Azure Subscription and Account (Can use Free Trial as well - I have used the same)

Azure Service Principal created

Azure storage account and container - for terraform backend

A linux machine (VM/Physical) hosted on any cloud/virtualization solution/on-prem - as build agent (I have used Azure VM as Self Hosted Build Agent - Can use one on Azure DevOps but currently it does not work with Free Tier accounts)

• Log in to Azure Portal
• Open Microsoft Entra ID (the new Azure Active Directory)
• Go to "App Registration" on left blade and open
• Hit "New Registration" and fill in details -> "Register"
• Note down the "client ID" and "tenant ID" from the Overviews page of this newly registered app
• Click on "Add a certificate or secret" from "Client Credentials" field -> Create a new secret and node the Client Secret from the value field somewhere
• Go to "Subscription" -> Choose your subscipiton -> Note down the subsciption ID
• Under "Access Control (IAM)" on the left blade -> "Add" -> "Add Role Assignment"
• Under "Role" -> "Privileges Administrator Role" tab -> Choose "Contributor"
• Under "Members" -> "Assign Access to" -> "User, group or service principal" -> Select the Registered app -> Hit "Ok"

• Search "Storage Account" -> "Create" -> Fill in the details -> "Reveiw and Create" (Enable Blob Versioning under Data Protection tab)
• Go to the newly created Storage Account -> "Containers" under "Data Storage" -> "+ Container" -> Fill in details and "Create"
• Note down the "Resource Group", "Storage Account", and "Container" names which are used in the "backend.tf" file on the Infra Repo

• Search for "Azure Virtual machine" -> "Create New" -> "Fill in details" (Use a linux image) -> Review+Create
• Ensure to enable SSH access

• Go to project settings -> Service Connections -> Create new -> Selecte "Azure Resource Manager"
• Select the details partainting to your account (Client ID, Tenant ID, Client Secret, Subscription ID)
• Create

• Project Settings -> Agents -> Agent Pools -> Create new -> Type "Self Hosted"
• Open the newly created Agent Pool
• Add New Agent
• SSH into your VM and follow the guides given on the Azure DevOps page
• I have named my pool "selfAgents" and added that as "pool" on the pipeline Jobs

• Application Repo:
  • Directory root contains the CI Pipeline YAML which used for the pipeline
  • Directory root contains the manifest for the storage class creation which is common among both deployments
  • ./mwiki-db-chart and ./mwiki-app-chart are the Helm Charts used to deploy the db and the app components/k8s objects
  • In this pipeline I have basically run few validations, tool installations and packaging and publishing

    • Install Helm, Kubectl

    • Create a dry run for the Storage Class Deployment to verify on the console

        kubectl create <manifest.yaml> --dry-run -o yaml

    • Create dry run for both Helm charts

        helm install <release_name> /path/to/chart --dry-run

    • Archive the directory and Publish it on the pipeline

  • Infra Repo - Refer the Infra repo Readme.md

  Release Pipeline

  • Application Repo

    • Create three different stages - Deploy Storage Class (Unpack build archive from CI; Deploy only the Storage Class Manifest using kubectl) - Deploy DB Chart (Unpack build archive from CI; Deploy only the db-chart using Helm) - Deploy App Chart (Unpack build archive from CI; Deploy only the app-chart using Helm)

  • Infra Repo - Refer the Infra repo Readme.md