Writing in YAML can be intimidating and tricky at first, and it can make your DevOps go DevOoops.
Instead of trying to teach someone YAML structure, here is 5 useful YAML pipeline examples for Azure Infrastructure deployments, to help you kickstart your Azure DevOps journey:
1. Here’s an example YAML template for Azure DevOps that will run on a Windows agent, install PowerShell, and run a script:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
trigger:
- main
pool:
vmImage: 'windows-latest'
steps:
- task: UseDotNet@2
displayName: 'Use .NET Core sdk 3.1'
inputs:
packageType: 'sdk'
version: '3.1.x'
includePreviewVersions: true
- task: PowerShellInstaller@1
displayName: 'Install PowerShell Core'
inputs:
version: '7.1.3'
- task: PowerShell@2
displayName: 'Run PowerShell script'
inputs:
targetType: 'filePath'
filePath: 'path/to/script.ps1'
errorActionPreference: 'stop'
This template:
- Triggers the pipeline when changes are made to the main branch.
- Specifies a Windows agent to run the pipeline.
- Uses the .NET Core SDK 3.1.
- Installs PowerShell Core version 7.1.3.
- Runs a PowerShell script located at path/to/script.ps1.
- You can customize the version of .NET Core SDK and PowerShell Core to use based on your requirements. Additionally, you may need to modify the path to the PowerShell script you want to run.
2. Here’s an example YAML template for building a PowerShell Function App and deploying it to Azure as a Windows function app:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Set the trigger to run the pipeline when changes are made to the main branch
trigger:
- main
# Set the pool to use a Windows agent
pool:
vmImage: 'windows-latest'
# Define the steps to build and deploy the function app
steps:
- task: PowerShell@2
displayName: 'Install Azure PowerShell module'
inputs:
targetType: 'inline'
script: |
Install-Module -Name Az -AllowClobber -Force
- task: PowerShell@2
displayName: 'Publish the PowerShell Function App'
inputs:
targetType: 'inline'
script: |
$functionAppName = '<your-function-app-name>'
$resourceGroupName = '<your-resource-group-name>'
$location = '<your-location>'
$storageAccountName = '<your-storage-account-name>'
# Create a new resource group
New-AzResourceGroup -Name $resourceGroupName -Location $location
# Create a new storage account
New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -SkuName Standard_LRS -Location $location
# Create a new function app
New-AzFunctionApp -Name $functionAppName -StorageAccountName $storageAccountName -ResourceGroupName $resourceGroupName -Location $location -AppServicePlanName $functionAppName -OsType Windows -Runtime 'PowerShell'
# Publish the function app
Publish-AzWebapp -ResourceGroupName $resourceGroupName -Name $functionAppName -ArchivePath $(Build.ArtifactStagingDirectory)\* -Type zip
This YAML template uses two PowerShell tasks to install the Azure PowerShell module and publish the PowerShell Function App to Azure:
- The first PowerShell task installs the Azure PowerShell module using the Install-Module cmdlet.
- The second PowerShell task creates a new resource group, storage account, and function app in Azure using the New-AzResourceGroup, New-AzStorageAccount, and New-AzFunctionApp cmdlets. It then publishes the function app using the Publish-AzWebapp cmdlet.
3. YAML template for deploying ARM templates using an Azure DevOps pipeline:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# Set the trigger to run the pipeline when changes are made to the main branch
trigger:
- main
# Set the pool to use a Windows agent
pool:
vmImage: 'windows-latest'
# Define the variables
variables:
keyVaultName: '<your-key-vault-name>'
servicePrincipalIdSecretName: '<your-service-principal-id-secret-name>'
servicePrincipalSecretSecretName: '<your-service-principal-secret-secret-name>'
# Define the steps to get the credentials from Key Vault and deploy the ARM templates
steps:
- task: AzureKeyVault@2
displayName: 'Get service principal ID from Key Vault'
inputs:
azureSubscription: '<your-azure-subscription>'
keyVaultName: '$(keyVaultName)'
secretsFilter: '$(servicePrincipalIdSecretName)'
name: getSpnId
- task: AzureKeyVault@2
displayName: 'Get service principal secret from Key Vault'
inputs:
azureSubscription: '<your-azure-subscription>'
keyVaultName: '$(keyVaultName)'
secretsFilter: '$(servicePrincipalSecretSecretName)'
name: getSpnSecret
- task: AzureCLI@2
displayName: 'Login to Azure'
inputs:
azureSubscription: '<your-azure-subscription>'
scriptLocation: 'inlineScript'
inlineScript: |
az login --service-principal -u $(getSpnId.SecretUrl) -p $(getSpnSecret.SecretUrl) --tenant $(getSpnId.SecretUrl | Split-Path -Parent | Split-Path -Leaf)
- task: AzureResourceGroupDeployment@2
displayName: 'Deploy ARM templates'
inputs:
azureSubscription: '<your-azure-subscription>'
resourceGroupName: '<your-resource-group-name>'
location: '<your-location>'
templateLocation: 'linkedArtifact'
csmFile: '<your-arm-template-file-path>'
csmParametersFile: '<your-arm-template-parameters-file-path>'
This YAML template uses two tasks to deploy an ARM template to Azure:
- The variables section defines variables for the Key Vault name, service principal ID secret name, and service principal secret secret name.
- The steps section includes two new AzureKeyVault tasks to retrieve the service principal ID and secret from Key Vault using the AzureKeyVault@2 task. The name property is set for each task so that the output can be referenced later in the pipeline.
- The AzureCLI@2 task logs in to Azure using the Azure CLI and the az login command.
- The second task deploys the ARM template using the AzureResourceGroupDeployment task. It specifies the Azure subscription, resource group, location, ARM template file, and ARM template parameters file.
4. An example YAML template for deploying an Azure landing zone from templates:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# YAML template for deploying an Azure landing zone from templates
# Set the trigger to run the pipeline when changes are made to the main branch
trigger:
- main
# Set the pool to use a Windows agent
pool:
vmImage: 'windows-latest'
# Define the variables
variables:
azureSubscription: '<your-azure-subscription>'
resourceGroupName: '<your-resource-group-name>'
location: '<your-location>'
templateBaseUrl: '<your-template-base-url>'
templateParametersUrl: '<your-template-parameters-url>'
mgmtVnetName: '<your-management-vnet-name>'
mgmtVnetAddressSpace: '<your-management-vnet-address-space>'
mgmtSubnetName: '<your-management-subnet-name>'
mgmtSubnetAddressPrefix: '<your-management-subnet-address-prefix>'
mgmtSubnetNsgId: '<your-management-subnet-nsg-id>'
dataVnetName: '<your-data-vnet-name>'
dataVnetAddressSpace: '<your-data-vnet-address-space>'
dataSubnetName: '<your-data-subnet-name>'
dataSubnetAddressPrefix: '<your-data-subnet-address-prefix>'
dataSubnetNsgId: '<your-data-subnet-nsg-id>'
# Define the stages
stages:
- stage: Deploy
displayName: 'Deploy stage'
jobs:
- job: Deploy
displayName: 'Deploy job'
steps:
- task: AzureCLI@2
displayName: 'Create resource group'
inputs:
azureSubscription: $(azureSubscription)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az group create --name $(resourceGroupName) --location $(location)
- task: AzureCLI@2
displayName: 'Deploy landing zone templates'
inputs:
azureSubscription: $(azureSubscription)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az deployment sub create --name '<your-deployment-name>' --location $(location) --template-uri $(templateBaseUrl) --parameters-uri $(templateParametersUrl) --parameters mgmtVnetName=$(mgmtVnetName) mgmtVnetAddressSpace=$(mgmtVnetAddressSpace) mgmtSubnetName=$(mgmtSubnetName) mgmtSubnetAddressPrefix=$(mgmtSubnetAddressPrefix) mgmtSubnetNsgId=$(mgmtSubnetNsgId) dataVnetName=$(dataVnetName) dataVnetAddressSpace=$(dataVnetAddressSpace) dataSubnetName=$(dataSubnetName) dataSubnetAddressPrefix=$(dataSubnetAddressPrefix) dataSubnetNsgId=$(dataSubnetNsgId)
This YAML template includes the following stages:
- The Deploy stage creates a new resource group in Azure.
- The Deploy stage deploys the landing zone templates to Azure using the Azure CLI task. The az deployment sub create command is used to deploy the templates. The command takes a number of parameters that define the resources to be created, such as virtual networks and subnets. These parameters are passed in as arguments to the command, using the variables defined in the YAML template.
5. YAML template that includes all the stages commonly used in an Azure DevOps pipeline:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# YAML template for an Azure DevOps pipeline with all stages
# Set the trigger to run the pipeline when changes are made to the main branch
trigger:
- main
# Set the pool to use a Windows agent
pool:
vmImage: 'windows-latest'
# Define the variables
variables:
buildConfiguration: 'Release'
azureSubscription: '<your-azure-subscription>'
resourceGroupName: '<your-resource-group-name>'
location: '<your-location>'
appServiceName: '<your-app-service-name>'
servicePrincipalId: '<your-service-principal-id>'
servicePrincipalKey: '<your-service-principal-key>'
# Define the stages
stages:
- stage: Build
displayName: 'Build stage'
jobs:
- job: Build
displayName: 'Build job'
steps:
- task: PowerShell@2
displayName: 'Build solution'
inputs:
targetType: 'inline'
script: |
cd '<your-solution-directory>'
dotnet build --configuration $(buildConfiguration)
- stage: Test
displayName: 'Test stage'
dependsOn: Build
jobs:
- job: Test
displayName: 'Test job'
steps:
- task: PowerShell@2
displayName: 'Run tests'
inputs:
targetType: 'inline'
script: |
cd '<your-test-directory>'
dotnet test --configuration $(buildConfiguration)
- stage: Publish
displayName: 'Publish stage'
dependsOn: Test
jobs:
- job: Publish
displayName: 'Publish job'
steps:
- task: DotNetCoreCLI@2
displayName: 'Publish application'
inputs:
command: 'publish'
publishWebProjects: true
arguments: '--configuration $(buildConfiguration) --output $(Build.ArtifactStagingDirectory)'
zipAfterPublish: true
- task: PublishBuildArtifacts@1
displayName: 'Publish artifacts'
inputs:
pathtoPublish: '$(Build.ArtifactStagingDirectory)'
artifactName: 'drop'
- stage: Deploy
displayName: 'Deploy stage'
dependsOn: Publish
jobs:
- job: Deploy
displayName: 'Deploy job'
environment: 'dev'
steps:
- task: AzureWebApp@1
displayName: 'Deploy to Azure App Service'
inputs:
azureSubscription: $(azureSubscription)
appType: 'webAppWindows'
appName: $(appServiceName)
package: '$(System.DefaultWorkingDirectory)/**/*.zip'
deployToSlotOrASE: true
slotName: 'staging'
resourceGroupName: $(resourceGroupName)
location: $(location)
- task: AzureCLI@2
displayName: 'Swap slots'
inputs:
azureSubscription: $(azureSubscription)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az login --service-principal -u $(servicePrincipalId) -p $(servicePrincipalKey) --tenant $(azureSubscription)
az webapp deployment slot swap --resource-group $(resourceGroupName) --name $(appServiceName) --slot staging --target-slot production
This YAML template includes the following stages:
- The Build stage compiles the code and builds the solution.
- The Test stage runs the automated tests.
- The Publish stage publishes the application and creates a build artifact.
- The Deploy stage deploys
I hope this was helpful. Keep clouding around.
Vukasin Terzic