Implement continuous Integration

Project 1: provide incremental builds and third-party SDK components. Project 2: Automatic build policy.A small team (Team2) members will not have permission to project2. Project 3: Project 3 will be integrated with Sonar Qube. Project 4: will provide support for build pipeline using Docker. Project 5: will contain a Git repository in Azure Repos and continuous integration trigger. Project 6: will provide support for build and deployment pipelines, to trigger when only software bugs is 0. Project 7: Will contain target deployment group named Grup7 that maps to pool 7. Also maintains Desired state configuration.

Technical requirements:

Implement build agents Use Azure where possible Avoid Deprecated technologies. Implement automation where possible.

Q1: Recommend a procedure to implement a build agent in project 1. What actions do we need to perform?

1. Sign in to Azure DevOps using an account that is administrator service connection security role.
2. Create a personal access token in Azure devops organization
3. Install and register azure pipelines agent on Azure VM.

Q2: To meet the requirements of project 3 and create it, what do you need to do? From Azure DevOps create a service endpoint. The first thing to do is to declare your sonarqube server as a service endpoint in your VSTS/Devops project settings. https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-azure-devops/

Q3: Project 5 will contain a Git repo in Azure reports and Continuous Integration trigger that will initiate build for any change except for the change within /folder1 of the repo.

YOu need to set a path filter to exclude \folder1. Set a branch filter to include(.) #Specific branch build trigger: branches: include: -master -releases/* exclude: -releases/old* https://docs.microsoft.com/en-au/azure/devops/pipelines/build/triggers?view=azure-devops

Q4: Implement project 4 and configure the project to push docker images to Azure Container registry.

ans: Add a Docker task to a build pipeline. You use Azure container registry tasks to quickly build, push and run docker container image natively within azure. ACR tasks is a suite of features with in azure container registry to help you manage and modify container images across container lifecycle. https://docs.microsoft.com/en-us/azure/container-registry/container-registry-quickstart-task-cli

Casestudy based are complete.

1. You need to create a release pipeline that will deploy resources by using ARM templates. A: There are two different ways to deploy ARM templates to Devops services. i) Add a single step to your build pipeline that runs Powershell script that's included in the azure deployment project(deploy-azureResourceGroup.ps1). the script copies the artifacts and then deploys the template. ii) Add multiple Azure DevOps services build steps, each performing a task.

2. You need to ensure that pull requests in a branch meet the following before being merged. i) Check-in Policy: Committed code must compile successfully. ii) Build Policy: Pull requests must have a quality gate status Passed in Sonar Cloud. Which policy type should you configure for each requirement? Admins of TFS can add check-in policy requirements. By Default the following check-in policy types are available:

https://docs.microsoft.com/en-au/azure/devops/repos/tfvc/add-check-policies?view=azure-devops

3. To Manage Technical debt:

1. Configure pre-deployment approvals
2. Integrate Azure devops and Sonarqube

4. You need to ensure that when code is checked in, a build runs automatically. How do you enable this. You enable Continuous Integration in visual designer by
5. Select Triggers tab
6. Enable Continuous Integration.

Batch changes: Batch changes while a build is in progress option is selected when there are many teams uploading changes and you want to reduce the number the builds you are running. If you select this option, when the build is running, the system waits until the build is completed and then queues another build of all changes that have not yet been built.

https://docs.microsoft.com/en-us/azure/devops/pipelines/create-first-pipeline?view=azure-devops&tabs=java%2Cyaml%2Cbrowser%2Ctfs-2018-2

5. How do you ensure WhiteScan Bolt only scans production dependencies and not other environment dependencies:

6. Run npm install and specify the --production flag

7. Modify the devDependencies section of the projects package json file.

8. To resolve npm dependencies you should first run "npm install" command on the relevant folders before executing the plugin.

9. All npm packages contain a file usually in the project root called package.json - this file holds various metadata relevant to the project.

10. Azure stack offers vm's as one type of on demand, scalable computing resource. YOu can choose a VM when you need more control on your computing environment. when you have a hybrid cloud between Azure and Azure Stack. To execute a pipeline you need azure self hosted agents on VM's that run on Azure stack. https://docs.microsoft.com/en-us/azure-stack/user/azure-stack-compute-overview?view=azs-2005

11. To implement a pull request strategy that reduces the history volume in the master branch. Do you implement three-way merge? Ans: NO, instead use fast forward merge. This option merges the commit history of the source branch when the pull request closes and creates a merge commit in the target branch.

https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops

8. The company currently uses SOnarQube server to analyse the code of .NET solutions To analyse the Java based code which task types should you use to build pipeline. - Use Maven. Note: Sonarqube is a set of static analysers that can be used to identify areas of improvement in code. it allows you to analyse technical debt in your project to keep track of it in future. With Maven and gradle you can run SonarQube with minimal setup in a new or existing Azure devops services build task.

9. Images availavle for microsoft hosted agents: ubuntu 16.04, win1803.