Beta

AZ-400: Designing and Implementing Microsoft DevOps Solutions

Design and Implement a Package Management Strategy

Exploring Azure Artifacts

In this lesson, we delve into Azure Artifacts—a cornerstone of modern software development and a key component of your certification exam. Azure Artifacts streamlines package management and seamlessly integrates with Azure DevOps, making it an indispensable tool in managing your development workflow.

The image is an introduction slide with a gradient background, listing three topics: exploring Azure Artifacts, the importance of package management in software development, and an overview of Azure Artifacts as an extension of Azure DevOps.

Core Features of Azure Artifacts

Azure Artifacts offers robust integration with Azure DevOps, supports various package types, and provides granular control over access permissions. By creating a feed, publishing packages, and allowing consumers to access these packages, you create a managed “vending machine” for your code.

The image outlines a three-step process for creating and sharing packages: setting up a feed, pushing packages to the feed, and consuming packages from the feed.

Creating and Configuring a New Feed

To begin, navigate to your Azure DevOps project, select Azure Artifacts, and click the Create Feed button. During the setup process, configure the following crucial settings:

  • Visibility:

    • Private: Accessible only to you and explicitly granted users.
    • Organization: Available to everyone within your Azure DevOps organization.
    • Public: Open to anyone on the internet.

  • Upstream Sources:
    These sources enable your feed to reference packages from external repositories (e.g., NuGet.org, NPMJS.com, Maven Central) or other Azure Artifacts feeds. If a package is missing from your feed, Azure Artifacts retrieves it from the specified upstream source, conserving bandwidth and storage.

  • Scope:
    Use this setting in multi-team environments to designate whether the feed is organization-wide or limited to specific projects. If restricted, you must designate the appropriate projects accordingly.

The image shows a screenshot of the Azure DevOps interface for configuring a new feed, including options for naming, visibility, upstream sources, and scope.

Utilizing Your Feed

Once your feed is established, you will encounter two main options:

  1. Connect to Feed:
    This option provides integration guidance for various package managers such as NuGet, NPM, and Maven. It also outlines the authentication process using personal access tokens or other credentials and includes steps for integration with popular IDEs.

  2. Search Stream Sources:
    Easily browse and search for packages within your feed and connected upstream sources. This feature differentiates between packages hosted in your own feed and those sourced externally, providing details such as available versions, dependencies, and licensing information, which is essential for streamlined dependency management.

Integrating Azure Artifacts with CI/CD Pipelines

Azure Artifacts can be seamlessly integrated into your CI/CD pipelines. Integrating package restoration and automated package version updates during build processes enhances efficiency and security.

The image illustrates integrating with CI/CD pipelines, highlighting automated package versioning, restoring packages during builds, and continuous integration with Azure Pipelines, alongside a screenshot of the Azure DevOps interface.

Step 1: Setting Up Your Feed

Begin by creating a private feed in Azure Artifacts for storing your custom or third-party packages. You can publish packages such as .NET Core packages using NuGet or the .NET CLI directly from your local development environment.

Step 2: Configuring Azure Pipelines to Restore Packages

In your Azure Pipeline, add a step to restore packages from your feed. The following YAML snippet demonstrates how to install NuGet, restore packages for solution files, and target your specific feed:

steps:
  - task: NuGetToolInstaller@1
  - task: NuGetCommand@2
    inputs:
      restoreSolution: '**/*.sln'
      feedsToUse: 'select'
      vstsFeed: '<YOUR_FEED_ID>'

Note

This configuration ensures that NuGet is installed on the agent (if not already present) and that all solution files (**/*.sln) have their packages restored using your Azure Artifacts feed.

Step 3: Automating Package Version Updates

To keep dependencies current, use tools like Dependabot. Dependabot routinely checks for package updates and submits pull requests to refresh version numbers in configuration files (e.g., *.csproj or packages.config). You can also set your pipeline to trigger builds on pull request merges by monitoring these files. For example:

trigger:
  branches:
    include:
      - main
  paths:
    include:
      - '**/*.csproj'

This trigger configuration ensures that changes in *.csproj files on the main branch initiate a build, thereby applying the latest package updates.

Step 4: Building and Deploying Your Application

After restoring packages, proceed with your build and deployment processes. For a .NET application, the following YAML snippet illustrates publishing build artifacts and deploying to Azure Web Apps:

- task: DotNetCoreCLI@2
  inputs:
    command: 'publish'
    projects: '**/*.csproj'
    arguments: '--configuration Release --output $(Build.ArtifactStagingDirectory)'

- task: PublishBuildArtifacts@1
  inputs:
    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
    ArtifactName: 'drop'
    publishLocation: 'Container'

- task: AzureWebApp@1
  inputs:
    azureSubscription: '<Your Azure Subscription>'
    appType: 'webApp'
    appName: '<Your App Name>'
    package: '$(Build.ArtifactStagingDirectory)/**/*.zip'

Note

This snippet demonstrates how to build the application, publish artifacts to a container, and deploy the packaged output to an Azure Web App.

Best Practices for Using Azure Artifacts

To maximize your efficiency with Azure Artifacts, adhere to the following best practices:

  • Employ semantic versioning to reduce dependency conflicts.
  • Organize your packages effectively by leveraging scopes and views.
  • Implement retention policies to manage storage and maintain feed cleanliness.

The image lists best practices for using Azure Artifacts, including semantic versioning, organizing packages with scopes and views, and implementing retention policies for artifact management.

By following these guidelines and integrating Azure Artifacts into your CI/CD pipelines, you'll significantly enhance the management and delivery of your software packages, ultimately improving your development process.

For more information on related topics, consider exploring Kubernetes Basics and other Azure DevOps documentation.

Watch Video

Watch video content

Previous
Discovering Package Management Tools
Next
Exploring GitHub Packages