Landscaping a Secure/Closed Loop Infrastructure in Azure with Terraform & Azure Devops

Introduction

Posts about security are always the ones that make everyone get really excited… Or maybe not everyone. 😉 Anyhow, what is typically the weakest link in any security design? Indeed, the human touch… The effects of this can range from having seen secrets to creating drift (unwanted changes vs de expected baseline). In today’s post, I’ll walk you through an example setup that aims to close some additional holes for you. How will we be doing this? By basically automating the entire infrastructure management with Azure Devops & Terraform. Now you’ll probably think, what does that have to do with security? Good response! We’re going to reduce the points to where human contact can interfere with our security measures. Though we want to do this without putting our agility at risk!

 

Blueprint

For this exercise, we’re going to leverage this blueprint ;

Continue reading “Landscaping a Secure/Closed Loop Infrastructure in Azure with Terraform & Azure Devops” →

Using Azure DevOps to deploy your static webpage (SPA) to Azure Storage

Introduction

To, without shame, grab the introduction of the “Static website hosting in Azure Storage” page ;

 

Azure Storage now offers static website hosting, enabling you to deploy cost-effective and scalable modern web applications on Azure. On a static website, webpages contain static content and JavaScript or other client-side code. By contrast, dynamic websites depend on server-side code, and can be hosted using Azure Web Apps.

As deployments shift toward elastic, cost-effective models, the ability to deliver web content without the need for server management is critical. The introduction of static website hosting in Azure Storage makes this possible, enabling rich backend capabilities with serverless architectures leveraging Azure Functions and other PaaS services.

 

Which, to me, sounds great! As one of my projects (VMchooser) is actually a static site (VueJS based Single Page App) that could just as well run on Azure Storage (thus reducing my cost footprint). So today we’re going to test that one out, and afterwards integrate it into our existing CI/CD pipeline (powered by Azure DevOps).

 

Continue reading “Using Azure DevOps to deploy your static webpage (SPA) to Azure Storage” →

VSTS & Compiled Azure Functions – How to set up your basic CI/CD pipeline

Introduction

A question that pops up occasionally is how to setup your Azure Functions DevOps flow when you’re using C# underneath. Today’s post will be a brief one to run you through this process. If you should prefer a video on this… That exists too! Curtosiy of the app service product group.

 

Quick Howto

Let’s take a look at the build process. We have (at least, as this flow did not do any testing => “Shame on me!”) three steps in the build process ;

• Restore the nuget packages
• Build the solution (and create a single zip file)
• Publish the artifact

 

So let’s take a look at one of my own builds… First I kick off with installing NuGet on my build agent (should it not already be present).

Continue reading “VSTS & Compiled Azure Functions – How to set up your basic CI/CD pipeline” →

Generating a docs website powered by Git & Markdown

Introduction

Did you know I’m a huge fan of the Microsoft / Azure docs? Did you also know that the docs websites are powered by GitHub repositories? Let that one sink in… So you can leverage the same way you collaborate on code, work on publishing documentation?!? How awesome is that!

After a bit of looking around, it appears DocFX is actually powered to do this. I don’t know if this is the tool used behind the docs website. Though there seem to be a lot of similarities. Anyhow, today’s post will be a quick walkthrough on how to setup DocFX with VSTS to publish your GitHub driven repo to an Azure Web App.

 

So what will we be needing?

Ingredients

• GitHub repository
• VSTS Account
• Azure App Service
• A tool to do the conversion : DocFX
• Chocolatey to install DocFX

 

Initialize the repository

Be sure to install DocFX on your dev station to initialize the repository. This is done by running “docfx init -q” inside of your repository.

 

Afterwards do your typical Git magic to sync your local version with GitHub (or equivalent). Now you’ll have a dummy skeleton ready for usage, and you can now structure it to your liking! My effort is going into making docs for VMchooser.

Continue reading “Generating a docs website powered by Git & Markdown” →

What does it look like to deploy a DevOps project into Azure for a Java Application?

Introduction

A few months ago “Azure Devops Projects” was released. As I haven’t had the time yet to test-drive it, I was still sceptic towards the service from a naming perspective. In full disclosure, for me DevOps is about three aspects ; People, Processes & Products (“Tools”). The last part is typically, and maybe surprisingly, the most easy part to do. That being said, as I tried this service, I must admit that this service reduces the friction to set up an end-to-end project. This is where the Azure Devops Project shines! It guides you in a step-by-step manner to set up the end-to-end project for a variety of languages and deployment methods.

 

A brief walk-through

As we all know, the proof of the pudding is in the eating. So let’s see what the flow looks like in reality?

Continue reading “What does it look like to deploy a DevOps project into Azure for a Java Application?” →

From Github to ACI – A tale how to use Visual Studio Team Services & Azure Container Registry for Container CI/CD

Introduction

Today’s post is conceptually a rather simple one… Let’s see how we can go from this ;

To here ;

By using a CI/CD pipeline.

 

Flow of the day

What will we be doing today?

• Kick-off a VSTS build once a change has been made to our Github repo
  • Build a container via VSTS
  • Publish the container to an ACR (Azure Container Registry)
• Kick-off a VSTS release once the build succeeded
  • Use an ARM template to deploy an ACI (Azure Container Instance) with our docker container underneath

Sound cool? Let’s get to it!

Continue reading “From Github to ACI – A tale how to use Visual Studio Team Services & Azure Container Registry for Container CI/CD” →

Using Visual Studio Team Services & Rancher for continuous deployment for your docker containers

Introduction

Today I’m going to show you how you can leverage the combination of Visual Studio Team Services & Rancher to kickstart your continuous deployment of your docker containers. So every time we update our containers, we want a smooth upgrade process on our container setup. What do you think? Let’s see what this can look like?

 

The flow

The scenario of today will have the following flow ;

• We’ll use a git(hub) repository to store our docker-compose & rancher-compose file that powers our solution.
• Next up, we’ll be using VSTS as the orchestrator for your CI/CD-pipeline.
• Rancher is our preferred container workflow / management tool, and we’ll be using the “rancher-compose” on our VSTS build agent.

Continue reading “Using Visual Studio Team Services & Rancher for continuous deployment for your docker containers” →

Issue with VSTS Agent on Ubuntu – Failed to initialize CoreCLR, HRESULT: 0x80131500

So today I was installing an VSTS agent on Ubuntu and I got the following error message ;

Failed to initialize CoreCLR, HRESULT: 0x80131500

I received this error message when trying to run the “config.sh” command ;

So how to fix this? Apparently the agent has a hard dependency towards “libicu52”.  By default my system (ubuntu 16.04 LTS) had libicu55 on it. You can find the “old” package on the following location. And install it?

wget http://security.ubuntu.com/ubuntu/pool/main/i/icu/libicu52_52.1-3ubuntu0.8_amd64.deb

sudo dpkg -i libicu52_52.1-3ubuntu0.8_amd64.deb

And that did the trick!

Have fun with your Linux CI/CD pipelines now! 😀