Summary

    Prerequisites

    - In Azure, have a service principal to have the rights to connect to subscription

    - In Azure Devops, a service connection using this service principal

    - Resource group created in Azure where resources are created (MYRG)

    - Azure Container Registry (ACR) set up in Azure name "ACR01" and authorized to be used by this pipeline (create a service connection in **Project settings Pipelines service connection**)

    - App service with a staging slot created in Azure

    Trigger the pipeline

    Here is the declaration of the action which triggers the pipeline:

    With this declaration, the pipeline will be triggered with a commit on the master branch and for the creation of a pull request on the master branch.

    CI

    In the CI stage we want to declare:

    1. Tests should be run for each pipeline
    2. Build, scan, and push images in ACR only when a commit on master

    These two operations shall be done in parallel to save time.

    Warning: Make sure you have at least 2 agents declared in Project settings Pipelines Parallel jobs. See example if you are going to use Azure DevOps agents:

    project-settings

    Parallel jobs

    Here is the configuration to have parallel jobs:

    Here we are using Azure DevOps agents "ubuntu-latest"

    In job Build_scan_push there is a condition saying that this job is executed only for a commit on the master branch.

    Tests

    The tests are described in the file tests.yaml and depend on your application. Here is an example:

    Build

    Here is how to build your image (file build.yaml):

    Scan

    In order to avoid any vulnerability in your image a scan is required. Here we use the Trivy solution (file scan.yaml):

    Push

    Once the image is built and scanned we can push it in the ACR (file push.yaml):

    Deployment

    Now we are going to describe the second stage where the application will be deployed in an Azure app service using the blue/green process. So first we will deploy the container in the app service staging slot. Then, when the application is fully started on the staging slot, swap the production slot and the staging slot.

    This stage is executed only if the CI is succeeded and if the pipeline is triggered by a commit on master.

    Final file

    So here is the final file:

    You have now set up a pipeline in Azure Devops to deploy your containered code in an App service. Your pipeline triggers automatically on different events on your repository. And you have optimized the time deployment using parallel jobs.