DevSecOps and Cloud Computing Coaching

Saturday, January 11, 2025

Top 10 DevOps Popular Tools | Popular DevOps Tools You Must Know In 2025 | Learn DevOps Tools in 2025

Here are the top 10 DevOps Tools to focus on to put your DevOps learning on a faster track and kick start your career quickly as a successful Cloud engineer or DevOps engineer in about 10 to 12 weeks from now.

1. Terraform - # 1 Infrastructure automation tool

2.    Git - BitBucket/GitHub/Azure Repos - # 1 - SCM tool
3.   Jenkins - # 1 CICD tool
4.    Docker - #1 Container platform
5.    Kubernetes - #1 container orchestration tool

6. GitHub Actions - #3 CICD tool

7. Ansible- #1 Configuration Management tool

8. Azure DevOps – Microsoft platform for migrating applications to Azure Cloud

9. SonarQube – #1 Code quality tool
10. Nexus - #2 Binary repo manager

Finally having some scripting knowledge is also good – Python, YAML playbooks, JSON script
Cloud experience - AWS and Azure

Click here to know the complete roadmap..

Welcome To DevSecOps Coaching Program by Coach AK | Coaching pre-requisites before you join the program | Agile and DevOps Basics useful links

Welcome to DevSecOps Coaching Program by Coach AK! Thanks for showing interest in joining the program. Please go through the useful links before joining the coaching sessions live with Coach AK in zoom.

Please click the below link to learn more about How the coaching program works.

https://www.coachdevops.com/2019/04/devops-coaching-model-information.html

Pre-requisites:
https://www.coachdevops.com/2019/01/pre-requisites-before-starting-devops.html

Once you create AWS account, GitHub and Bitbucket account using the above links, do the following to secure your AWS account:

https://www.cidevops.com/2018/09/how-to-enable-multi-factor.html

Learn more about AWS cloud in less than10 mins..
https://www.youtube.com/watch?v=r4YIdn2eTm4

Basic concepts to go through before you attend classes:

Why we need DevOps? Why companies are migrating to Cloud/DevOps?
https://www.cidevops.com/2019/05/why-we-need-devops-why-devops-is.html

If you are new to IT, please learn more about Agile, DevOps from the below links:

https://www.tutorialspoint.com/agile/index.htm
https://www.edureka.co/blog/what-is-devops/
https://www.edureka.co/blog/devops-tutorial - nice read on DevOps

What is DevOps

https://www.youtube.com/watch?v=_I94-tJlovg&t=2s

Difference between Waterfall and Scrum

https://www.youtube.com/watch?v=9TycLR0TqFA

Top 10 DevOps tools to learn in 2025

https://www.coachdevops.com/2025/01/top-10-devops-popular-tools-popular.html

Top DevOps Skills for 2025 | Skills required to become a DevOps engineer

https://www.coachdevops.com/2025/01/complete-roadmap-for-2025-to-become.html

Friday, January 10, 2025

Perform Security Scan for SpringBoot Microservice Docker image using Trivy Scanner and Azure YAML Pipeline | How to Scan Spring Boot Docker Image in Azure DevOps using Trivy Scanner

Perform vulnerability scan using Trivy scanner on Azure DevOps Pipeline

What is Trivy?

Trivy is an open-source security scanner tool developed by Aqua Security. It can scan:

container images
file systems/folders
Git repositories
Kubernetes clusters
misconfiguration in files such as Terraform, K8S manifest files

Pre-requisites:

Repo created in ACR, Click here to know how to do that.
Springboot app Source code along with Dockerfile created along with the application source code
Already created Azure DevOps dashboard in

https://dev.azure.com/

ADO Yaml Pipeline for scanning docker image using Trivy scanner in Azure Hosted Build Agent:

# Perform Trivy scan for Docker image and upload docker image into ACR

trigger:
- master

resources:
- repo: self

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: '723477ce-4e05-4e6e-a3c1-13bdf919a5cd'
  imageRepository: 'dockerspringbootapp'
  containerRegistry: 'myacrrepo131.azurecr.io'
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'

  # Agent VM image name
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: Maven@4
      inputs:
        mavenPomFile: 'pom.xml'
        publishJUnitResults: true
        testResultsFiles: '**/surefire-reports/TEST-*.xml'
        javaHomeOption: 'JDKVersion'
        mavenVersionOption: 'Default'
        mavenAuthenticateFeed: false
        effectivePomSkip: false
        sonarQubeRunAnalysis: false
    - task: Docker@2
      displayName: Build a Docker image 
      inputs:
        command: build
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)
    - task: Bash@3
      displayName: "Install Trivy"
      inputs:
        targetType: inline
        script: |
          curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh
 # Run Trivy Scan
    - task: Bash@3
      displayName: "Run Trivy Scan"
      inputs:
        targetType: inline
        script: |
          ./bin/trivy image --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed $(containerRegistry)/$(imageRepository):$(tag)
    - task: Docker@2
      displayName: push the image to container registry
      inputs:
        command: Push
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)

Scan report can be viewed in Build output of Azure Pipelines

Watch Steps in YouTube channel:

How to Create a Docker Image for a Springboot App and Upload image into Azure Container Registry using Azure YAML Pipelines | Upload Spring boot Docker Image into Azure Container Registry (ACR)

We will learn how to build Docker image for a springboot app and upload the Docker image into Azure Container Registry(ACR) using Azure YAML pipelines.

Pre-requisites:

1. Azure subscription

2. Azure DevOps project dashboard in https://dev.azure.com/

3. Dockerfile created along with the application source code

4. Install Azure CLI

Create Resource Group

Make sure you are login to Azure portal first.

az login

Execute below command to create a resource group in Azure portal.

az group create --name myResourceGroup --location southcentralus

How to Create Azure Container Registry?

Run the below command to create your own private container registry using Azure Container Registry (ACR).

az acr create --resource-group myResourceGroup --name myacrrepo31 --sku Standard --location southcentralus

You can login to Azure portal to see the ACR repo.

How to create Azure Build YAML Pipeline

1. Login into your Azure DevOps dashboard

2. Click on Pipelines.

3. Click on New Pipeline

4. Click on GitHub Repo as we have code committed into GitHub

5. Enter your repo name and branch name where you have stored your source code along with Dockerfile.

Type docker as name and select the below repo

6. Click on Continue. Now choose the template by typing Docker, Select below task and Apply.

7. Choose the subscription

Click on Continue

Enter Microsoft credentials.

Now choose ACR repo and enter name for the image and select the path for Dockerfile

Click on Validate and configure.

# Create a Jar file using Maven

# Create a docker image and push the image to Azure Container Registry

# https://docs.microsoft.com/azure/devops/pipelines/languages/docker

trigger:

- master

resources:

- repo: self

variables:

  # Container registry service connection established during pipeline creation

  dockerRegistryServiceConnection: 'sdsd4'

  imageRepository: 'mypythondockerrepo'

  containerRegistry: 'myacrrep31.azurecr.io'

  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'

  tag: '$(Build.BuildId)'

  vmImageName: 'ubuntu-latest'

stages:

- stage: Build

  displayName: Build and push stage

  jobs:

  - job: Build

    displayName: Build

    pool:

      vmImage: $(vmImageName)

    steps:

- task: Maven@4 inputs: mavenPomFile: 'pom.xml' publishJUnitResults: true testResultsFiles: '**/surefire-reports/TEST-*.xml' javaHomeOption: 'JDKVersion' mavenVersionOption: 'Default' mavenAuthenticateFeed: false effectivePomSkip: false sonarQubeRunAnalysis: false - task: Docker@2 displayName: Build and push an image to container registry inputs: command: buildAndPush repository: $(imageRepository) dockerfile: $(dockerfilePath) containerRegistry: $(dockerRegistryServiceConnection) tags: | $(tag)

Now click Save + run and run to start Building the pipeline. Now check the status of the pipeline.

Once the build is completed, you should be able to see the Docker images under

Services --> Repositories

Clean up resources in Azure Cloud:
az group delete --resource-group MyResourceGroup

This should clean up resources in Azure cloud..

Watch Steps in YouTube channel:

Thursday, January 9, 2025

Setup AquaSec Trivy for Vulnerability scanning | How to Set Up Trivy Scanner in Azure DevOps | How to scan Docker image using Trivy Scanner | Create Azure YAML Pipeline for scanning Docker image

Perform vulnerability scan using Trivy scanner on Azure DevOps Pipeline

Pre-requisites:

Repo created in ACR, Click here to know how to do that.
Dockerfile created along with the application source code
Already created Azure DevOps dashboard in
https://dev.azure.com/

ADO Yaml Pipeline for scanning docker image using Trivy scanner:

# Docker
# Build and push an image to Azure Container Registry
# https://docs.microsoft.com/azure/devops/pipelines/languages/docker

trigger:
- master
resources:
- repo: self

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'd676875f-d1fb-485a-8da4-88d6bfb04604'
  imageRepository: 'mypythondockerrepo'
  containerRegistry: 'myacrrep31.azurecr.io'
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'

  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:
    # build docker image
    - task: Docker@2
      displayName: Build Docker image 
      inputs:
        command: build
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)
    # Install Trivy Scanner on Agent
    - task: Bash@3
      displayName: "Install Trivy"
      inputs:
        targetType: inline
        script: |
          curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh
    # Run Trivy Scan
    - task: Bash@3
      displayName: "Run Trivy Scan"
      inputs:
        targetType: inline
        script: |
          ./bin/trivy image --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed $(containerRegistry)/$(imageRepository):$(tag)
    # Push docker image
    - task: Docker@2
      displayName: push Docker image to container registry
      inputs:
        command: push
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)

Scan report can be viewed in Build output of Azure Pipelines

How to Create a Docker Image for a Python App and Upload image into Azure Container Registry using Azure YAML Pipelines | Automate Docker builds using Azure YAML Pipelines | Upload Docker Image into Azure Container Registry (ACR)

We will learn how to build Docker image and upload the Docker images into Azure Container Registry(ACR) using Azure YAML pipelines.

Pre-requisites:

1. Azure subscription

2. Azure DevOps project dashboard in https://dev.azure.com/

3. Dockerfile created along with the application source code

Create Resource Group

Make sure you are login to Azure portal first.

az login

Execute below command to create a resource group in Azure portal.

az group create --name myResourceGroup --location southcentralus

How to Create Azure Container Registry?

Run the below command to create your own private container registry using Azure Container Registry (ACR).

az acr create --resource-group myResourceGroup --name myacrrepo31 --sku Standard --location southcentralus

You can login to Azure portal to see the ACR repo.

How to create Azure Build YAML Pipeline

1. Login into your Azure DevOps dashboard

2. Click on Pipelines.

3. Click on New Pipeline

4. Click on GitHub Repo as we have code committed into GitHub

5. Enter your repo name and branch name where you have stored your source code along with Dockerfile.

Type python as name and select the below repo

6. Click on Continue. Now choose the template by typing Docker, Select below task and Apply.

7. Choose the subscription

Click on Continue

Enter Microsoft credentials.

Now choose ACR repo and enter name for the image and select the path for Dockerfile

Click on Validate and configure.

# Docker
# Build and push an image to Azure Container Registry
# https://docs.microsoft.com/azure/devops/pipelines/languages/docker
trigger:
- master
resources:
- repo: self

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'sdsd4'
  imageRepository: 'mypythondockerrepo'
  containerRegistry: 'myacrrep31.azurecr.io'
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'

  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: Docker@2
      displayName: Build and push an image to container registry
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)

Now click Save + run and run to start Building the pipeline. Now check the status of the pipeline.

Once the build is completed, you should be able to see the Docker images under

Services --> Repositories

Monday, January 6, 2025

How to Implement CICD using Azure DevOps | CICD process flow diagram using Azure DevOps | How to migrate applications into Azure Cloud using Azure DevOps Pipelines

Azure DevOps is a set of development tools and services offered by Microsoft to facilitate the entire software development lifecycle (SDLC). Azure DevOps is designed to support collaboration among development and operations teams, automate various aspects of the software development process, and enable continuous integration and continuous delivery (CI/CD) pipelines.

What is Continuous Integration?

Continuous integration is a DevOps software development practice where developers regularly merge their code changes into a central repository, after which automated builds and tests are run.

The key goals of continuous integration are to find and address bugs quicker, improve software quality, and reduce the time it takes to validate and release new software updates.

Azure DevOps is widely used for implementing CICD. Azure DevOps can integrate with other tools using Add-ons.

How does Continuous Integration Work?

Developers frequently commit to a shared repository using a version control system such as Git. Prior to each commit, developers may choose to run local unit tests on their code as an extra verification layer before integrating. A continuous integration service automatically builds and runs unit tests on the new code changes to immediately surface any errors.

Benefits of Continuous Integration

Improve Developers productivity
Find bugs early in the software development stage
Deliver products into market place sooner
Improve the feedback loop

What is Continuous Delivery?

Continuous delivery is a software development practice where code changes are automatically prepared for a release to production. Continuous delivery is the next extension of continuous integration. The delivery phase is responsible for packaging an artifact together to be delivered to end-users. This phase runs automated building tools to generate this artifact.

Benefits of Continuous Delivery

Automate the Software Release Process
Improve Developer Productivity
Find bugs early in the software development stage
Deliver updates faster