Azure DevOps & Automation Services

DevOps Maturity Model

An application lifecycle is influenced by DevOps throughout its plan, develop, deliver and operate phases. Each phase of the application lifecycle is dependent on another without being role-specific. DevOps transformation undergoes various stages of maturity. SNP’s maturity model gives an organization the understanding of their most distinguished elements and helps the organization think tank to formulate language and discussion of what needs to be improved and how that can be achieved.

SNP’s expert architects will lead your organization through the maturity model by following the below-mentioned practices:

• Discovery for DevOps Portfolio – The discovery phase begins with the SNP team sending out the questionnaire to the client team. SNP will join the client team in a detailed discussion about the current processes and conduct whiteboarding sessions.

DevOps Roadmap:

• DevOps Discovery Data Consolidation – SNP will use the data points gathered during the assessment phase and merge the data points towards the DevOps current state. SNP will assess the various repeatability components in the Dev and Ops areas that will impact in making DevOps efficient in the software development lifecycle.
• Planning for the Future State of DevOps – SNP will prepare the future state of DevOps based on the discovery and assessment performed across key areas of DevOps as represented by the image below:

CI/CD - Source Control Management

From code to cloud, constant integration and constant delivery are how organizations can automate each part of their DevOps process. The source or version control system allows the developers to track changes made to the code and collaborate on code.

SNP Delivers CI/CD – Source Control for Your DevOps in Four Steps:

1-Azure DevOps for Boards:

• Gather the work breakdown for application development and organize it as per Epics, Features, User Stories and tasks.
• Coordinate with development and DevOps team for writing descriptive information about each Epic, Features and subsequent tasks in the project.
• Load all the items to the Azure DevOps Boards and assign the users.

2-Azure Repos for Source Control:

• • SNP would structure the Azure Repo, Branches, Policies and Permissions as per the development strategy.
• Our team would give the client a walkthrough about the branching flow that SNP uses for code commits, mergers, build and release.

3-Azure Pipelines for Build & Release Management:

• Create build pipeline from the release branch
• Fetch dependencies for application code to perform the build.
• MSBuild to be used for code control.
• Integrate Visual Studio.
• Configure to publish.
• Configure build policies from the email notification, build retention and bug on failure.

• The release pipeline is created and integrated with the build pipeline.
• Release environments are created as “Dev Stage Production” with the appropriate release criteria

4-Azure DevOps Support for Repos & Pipelines on Current Project:

• SNP team will provide continuous support for the Azure DevOps end to end pipeline implementation on an on-going basis for the current project.

Infrastructure as Code

Infrastructure is the backbone of the system and an integral part of software development. Leveraging Infrastructure as Code, SNP helps customers automate repeatable tasks like provisioning, configuration, and deployments for one or more machines.

Why SNP for IaC?

• Easily provision and configure environments: Build repeatable environments complete with infrastructure, networking, and load balancing with simple configuration files and commands. Reduce costs by building environments for staging, tests, or QA while ensuring parity with production.
• Leverage third-party tools with ease: SNP’s team of engineers provides dedicated support for third-party, open-source tools like Terraform, Chef, Ansible, etc.
• Maintain consistency across your environment: Whether it’s on-premise or in Cloud, SNP helps customers maintain consistency across their environments by enabling rapid adoption of cloud technologies for lift-and-shift, hybrid cloud, and multi-cloud deployments.
• Scale on demand: Easily manage networks, storage, databases, users, and permissions with the flexibility to scale to any size organization and any number of infrastructure resources.
• Team Collaboration: Capture infrastructure and configuration as code to encourage collaboration between developers and operators. Easily participate in team code reviews, build CI/CD pipelines, and have a complete history of changes by capturing your infrastructure as code. Quickly rollback infrastructure changes or build new environments for disaster recovery.
• Workflow Management: IaC allows you to easily create, update, or delete resources across Azure without drastic changes to existing workflows enhancing productivity.

DevSecOps

Development, Security & Operations is a transformational shift in the digitally evolving IT world which incorporates secure culture, practices, and tools to drive visibility, collaboration, and agility of security into each phase of the DevOps pipeline.

SNP’s DevSecOps practice focuses on three critical areas:

• Infrastructure Security – This is an access control and centralized authentication mechanism. Implement Resource-based Access Control for secure access to clusters and namespaces while identity is managed at an individual container level, allowing secure access to specific Azure resources. Network policies are implemented to manage pod-to-pod communications or from an IP outside the cluster. Data is encrypted between applications and services, including data in transit and data at rest.
• Container/Pod Security – Images are secured with content trust in a container registry. This is authenticated with other resources using pod managed identities, the credentials for which are requested and retrieved from digital vault/key vault. Pod level security policies are established to have a fine-grained authorization to the pods.
• Security Management – To achieve security management, security scanners are integrated, security static analysis tools are run, and pre-built container images are scanned for a known security threat before being pulled into the build pipeline. This allows for compliance with security policies and the elimination of human errors.