AZ-400 Microsoft Azure DevOps Solutions Questions and Answers

App1: Canary deployment

With canary deployment, you deploy a new application code in a small part of the production infrastructure. Once the application is signed off for release, only a few users are routed to it. This minimizes any impact.

With no errors reported, the new version can gradually roll out to the rest of the infrastructure.

App2: Rolling deployment:

In a rolling deployment, an application’s new version gradually replaces the old one. The actual deployment happens over a period of time. During that time, new and old versions will coexist without affecting functionality or user experience. This process makes it easier to roll back any new component incompatible with the old components.

You can set up a CI/CD pipeline to deploy your apps on a Kubernetes cluster with Azure DevOps by leveraging a Linux agent, Docker, and Helm.

Step 1: Create a service principle in Azure Active Directory (Azure AD)

We need to assign 3 specific service principals with specific Azure Roles that need to interact with our ACR and our AKS.

Create a specific Service Principal for our Azure DevOps pipelines to be able to push and pull images and charts of our ACR.

Create a specific Service Principal for our Azure DevOps pipelines to be able to deploy our application in our AKS.

Step 2: Add a Helm package and deploy a task to the deployment pipeline

This is the DevOps workflow with containers:

Step 3: Add a Docker Compose task to the deployment pipeline.

Dockerfile file is a script leveraged by Docker, composed of various commands (instructions) and arguments listed successively to automatically perform actions on a base image in order to create a new Docker image by packaging the app.

With the storage account ready, you can configure backs up in the web app or App Service.

Open the App Service az400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup Configuration blade should appear.

Select the storage account.

Click + to create a private container. You could name this container after the web app or App Service.

Select the container.

If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours

Select your retention. Note that 0 means never delete backups.

Decide if at least one backup should always be retained.

Choose if any connected databases should be included in the web app backup.

Click Save to finalize the backup configuration.

1. Go to the Azure portal, navigate to Traffic Manager profiles and click on the Add button to create a routing profile.

2. In the Create Traffic Manager profile, enter, or select these settings:

Name: az40011566895n1-tm

Routing method: Geographic

Resource group: RG1lod11566895

Note: Traffic Manager profiles can be configured to use the Geographic routing method so that users are directed to specific endpoints (Azure, External or Nested) based on which geographic location their DNS query originates from. This empowers Traffic Manager customers to enable scenarios where knowing a user’s geographic region and routing them based on that is important.

The basic idea behind Continuous Assurance (CA) is to setup the ability to check for " drift " from what is considered a secure snapshot of a system. Support for Continuous Assurance lets us treat security truly as a ' state ' as opposed to a ' point in time ' achievement. This is particularly important in today ' s context when ' continuous change ' has become a norm.

There can be two types of drift:

Drift involving ' baseline ' configuration: This involves settings that have a fixed number of possible states (often pre-defined/statically determined ones). For instance, a SQL DB can have TDE encryption turned ON or OFF…or a Storage Account may have auditing turned ON however the log retention period may be less than 365 days.

Drift involving ' stateful ' configuration: There are settings which cannot be constrained within a finite set of well-known states. For instance, the IP addresses configured to have access to a SQL DB can be any (arbitrary) set of IP addresses. In such scenarios, usually human judgment is initially required to determine whether a particular configuration should be considered ' secure ' or not. However, once that is done, it is important to ensure that there is no " stateful drift " from the attested configuration. (E.g., if, in a troubleshooting session, someone adds the IP address of a developer machine to the list, the Continuous Assurance feature should be able to identify the drift and generate notifications/alerts or even trigger ' auto-remediation ' depending on the severity of the change).

Box 1: Markdown (.md)

Github understands several text formats, including .txt and .md. .md stands for a file written in Markdown.

Box 2: Mermaid diagrams

Mermaid lets you create diagrams and visualizations using text and code.

It is a Javascript based diagramming and charting tool that renders Markdown-inspired text definitions to create and modify diagrams dynamically.

ACR Tasks supports automated container image builds when a container ' s base image is updated, such as when you patch the OS or application framework in one of your base images.

Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key.

Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.

The investment planning applications suite will include one multi-tier web application and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.

You can configure a Conditional Access policy that requires MFA for access from untrusted networks.

The commit-msg hook is invoked by git-commit and git-merge, and can be bypassed with the --no-verify option.

Batching CI runs

If you have many team members uploading changes often, you may want to reduce the number of runs you start. If you set batch to true, when a pipeline is running, the system waits until the run is completed, then starts another run with all changes that have not yet been built.

Example:

# specific branch build with batching

trigger:

batch: true

branches:

include:

- master

To clarify this example, let us say that a push A to master caused the above pipeline to run. While that pipeline is running, additional pushes B and C occur into the repository. These updates do not start new independent runs immediately. But after the first run is completed, all pushes until that point of time are batched together and a new run is started.

There are several tools available for running queries in Azure Data Explorer, including Kusto.

Kusto uses a role-based access control (RBAC) model, under which authenticated principals are mapped to roles, and get access according to the roles they ' re assigned.

Note: Azure Data Explorer is a highly scalable and secure analytics service that enables you to do rich exploration of structured and unstructured data for instant insights. Optimized for ad-hoc queries, Azure Data Explorer enables rich data exploration over raw, structured, and semi-structured data delivering fast time to insight. Query with a modern, intuitive query language that offers fast, ad-hoc, and advanced query capabilities over high-rate data volumes and varieties

Secure and Manage Open Source Software

Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios.

Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.

Note: WhiteSource would also be a good answer, but it is not an option here.

Every request made against a storage service must be authorized, unless the request is for a blob or container resource that has been made available for public or signed access. One option for authorizing a request is by using Shared Key.

Scenario: The mobile applications must be able to call the share pricing service of the existing retirement fund management system. Until the system is upgraded, the service will only support basic authentication over HTTPS.

The investment planning applications suite will include one multi-tier web application and two iOS mobile application. One mobile application will be used by employees; the other will be used by customers.

Scenario: A branching strategy that supports developing new functionality in isolation must be used.

Feature isolation is a special derivation of the development isolation, allowing you to branch one or more feature branches from main, as shown, or from your dev branches.

When you need to work on a particular feature, it might be a good idea to create a feature branch.

Box 1: Get-AzResource

Use the following command to examine the access control mode for all workspaces in the subscription:

PowerShell

Get-Az Resource –Resource Type Microsoft. Operational Insights/workspaces –Expand Properties | for each {s.Name + " : " + $_.Properties.features.enableLogAccessUsingOnlyResourcePermissions

Box 2: -Resource Type

Unattended config:

The agent can be set up from a script with no human intervention. You must pass --unattended and the answers to all questions.

To configure an agent, it must know the URL to your organization or collection and credentials of someone authorized to set up agents. All other responses are optional.

Box 1: rwx

The Log Analytics agent for Linux runs as the omsagent user. To grant > write permission to the omsagent user, run the command setfacl -m u:omsagent:rwx /tmp.

Box 2: /tmp

Deploying DSC to a Linux node uses the /tmp folder.

Box 1: Reader

Members of a group named Developers must be able to install packages.

Feeds have four levels of access: Owners, Contributors, Collaborators, and Readers. Owners can add any type of identity-individuals, teams, and groups-to any access level.

Box 2: Owner

Members of a group named Team Leaders must be able to create new packages and edit the permissions of package feeds.

Scenario: By default, all releases must remain available for 30 days, except for production releases, which must be kept for 60 days.

Box 1: Set the default retention policy to 30 days

The Global default retention policy sets the default retention values for all the build pipelines. Authors of build pipelines can override these values.

Box 2: Set the stage retention policy to 60 days

You may want to retain more releases that have been deployed to specific stages.

Box 1: Upgrade TFS to the most recent RTM release.

One of the major prerequisites for migrating your Team Foundation Server database is to get your database schema version as close as possible to what is currently deployed in Azure Devops Services.

Box 2: Use the TFS Database Import Service

In Phase 3 of your migration project, you will work on upgrading your Team Foundation Server to one of the supported versions for the Database Import Service in Azure Devops Services.

Box 1: A source control system

A source control system, also called a version control system, allows developers to collaborate on code and track changes. Source control is an essential tool for multi-developer projects.

Box 2: A hosted service

To build and deploy Xcode apps or Xamarin.iOS projects, you ' ll need at least one macOS agent. If your pipelines are in Azure Pipelines and a Microsoft-hosted agent meets your needs, you can skip setting up a self-hosted macOS agent.

Scenario: The investment planning applications suite will include one multi-tier web application and two iOS mobile applications. One mobile application will be used by employees; the other will be used by customers.

Step 1: Log in to the Azure Portal

Go to https://portal.azure.com .

Log in with your Azure account.

Step 2: Create an Azure App Configuration Instance

In the search bar at the top, type “App Configuration” and select App Configuration from the search results.

Click + Create .

Fill in the required fields:

Subscription: Your Azure subscription.

Resource Group: Create a new one or select an existing one.

Name: Provide a globally unique name (for example, myappconfig-instance).

Location: Choose a region close to your application.

Click Review + Create , then Create .

The instance will take a few seconds to deploy.

Step 3: Access the App Configuration Instance

Once the deployment is complete, click Go to resource .

You are now in the App Configuration resource.

Step 4: Enable Feature Management

In the left menu, click on Feature Manager (Preview) .

Click + Add to create a new feature flag.

Step 5: Create the Feature Flag

Provide the following details:

Feature flag name: feature1

Label: (optional)

Description: (optional)

State: Set to Enabled .

Click on the Add filters link if you want to add targeting filters (optional).

Click Save to create the feature flag.

Step 6: Set the Expiration Date for the Feature Flag

In the Feature Manager list, find the newly created feature1 flag.

Click on the three dots (context menu) next to feature1 and select Edit .

In the Edit feature pane, look for the Expiration date setting. If there is no direct UI for expiration date, you can store it as a custom key-value (metadata).

Here’s how to store expiration as metadata:

In the App Configuration left menu, click on Configuration Explorer .

Locate the key: .appconfig.featureflag/feature1.

Click on the key to edit.

Add a new label or add a custom key in the Content type or tags section to store expiration metadata:

Key: expiration

Value: yyyy-MM-dd (set to today + 7 days)

For example, if today is June 4, 2025, set the expiration as 2025-06-11.

Change the ConfigurationMode parameter from ApplyOnly to ApplyAndAutocorrect.

The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.

Scenario: Current Technical Issue

The test servers are configured correctly when first deployed, but they experience configuration drift over time. Azure Automation State Configuration fails to correct the configurations.

Azure Automation State Configuration nodes are registered by using the following command.

Scenario: Visual Studio App Center must be used to centralize the reporting of mobile application crashes and device types in use.

In order to use App Center, you need to opt in to the service(s) that you want to use, meaning by default no services are started and you will have to explicitly call each of them when starting the SDK.

Insert the following line to start the SDK in your app ' s App Delete class in the didFinishLaunchingWithOptions method.

MSAppCenter.start( " {Your App Secret} " , withServices: [MSAnalytics.self, MSCrashes.self])

1. Open Microsoft Azure Portal

2. Log into your Azure account and go to App Service and look under Monitoring then you will see Alert.

3. Select Add an alert rule

4. Configure the alert rule as per belowand click Ok.

Source: Alert on Metrics

Resource Group: az400-9940427-main

Resource: az400-9940427-main

Threshold: 5

Period: Over the last 5 minutes

Webhook: https://contoso.com/notify

To configure a virtual machine template in your DevTest Labs environment namedaz400-38443478-dtl1with Windows Server 2016 Datacenter that includes the Selenium tooland the Google Chrome browser, follow these steps:

Create a Custom Image with Windows Server 2016 Datacenter:

In the Azure Portal, go to your DevTest Labaz400-38443478-dtl1.

Navigate toConfiguration and policies > Custom images.

Use an existing VM or create a new one with Windows Server 2016 Datacenter.

After setting up the VM, capture it to create a custom image1.

Install Selenium and Google Chrome on the VM:

Connect to the VM via RDP.

Download and install the Selenium WebDriver for your preferred programming language from the official Selenium website2.

For Google Chrome, download the offline installer from the official website and install it on the VM3.

Generalize the VM:

Run thesysprepcommand to generalize the VM, which prepares it to be used as a template.

Shutdown the VM aftersysprepcompletes.

Capture the Generalized VM to Create a Template:

In the Azure Portal, navigate to the VM and selectCapture.

Provide the required details and create the image.

Add Selenium and Google Chrome Artifacts to the Template:

Go back to the DevTest Labaz400-38443478-dtl1.

SelectArtifactsand add Selenium and Google Chrome artifacts to the template.

Ensure these artifacts are configured to install during the VM creation process.

Create VMs from the Template:

Now, when youcreate a new VM in the DevTest Lab, select the custom image you created.

The VM will be provisioned with Windows Server 2016 Datacenter, and the Selenium tool and Google Chrome browser will be installed automatically.

By following these steps, you can ensure that all virtual machines created from this template in your DevTest Lab will have the required operating system, tools, and browser installed. Remember to replace placeholder names with the actual names of your resources where necessary.

With the storage account ready, you can configure backs up in the web app or App Service.

Open the App Serviceaz400-11566895-main, which you want to protect, in the Azure Portal and browse to Settings > Backups. Click Configure and a Backup Configuration blade should appear.

Select the storage account.

Click + to create a private container. You could name this container after the web app or App Service.

Select the container.

If you want to schedule backups, then set Scheduled Backup to On and configure a schedule: every five hours

Select your retention. Note that 0 means never delete backups.

Decide if at least onebackup should always be retained.

Choose if any connected databases should be included in the web app backup.

Click Save to finalize the backup configuration.

Step 1: Create an instance of Azure Application Insights

1. Open Microsoft Azure Portal

2. Log into your Azure account, Select Create a resource > Developer tools > Application Insights.

3. Enter the followingsettings, and then select Review + create.

Name: az400-9940427-main

Step 2: Configure App Insights SDK

1. Open your ASP.NET Core Web App project in Visual Studio > Right-click on the AppName in the Solution Explorer > Select Add > Application InsightsTelemetry.

2. Click the Get Started button

3. Select your account and subscription > Select the Existing resource you created in the Azure portal > Click Register.

Step 1: Create a repository

A Git repository, or repo, is a folder that you ' ve told Git to help you track file changes in. You can have any number of repos on your computer, each stored in their own folder.

Step 2: Create a branch

Branch policies help teams protect their important branches of development. Policies enforce your team ' s code quality and change management standards.

Step 3: Add a build validation policy

When a build validation policy is enabled, a new build is queued when a new pull request is created or when changes are pushed to an existing pull request targeting this branch. The build policy then evaluates the results of the build to determine whether the pull request can be completed.

Scenario:

Implement a code flow strategy for Project2 that will:

Enable Team2 to submit pull requests for Project2.

Enable Team2 to work independently on changes to a copy of Project2.

Ensure that any intermediary changes performed by Team2 on a copy of Project2 will be subject to the same restrictions as the ones defined in the build policy of Project2.

To build your code or deploy your software using Azure Pipelines, you need at least one agent.

If your on-premises environments do not have connectivity to a Microsoft-hosted agent pool (which is typically the case due to intermediate firewalls), you ' ll need to manually configure a self-hosted agent on on-premises computer(s). The agents must have connectivity to the target on-premises environments, and access to the Internet to connect to Azure Pipelines or Team Foundation Server.

Step 1: Understand the Requirements

You want to ensure that audit events (such as user actions, project changes, security settings, etc.) from your Azure DevOps organization are logged and available in a Log Analytics workspace in Azure.

This enables centralized monitoring and security compliance.

Step 2: Prerequisites

Before starting, make sure:

You have an Azure subscription .

You have permission to create or use a Log Analytics workspace in the Azure portal.

You are a Project Collection Administrator or Organization Owner in Azure DevOps.

Step 3: Create or Identify a Log Analytics Workspace

Go to the Azure portal .

In the search bar, type Log Analytics workspaces and click the service.

Click + Create to create a new workspace (or select an existing workspace if you have one).

Provide the following:

Subscription: your Azure subscription.

Resource Group: create a new or use an existing one.

Name: a unique name for the workspace (like DevOpsAuditWorkspace).

Region: choose the same region as your Azure DevOps organization if possible.

Click Review + Create, then Create to deploy the workspace.

Step 4: Configure Azure DevOps to Stream Audit Logs

Azure DevOps can stream audit logs to your Log Analytics workspace using the Azure DevOps Audit Stream feature.

In your browser, go to your Azure DevOps organization : https://dev.azure.com/{YourOrganizationName}

In the bottom-left corner, click on the Organization Settings gear icon.

In the left menu, click on Audit logs .

In the top-right, click on Audit streams .

Click on + Add stream to create a new stream.

In the New audit stream pane, do the following:

Stream type: select Azure Monitor Logs (Log Analytics) .

Azure subscription: select the subscription containing your Log Analytics workspace.

Resource group: select the resource group.

Log Analytics workspace: select the workspace created in Step 3.

Click Save .

Step 5: Validate the Audit Stream Connection

Go back to the Audit streams page in Azure DevOps to confirm the stream shows as Connected .

To validate logs:

In the Azure portal, go to your Log Analytics workspace .

In the left menu, click on Logs .

Use the query:

kusto

Copy

AzureDevOpsAuditing

| sort by TimeGenerated desc

You should see audit events from your Azure DevOps organization appear in the results.

Step1: Create a New Team Dashboard

Navigate to Azure DevOps:

Go to Azure DevOps and sign in with your credentials.

Select Your Project:

Choose Project1 from your list of projects.

Access Dashboards:

In the left-hand menu, select Dashboards.

Create a New Dashboard:

Click on New Dashboard.

Enter the name Dashboard1.

Ensure the dashboard type is set to Team Dashboard.

Click Create.

Step 2: Add the Team Members Widget

Open the Widget Catalog:

After creating the dashboard, thewidget catalog will open automatically. If it doesn’t, click on Add Widget.

Search for Team Members Widget:

In the widget catalog, search for Team Members.

Add the Widget:

Click on the Team Members widget and then click Add to place it on your dashboard.

Configure the Widget:

Once added, you can resize and move the widget to your preferred location on the dashboard.

Step 3: Save and Share the Dashboard

Save the Dashboard:

Click on Save to save your changes.

Share the Dashboard:

You can share the dashboardURL with your team members or set permissions to control who can view or edit the dashboard.

By following these steps, you will have a new team dashboard named Dashboard1 that displays the members of the default project team for Project1

Scenario: Access to Azure DevOps must be restricted to specific IP addresses.

Azure DevOps is authenticated through Azure Active Directory. You can use Azure AD ' s conditional access to prevent logins from certain geographies and address ranges.

The first thing to do is to declare your Sonar Qube server as a service endpoint in your VSTS/DevOps project settings.

Scenario: Implement Project4 and configure the project to push Docker images to Azure Container Registry.

You use Azure Container Registry Tasks commands to quickly build, push, and run a Docker container image natively within Azure, showing how to offload your " inner-loop " development cycle to the cloud. ACR Tasks is a suite of features within Azure Container Registry to help you manage and modify container images across the container lifecycle.

Graphical user interface, text, application Description automatically generated

Woodgrove Bank plans to implement the following changes to the identity environment:

Configure App1 to use a service principal.

C:\Users\wk\Desktop\mudassar\Untitled.jpg

Woodgrove Bank plans to implement the following changes to the DevOps environment:

Migrate all the source code from TFS1 to GitHub.

The Git-TFS tool is a two-way bridge between Team Foundation Version Control and Git, and can be used to perform a migration.

Step 1: Create an Action Group

Navigate to Azure Portal:

Go to Azure Portal and sign in with your credentials.

Access Azure Monitor:

In the left-hand menu, select Monitor.

Create ActionGroup:

Under Alerts, select Action groups.

Click on + Create.

Configure Basic Settings:

Subscription: Select your subscription.

Resource Group: Select RG1 lod42147S09.

Action Group Name: Enter DevOpsAG.

Display Name: Enter a display name for the action group.

Step 2: Define Actions

Add Email Notifications:

Click on Add action.

Action Type: Select Email/SMS message/Push/Voice.

Action Name: Enter a name for the action (e.g., EmailAdmins).

Email: Enter admin1@contoso.com and admin2@contoso.com.

Click OK.

Notify Resource Owners:

Click on Add action again.

Action Type: Select Email/SMS message/Push/Voice.

Action Name: Enter a name for the action (e.g., NotifyOwners).

Email: Select Notify all owners.

Click OK.

Step 3: Enable Common Alert Schema

Common Alert Schema:

In the Advanced tab, enable the Common alert schema option1.

Step 4: Review and Create

Review:

Review all the settings you have configured.

Create:

Click on Review + create and then Create.

By following these steps, you will have successfully created an action group named DevOpsAG that emails the specified users and notifies resource owners using the common alert schema

Scenario: Deploy App2 to an Azure virtual machine named VM1.

A personal access token (PAT) is used as an alternate password to authenticate into Azure DevOps.

Graphical user interface, text, application Description automatically generated

Setting 1: Threshold value

Set to 80 %

Scenario: An Azure Monitor alert for VM1 must be configured to meet the following requirements:

Be triggered when average CPU usage exceeds 80 percent for 15 minutes.

Calculate CPU usage averages once every minute.

Setting 2: Aggregation granularity

Set to 15 minutes.

A picture containing text Description automatically generated

Box 1: Azure Boards

Azure Boards can be used to track work with Kanban boards, backlogs, team dashboards, and custom reporting

You can create multiple Trello boards, which are spaces to store tasks (for different work contexts, or even private boards)

You can easily share Trello boards with another person.

Box 2: Azure Pipelines

You can use Bamboo to implement CI/CD (Continuous Integration and Continuous Delivery) for a simple Azure function app using Atlassian Bamboo. Bamboo does continuous delivery of the project from source code to deployment. It has stages including Build, Test and Deploy.

Software teams in every industry are upgrading their continuous delivery pipeline with Bamboo. Easy build import from popular open source tools, user and group import from JIRA, seamless integration with Bitbucket, and native support for Git, Hg, and SVN means you ' ll be building and deploying like a champ.

Box 3: GitHub repositories

Bitbucket can be used as the Git repository, but you can use any other Git repository (Like TFS Git) for source control of the code.

The Register-AzureRmAutomationDscNode cmdlet registers an Azure virtual machine as an APS Desired State Configuration (DSC) node in an Azure Automation account.

Scenario: The Azure DevOps organization includes:

The Docker extension

A deployment pool named Pool7 that contains 10 Azure virtual machines that run Windows Server 2016

Step 1: To create a general-purpose v2 storage account in the Azure portal, follow these steps:

On the Azure portal menu, select All services. In the list of resources,type Storage Accounts. As you begin typing, the list filters based on your input. Select Storage Accounts.

On the Storage Accounts window that appears, choose Add.

Select the subscription in which to create the storage account.

Under the Resource group field, select RG1lod11566895

Next, enter a name for your storage account named: az400lod11566895stor

Select Create.

Step 2: Enable boot diagnostics on existing virtual machine

To enable Boot diagnostics on an existing virtual machine, follow these steps:

1.Sign in to the Azure portal, and then select the virtual machine VM1.

2. In the Support + troubleshooting section, select Boot diagnostics, then select the Settings tab.

3. In Boot diagnostics settings, change the status to On, and from the Storage account drop-down list, select the storage account az400lod11566895stor.

4. Save the change.

You must restart the virtual machine for the change to take effect.

Step 1: Create a Desired State Configuration (DSC) configuration file that has an extension of .ps1.

Step 2: Run the Import-AzureRmAutomationDscConfiguration Azure Powershell cmdlet

The Import-AzureRmAutomationDscConfiguration cmdlet imports an APS Desired State Configuration (DSC) configuration into Azure Automation. Specify the path of an APS script that contains a single DSC configuration.

Example:

PS C:\ > Import-AzureRmAutomationDscConfiguration -AutomationAccountName " Contoso17 " -ResourceGroupName " ResourceGroup01 " -SourcePath " C:\DSC\client.ps1 " -Force

This command imports the DSC configuration in the file named client.ps1 into the Automation account named Contoso17. The command specifies the Force parameter. If there is an existing DSC configuration, this command replaces it.

Step 3: Run the Start-AzureRmAutomationDscCompilationJob Azure Powershell cmdlet

The Start-AzureRmAutomationDscCompilationJob cmdlet compiles an APS Desired State Configuration (DSC) configuration in Azure Automation.

Graphical user interface, text, application Description automatically generated

Woodgrove Bank identifies the following technical requirements:

The Azure DevOps dashboard must display the metrics shown in the following table:

Box 1: Velocity

Velocity displays your team velocity. It shows what your team delivered as compared to plan.

Box 2: Release pipeline overview

Release pipeline overview shows the status of environments in a release definition.

Box 3: Query tile

Query tile displays the total number of results from a query.

Step 1: Initialize the Default Main Branch

Navigate to Azure DevOps:

Go to Azure DevOps and sign in with your credentials.

Select Your Project:

Choose Project1 from your list of projects.

Initialize theMain Branch:

Go to Repos  >  Files.

If the main branch does not exist, you will see an option to initialize it. Click on Initialize and follow the prompts to create the main branch1.

Step 2: Create a New Branch for the Pipeline

Navigate to Branches:

Go to Repos  >  Branches.

Click on New branch.

Create the Branch:

Enter azure-pipelines as the branch name.

Select main as the base branch.

Click Create2.

Step 3: Create a New Azure Pipelines YAML Pipeline

Navigate to Pipelines:

Go to Pipelines  >  New pipeline.

Select the Repository:

Choose Azure Repos Git and select the relevant repository.

Configure the Pipeline:

Select Starter pipeline.

Replace the default YAML with the ASP.NET template. You can find the ASP.NET template in the Azure Pipelines documentation oruse the following example:

trigger:

- main

pool:

vmImage: ' windows-latest '

variables:

buildConfiguration: ' Release '

steps:

- task: UseDotNet@2

inputs:

packageType: ' sdk '

version: ' 5.x '

installationPath: $(Agent.ToolsDirectory)/dotnet

- script: |

dotnet build --configuration $(buildConfiguration)

displayName: ' Build project '

- script: |

dotnet test --no-build --configuration $(buildConfiguration)

displayName: ' Run tests '

Save the Pipeline:

Click on Save and enter azure-pipelines as the branch name.

Click on Save and run to save the pipeline to the new branch named azure-pipelines3.

By following these steps, you will have successfully initialized the main branch, created a new branch named azure-pipelines, and set up a new Azure Pipelines YAML pipeline using the ASP.NET template

Scenario:

Scenario: Implement Project3, Project5, Project6, and Project7 based on the planned changes

Step 1: Open the release pipeline editor.

In the Releases tab of Azure Pipelines, select your release pipeline and choose Edit to open the pipeline editor.

Step 2: Enable Gates.

Choose the pre-deployment conditions icon for the Production stage to open the conditions panel. Enable gates by using the switch control in the Gates section.

Step 3: Add Query Work items.

Choose + Add and select the Query Work Items gate.

Configure the gate by selecting an existing work item query.

Note: A case for release gate is:

Incident and issues management. Ensure the required status for work items, incidents, and issues. For example, ensure deployment occurs only if no priority zero bugs exist, and validation that there are no active incidents takes place after deployment.

Scenario:

Step 1: Sign in to Azure Develops by using an account that is assigned the Administrator service connection security role.

Note: Under Agent Phase, click Deploy Service Fabric Application. Click Docker Settings and then click Configure Docker settings. In Registry Credentials Source, select Azure Resource Manager Service Connection. Then select your Azure subscription.

Step 2: Create a personal access token..

A personal access token or PAT is required so that a machine can join the pool created with the Agent Pools (read, manage) scope.

Step 3: Install and register the Azure Pipelines agent on an Azure virtual machine.

By running a Azure Pipeline agent in the cluster, we make it possible to test any service, regardless of type.

Instead use Octopus Tentacle.