Azure DevOps Pipelines
This page covers the specifics for the Azure DevOps (ADO) pipelines created by using the Starter Kit. Pipelines can be further customized based on requirements. Guidance provided is for the simplified GitHub Flow as documented in the branching flows. Documentation on the Release Flow pipelines will be made available in a future release.
Note
To find all examples of Azure DevOps Pipelines, please visit StarterKit/Pipelines/AzureDevOps.
App Registration Setup is a pre-requisite.
Service connections for the Service Principals
Create ADO service connections for each of the previously created App Registrations. You will need to retrieve the credential for the Service Principal that Azure Devops will use for Authentication. This can be either a Client Secret, a X509 certificate, or a Federated Credential. For more information on these options, refer to the Application Credentials.
Pipeline Templates
The provided Azure DevOps pipelines utilize the template functionality to create re-usable components that are shared between pipeline files. More details on Azure DevOps Pipelines Templates can be found in the Azure DevOps Documentation
GitHub Flow Pipeline
If utilizing the GitHub flow branching strategy, three pipeline files are created
epac-dev-pipeline
This represents the Develop Policy Resources in a Feature Branch flow as described in Branching Flows. In general, The EPAC-Dev pipeline is configured to run when any change is pushed to a feature/*
branch. It runs across three (3) stages: Plan, Deploy & Tenant Plan.
epac-tenant-pipeline
This represents the Simplified GitHub Flow
for Deployment as described in Branching Flows. In general, The epac-tenant-pipeline is configured to run when any change is pushed to main and runs across three (3) stages: Plan, Deploy Policy & Deploy Roles. The Deploy stages utilize Azure DevOps environments to configure approval gates
epac-remediation-pipeline
This pipeline runs on a schedule to automatically start remediation tasks for each environment.