Support teams use Azure DevOps to plan work, partner on code development, and build and deploy applications. SNP helps enterprises scale up their ability to build and deliver quality cloud applications using DevOps and continuous delivery models with elastic, on-demand, agile infrastructure and services on Microsoft Azure.
SNP’s 4 Step Engagement Process
SNP brings you the power of automation for your container application build and release process with DevOps on Azure. SNP’s rapid DevOps implementation approach empowers customers to enable CI/CD for customers’ container applications in a quick time span.
1-Designing & Planning
As a part of CI/CD design, SNP will study the current container application images, code repositories, development & release frequencies. SNP will also understand the pre-requisites and approval processes the customer is following during each release between development, QA, and production environments. Based on the observations, SNP will design the Azure DevOps workflow including security for DevOps and prepare a CI/CD implementation plan.
The SNP DevOps team will review the Azure DevOps workflow and implementation plan with the customer along with the toolset like Azure DevOps Pipelines, security tools like Aqua/Twist Lock and other Azure DevOps extensions finalized during planning. This step will finalize the deployment steps that the SNP team will perform in the coming phase.
3-Pilot With Development & QA
The SNP deployment team will move forward and deploy the finalized Azure DevOps workflow using Azure Pipelines and ACR, container images to Dev & QA environments including DevSecOps. The pilot release is crucial to know the success of CI/CD Pipelines and any fixes that might be needed before moving to production.
SNP’s deployment team will implement the CI/CD Pipelines as per the tested workflow during the pilot phase. SNP will document the whole configuration in a standard CI/CD template with the current state of DevOps along with applied security. As a part of the CI/CD solution reliability period, SNP will enable a 5-day support post-deployment process.
Potential Solution Architecture
SNP’s Azure DevOps Services
DevOps Maturity Model
An application lifecycle is influenced by DevOps throughout its plan, develop, deliver and operate phases. Each phase of the application lifecycle is dependent on another without being role-specific. DevOps transformation undergoes various stages of maturity. SNP’s maturity model gives an organization the understanding of their most distinguished elements and helps the organization think tank to formulate language and discussion of what needs to be improved and how that can be achieved.
SNP’s expert architects will lead your organization through the maturity model by following the below-mentioned practices:
- Discovery for DevOps Portfolio – The discovery phase begins with the SNP team sending out the questionnaire to the client team. SNP will join the client team in a detailed discussion about the current processes and conduct whiteboarding sessions.
- DevOps Discovery Data Consolidation – SNP will use the data points gathered during the assessment phase and merge the data points towards the DevOps current state. SNP will assess the various repeatability components in the Dev and Ops areas that will impact in making DevOps efficient in the software development lifecycle.
- Planning for the Future State of DevOps – SNP will prepare the future state of DevOps based on the discovery and assessment performed across key areas of DevOps as represented by the image below:
CI/CD - Source Control Management
From code to cloud, constant integration and constant delivery are how organizations can automate each part of their DevOps process. The source or version control system allows the developers to track changes made to the code and collaborate on code.
SNP Delivers CI/CD – Source Control for Your DevOps in Four Steps:
1-Azure DevOps for Boards:
- Gather the work breakdown for application development and organize it as per Epics, Features, User Stories and tasks.
- Coordinate with development and DevOps team for writing descriptive information about each Epic, Features and subsequent tasks in the project.
- Load all the items to the Azure DevOps Boards and assign the users.
2-Azure Repos for Source Control:
- • SNP would structure the Azure Repo, Branches, Policies and Permissions as per the development strategy.
- Our team would give the client a walkthrough about the branching flow that SNP uses for code commits, mergers, build and release.
3-Azure Pipelines for Build & Release Management:BUILD
- Create build pipeline from the release branch
- Fetch dependencies for application code to perform the build.
- MSBuild to be used for code control.
- Integrate Visual Studio.
- Configure to publish.
- Configure build policies from the email notification, build retention and bug on failure.
- The release pipeline is created and integrated with the build pipeline.
- Release environments are created as “Dev Stage Production” with the appropriate release criteria
4-Azure DevOps Support for Repos & Pipelines on Current Project:
- SNP team will provide continuous support for the Azure DevOps end to end pipeline implementation on an on-going basis for the current project.
Infrastructure as Code
Infrastructure is the backbone of the system and an integral part of software development. Leveraging Infrastructure as Code, SNP helps customers automate repeatable tasks like provisioning, configuration, and deployments for one or more machines.
Why SNP for IaC?
- Easily provision and configure environments: Build repeatable environments complete with infrastructure, networking, and load balancing with simple configuration files and commands. Reduce costs by building environments for staging, tests, or QA while ensuring parity with production.
- Leverage third-party tools with ease: SNP’s team of engineers provides dedicated support for third-party, open-source tools like Terraform, Chef, Ansible, etc.
- Maintain consistency across your environment: Whether it’s on-premise or in Cloud, SNP helps customers maintain consistency across their environments by enabling rapid adoption of cloud technologies for lift-and-shift, hybrid cloud, and multi-cloud deployments.
- Scale on demand: Easily manage networks, storage, databases, users, and permissions with the flexibility to scale to any size organization and any number of infrastructure resources.
- Team Collaboration: Capture infrastructure and configuration as code to encourage collaboration between developers and operators. Easily participate in team code reviews, build CI/CD pipelines, and have a complete history of changes by capturing your infrastructure as code. Quickly rollback infrastructure changes or build new environments for disaster recovery.
- Workflow Management: IaC allows you to easily create, update, or delete resources across Azure without drastic changes to existing workflows enhancing productivity.
Development, Security & Operations is a transformational shift in the digitally evolving IT world which incorporates secure culture, practices, and tools to drive visibility, collaboration, and agility of security into each phase of the DevOps pipeline.
SNP’s DevSecOps practice focuses on three critical areas:
- Infrastructure Security – This is an access control and centralized authentication mechanism. Implement Resource-based Access Control for secure access to clusters and namespaces while identity is managed at an individual container level, allowing secure access to specific Azure resources. Network policies are implemented to manage pod-to-pod communications or from an IP outside the cluster. Data is encrypted between applications and services, including data in transit and data at rest.
- Container/Pod Security – Images are secured with content trust in a container registry. This is authenticated with other resources using pod managed identities, the credentials for which are requested and retrieved from digital vault/key vault. Pod level security policies are established to have a fine-grained authorization to the pods.
- Security Management – To achieve security management, security scanners are integrated, security static analysis tools are run, and pre-built container images are scanned for a known security threat before being pulled into the build pipeline. This allows for compliance with security policies and the elimination of human errors.