Merge pull request #47318 from LuizMacedo/add-video-github

Jill Grant · web-flow · commit b506a538d25f · 2024-10-04T14:20:41.000-06:00
Update units with YouTube Videos
diff --git a/learn-pr/wwl-azure/deliver-with-devops/5-explore-continuous-delivery-github-actions.yml b/learn-pr/wwl-azure/deliver-with-devops/5-explore-continuous-delivery-github-actions.yml
@@ -8,6 +8,6 @@ metadata:
   author: LuizMacedo
   ms.author: lumac
   ms.topic: unit
-durationInMinutes: 4
+durationInMinutes: 7
 content: |
   [!include[](includes/5-explore-continuous-delivery-github-actions.md)]
diff --git a/learn-pr/wwl-azure/deliver-with-devops/includes/5-explore-continuous-delivery-github-actions.md b/learn-pr/wwl-azure/deliver-with-devops/includes/5-explore-continuous-delivery-github-actions.md
@@ -2,6 +2,10 @@ GitHub Actions provide the mechanism for implementing software delivery workflow
 
 ## What are GitHub Actions?
 
+---
+> [!VIDEO https://www.youtube.com/embed/cP0I9w2coGU?si=lV3HXOnSDRIio0p1?cc_load_policy=1&cc_lang_pref=auto]
+---
+
 In the context of GitHub, the term *actions* actually have a dual meaning. The first one (capitalized *Actions*) represents the GitHub service, which provided the ability to implement CI/CD workflows. The second one (lower case *actions*) designates reusable units that can be included in workflows to deliver a specific functionality, such as running scripts and executables, building and uploading artifacts, or setting up access to an Azure subscription.
 
 :::image type="content" source="../media/5-continuous-delivery-github.png" alt-text="Diagram of the continuous delivery with GitHub Actions.":::
diff --git a/learn-pr/wwl-azure/develop-with-devops/5-explore-continuous-integration.yml b/learn-pr/wwl-azure/develop-with-devops/5-explore-continuous-integration.yml
@@ -8,6 +8,6 @@ metadata:
   author: LuizMacedo
   ms.author: lumac
   ms.topic: unit
-durationInMinutes: 2
+durationInMinutes: 3
 content: |
   [!include[](includes/5-explore-continuous-integration.md)]
diff --git a/learn-pr/wwl-azure/develop-with-devops/includes/5-explore-continuous-integration.md b/learn-pr/wwl-azure/develop-with-devops/includes/5-explore-continuous-integration.md
@@ -2,11 +2,16 @@ Continuous integration (CI) is one of the most fundamental DevOps elements. It p
 
 ## What is Continuous Integration?
 
-Continuous integration is the process of automatically building and testing updated versions of software following individual updates to the software repository. In general, the integration pattern involves developers submitting their changes in separate branches via pull requests. The changes are subject to a collective review and, assuming its successful outcome, are merged into the main branch. Individual commit or merge events might be used to trigger code build and testing in order to ensure that proposed or resulting changes don't have adverse effects. With continuous integration in place, the build and tests are fully automated.  
-This automation is based on build and test definitions created by developers and implemented in the repository hosting platform. For example, GitHub offers for this purpose GitHub Actions workflow, while Azure DevOps relies on Azure Pipelines.
+Continuous integration is the process of automatically building and testing updated versions of software following individual updates to the software repository. In general, the integration pattern involves developers submitting their changes in separate branches via pull requests. The changes are subject to a collective review and, assuming its successful outcome, are merged into the main branch. Individual commit or merge events might be used to trigger code build and testing in order to ensure that proposed or resulting changes don't have adverse effects. With continuous integration in place, the build and tests are fully automated.
 
 :::image type="content" source="../media/5-continuous-integration.png" alt-text="Diagram of the continuous integration flow.":::
 
+This automation is based on build and test definitions created by developers and implemented in the repository hosting platform. For example, GitHub offers for this purpose GitHub Actions workflow, while Azure DevOps relies on Azure Pipelines.
+
+---
+> [!VIDEO https://www.youtube.com/embed/URmeTqglS58?si=bSYm2OPSdWLEdxXI?cc_load_policy=1&cc_lang_pref=auto]
+---
+
 ## What are the benefits of Continuous Integration?
 
 The primary benefits associated with continuous integration are based on the general shift-left strategy, which (as you'll find out later in this module) also influences many other DevOps practices. The basic premise is that the longer it takes to detect an issue introduced through a code change, the more expensive and effort consuming it's to fix it. With continuous integration, code build and testing take place as soon as possible. They're also implemented in an automated manner, which increases their speed and reliability.
diff --git a/learn-pr/wwl-azure/discover-devops/2-what-is-devops.yml b/learn-pr/wwl-azure/discover-devops/2-what-is-devops.yml
@@ -8,6 +8,6 @@ metadata:
   author: LuizMacedo
   ms.author: lumac
   ms.topic: unit
-durationInMinutes: 2
+durationInMinutes: 7
 content: |
   [!include[](includes/2-what-is-devops.md)]
diff --git a/learn-pr/wwl-azure/discover-devops/includes/1-introduction.md b/learn-pr/wwl-azure/discover-devops/includes/1-introduction.md
@@ -1,5 +1,7 @@
 DevOps is a concept that aims to address the challenges associated with traditional application lifecycle.
 
+> "DevOps is the union of people, process, and products to enable continuous delivery of value to our end users." - Donovan Brown
+
 Imagine that you work for a software development company in the retail industry. Your company is planning to migrate from an old app to a new app. However, the development team and the operations team have conflicting objectives. The development team wants to release new features quickly to attract more customers, while the operations team wants to ensure stability and reliability of the application. This conflict leads to delays in releasing new features and frequent downtime for the application. Your company realizes that it needs to adopt DevOps practices to overcome these challenges and deliver high-quality software efficiently and reliably.
 
 :::image type="content" source="../media/1-discover-devops.png" alt-text="Screenshot of the DevOps toolchain and application lifecycle.":::
diff --git a/learn-pr/wwl-azure/discover-devops/includes/2-what-is-devops.md b/learn-pr/wwl-azure/discover-devops/includes/2-what-is-devops.md
@@ -2,7 +2,9 @@ DevOps is a commonly misunderstood and mischaracterized term. Before you explore
 
 ## What is DevOps (and what isn't)?
 
-> "DevOps is the union of people, process, and products to enable continuous delivery of value to our end users." - Donovan Brown
+---
+> [!VIDEO https://www.youtube.com/embed/kBV8gPVZNEE?si=8jp-neTgnXpG7sx4?cc_load_policy=1&cc_lang_pref=auto]
+---
 
 DevOps is a set of principles, practices, and values that are meant to enhance cross-team synergies, with the common goal of optimizing software delivery.
 
diff --git a/learn-pr/wwl-azure/operate-with-devops/5-explore-observability-through-security-assessment.yml b/learn-pr/wwl-azure/operate-with-devops/5-explore-observability-through-security-assessment.yml
@@ -8,6 +8,6 @@ metadata:
   author: LuizMacedo
   ms.author: lumac
   ms.topic: unit
-durationInMinutes: 3
+durationInMinutes: 4
 content: |
   [!include[](includes/5-explore-observability-through-security-assessment.md)]
diff --git a/learn-pr/wwl-azure/operate-with-devops/includes/5-explore-observability-through-security-assessment.md b/learn-pr/wwl-azure/operate-with-devops/includes/5-explore-observability-through-security-assessment.md
@@ -11,4 +11,19 @@ Security techniques, which are part of the DevSecOps strategy can be grouped int
 **Security monitoring** and **security assessment** are integral components of DevOps security observability, contributing jointly to the continuous and proactive identification, analysis, and response to security-related events and vulnerabilities. Security monitoring largely follows the same approach as the one applicable to performance monitoring, collecting real-time telemetry, such as metrics, logs, and traces to track overall security of your workloads. Security assessment relies on that telemetry to evaluate security of the organization's information systems, applications, and infrastructure in order to identify vulnerabilities, assess risks, and provide recommendations for their remediation.
 
 It's common to use for this purpose a dedicated solution that implements the *Security Information and Event Management (SIEM)* functionality, such as cloud-hosted Microsoft Sentinel. Microsoft Sentinel combines telemetry data from a wide range of sources, automatically correlating them and looking for patterns by using artificial intelligence and machine learning.
-You can also take advantage of the functionality built into Microsoft DevOps platforms, such as GitHub or Azure DevOps. In particular, GitHub offers many tools that implement security monitoring and assessment. Its Dependabot automatically scans repos-hosted software for any external dependencies, searching for known vulnerabilities against the GitHub's Advisory Database. In case such vulnerabilities are found, Dependabot automatically generates pull requests to upgrade them to nonvulnerable versions. GitHub Advanced Security combines several security features and capabilities that enhance software delivery workflows including code scanning, secret scanning, and dependency reviews. For example, Security Code Scanning scans repo-hosted source code, detecting security vulnerabilities and programming errors. It integrates with GitHub Actions, allowing for automated and continuous code analysis as part of CI/CD workflows.
+
+You can also take advantage of the functionality built into Microsoft DevOps platforms, such as GitHub or Azure DevOps. In particular, GitHub offers many tools that implement security monitoring and assessment, such as GitHub Advanced Security.
+
+---
+> [!VIDEO https://www.youtube.com/embed/DA_WbNRFPT0?si=LFEzyBjmscpn2mKe?cc_load_policy=1&cc_lang_pref=auto]
+---
+
+Its Dependabot automatically scans repos-hosted software for any external dependencies, searching for known vulnerabilities against the GitHub's Advisory Database. In case such vulnerabilities are found, Dependabot automatically generates pull requests to upgrade them to nonvulnerable versions.
+
+GitHub Advanced Security combines several security features and capabilities that enhance software delivery workflows including code scanning, secret scanning, and dependency reviews. For example, Security Code Scanning scans repo-hosted source code, detecting security vulnerabilities and programming errors.
+
+---
+> [!VIDEO https://www.youtube.com/embed/lm9a9R9P6uc?si=GeJuI8NdoIMQc5_A?cc_load_policy=1&cc_lang_pref=auto]
+---
+
+It integrates with GitHub Actions, allowing for automated and continuous code analysis as part of CI/CD workflows.
diff --git a/learn-pr/wwl-azure/plan-with-devops/5-plan-with-github.yml b/learn-pr/wwl-azure/plan-with-devops/5-plan-with-github.yml
@@ -8,6 +8,6 @@ metadata:
   author: LuizMacedo
   ms.author: lumac
   ms.topic: unit
-durationInMinutes: 3
+durationInMinutes: 6
 content: |
   [!include[](includes/5-plan-with-github.md)]
diff --git a/learn-pr/wwl-azure/plan-with-devops/includes/5-plan-with-github.md b/learn-pr/wwl-azure/plan-with-devops/includes/5-plan-with-github.md
@@ -27,6 +27,10 @@ By using the views functionality, you have the option to create multiple boards
 
 Before you start a new GitHub project, create a repository. A repository stores all of your project's files and provides a platform for managing your work and collaborating with others. To track project-related work items, use issues. Issues provide a convenient method for communicating and making decisions within a team, including discussions on application lifecycle details, such as bugs or performance reports, project planning, or brainstorming a new idea. To provide suggestions for improvements, use pull requests containing proposed changes.
 
+---
+> [!VIDEO https://www.youtube.com/embed/qT0VMdx7vuI?si=YsZWnf9MQx5ZwAw7?cc_load_policy=1&cc_lang_pref=auto]
+---
+
 In addition, consider using the default labels included in every repository or creating custom ones. Labels help with keeping track of project goals, designating bugs, differentiating between various types of work, and indicating the status of issues or pull requests. For example, you can locate all bugs in your project by filtering for issues with the corresponding label.
 
 When creating a project, you can either start from scratch or use many project templates with predefined board structures targeting the most common use cases, including, for example, *Team planning*, *Feature release*, *Kanban*, *Iterative development*, or *Bug tracker*.
