We are new to VSTS and will be using the online service and integrating with our production Azure AD tenant. Since we do development that involves Office 365, this meant that we have both production and development Office 365/Azure AD environments. We understand that our authentication can only be tied to one of these (which is fine) but can we use VSTS to perform tasks against both environments (e.g. staging, deploy, etc.)? Are there certain things that do/don't work we should consider or are there other suggestions on how we would leverage VSTS across these environments as we take code tested against development to production? Thanks!
One option to do this would be using powershell and service principal authentication. No point in copy\pasting documentation so I'll leave a link.
https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authenticate-service-principal
You can also just authenticate to the API, get oAuth token and do pretty much anything with that. Not super straight forward, but can be done ;)
You can add multiple azure service endpoints, then deploy app through release, simple steps:
Refer to this blog: Automating Azure Resource Group deployment using a Service Principal in Visual Studio Online to manual configure Azure service endpoint (Manual Configuration section)
Create a Release Definition in vsts
Add environments (e.g. Staging, Deploy)
Add Azure App Service Deployment task for each environment
Specify corresponding Azure Subscription for these tasks
Related
I would like to check the common vulnerabilities in some of FIWARE components that we are using in our platform, components list is given below.
Cepheus
Cygnus
Orion
STH-Comet
QuantumLeap
IoT Agent for JSON
IoT Agent Node Lib
If any source is available over some FIWARE website or some other source, where we can verify the vulnerabilities in FIWARE component. Please provide the information if such information is available.
For a given Docker baseline we are using Anchore and Clair checks. For a given usual running Docker Container based on a Docker Compose file a Docker Benchmark Security recommendation is executed. Additionally, we are running SAST code analysis over the corresponding repositories. Plus npm audit for the node.js ones plus.
We are defining corresponding GitHub Actions to use inside the repositories.
There is a working project to provide security analysis of the components, the first version is not released yet. You can take a look on it in this repository FIWARE Security Scan
What is the difference between application console vs cluster console in openshift enterprise version. I am new to openshift and confused with terminologies. I feel that openshift is like linux kernel in our system(an analogy). On top of that are containers and to orchestrate we have kubernetes. However , the architecture of openshift is exact opposite. Please correct me.
OpenShift is just one of the available Kubernetes distributions, which adds enterprise-level services like authentication, authorization and multitenancy.
The web console provides two perspectives: Administrator and Developer. The Developer perspective provides workflows specific to developer use cases like create, deploy and monitor applications, while Administrator perspective is responsible for managing the cluster resources, users, and projects. Depending on the user's role, you will see a different set of views available in the main menu.
It seems that this page contains all the functionality that Azure CLI supports in regard to Azure API Management. But it doesn't show how to manage entities such as users, products, certificates, subscriptions, and APIs using Azure CLI.
Does Azure CLI lack these functionalities or is there a way to manage those entities using Azure CLI? Can Azure CLI be considered as a replacement for ARM templates in the case of APIM?
Azure CLI is missing those. Please raise on aka.ms/apimwish
According to my research, the Azure CLI API management command is in preview. SO it will miss some commands. For more details, please refer to the document. So if you want to manage Azure API management entities such as users, products, certificates, subscriptions, and APIs, I suggest you use Azure PowerShell to do that : https://learn.microsoft.com/en-us/powershell/module/az.apimanagement/?view=azps-3.0.0.
The Azure CLI currently seems to support this, see here for Microsoft docs. Make sure you upgrade your CLI to the latest version to be able to leverage this.
To get the CLI docs:
az apim --help
I have created an application using mySQL, Express.js, React, Node.js
My question is, which servers would allow me to deploy this application for free? I'm assuming TOMCAT wouldn't allow me to create it because I have a node.js / express.js as back-end.
Outside of Heroku, here are a few free and easy deployment options:
Serverless:
AWS Lambda: https://amzn.to/2JgBFlL
Azure Web Services: https://azure.microsoft.com/en-us/free/cloud-services/search/?&OCID=AID719825_SEM_UHdSDoOS&lnkd=Google_Azure_Brand&gclid=EAIaIQobChMIh7rFgt2k3gIVGMNkCh0wOwnqEAAYASAAEgKkP_D_BwE
Of course in the future if you have a super lightweight 'app' you're trying to deploy, Github pages is a good option.
Serverless is a really good option though because deployment becomes as simple as pointing the serverless service to a repo and committing to the repo. The rest of the deployment process is handled by in these cases, either AWS or Azure. And for AWS and Azure, you can easily link in a lightweight, free SQL DB.
The learning curve is no less daunting than learning to deploy on Heroku, but it is much much simpler once it's set up. Plus - you get the added benefit of scalability for free because AWS and Azure takes care of it for you!
On a SOA project we start to employ IBM WebSphere Message Broker to orchestrate .NET-based web services. We have distinct DEV, QA and PROD environments for the system being developed.
WebSphere Message Broker Toolkit would be used to develop message flows in DEV. And with DEV everything is more or less clear.
For QA and PROD we aim to have repeatable and as automated and possible deployment procedure. With .NET portion it almost a no-brainer, but deployment to Message Broker seem to require substantial manual effort, which is not good.
What are recommendations for deployment to WebSphere Message Broker? What is the best way to package Message Broker components?
You components (flows and so forth) will be packaged up as Broker Archive (.bar) files. You can use Ant to script the deployment of these components between environments, for example.
Use scripts.
As Andy Piper says Ant works quite well.
Also be aware that you can use the CMP API which has been rebadged as the Message Broker API its quite comprehensive and lets you get at and modify information in you Broker Archive(BAR) files to a much more significant extent that just the various Broker commands you can invoke from a script.