.com 400 Episode 31 Episode 400 - AZ Integration with Azure Pipelines Azure with Integration www.AGuideToCloud.com Anatomy of a Pipeline a of Anatomy
www.AGuideToCloud.com
Job Pool Steps Name Trigger Variables Checkout Hello World Hello www.AGuideToCloud.com ) ) mm - HH - 22
Rev:.r - dd 19 - - 16 mm - - 01
- 2020 Date:yyyy $( name: 1.0$( Name www.AGuideToCloud.com master master
-
include: include: branches: branches: trigger: trigger: Triggers www.AGuideToCloud.com cancelTimeoutInMinutes and and
timeoutInMinutes continueOnError displayName dependsOn 8. container 8. container 9. variables steps 10. 11. timeouts controlling for services 12. 3. condition 3. condition 4. strategy 5. 6. pool workspace 7. 1. 2. Jobs www.AGuideToCloud.com for brevity brevity for for brevity brevity for ommited : none none : ommited steps: steps: steps # dependsOn steps: steps #
job: B B job: job: A A job:
- - jobs: jobs: Dependencies www.AGuideToCloud.com Checkout www.AGuideToCloud.com Download www.AGuideToCloud.com
appcode
appcode otherRepo
repositories: checkout: checkout: type: git git type: name: steps: - repository: repository: resources: resources: - Resources www.AGuideToCloud.com Steps are Tasks are Steps www.AGuideToCloud.com
script: echo "Hello, $(name)!" $(name)!" "Hello, echo script: - name: martin martin name:
variables: variables: steps: Variables www.AGuideToCloud.com Pipeline Structure Pipeline www.AGuideToCloud.com 400 Episode 32 Episode 400 - AZ Set Up Private Agents Private Up Set www.AGuideToCloud.com Communication with Azure Pipelines Azure with Communication www.AGuideToCloud.com Communication to Deploy to Target Servers Target to Deploy to Communication www.AGuideToCloud.com
Interactive vs. service vs. Interactive
Authentication Agent version and upgrades and version Agent Personal Access Token (PAT) Token Access Personal Other Considerations Other www.AGuideToCloud.com 400 Episode 33 Episode 400 - AZ Module 05 Knowledge Check Knowledge 05 Module www.AGuideToCloud.com Python, Java, PHP, Ruby, C#, and Go Ruby, PHP, Java, Python, - container registries, registries, virtual container machines, - source projects source - premises or cloud target (Microsoft Azure, Google Cloud, or Amazon cloud cloud Amazon or Cloud, Google Azure, or cloud target (Microsoft premises - services) Linux, or Mac machines Build on Windows, with Integrate GitHub Work with any language or platform with language any Work work with open to different of targets at the same Deploy types time deployments Azure Integrate with or any services, Azure On ❑ ❑ ❑ ❑ ❑ ❑ ❑ Q1: What are some advantages of Azure are What Q1: advantages some of pipelines? Markthat all apply. 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com customer. A pipeline enables a constant flow of changes into of changes into flow enables a constant pipeline A line. software production automated via production an reliable and incrementally repeatable, create a Pipelines to from concept process for taking software improving Q2: What is a pipeline and why is it used? is it why and is a pipeline What Q2: 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com You can organize agents into agent pools. An agent pool An agent pool agent pools. agents into can organize You agent Azure Pipelines, In boundary. defines the sharing organization; so Azure DevOps are the scoped to pools projects. across agent pool you can share an Q3: What is an agent pool and why would would and why pool agent is an What Q3: it?you use 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Visual Designer & YAML file YAML & Designer Visual Q4: Name two ways to configure your Azure Azure toways two Name Q4: your configure pipelines. 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Continuous Integration relies on four key elements for elements for four key relies on Integration Continuous Control System, a Version implementation: successful Integration Continuous System, Packet Management Automated Build Process. and an System, Q5: Name the four pillars of continuous continuous of the Name Q5: pillars four integration. 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com new builds and will queue any new build requests. build any new and will queue new builds You should pause the build. A paused build will start not will build paused A build. the pause should You to complete anyto complete is currently it build that queue any new to you want but processing, requests. you do? What should build Q6: You want to take your build server to take want offline build your You Q6: want it You ato make change. configuration 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com You should change the build job to 5 build timeout setting change the should You unlimited. blank value means A minutes. You want to set a maximum time that that time set to want maximum a You more than 5 minutes. What configuration What configuration 5 minutes. more than make? should you change Q7: Q7: for not run Builds should can run for. builds 05
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 34 Episode 400 - AZ Introduction to DevOps Security DevOps to Introduction www.AGuideToCloud.com Introduction to Security to Introduction www.AGuideToCloud.com SQL Injection Attack Injection SQL www.AGuideToCloud.com process Implement a secure development development secure a Implement www.AGuideToCloud.com 3. Identify 4. Mitigate
2. Diagram Threat
Modeling 5. Validate 1. Define Threat Modeling Threat www.AGuideToCloud.com Key Validation Points Validation Key www.AGuideToCloud.com CI) CI) -
process and once the merge is complete is merge the once and process The CI build should be executed as part of the pull request (PR request pull the of part as executed be should build CI The Continuous Integration Integration Continuous www.AGuideToCloud.com Infrastructure Vulnerabilities Infrastructure www.AGuideToCloud.com Application Development to Dev and Test and Dev to Development Application www.AGuideToCloud.com Results and Bugs and Results www.AGuideToCloud.com Data 400 Episode 35 Episode 400 - AZ Rethinking Application Configuration Configuration Application Rethinking www.AGuideToCloud.com How will you secure this information? this secure you will How running instances of the application the of instances running
Discussion: Discussion:
Challenging to manage changes to local configurations across multiple multiple across configurations local to changes manage to Challenging Rethinking Application Config Data Config Application Rethinking www.AGuideToCloud.com
Configuration Store Configuration Store Secret Configuration Custodian Configuration Consumer Configuration Separation of concerns of Separation www.AGuideToCloud.com External Configuration Store Patterns Store Configuration External www.AGuideToCloud.com
certificates in a centralized repository. centralized a in certificates Azure Key Vault allows you to manage your organization’s secrets and and secrets organization’s your manage to you allows Vault Key Azure Integrating Azure Key Vault with Azure Pipeline Azure with Vault Key Azure Integrating www.AGuideToCloud.com Certificates 400 Episode 36 Episode 400 - AZ Manage Secrets, Tokens, and and Tokens, Secrets, Manage www.AGuideToCloud.com
Key Management Key
Secrets Management Secrets Store Secrets in HSMs in Secrets Store
Certificate Management Certificate Azure Key Vault Key Azure www.AGuideToCloud.com
Integrate with other Azure Services Azure other with Integrate Securely Store Secrets and Keys and Secrets Store Securely Use and Access Monitor Administration Simplified Why use Azure Key Vault? Vault? Key Azure use Why www.AGuideToCloud.com DevOps Inner and Outer Loop Outer and Inner DevOps www.AGuideToCloud.com 400 Episode 37 Episode 400 - AZ Module 06 Knowledge Check Knowledge 06 Module www.AGuideToCloud.com scans. OWASP ZAP can be used for penetration testing. Testing for penetration testing. Testing used can be ZAP OWASP scan baseline a quick passive. Conduct can be active or intensive more Conduct nightly to identify vulnerabilities. Q1: What is OWASP ZAP and how can it be can be it how and ZAP is OWASP What Q1: used? 06
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com threats have been mitigated. been have threats Define security requirements. Create an application an application Createrequirements. Define security that Validate threats. threats. Mitigate diagram. Identify Q2: What are the five are the What Q2: stages threat of modeling? 06
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Bolt? WhiteSource Bolt to automatically detect alerts on alerts detect Bolt to automatically WhiteSource Use outdated libraries, open source components, vulnerable in your code. issues and license compliance Q3: Why would you use you would Why Q3: 06
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com keys & secrets. Use the Key Vault to centralize to Key Vault Use the keys & secrets. store securely secrets, and configuration application use. and access monitor and keys, and secrets Azure Key Vault is a cloud key management service management key is a cloud Vault Azure Key & maintain keys import, store create, allows you to which The applications. used by your cloud and secrets keys, which to the direct access have no applications stored security & control over the the helps improving Q4: What is the Azure Key Vault and why and Key Vault Azure is the What Q4: use it? would 06
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Policies 400 Episode 38 Episode 400 - AZ Managing Code Quality and Security Security and Quality Code Managing www.AGuideToCloud.com Managing Code Quality Code Managing www.AGuideToCloud.com
Reliability Testability Portability Reusability Maintainability Code Quality Defined Quality Code www.AGuideToCloud.com
Complexity Metrics Complexity Defect Metrics Defect Quality Metrics Quality www.AGuideToCloud.com
Ticket Volume Ticket Bug Bounce Percentage Bounce Bug Failed Builds Percentage Builds Failed Unplanned Work Percentage Work Unplanned Failed Deployments Percentage Deployments Failed related metrics related - Common Quality Common www.AGuideToCloud.com Technical Debt Defined Debt Technical www.AGuideToCloud.com
documenting code code documenting -
engineering code code engineering - Taking shortcuts Taking Lack of or poor design poor or of Lack Over Leaving dead code in place in code dead Leaving Ignoring or not understanding not or Ignoring Not writing self writing Not Lack of coding style and standards. and style coding of Lack Poorly envisioned use of technology of use envisioned Poorly Monolithic classes and code libraries code and classes Monolithic Insufficient comments and documentation and comments Insufficient Sources and Impacts of Technical Debt Technical of Impacts and Sources www.AGuideToCloud.com Measuring and Managing Technical Debt Technical Managing and Measuring www.AGuideToCloud.com Search in Azure DevOps Azure in Search www.AGuideToCloud.com 400 Episode 39 Episode 400 - AZ Module 07 Knowledge Check Knowledge 07 Module www.AGuideToCloud.com products are for code quality and code coverage code quality and code products are for analysis. OWASP ZAP. OWASP ZAP is designed to run penetration designed is ZAP OWASP ZAP. OWASP used to Bolt is testing against applications. Sonar two usage. The library source analyze open you use? Q1: You want to run a penetrationtest a to run want You Q1: against tool could Which your application. 07
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com For example, code that works but contains many code that works but contains For example, code. or duplicated literal values Code smells are characteristics in your code that could that could in your code characteristics Code smells are hint Code at deeper smells be a problem. possibly or implementation of the code. in the design problems Q2: What is code smells? Give an example of an example smells? is code What Q2: Give smell.a code 07
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Bolt is used to analyze open source library open source library used to analyze Bolt is testing against applications. The two Sonar products are products Sonar two The applications. against testing analysis. code coverage and for code quality WhiteSource to run penetration is designed ZAP usage. OWASP to create an auditof open source libraries could you tool that Which have used. you use? Q3: You are using Azure Repos for your your for Repos Azure using are You Q3: want You sourceapplication repository. code 07
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com documenting - defined interfaces. It defined interfaces. - High quality code should have well code should High quality so self to read and easy be clear should long) shortmethod bodies. (not as is is desirable, Q4: Name three Name Q4: attributes quality high of code. 07
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com based version of the original of the original based version - is the cloud SonarCloud with code working be best for and would SonarQube, Azure Repos. in to perform code quality code quality to perform tool checks. Which use? you could Q5: You are using Azure Repos for your your for Repos Azure using are You Q5: want You sourceapplication repository. code 07
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Strategy 400 Episode 40 Episode 400 - AZ Implementing a Container Build Build Container a Implementing www.AGuideToCloud.com
virtualization?
How do containers solve this problem? problem? this solve containers do How What's the difference between containers and and containers between difference the What's What are containers and why do you need them? need you do why and containers are What Overview of Containers of Overview www.AGuideToCloud.com Virtual Machines Machines Virtual www.AGuideToCloud.com Container www.AGuideToCloud.com Docker Containers and Development and Containers Docker www.AGuideToCloud.com Microservices and Containers and Microservices www.AGuideToCloud.com 400 Episode 41 Episode 400 - AZ Module 08 Knowledge Check Knowledge 08 Module www.AGuideToCloud.com . stage - Dockerfile ? stage Docker files are characterized by containing by containing characterized files are stage Docker - Multi as FROM startingprovided point more than one instructions. Dockerfile Q1: You are reviewing an existing an existing reviewing are You Q1: a multi if it's you know How would 08
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com ? can contain can contain stage stage - Dockerfile Dockerfile stage - . How can one stage can one refer. How to The FROM clause in a multi in The FROM clause can refer to stages AS clause. The via an an alias number or by the alias names. each other by another another the stage within Q2: You are designing a multi designing are You Q2: Dockerfile 08
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com by using the backslash character. by using the backslash ? Lines can be broken and continued on the next line of a on the next line and continued can be broken Lines Dockerfile Q3: What is the line continuation character line continuation is the What Q3: in Dockerfiles 08
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com by using the by using Dockerfile Swarm, DC/OS, and AKS are supported. AKS are and Swarm, DC/OS, backslash character. Q4: Lines can Lines Q4: and continued be broken on of a the next line 08
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com The OCI used the Docker format as a starting point. format as a starting The OCI used the Docker format, which format did they choose as did which format format, a point? starting Q5: When the Open Container Initiative Container the Open When Q5: defined a standard container image file 08
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 42 Episode 400 - AZ Design a Release Strategy Release a Design www.AGuideToCloud.com Traditional IT Traditional www.AGuideToCloud.com Moving to Continuous Delivery Continuous to Moving www.AGuideToCloud.com Build quality in! quality Build Improve continuously Improve or difficult somethings If often more it do painful, Done means “released” means Done
Everybody has responsibility for the the for responsibility has Everybody process release everything! Automate reliable control source in everything Keep The process for releasing/deploying releasing/deploying for process The and repeatable be MUST software What is Continuous Delivery? Delivery? Continuous is What www.AGuideToCloud.com
Functional release is exposing features to customers to features exposing is release Functional functionality deploying is release Technical Release and deployment are often coupled often are deployment and Release Separate functional release from technical release: technical from release functional Separate • • Release is not the same as a deployment a as same the not is Release Releases and deployments and Releases www.AGuideToCloud.com Release Process vs Release vs Process Release www.AGuideToCloud.com How to Measure Quality of Your Release Process Release Your of Quality Measure to How www.AGuideToCloud.com
XL Deploy/XL Release Deploy/XL XL
Atlassian Bamboo Atlassian GitLab Pipelines GitLab
Azure DevOps Pipelines DevOps Azure Circle CI CI Circle
Jenkins Common Release Management Tools Management Release Common www.AGuideToCloud.com 400 Episode 43 Episode 400 - AZ Module 09 Knowledge Check Knowledge 09 Module www.AGuideToCloud.com Increase Decrease ❑ ❑ code? Q1: Would adding a featureadding increaseflag or Would Q1: decrease the cyclomatic complexity of the 09
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Increase Decrease ❑ ❑ Q2: Would adding a featureadding increaseflag or Would Q2: decrease technical debt? 09
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com green - Blue deployment patterndeployment is this? Q3: You plan to slowly increase the increase slowly to traffic plan to You Q3: type your site. versiona newer of What of 09
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com You make a new one and (possibly) remove the old one the old remove one and (possibly) make a new You Q4: When you want want change to immutable an you When Q4: of anyobject type, do? what do you 09
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Release gate Release security testing finds a compliance tool problem? Q5: What can you use use can you What Q5: preventto a when a Azure DevOps indeployment 09
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com 400 Episode 44 Episode 400 - AZ Tools available with Azure with available Tools Third Party Infrastructure as Code Code as Infrastructure Party Third www.AGuideToCloud.com Chef www.AGuideToCloud.com What is Chef is What www.AGuideToCloud.com Chef Automate Automate Chef www.AGuideToCloud.com
everything required to support it support to required everything configure an application or feature or application an configure Contains recipes and defines a scenario and and scenario a defines and recipes Contains A cookbook is a set of tasks that you use to to use you that tasks of set a is cookbook A Chef Cookbooks Chef www.AGuideToCloud.com Puppet www.AGuideToCloud.com server server - model model
Puppet is a deployment and and deployment a is Puppet configuration management toolset management configuration Puppet operates using a client a using operates Puppet What is Puppet? is What www.AGuideToCloud.com Azure virtualAzure machines: Install Linux a deployVM in and the Azure Puppet manually Enterprise package
Azure Marketplace Azure There are two options for deploying Puppet in Azure: in Puppet deploying for options two are There
into Azure using Azure into the Puppet Enterprise is available to install Puppet to directly Enterprise is available Azure Marketplace: Azure Deploying Puppet in Azure Azure in Puppet Deploying www.AGuideToCloud.com
Class Module Resources Manifest Files Files Manifest www.AGuideToCloud.com Ansible www.AGuideToCloud.com What is Ansible? Ansible? is What www.AGuideToCloud.com
Modules Playbooks Managed Nodes Managed Control Machine Control Ansible Components Components Ansible www.AGuideToCloud.com Terraform www.AGuideToCloud.com source tool that that tool source - cloud infrastructure cloud Terraform is an open an is Terraform
allows you to provision, manage, and version version and manage, provision, to you allows HashiCorp What is Terraform? Terraform? is What www.AGuideToCloud.com
Modules Terraform CLI Terraform Configuration Files Configuration Terraform Components Terraform www.AGuideToCloud.com 400 Episode 45 Episode 400 - AZ Module 10 Knowledge Check Knowledge 10 Module www.AGuideToCloud.com Chef Chef Client Chef Workstation Chef Chef Server Chef Facts ❑ ❑ ❑ ❑ (choose all that apply) Q1: Which of the following aremain following of the Which Q1: architectural components Chef?of 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com source source - Console Console Services InSpec Habitat Facts ❑ ❑ ❑ ❑ Automate image available from Azure Automate image available from Marketplace? Q2: Which of the following areopen following of the Which Q2: products that areintegrated into the Chef 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Facts Habitat Master Agent ❑ ❑ ❑ ❑ platform? (chose that all apply) Q3: Which of the following arecore following of the Which Q3: components of the Puppet automation 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com InSpec Cookbooks Module Habitat ❑ ❑ ❑ ❑ Manifest file are Class, Resource and ______. Q4: Complete Complete Q4: sentence. the following The main elements of a Puppet(PP) Program 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Ansible Puppet Chef ❑ ❑ ❑ machines? (choose all that apply) Q5: Which of the following platforms use following of the Which Q5: Agents to communicate with target 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com True False ❑ ❑ Q6: True or false: or The Control Machine in True Q6: Ansible must have Python installed? 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com package package are correct? data parameter passes the name of file name the configuration the (.txt). passes data parameter - init works across Linux distributions. Linux works across - init custom - -- The files Configuration (.txt) in base64. are encoded within is file used syntax the configuration (.txt). YML The cloud ❑ ❑ ❑ ❑ Q7: Which of the following statements following of the Which Q7: about the cloud 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com . tf True False ❑ ❑ Q8: True or false: Terraform ONLY supports supports ONLY false: or Terraform True Q8: configuration files the file with extension . 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com ††Execution plan ††Execution graph ††Resource ††Configuration files ††Configuration Overrides ❑ ❑ ❑ ❑ without having to edit the Terraform without havingedit to the Terraform configuration? Q9: Which of the following core Terraform Terraform core following of the Which Q9: behavior, components can modify Terraform 10
400 -
Q&A
AZ
Review Module Module www.AGuideToCloud.com Thank You Thank