Merge pull request #6 from philspokas/session6updates

Session 6 updates

exercises/deploy.md

@@ -0,0 +1,15 @@
+# Pipeline Deployment Exercises
+
+<tbd>
+
+Continous Deployment related exercises
+
+## App deploy
+- publish to app service
+
+## Container Deployment
+- build container
+- upload to registry
+- deploy
+- options for deployment
+

exercises/jobs.md

@@ -0,0 +1,18 @@
+# Pipeline Jobs Exercises
+
+Job related exercises
+
+## Dependent Jobs
+- Create a pipeline with 4 jobs
+- Jobs 2 and 3 depend on job 1 and can run in parallel
+- Job 4 is a deployment job that depends on Jobs 2 and 3 and always runs regardless of Job 2 and Job 3 outcome
+- Reference https://learn.microsoft.com/en-us/azure/devops/pipelines/process/phases?view=azure-devops
+- Use expressions to verify status https://learn.microsoft.com/en-us/azure/devops/pipelines/process/expressions?view=azure-devops
+
+## Matrix jobs
+- Use matrix to run a job on multiple platforms
+
+## Container Jobs
+- Create an Azure Pipelines pipline that uses a container job
+https://learn.microsoft.com/en-us/azure/devops/pipelines/process/container-phases?view=azure-devops&tabs=linux
+- Service containers provide supporting services to running jobs. An example is a database to execute integration tests. Use with container or other job type

exercises/pipelines.md

@@ -1,3 +1,5 @@
+# Pipeline Exercises
+Designed to introduce some of the not so obvious scenarios.
 
 ## Exercise: Install Azure DevOps Agent
 1. install a custom agent

notes.md

@@ -297,108 +297,21 @@ https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azur
 
 * gh release notes and release.yml
 
-
-## MeasureUp Exam
-* Lock a branch and required reviewers
-* OWASP Dependency-Check and OWASP ZAP
-* log analytics workspace architecture 
-* app insight sampling
-* GitHub access token and system keychain
-* No more than 2 WIP (sure, but do one thing at a time whenever possible)
-* Team Retrospectives extension
-* multiple repos checked out into
-* crash dump settings and DataCollectors
-* Azure Data Explorer and Pipeline integration
-* Using Azure App Configuration Feature Flags
-* Requirements Traceability Matrix
-* use KeyVault during deployment
-* test executiong tren
-* SAFe and boards
-* Remove large binary with git rebase and git push --force
-* JMeter
-* GitHub Package feed configuration
-* Azure Automanage Machine Configuration
-* PowerShell DSC sample configuration
-* Pipeline retention policies and leases
-* Deployment groups
-* DevOps Service Hooks and notifications
-* Bicep
+## Pipelines
 * Azure Deployment Environments
 * Azure DevOps extensions and pipeline decorator
-* Azure Automation State Configuration
-* Packer
-* Github vs. GHE connecting to boards: PAT/uname and pw vs. OAuth
-* Azure DevOps Throughput Units
-* Ansible, Chef Infra, DSC
-* Pipeline pass rate report
-* auto vs. manual service connection. Manual to set connection details, auto to use your own
-* NUnit tests
-* Integrate Synk with webhooks and apis
-* Ansible is agentless but does require Python and SSH
-* DevOps Security: Project Admin can edit Project Page
-* PAT notifications
-* az commands are idempotent
-* GitVersion and GitTools
-* git and Scalar
-* git repack and git gc
-
-### references
-- docker agent
-https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops
-- permisions: https://learn.microsoft.com/en-us/azure/devops/pipelines/policies/permissions?view=azure-devops
-- change analysis: https://learn.microsoft.com/en-us/azure/azure-monitor/change/change-analysis
-- pipeline decorator: https://learn.microsoft.com/en-us/azure/devops/extend/develop/add-pipeline-decorator?view=azure-devops
 - pipeline expressions: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/expressions?view=azure-devops
-- Auzre Automation State Configuration: https://learn.microsoft.com/en-us/azure/automation/automation-dsc-overview
-- Connect Boards to GH https://learn.microsoft.com/en-us/azure/devops/boards/github/connect-to-github?view=azure-devops
-- connect ADO to Defender: https://learn.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-devops
-- ADO rate and usage limits:https://learn.microsoft.com/en-us/azure/devops/integrate/concepts/rate-limits?view=azure-devops
-- chef architecture: ![alt text](image.png)
-- Anzible: https://www.ansible.com/how-ansible-works/
-- az repos: https://learn.microsoft.com/en-us/cli/azure/repos/policy/approver-count?view=azure-cli-latest
 - pipeline reports: https://learn.microsoft.com/en-us/azure/devops/pipelines/reports/pipelinereport?view=azure-devops
-- test analytics: https://learn.microsoft.com/en-us/azure/devops/pipelines/test/test-analytics?view=azure-devops
 - status checks: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks
-- env locks in pipelines: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass#exclusive-lock
-- synk and dbot:  https://janaka.dev/devsecops-aking-snyk-github-dependabot-test-drive/
-- code scan: https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql
-- static analyzers: https://dev.to/dbalikhin/a-quick-comparison-of-security-static-code-analyzers-for-c-2l5h
-- How MS: https://learn.microsoft.com/en-us/devops/plan/how-microsoft-plans-devops
+* Pipeline retention policies and leases
+* Deployment groups
 
-- permission sets: https://learn.microsoft.com/en-us/azure/devops/project/wiki/wiki-readme-permissions?view=azure-devops
+## tests
+https://microsoftlearning.github.io/AZ400-DesigningandImplementingMicrosoftDevOpsSolutions/Instructions/Labs/AZ400_M03_L09_Set_Up_and_Run_Functional_Tests.html
+
+## Security
+https://learn.microsoft.com/en-us/training/paths/implement-security-through-pipeline-using-devops/
+
+## Monitoring and Metrics
+https://learn.microsoft.com/en-us/training/modules/automate-inspection-health/
 
-- Storage Insights: https://learn.microsoft.com/en-us/azure/storage/common/storage-insights-overview
-- Container Insights: https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-analyze
-- Semantic release: https://github.com/lluchmk/semantic-release-ado
-- gitversion: https://gitversion.net/docs/
-- multi repos: https://learn.microsoft.com/en-us/azure/devops/pipelines/repos/multi-repo-checkout?view=azure-devops
-- retros: https://marketplace.visualstudio.com/items?itemName=ms-devlabs.team-retrospectives
-- https://learn.microsoft.com/en-us/azure/devops/boards/sprints/scrum-key-concepts?view=azure-devops
-- key vault and secret rotation: https://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation
-- cumulative flow: https://learn.microsoft.com/en-us/azure/devops/report/dashboards/cumulative-flow-cycle-lead-time-guidance?view=azure-devops
-- kv in pipelines: https://learn.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault?view=azure-devops&tabs=classic
-- ghd auth: https://docs.github.com/en/desktop/installing-and-authenticating-to-github-desktop/authenticating-to-github-in-github-desktop
-- log analytics workspace arch: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/workspace-design
-- otel sampling: https://learn.microsoft.com/en-us/previous-versions/azure/azure-monitor/app/sampling
-- owasp dependency chec: https://owasp.org/www-project-dependency-check/
-- devops security: https://learn.microsoft.com/en-us/azure/defender-for-cloud/devops-support
-- Microsoft Security DevOps Azure DevOps https://learn.microsoft.com/en-us/azure/defender-for-cloud/azure-devops-extension
-- Cloud devosp security https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
-- release notes generator https://github.com/azure-samples/azure-devops-release-notes/tree/main
-- remove a large binary: https://learn.microsoft.com/en-us/azure/devops/repos/git/remove-binaries?view=azure-devops
-- SAFe and Boards: https://learn.microsoft.com/en-us/azure/devops/boards/plans/safe-concepts?view=azure-devops&tabs=agile-process
-- test execution trend: https://learn.microsoft.com/en-us/azure/devops/report/powerbi/sample-test-plans-execution-trend?view=azure-devops&tabs=powerbi
-- test execution trend report: https://learn.microsoft.com/en-us/azure/devops/report/powerbi/sample-test-plans-execution-trend?view=azure-devops&tabs=powerbi
-- metric widgets: https://marketplace.visualstudio.com/items?itemName=solidify.devops-metrics
-- keyvault secure deployment: https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter?tabs=azure-cli
-- Requirements Traceability Matrix: https://www.wrike.com/blog/what-is-requirements-traceability-matrix/
-- ADO Requirements Traceability: https://learn.microsoft.com/en-us/azure/devops/pipelines/test/requirements-traceability?view=azure-devops
-- feature flags: https://learn.microsoft.com/en-us/azure/azure-app-configuration/quickstart-feature-flag-dotnet-background-service
-- app config feature flags: https://learn.microsoft.com/en-us/azure/azure-app-configuration/manage-feature-flags?tabs=azure-portal
-- DevOps Task for Azure Data Explorer: https://learn.microsoft.com/en-us/azure/data-explorer/devops
-- Rate and usage limits: https://learn.microsoft.com/en-us/azure/devops/integrate/concepts/rate-limits?view=azure-devops&source=docs
-- Azure DevOps Task for Azure Data Explorer: https://learn.microsoft.com/en-us/azure/data-explorer/devops
-- Locking and git-lfs: https://github.com/git-lfs/git-lfs/wiki/File-Locking
-- runsettings for unit tests: https://learn.microsoft.com/en-us/visualstudio/test/configure-unit-tests-by-using-a-dot-runsettings-file?view=vs-2022
-- flaky tests: https://learn.microsoft.com/en-us/azure/devops/pipelines/test/flaky-test-management?view=azure-devops
-- mermaid

schedule.md

@@ -155,8 +155,9 @@ You can take as many assessments as you'd like.
 </details>
 
 ## Session 5, Build and release pipelines<p/>Oct 15, 2024
+
 <details>
-<b><i>draft</i></b>
+
 1. Azure DevOps Pipelines
     1. Pipeline basics
     1. Agents
@@ -166,27 +167,30 @@ You can take as many assessments as you'd like.
 1. Additional pipeline topics
     1. Deployment groups
         - Classic Release deploy an artifact to multiple systems/environments
-    1. Parallel jobs
-    1. Retention policies
-    1. Advanced triggering scenarios
-    1. Reporting
-1. GitHub Action Workflows
-    1. Status checks
+
 </details>
 
-## Session 6, Package management<p/>Oct 22, 2024
+## Session 6, Deployment scenarios<p/>Nov 05, 2024
 
+1. Jobs
+1. Dependencies and expressions
+1. Parallel jobs
+1. Container obs
 
 ## Session 7, Testing in pipelines<p/>Oct 29, 2024
 
+<b><i>draft</i></b>
 
-## Session 8, Deployment scenarios<p/>Nov 05, 2024
-    1. dependency patterns
+1. test pyramid
+1. running unit tests
+1. integration tests
+1. end to end tests
+1. Zaproxy
 
+## Session 8, Package management<p/>Oct 22, 2024
 
 ## Session 9, Infrastructure as Code<p/>Nov 12, 2024
 
-
 ## Session 10, Security and compliance<p/>Nov 19, 2024
 
 <details>