How to Implement CICD using Azure DevOps | CICD process flow diagram using Azure DevOps | How to migrate applications into Azure Cloud using Azure DevOps Pipelines

 

Azure DevOps is a set of development tools and services offered by Microsoft to facilitate the entire software development lifecycle (SDLC). Azure DevOps is designed to support collaboration among development and operations teams, automate various aspects of the software development process, and enable continuous integration and continuous delivery (CI/CD) pipelines.

What is Continuous Integration?

Continuous integration is a DevOps software development practice where developers regularly merge their code changes into a central repository, after which automated builds and tests are run.

The key goals of continuous integration are to find and address bugs quicker, improve software quality, and reduce the time it takes to validate and release new software updates.

Azure DevOps is widely used for implementing CICD. Azure DevOps can integrate with other tools using Add-ons.

How does Continuous Integration Work?

Developers frequently commit to a shared repository using a version control system such as Git. Prior to each commit, developers may choose to run local unit tests on their code as an extra verification layer before integrating. A continuous integration service automatically builds and runs unit tests on the new code changes to immediately surface any errors.

Benefits of Continuous Integration

• Improve Developers productivity 
• Find bugs early in the software development stage
• Deliver products into market place sooner
• Improve the feedback loop

What is Continuous Delivery?

Continuous delivery is a software development practice where code changes are automatically prepared for a release to production. Continuous delivery is the next extension of continuous integration. The delivery phase is responsible for packaging an artifact together to be delivered to end-users. This phase runs automated building tools to generate this artifact.

Benefits of Continuous Delivery

• Automate the Software Release Process
• Improve Developer Productivity
• Find bugs early in the software development stage
• Deliver updates faster

How to Set Up AquaSec Trivy Scanner | How to install AquaSec Trivy Scanner on Linux OS

What is Trivy?

• open-source security scanner tool developed by Aqua Security. 
• Used for vulnerability scanning in such as 
• container images 
• file systems/folders 
• Git repositories
• Kubernetes clusters
• misconfiguration in files such as Terraform, K8S manifest files
• Trivy helps identify security issues and misconfigurations early in the software development lifecycle.

How to Install Trivy scanner?

Trivy scanner can be installed so many ways. Check here for more information. But we will using APT package manager to install on Ubuntu.

sudo apt-get install wget gnupg -y

wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null 

echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list 

sudo apt-get update 

sudo apt-get install trivy -y

Check Trivy got installed

trivy --version

This confirm that Trivy got installed successfully.

Perform some scan locally

trivy image nginx

Setup AquaSec Trivy for Vulnerability scanning | How to Set Up Trivy Scanner in Jenkins | How to scan Docker image using Trivy Scanner | Create Jenkins Pipeline for scanning Docker image

How to scan a docker image using Trivy by integrating in Jenkins CICD pipeline

Pre-requisites:

• Install Trivy scanner
• Jenkins up and running
• Docker installed in Jenkins instance
• Click here to for integrating Docker and Jenkins
• Docker and Docker pipelines plug-in are installed
• Install AWS CLI
• Repo created in ECR, Click here to know how to do that.
• Create an IAM role with AmazonEC2ContainerRegistryFullAccess policy, attach role to Jenkins EC2 instance.

Jenkins Pipeline for scanning docker image using Trivy scanner:

pipeline {

    agent any

    environment {

        registry = "acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/my-docker-repo"

    }

   

    stages {

        stage('Cloning Git') {

            steps {

                checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: '', url: 'https://github.com/akannan1087/myPythonDockerRepo']]])     

            }

        }

  

    // Building Docker images

    stage('Building image') {

      steps{

        script {

          dockerImage = docker.build registry

          dockerImage.tag("$BUILD_NUMBER")

        }

      }

    }

    // Scanning Docker images using Trivy scanner

     stage('Trivy Security scan') {

     steps{

         script {

            sh "trivy image acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/my-docker-repo:$BUILD_NUMBER"

         }

      }

     }

    // Uploading Docker images into AWS ECR

    stage('Pushing to ECR') {

     steps{  

         script {

                sh 'aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin acct_id.dkr.ecr.us-east-1.amazonaws.com'

                sh 'docker push acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/my-docker-repo:$BUILD_NUMBER'

         }

        }

     }

    }

}

Scan report can be viewed in Jenkins

Complete Roadmap for 2025 to become a DevSecOps Engineer | Top DevSecOps Skills for 2025 | Skills required to become a DevSecOps engineer |

 Complete Roadmap to become a successful DevOps Engineer

We all know how DevOps is trending right now. And we know where it is going. Let's get to know what skills will make you a successful a DevOps engineer.

Top DevOps skills

1. Linux knowledge and scripting - basic troubleshooting, intermediate scripting, looking at the logs

2. Experience in Git, GitHub, Bitbucket or any version control systems such as SVN, TFVC

3. Experience in Continuous Integrations tools such as Jenkins, TeamCity, Circle CI 

4. Experience in Code quality tool/security scanning tools - Sonarqube, Aquasec Trivy

5. Experience in Infrastructure automation tools such as Terraform, AWS cloud formation

6. Experience in Configuration Management tools such as Ansible, Puppet or Chef

7. Experience in scripting languages such as YAML, groovy, Ruby, Python and Shell

8. Experience in containers such as Docker, Kubernetes and Helm

9. Experience in Monitoring tools such as Prometheus, Grafana

10. Ability to troubleshoot in case builds, deployments failure.

11. Any cloud knowledge and experience - AWS, Azure and Google cloud

Soft skills employers are looking:

These days employers are not only looking for strong technical skills but also looking "soft skills" which are essentials to become successful in IT. If you think if you are lagging on any of these skills, no worries. All these skills can be developed and improved over period of time by practicing.

1. Open minded

2. Willingness to learn new skills

3. Communication

4. Approachable

5. "Get it done" attitude

6. Being adaptable. 

DevSecOps Bootcamp Jan 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

  (Lot of new topics covered like GitHub Actions, Helm and Monitoring..)

The DevOps requirements in the IT market space is expected to grow by 35% by 2024. Getting a DevOps education now is a great investment into your future, which will pay off very fast!

You are in the right place to kick start your career in DevOps. DevOps is one of the top and hot IT skills right now. Currently almost all the employers are struggling to get right resources in their teams who can do the DevOps and automation work..You could be that person by attending this coaching program.

DevSecOps Coaching schedule - Jan 2025 (promotions are on, please contact Coach AK)

Date	Time	Type	When?
Jan 7th	6:00 to 8:00 PM CST	Weekdays	Tuesdays/Thursdays
Jan 19th	09:45 AM CST - 11:30 AM CST on Saturdays 10:30 AM CST - 12:30 PM CST on Sundays	Weekends	Sat/Sundays

DevOps Coaching Highlights:

Comprehensive hands on knowledge on Git, GitHub, Jenkins, Maven, SonarQube, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus, Docker registry, AWS and Azure cloud platform.

To join DevOps Coaching classes, please contact Coach AK below:

Contact no# : +1 (469)733-5248, +1 (561) 993-0420

WhatsApp #: +1 (469)733-5248, +1 (561) 993-0420

Email id: contact.devopscoaching@gmail.com
Contact Name: Coach AK