Exercise - Set up your environment

  • 6 minutes

Important

You need your own Azure subscription to run this exercise, and you might incur charges. If you don't already have an Azure subscription, create a free account before you begin.

Before you start to work on your toy company's website pipeline, you need to configure your environment. In this unit, you make sure that your Azure and Azure DevOps environments are set up to complete the rest of this module.

To meet these objectives, you'll:

  • Set up an Azure DevOps project for this module.
  • Clone the project's repository to your computer.
  • Create two resource groups in Azure.
  • Create two service connections and environments in Azure Pipelines.
  • Remove the resources that you don't need in the pre-created Azure DevOps project.

Get the Azure DevOps project

Make sure that your Azure DevOps organization is set up to complete the rest of this module. You set it up by running a template that creates a project in Azure DevOps.

The modules in this learning path are part of a progression. For learning purposes, each module has an associated Azure DevOps project.

Tip

Even if you completed the previous module in the learning path, please follow these instructions to create a new project. Be sure to give it a new name.

Run the template

Run a template that sets up your Azure DevOps project.

Run the template

On the Azure DevOps Demo Generator site, follow these steps:

  1. Select Sign In and accept the usage terms.

  2. On the Create New Project page, select your Azure DevOps organization. Then enter a project name, such as toy-website-environments.

    Screenshot that shows creating a project through the Azure DevOps Demo Generator.

  3. Select Create Project.

    The template takes a few moments to run. It automatically creates a pipeline and Bicep file for you to work with in the subsequent exercises.

  4. Select Navigate to project to go to your project in Azure DevOps.

Important

The final exercise in this module contains important cleanup steps. Be sure to follow the cleanup steps even if you don't complete this module.

Clone the repository

  1. Select Repos > Files.

    Screenshot of Azure DevOps that shows the Repos menu and the Files item.

  2. Select Clone.

    Screenshot of Azure DevOps that shows the repository and the Clone button.

  3. If you're using macOS, you need a special password to clone the Git repository. Select Generate Git credentials and copy the displayed username and password to somewhere safe.

  4. Select Clone in VS Code. If you're prompted to allow Visual Studio Code to open, select Open.

    Screenshot of Azure DevOps that shows the repository settings and the button for cloning in Visual Studio Code.

  5. If a dialog box appears, prompting you to allow an extension to open the repository URI, select Open.

  6. Create a folder to use for the repository, and then choose Select Repository Location.

  7. You're using this repository for the first time, so you're prompted to sign in.

    • If you're using Windows, enter the same credentials that you used to sign in to Azure DevOps earlier in this exercise.

    • If you're using macOS, enter the Git username and password that you generated a few moments ago.

  8. Visual Studio Code prompts you to open the repository. Select Open.

    Screenshot of Visual Studio Code that shows a prompt to open the cloned repository.

Sign in to Azure

To work with resource groups in Azure, sign in to your Azure account from the Visual Studio Code terminal. Be sure that you've installed the Azure CLI tools.

  1. In the Terminal menu, select New Terminal. The terminal window usually opens in the lower half of your screen.

  2. If the shell shown on the right side of the terminal window is bash, the correct shell is open and you can skip to the next section.

    Screenshot of the Visual Studio Code terminal window, with the bash option shown.

  3. If a shell other than bash appears, select the shell dropdown, and then select Git Bash (Default).

    Screenshot of the Visual Studio Code terminal window, with the terminal shell dropdown shown and Git Bash Default selected.

  4. In the list of terminal shells, select bash, and then select the plus sign to open a new terminal that uses the bash shell.

    Screenshot of the Visual Studio Code terminal window, with the bash terminal and the plus sign selected.

Sign in to Azure by using the Azure CLI

  1. In the Visual Studio Code terminal, run the following command to sign in to Azure:

    az login

  2. In the browser that opens, sign in to your Azure account.

To work with resource groups in Azure, sign in to your Azure account from the Visual Studio Code terminal. Be sure that you've installed Azure PowerShell.

  1. In the Terminal menu, select New Terminal. The terminal window usually opens in the lower half of your screen.

  2. If the shell shown on the right side of the terminal window is powershell or pwsh, the correct shell is open and you can skip to the next section.

    Screenshot of the Visual Studio Code terminal window, with the p w s h option displayed in the shell dropdown.

  3. If a shell other than powershell or pwsh appears, select the shell dropdown, and then select PowerShell.

    Screenshot of the Visual Studio Code terminal window, with the terminal shell dropdown shown and powershell selected.

  4. In the list of terminal shells, select powershell or pwsh, and then select the plus sign to open a new terminal that uses the powershell or pwsh shell.

    Screenshot of the Visual Studio Code terminal window, with the powershell terminal and the plus sign selected.

Sign in to Azure by using Azure PowerShell

  1. In the Visual Studio Code terminal, run the following command to sign in to Azure:

    Connect-AzAccount

  2. In the browser that opens, sign in to your Azure account.

Create two resource groups in Azure

To create the two new resource groups, run the following Azure CLI commands in the Visual Studio Code terminal:

az group create --name ToyWebsiteTest --location westus3
az group create --name ToyWebsiteProduction --location westus3

To create the two new resource groups, run the following Azure PowerShell commands in the Visual Studio Code terminal:

New-AzResourceGroup -Name ToyWebsiteTest -Location westus3
New-AzResourceGroup -Name ToyWebsiteProduction -Location westus3

Create service connections in Azure Pipelines

Next, create two service connections in Azure Pipelines: one for your test environment and another for your production environment. This process automatically creates a service principal in Azure. It also grants the service principal the Contributor role on your resource group, which allows your pipeline to deploy to the resource group.

  1. In your browser, select Project settings.

    Screenshot of Azure DevOps that shows the menu item for project settings.

  2. Select Service connections > Create service connection.

    Screenshot of Azure DevOps that shows the button for creating a service connection.

  3. Select Azure Resource Manager > Next.

    Screenshot of Azure DevOps that shows the Azure Resource Manager service connection type.

  4. Select Service principal (automatic) > Next.

    Screenshot of Azure DevOps that shows the service principal option.

  5. In the Subscription dropdown list, select your Azure subscription.

    A popup window might appear, asking you to sign in to Azure. If it does, enter your credentials and sign in.

  6. In the Resource group dropdown list, select ToyWebsiteTest.

  7. In Service connection name, enter ToyWebsiteTest. Ensure that the Grant access permission to all pipelines checkbox is selected, and then select Save.

    Screenshot of Azure DevOps that shows completed details for creating a service connection for the test environment.

    Tip

    For simplicity, you're giving every pipeline access to your service connection. When you create real service connections that work with production resources, consider restricting access to only the pipelines that need them.

  8. Repeat the preceding process to create another new service connection named ToyWebsiteProduction, which deploys to the resource group named ToyWebsiteProduction.

    Screenshot of Azure DevOps that shows the page for creating a service connection for the production environment, with completed details.

    If the resource group list isn't updated, refresh the page in your browser and try again.

Create environments in Azure Pipelines

  1. In your browser, go to Pipelines > Environments.

    Screenshot of the Azure DevOps interface that shows the Pipelines menu and the Environments item.

  2. Select New environment.

    Screenshot of the Azure DevOps interface that shows the Environments page and the button for creating an environment.

  3. Enter Test as the environment name.

    Leave the description blank. For Resource, select None. Then select Create.

    Note

    In Azure Pipelines, environments are used to enable deployment features. Some of these features apply only when you're deploying to Kubernetes or to virtual machines. In this module, we don't use these features and you can ignore them.

    Screenshot of the Azure DevOps page for a new environment named Test, with completed details and the Create button.

    Before a pipeline can use the environment, you must grant it permission. For simplicity, you allow all pipelines to access the environment. In your own pipelines, you should restrict access to environments to just the pipelines that require it.

  4. Select the button with three dots and select Security.

    Screenshot of the Azure DevOps page for an environment named Test, with the More Actions menu displayed and the Security item highlighted.

  5. In the section named Pipeline permissions, if there's a button titled Restrict permission, select it.

  6. Select the button with three dots. Select Open access.

    Screenshot of the Azure DevOps page for an environment named Test, with the More Actions menu displayed and the Open access item highlighted.

  7. Select the left arrow twice to return to the environments list.

    Screenshot of the Azure DevOps page for an environment named Test, including the arrow button.

  8. Repeat the process to create another environment named Production. Remember to set it to open access.

    Screenshot of the Azure DevOps page for a new environment named Production, with completed details.

    Leave the production environment page open.

Add an approval check to the production environment

  1. Near the upper right of the page, select the button with three dots and select Approvals and checks from the pop-up menu.

    Screenshot of the Azure DevOps interface that shows the Website environment and the button with three dots.

  2. Select Approvals.

    Screenshot of the Azure DevOps interface that shows the page for adding a check and the Approvals item.

  3. In the Approvers text box, type your own name and select yourself.

  4. Select the arrow button next to Advanced.

    Notice that, by default, approvers are allowed to approve the runs that they've triggered. Because you're the only person using this pipeline, leave this checkbox selected. In other organizations, you might need to specify a different approver to meet compliance requirements.

  5. Select Create.

    Screenshot of the Azure DevOps interface that shows the page for adding an approval check, with completed details and the Create button.

Delete the old environment

In the previous versions of the pipeline, you used a single environment named Website. Now that you've created pipeline environments that represent your new environments, you can delete the old pipeline environment.

  1. Go to Pipelines > Environments.

  2. Select the Website environment.

    Screenshot of the Azure DevOps interface that shows the list of environments and the Website environment.

  3. Near the upper right of the page, select the button with three dots and select Delete from the pop-up menu.

    Screenshot of the Azure DevOps interface that shows the test environment, with the More Actions menu and the Delete button highlighted.

  4. Select Delete to confirm the deletion.

Delete the old variables

In the previous versions of the pipeline, you used a single set of variables to define the parameters and deployment configuration. Now that you're deploying to multiple environments, you can delete those variables and replace them with environment-specific sets of variables soon.

  1. Go to Pipelines > Pipelines.

  2. Select the toy-website-environments pipeline.

  3. Select the Edit button.

    Screenshot of the Azure DevOps interface that shows the pipeline and the Edit button.

  4. Select the Variables button.

    Screenshot of the Azure DevOps interface that shows the pipeline and the Variables button.

  5. Select the Delete variable button for each of the three variables.

    Screenshot of the Azure DevOps interface that shows the list of variables and the delete button.

  6. Select Save.

    Screenshot of the Azure DevOps interface that shows the deletion of three variables and the Save button.