Azure Repository Configuration and Management

Author

Reads 451

Woman in focus working on software development remotely on laptop indoors.
Credit: pexels.com, Woman in focus working on software development remotely on laptop indoors.

Azure Repository Configuration and Management is a crucial step in setting up a reliable and efficient repository. Azure Repos is a free, cloud-based version control system that allows you to store and manage your code.

To configure Azure Repository, you need to create a project, which involves specifying the repository type, location, and permissions. This can be done through the Azure DevOps portal or through the Azure CLI.

In Azure Repos, you can manage your repository by adding, editing, or deleting files, as well as setting up permissions for team members. You can also use Azure Repos to manage your code's history, including commits, branches, and merges.

Azure Repos also provides a feature called pull requests, which allows you to review and approve changes before they are merged into the main codebase. This helps ensure that changes are thoroughly reviewed and tested before they are deployed.

Azure Repository Configuration

To configure an Azure repository, you need to set up a Git repository first. This can be done by creating a new repository or importing an existing one from Azure DevOps.

Credit: youtube.com, Getting Started with Azure DevOps Repos

Azure repositories support Git, Mercurial, and Subversion, but Git is the most widely used. You can choose the version control system that best suits your needs.

Azure repository configuration involves setting up the repository's core features, such as permissions, access control, and security. This will ensure that your code is protected and only accessible to authorized users.

REST API

The Azure DevOps REST API is a powerful tool for automating tasks, and it's surprisingly easy to test without setting up anything complicated. Just update the URL in your browser to a specific endpoint, like https://dev.azure.com/raj-bos/Demo/_apis/git/repositories, and you'll get a list of repositories.

You can access the API by visiting the URL in your browser, no setup required, and it returns a list of repositories. This is a great way to get started with the API and see what it can do.

The Azure DevOps REST API allows you to automate almost everything in Azure DevOps, making it a valuable asset for teams and developers.

Https Repositories

Credit: youtube.com, Trigger Azure Pipelines From Multiple Repositories | Azure DevOps Pipeline

When configuring Azure repositories, you'll need to consider how users access them securely. HTTPS repositories are a great option.

For HTTPS repositories, you can specify a username and password for accessing the repositories. This is a simple and straightforward way to authenticate users.

Alternatively, you can use a TLS client certificate to access the repositories. This involves storing the client certificate and its corresponding private key in secrets.

To use a TLS client certificate, you'll need to store the client certificate data and the private key in separate secrets. This is more secure than using a username and password.

Aks

When working with AKS clusters in Azure, you'll need to configure authentication to access your cluster. This can be done using the argocd-k8s-auth execProviderConfig, which accepts an option called azure. This option encapsulates the get-token command for kubelogin.

To set the authentication flow, you'll need to set the environment variable AAD_LOGIN_METHOD to one of the following values: devicecode, spn, ropc, msi, azurecli, or workloadidentity. For example, if you want to use the spn login flow, you'll need to set AAD_LOGIN_METHOD to spn.

Credit: youtube.com, Deploy to Azure Kubernetes Service (AKS) and Container Registry (ACR) using Azure DevOps Pipelines

Here are some additional environment variables you'll need to set depending on the authentication flow you choose:

If you're using the federated workload login flow, you'll need to mount the federated token file as a secret into argoCD, and set the location of the token file in the environment variable AZURE_FEDERATED_TOKEN_FILE.

Continuous Integration (CI)

Continuous Integration (CI) is a powerful feature in Azure Repos that allows you to automate your build and deployment process.

You can configure CI triggers to run your pipeline whenever you push updates to specific branches or tags. By default, YAML pipelines are configured with a CI trigger on all branches, unless the Disable implied YAML CI trigger setting is enabled.

You can control which branches get CI triggers by specifying the full name of the branch, such as "main", or using a wildcard, like "releases/*". This allows you to choose which branches should trigger a pipeline.

Credit: youtube.com, Integrating Jenkins & Azure Repos For Continuous Integration

If you have many team members uploading changes often, you may want to reduce the number of runs you start. To do this, you can set "batch" to true, which will wait until the current run is completed before starting another run with all changes that have not yet been built. However, this feature is not supported in repository resource triggers.

CI Triggers

CI triggers cause a pipeline to run whenever you push an update to the specified branches or you push specified tags. By default, YAML pipelines are configured with a CI trigger on all branches, unless the Disable implied YAML CI trigger setting is enabled.

You can control which branches get CI triggers with a simple syntax, specifying the full name of the branch or a wildcard. For example, you can specify the pipeline to be triggered if a change is pushed to main or to any releases branch.

Credit: youtube.com, 4. Create pipeline for continuous integration (CI) & use triggers to enable automatic CI.

If you want to reduce the number of runs you start, you can set batch to true. This will wait until the run is completed, then start another run with all changes that have not yet been built. However, batch is not supported in repository resource triggers.

Here's how branching works with CI triggers:

  • If your pipeline has path filters, it will be triggered only if the new branch has changes to files that match that path filter.
  • If your pipeline does not have path filters, it will be triggered even if there are no changes in the new branch.

To specify branch names in the branches lists, you can use the following format: If you didn't specify any triggers, and the Disable implied YAML CI trigger setting is not enabled, the default is as if you wrote: You can also configure triggers based on tags by using the following format:

Clean Build

Cleaning the working directory of your self-hosted agent before a build runs can be a crucial step in maintaining performance. For faster performance, don't clean the repo, but rather build incrementally by disabling any Clean option of the task or tool you're using to build.

Credit: youtube.com, How to design a modern CI/CD Pipeline

If you do need to clean the repo, consider the type of cleaning you want to perform. For example, to avoid problems caused by residual files from a previous build, you can configure the clean setting in the Checkout step of your pipeline. This will perform an undo of any changes in $(Build.SourcesDirectory).

There are several options for cleaning the repo, depending on your needs. You can choose from the following:

  • outputs: Deletes and recreates $(Build.BinariesDirectory), and also deletes and recreates $(Build.ArtifactStagingDirectory) and $(Common.TestResultsDirectory) prior to every build.
  • resources: Deletes and recreates $(Build.SourcesDirectory), initializing a new, local Git repository for every build.
  • all: Deletes and recreates $(Agent.BuildDirectory), initializing a new, local Git repository for every build.

To configure the clean setting, select the Clean setting from the properties of the Get sources task in your pipeline and choose one of the following options:

  • Sources: Performs an undo of any changes in $(Build.SourcesDirectory) using the following Git commands: git clean -ffdx and git reset --hard HEAD.
  • Sources and output directory: Same operation as Sources option above, plus deletes and recreates $(Build.BinariesDirectory).
  • Sources directory: Deletes and recreates $(Build.SourcesDirectory), initializing a new, local Git repository for every build.
  • All build directories: Deletes and recreates $(Agent.BuildDirectory), initializing a new, local Git repository for every build.

Staging Changes

Staging changes is an essential part of the Git workflow, allowing you to selectively add certain files to a commit while passing over the changes made in other files. This is particularly useful when you want to commit changes made to one file without affecting the changes made to another file.

Credit: youtube.com, CI CD Pipeline Explained in 2 minutes With Animation!

To stage changes, you can use the Stage Changes button in Visual Studio Code. This will prepare the selected file for committing without affecting the other files. For example, in Task 3: Staging changes, the user stages the changes made to CartItem.cs and commits them without affecting the changes made to Category.cs.

Staging changes can save you a lot of time and effort by allowing you to commit only the changes that are relevant to the task at hand. It's also a good practice to stage changes before committing them to the server, as this ensures that only the intended changes are committed.

Here's a step-by-step guide on how to stage changes:

1. Open the file you want to stage in Visual Studio Code.

2. Make the necessary changes to the file.

3. Click the Stage Changes button for the file.

4. Enter a comment for the commit.

5. Select Commit Staged from the More Actions dropdown.

6. Synchronize the committed changes with the server using the Synchronize Changes button.

By following these steps, you can effectively stage changes and commit only the intended files to the server. This is an essential part of the Continuous Integration (CI) process, allowing you to manage changes and collaborate with your team more efficiently.

Repository Management

Credit: youtube.com, Manage and store your code in Azure Repos

Managing your Azure repository efficiently is crucial for any development team. You can manage your repo branches from the Azure DevOps portal, in addition to all the functionality available in Visual Studio Code.

Azure DevOps provides a user-friendly interface to manage your repository, making it easy to navigate and maintain. Exercise 6, "Managing branches from Azure DevOps", is a great resource to get started with.

You can access your repository's branches directly from the Azure DevOps portal, without needing to switch between different tools. This saves time and streamlines your workflow.

Repository Security

Repository security is a crucial aspect of Azure Repos. Protect access to repositories in YAML pipelines is enabled by default for new organizations and projects created after May 2020.

This setting reduces the scope of access for all pipelines to only Azure Repos Git repositories explicitly referenced by a checkout step or a uses statement in the pipeline job that uses that repository. You won't be able to fetch code using scripting tasks and git commands for an Azure Repos Git repository unless that repo is first explicitly referenced.

Credit: youtube.com, Azure DevOps - How to manage Security and Compliance for Git Repositories

There are a few exceptions where you don't need to explicitly reference an Azure Repos Git repository before using it in your pipeline. These exceptions include using a script to check out the repository, using a script to perform read-only operations on a repository in a public project, or using a script that provides its own authentication to the repo.

If you're already checking out the repository in your pipeline using a checkout step, you may subsequently use scripts to interact with that repository.

Protect Repository Access in YAML Pipelines

Protecting repository access in YAML pipelines is crucial for maintaining the security of your code. Protect access to repositories in YAML pipelines is enabled by default for new organizations and projects created after May 2020.

This setting reduces the scope of access for all pipelines to only Azure DevOps repositories explicitly referenced by a checkout step or a uses statement in the pipeline job that uses that repository.

Credit: youtube.com, How to PROTECT Azure Repository From Azure Pipelines Access

If you want to use a script to check out a repository, you must either reference that repository in a checkout step or with a uses statement.

There are a few exceptions where you don't need to explicitly reference an Azure Repos Git repository before using it in your pipeline. These exceptions include:

  • Using a checkout: self step, where the self repository is checked out.
  • Performing read-only operations on a repository in a public project using a script.
  • Using a script that provides its own authentication to the repo, such as a PAT.

Credentials

Credentials play a crucial role in securing your repositories. To access HTTPS repositories, you'll need to provide a username and password, or use a TLS client certificate and private key stored in secrets.

You can configure credential templates to use the same credentials for multiple repositories. This is particularly useful when accessing repositories via HTTPS whose URL is prefixed with a specific domain, such as https://github.com/argoproj.

To use a credential template, the repository must either not be configured at all or must not contain any credential information. This means it should not have a specified sshPrivateKey, username, or password.

Credit: youtube.com, How To Secure Your Gradle Credentials In Jenkins

The URL configured for a credential template must match as a prefix for the repository URL. For example, if you have a credential template for https://github.com/argoproj, it will match repositories with URLs like https://github.com/argoproj/argocd-example-apps.

Matching credential template URL prefixes is done on a best match effort, so the longest match will take precedence. This means that if you have multiple credential templates defined, the one with the longest matching prefix will be used.

Here are the valid keys to refer to credential secrets:

  • username and password
  • tlsClientCertData and tlsClientCertKey

Repository Operations

Repository Operations is a crucial part of managing your Azure repository. You can manage your repo branches from the Azure DevOps portal, giving you more flexibility and control over your code.

To work efficiently, you can also use Visual Studio Code, which offers a range of functionality for managing your repository. Exercise 6: Managing branches from Azure DevOps is a great resource to get you started.

Paths

Paths are always specified relative to the root of the repository. This means that if you're trying to include a specific folder, you'll need to make sure you're referencing it from the top level of your repository.

Credit: youtube.com, A Closer Look at Repository and Explorer

You can use wild cards in path filters, such as **, *, or ?, to include multiple files or folders at once. For example, you can include all paths that match src/app/**/myapp*.

If you don't set path filters, the root folder of the repo is implicitly included by default. This means that if you don't specify any paths, the entire repository will be included.

You can't use variables in paths, as variables are evaluated at runtime (after the trigger has fired). This means that if you try to use a variable in your path filter, it won't be replaced with the actual value.

Here are some key things to keep in mind when working with path filters:

  • Paths are always specified relative to the root of the repository.
  • Wild cards are supported for path filters.
  • If you don't set path filters, then the root folder of the repo is implicitly included by default.
  • You cannot use variables in paths.
  • Paths in Git are case-sensitive.
  • Paths are evaluated at the time the trigger is set up, not at runtime.

New Branch Creation

Creating a new branch in your Azure DevOps repository is a straightforward process. You can create a new branch from the Azure DevOps portal by navigating to Repos | Branches and clicking the New branch button.

Credit: youtube.com, How to create a new branch on GitHub // Commit & Push

To name your new branch, simply enter a name, such as "release", and use the Work items to link dropdown to select one or more work items to link to this new branch. Click Create branch to create it.

You can also create a new branch from Visual Studio Code by pressing Ctrl+Shift+P to open the Command Palette, starting to type “Git: Fetch”, and selecting Git: Fetch when it becomes visible. This command will update the origin branches in the local snapshot.

After creating a new branch, it will be available in the list. You can then switch to the new branch by clicking on it, and it will be checked out in your local repository.

Here's a step-by-step guide to creating a new branch:

1. Switch to the Azure DevOps browser tab.

2. Navigate to Repos | Branches.

3. Click New branch.

4. Enter a name for the new branch.

5. Use the Work items to link dropdown to select one or more work items.

6. Click Create branch.

Remember to update your local repository by pressing Ctrl+Shift+P to open the Command Palette and starting to type “Git: Fetch”.

Checkout

Credit: youtube.com, git checkout explained with Example || git checkout command || git || github

Checkout is an essential part of repository operations, allowing you to control how your source code is pulled from the Azure Repos Git repository. You can include a checkout step in your pipeline, which runs the command `git -c fetch --force --tags --prune --prune-tags --progress --no-recurse-submodules origin --depth=1`.

This command fetches the latest changes from the repository, but you can also choose to exclude the built-in checkout by setting `checkout: none` in your pipeline. This allows you to use a script task to perform your own checkout.

To control how far back in history to download, you can use shallow fetch. This option is enabled by default for new pipelines created after the September 2022 Azure DevOps sprint 209 update, with a depth of 1. You can configure the fetch depth setting in the Checkout step of your pipeline, or by setting the Shallow depth option in the pipeline settings UI.

Credit: youtube.com, 41. Checkout the Remote tracking branches in the local git repository - GIT

Here's a summary of the checkout options:

By understanding these checkout options, you can optimize your repository operations and improve the efficiency of your pipelines.

Committing Changes

Committing changes is a crucial part of repository operations, and it's essential to understand the process to avoid any potential issues.

To commit changes, you need to save the file and then select the Source Control tab to see the one change to the solution. You can then enter a commit message, such as "My commit", and press Ctrl+Enter to commit it locally.

If you're using Visual Studio Code, you can also use the Command Palette to commit changes. Press Ctrl+Shift+P to open the Command Palette, start typing "Git: Commit" and select it when it becomes visible.

It's worth noting that committing changes will not affect other branches, and you can share branches with others without having to merge the changes into the main project.

Credit: youtube.com, How To Git Commit And Push Changes

Here's a step-by-step guide to committing changes using Visual Studio Code:

1. Open the file you want to commit changes to.

2. Save the file.

3. Select the Source Control tab.

4. Enter a commit message.

5. Press Ctrl+Enter to commit it locally.

6. Click the Synchronize Changes button to synchronize your changes with the server.

Remember to always confirm the sync if prompted.

Reviewing Commits

Reviewing Commits is a crucial step in understanding the changes made to your codebase. You can review the latest commits on Azure DevOps under the Commits tab of the Repos hub.

Switch to the Azure DevOps browser tab to access the Commits tab. The recent commit should be right at the top, making it easy to identify the latest changes.

By reviewing the commits, you can see the history of changes made to your codebase. This is especially useful for debugging and understanding the impact of changes.

Repository Settings

In Azure Repository, you can access repository settings from the repository's top navigation menu. This is where you can manage your repository's basic settings.

Credit: youtube.com, Azure DevOps Repository is not Visible: Project Settings / Overview / Repositories /Enable

You can set up two-factor authentication to add an extra layer of security to your repository. This is a good practice to follow, especially if you're working with sensitive data.

To set up two-factor authentication, you'll need to create an Azure Active Directory (AAD) user and assign them to your repository. This will allow you to manage access to your repository more effectively.

Preferred Git Version

When you're working with Git, you might want to use a specific version. Fortunately, you have control over the version used by the Windows agent. The Windows agent comes with its own copy of Git.

If you prefer to use a different version, you can supply your own Git. To do this, set System.PreferGitFromPath to true.

This setting is especially useful on Windows agents, where the included copy of Git might not be the one you want to use.

Default Behavior

Repository settings can be complex, but understanding the default behavior can make a big difference. For existing pipelines created before Azure DevOps sprint 209, the default for syncing tags remains the same as the existing behavior before the Sync tags option was added, which is true.

Credit: youtube.com, GitHub Tutorial: How to Change Default Branch of a Repository

This means that if you have an old pipeline that was created before September 2022, it will continue to sync tags automatically. However, if you're creating a new pipeline after September 2022, you'll need to be aware of the default behavior.

The default behavior for new pipelines created after Azure DevOps sprint release 209 is false, which means syncing tags is not enabled by default. This is a change from the previous behavior, so it's essential to understand the implications.

Here's a quick summary of the default behavior for syncing tags:

  • Existing pipelines (created before September 2022): Syncing tags is true.
  • New pipelines (created after September 2022): Syncing tags is false.

Frequently Asked Questions

What is an Azure repository?

Azure Repos is a set of version control tools that help you manage and track changes to your code over time. It's a powerful tool for developers to collaborate and keep their code organized.

Where are Azure repositories?

Find Azure repositories in the Azure portal under the Azure Container Registry you've pushed images to

What is the difference between GitHub and Azure Repos?

GitHub is a platform for hosting and managing Git repositories, while Azure Repos is a part of Azure DevOps, offering a comprehensive suite for managing the entire software development lifecycle. If you're looking for a more integrated development experience, Azure Repos might be the better choice.

Is Azure DevOps a code repository?

Azure DevOps offers a code repository feature, although it's not its primary focus. It provides a robust repository solution for managing your project's code.

How to get code from Azure repo?

To get code from an Azure repo, open your team project in a web browser, navigate to Repos > Files, and select Clone to download a copy of the code into a new folder. This process includes all commits and branches from the repository.

Margarita Champlin

Writer

Margarita Champlin is a seasoned writer with a passion for crafting informative and engaging content. With a keen eye for detail and a knack for simplifying complex topics, she has established herself as a go-to expert in the field of technology. Her writing has been featured in various publications, covering a range of topics, including Azure Monitoring.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.