You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/getting_started.md
+56-2Lines changed: 56 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,10 +14,64 @@ If you already have Azure DevOps account, create a new project.
14
14
15
15
### 3. Create Service Principal to Login to Azure and create resources
16
16
17
-
To create service principal, register an application entity in Azure Active Directory (Azure AD) and grant it the Contributor or Owner role of the subscription or the resource group where the web service belongs to. See [how to create service principal](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) and assign permissions to manage Azure resource
17
+
To create service principal, register an application entity in Azure Active Directory (Azure AD) and grant it the Contributor or Owner role of the subscription or the resource group where the web service belongs to. See [how to create service principal](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) and assign permissions to manage Azure resource.
18
+
Please make note the following values after creating a service principal, we will need them in subsequent steps
19
+
- Azure subscription id (subscriptionid)
20
+
- Service principal username (spidentity)(application id)
21
+
- Service principal password (spsecret) (auth_key)
22
+
- Service principal tenant id (sptenant)
23
+
-
18
24
19
-
**Note:** You must have sufficient permissions to register an application with your Azure AD tenant, and assign the application to a role in your Azure subscription. Contact your subscription adminstator if you don't have the permissions. Normally a subscription admin will create a Service principal and will provide you the details.
25
+
**Note:** You must have sufficient permissions to register an application with your Azure AD tenant, and assign the application to a role in your Azure subscription. Contact your subscription adminstator if you don't have the permissions. Normally a subscription admin can create a Service principal and can provide you the details.
20
26
21
27
28
+
### 4. Store secret in Key Vault and link it as variable group in Azure DevOps to be used by piplines.
29
+
Our pipeline require the following variables to autheticate with Azure.
30
+
- spidentity
31
+
- spsecret
32
+
- sptenant
33
+
- subscriptionid
22
34
35
+
We noted the value of these variables in previous steps.
23
36
37
+
**NOTE:** These values should be treated as secret as they allow access to your subscription.
38
+
39
+
We make use of variable group inside Azure DevOps to store variables and their values that we want to make available across multiple pipelines. You can either store the values directly here or connect to an Azure Key Vault in your subscription. Please refer to the documentation [here](https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=yaml#link-secrets-from-an-azure-key-vault) to learn more about how to create a variable group and [link](https://docs.microsoft.com/en-us/azure/devops/pipelines/library/variable-groups?view=azure-devops&tabs=designer#link-secrets-from-an-azure-key-vault) it to your pipeline.
40
+
41
+
Please name your variable group **AzureKeyVaultSecrets**, we are using this name within our build yaml file.
42
+
43
+
Up until now you shouls have
44
+
- forked (or cloned) the repo,
45
+
- created a devops account or use an existing one
46
+
- got service principal details and subscription id.
47
+
- set them as variable group within devops.
48
+
49
+
We now have 3 pipelines that we would set up
50
+
- Build Pipeline (azure-pipelines.yml): Runs tests and sets up infrastructure
51
+
- Retraining trigger pipeline(/template/retraining-template.json): This pipeline submits a pipeline job to Azure ML Pipelines and trains a new model and publishes image, if new model is better after evaluation.
52
+
- Release pipeline(/template/release-template.json) : This pipeline releases our image and deploys it to QA and Prod environment.
53
+
54
+
55
+
56
+
### 5. Set up Build Pipeline
57
+
1. Select your devops organization and project by clicking dev.azure.com
58
+
2. Once you are in the right devops project, click Pipelines on the left hand menu and select Builds
59
+
3. In the Build Menu, click **New** dropdown and then select **New build pipeline**
4. Select Connect and link to your GitHub repository where you cloned this repo.
62
+
63
+
64
+
### 6. Set up Retraining trigger release pipeline
65
+
66
+
67
+
### 7. Set up release (Deployment) pipeline
68
+
69
+
70
+
71
+
### Testing end to end flow
72
+
73
+
Now you have all the pipelines setup, each time you make a commit to the repository the following should happen automatically for first time
74
+
75
+
- build pipeline should run tests for you and set up the infrastructure (Azure ML workspace, Azure ML pipeline)
76
+
- A new retraining job will be triggered on Azure ML pipelines, you can view this job by going to portal.azure.com > your AML workspace > and then pipelines tab.
77
+
- A new docker image will get deployed to Azure container instance and prod deployment to AKS will also be created but won't be triggered.
0 commit comments