A sample dotnet application built on dotnet C# version 6.0. The docker image is built on Alpine linux 6.0.
The web application does the following:
- displays the hosting environment details & the current system time
- invokes a remote backend
- uses appsettings for different environments like development, production
- accepts Environment Variables
The docker image can be downloaded from docker hub by running the below command. The docker image is located at https://hub.docker.com/repository/docker/abhinabsarkar/dotnetapp
docker pull abhinabsarkar/dotnetapp:<version>Size of the docker image is 115 MB.
# Build the application using dotnet version 6.0
cd src
dotnet build
# Run the application
dotnet run# Build the docker image
docker build -t dotnetapp .
# Run the docker container locally
docker run --name dotnetapp-container -d -p 8002:80 dotnetapp
# Test the app
curl http://localhost:8002
# log into the running container
docker exec -it dotnetapp-container /bin/bash
docker exec -it <container-name> <command>
# Remove the container
docker rm dotnetapp-container -f
# Remove the image
docker rmi dotnetapp# Push the image to docker hub
docker login
# Tag the local image & map it to the docker repo
docker tag local-image:tagname new-repo:tagname
# eg: docker tag dotnetapp abhinabsarkar/dotnetapp
# push the tagged image to the docker hub
docker push new-repo:tagname
# eg: docker push abhinabsarkar/dotnetappHow to build the azure-pipelines.yml & host it on Azure Web App?
Configuring CI/CD Pipelines as Code with YAML in Azure DevOps
The azure yaml pipeline with different stages (build & deploy), manual validation, approval, etc are shown in the pipeline.
Some of the best practices to secure Azure pipeline
- Add pipeline permissions to a repository resource - Add protection to a repository resource - Azure Pipelines | Microsoft Docs
- When you use YAML pipelines, you can easily copy the name of a protected resource (for example, a service connection for your production environment) and include that in a different pipeline. Pipeline permissions protect against such copying. Restricting a repository to specific pipelines prevents an unauthorized pipeline in your project from using your repository. Once enabled, only yaml pipeline defined in the repository will be allowed to use it. All the classic pipelines can use this resource.
- Define approvals and checks on the repository - Add protection to a repository resource - Azure Pipelines | Microsoft Docs
- Add Approvals, so a manual approver is required for each time a pipeline requests the repository.
- Add manual validation before the deployment can be initiated - Azure pipelines yaml - Control deployments with gates and approvals - Azure Pipelines | Microsoft Docs
- Manual validation is especially useful in scenarios where you want to pause a pipeline and validate configuration settings or build packages before starting a computation-intensive job.
- Sample - azure-pipelines.yml - Repos --> ManualValidation
- Define approvals & check for an environment in Azure yaml pipeline - Create target environment - Azure Pipelines | Microsoft Docs; Pipeline deployment approvals - Azure Pipelines | Microsoft Docs; Pre-deployment approvals in Azure DevOps multistage pipelines
- An environment is a collection of resources that you can target with deployments from a pipeline. Typical examples of environment names are Dev, Test, QA, Staging, and Production.
- Sample - azure-pipelines.yml - Repos --> Search for environment
- Deployment gates - Control releases with deployment gates - Azure Pipelines | Microsoft Docs
- Gates allow automatic collection of health signals from external services and then promote the release when all the signals are successful or stop the deployment on timeout. Typically, gates are used in connection with incident management, problem management, change management, monitoring, and external approval systems.