How to Automatically deploy Configuration Files with Azure DevOps CD pipelines

Introduction


Part of the CI/CD Automation is to add environment-related configuration files through deployment automatically, rather than manually uploading them.
This will provide less human error and more security by splitting the developer's responsibility of knowing the environment configuration or editing it, as to be handled by Operation side.

We will take an example of CI for DotNet Core 6 WebApi project, and on that project, we need to copy the related appsetting.json to its environment.

Pre-Requested Knowledge:

To benefit from this article you need to be familiar with the following: 
  • Azure DevOps.
  • the Concept of CI/CD.
  • Azure CI/CD Pipelines.
  • DotNet Core Web Api Deployment (or similar).

Adding From Source Code Branch


In some cases, we will have configuration files included in our source code, for example, in DotNet Core Web Application code, we can have multiple appsettings.json files for each environment.

 On deployment, we need to check: if the environment is a dev environment, then upload the appsettings.Development.json file.
 Else if it's a staging environment then upload appsettings.Stage.json on deployment and so on.

Therefore, In this situation we follow the following steps:

On Build Pipeline: 

  • On the build pipeline, Archiving the published files or Artifacts must be disabled.
- task: DotNetCoreCLI@2
displayName: 'Publish Web App'
inputs:
command: publish
publishWebProjects: True
arguments: '--configuration $(BuildConfiguration) --output $(Build.ArtifactStagingDirectory)'
zipAfterPublish: false
view raw DotNetCorePublishTask.yml hosted with ❤ by GitHub

Notice that we set zipAfterPublish: false.

On Deployment Pipeline:

  • On the deployment pipeline, Add a delete file task to remove unwanted configuration files:
steps:
- task: DeleteFiles@1
displayName: 'Delete appsetting.json files from WebApi Folder'
inputs:
SourceFolder: '$(System.DefaultWorkingDirectory)/WebApi'
Contents: appsettings.Staging.json
view raw DeleteFileTask.yml hosted with ❤ by GitHub
  • Then, we need to rename the appsettings.Development.json file to appsettings.json to be the default app settings. to do so, we will use the Command Line Script task:
steps:
- script: 'rename appsettings.sit.json appsettings.json'
workingDirectory: '$(System.DefaultWorkingDirectory)/WebApi'
displayName: 'Command Line Script'
view raw FileRenameScriptTask.yml hosted with ❤ by GitHub
  • Then we will archive the published files (if required to be archived) by adding the archive task:
steps:
- task: ArchiveFiles@2
displayName: 'Archive WebApi'
inputs:
rootFolderOrFile: '$(System.DefaultWorkingDirectory)/WebApi/**'
archiveFile: '$(System.DefaultWorkingDirectory)/WebApi.zip'
view raw ArchiveFileTask.yml hosted with ❤ by GitHub
Then we deploy, and the configuration file need will be attached to the deployment package. 

This way is simple, But, it cost the developer to upload the configuration files on the source code, which is not always a best practice for two reasons: 
  • You may have environment-related sensitive data in your configuration files, and we don't want to be exposed to anyone that can access the source code.
  • Any change in configuration files will cost the developers to make commits to the source code, which means a process of Pull Request and review for any environmental change.
Next, we will see how to solve this issue at Azure DevOps.

Adding From Azure DevOps Secure Files

Secure files allow you to store files you can share across pipelines. Use the "Secure files" library to store files such as:
  • Signing certificates
  • Apple Provisioning Profiles
  • Android Keystore files
  • SSH keys
These files can be stored on the server without committing them to your repository.
See more on how to add azure secure files here.

To add files on deployment from Secure Files, follow the steps:

Build Pipeline:

  • On the build pipeline, Archiving the published files or Artifacts must be disabled.
- task: DotNetCoreCLI@2
displayName: 'Publish Web App'
inputs:
command: publish
publishWebProjects: True
arguments: '--configuration $(BuildConfiguration) --output $(Build.ArtifactStagingDirectory)'
zipAfterPublish: false
view raw DotNetCorePublishTask.yml hosted with ❤ by GitHub

Deployment Pipeline:

  • Add Download secure file task to your deployment pipeline:
steps:
- task: DownloadSecureFile@1
displayName: 'Download appsettings'
inputs:
secureFile: appsettings.json
view raw DownloadSecureFile.yml hosted with ❤ by GitHub
  • Then, Copy the secure file to the published folder:
- task: CopyFiles@2
displayName: 'Copy AppSettings Files to: API Folder'
inputs:
SourceFolder: '$(Agent.TempDirectory)'
Contents: appsettings.json
TargetFolder: '$(System.DefaultWorkingDirectory)/API'
view raw CopyFileTask.yml hosted with ❤ by GitHub
  • Finally, Archive the published folder if required:
steps:
- task: ArchiveFiles@2
displayName: 'Archive WebApi'
inputs:
rootFolderOrFile: '$(System.DefaultWorkingDirectory)/WebApi/**'
archiveFile: '$(System.DefaultWorkingDirectory)/WebApi.zip'
view raw ArchiveFileTask.yml hosted with ❤ by GitHub

Conclusion

In this article, we show how to add configuration files while automated deployment, we also introduce how to use Azure DevOps Secure Files to make a Zero Trust Deployment.


Comments

Post a Comment

Popular posts from this blog

Adapting a New Technology: A General Guide to keep Your Systems up-to-date

Image
Special Thanks to [Mohamed Othman](https://www.linkedin.com/in/mohammad-othman-55351b20b/) for his help in editing this blog. ## Introduction If you are generally working in the technology sector and specifically in the software industry, you will be under stress by the number of new things that are coming up every day. New stuff can be a new integration technology, a new framework, a language version upgrade, or even a new library that helps you to do specific tasks in your code. In this article we will refer to those as: "new Tech". And if you are like me, you will feel messed up if you don't know or know how to use the new trend! So here, I will list some tips and tricks, along with best practices for keeping your projects up-to-date. **Note**: the tips in this article for when and how to implement the new technology in your daily working projects are not concerned about keeping your knowledge up to date, knowing things and doing them are two different t...
Read more

Practices for Clean & Secure Code Repositories

Your code repository is your most valuable asset, it represents the timeline and story behind what you’re building. It serves as your backup in case something goes wrong, which is why it’s essential to keep it as clean and organized as possible. Here are some best practices you can follow to achieve that for both private and public repos: ## The main contains the latest code always I’m a fan of using GitHub Flow for code management. Unlike the traditional Git Flow, where you have multiple main branches (one branch per environment), GitHub Flow has only one main branch. Other branches are used exclusively for feature development. The main branch always contains the latest code merged from feature branches. However, this doesn’t necessarily mean the code is already in production; it simply reflects the most up-to-date work from the developers. By following this approach, you ensure a single source of truth for the latest code and a single branch to deploy from. Even fixes ...
Read more

Adding Multiple DB Contexts in your DotNet Project

Introduction  In this article we will discuss adding multiple DB contexts to our DotNet projects, we will use EF core as our ORM to make a "Code First Database" approach.  In this article example, we will use DotNet 7 connecting to SQL Server through EF Core 7, all of this will be in a web API project to see how to define those DB contexts as services in program.cs  file.  You can download the example source code from here .  Why would we need multiple DB Contexts in our Solution?  There are two situations where you need multiple DB Context in your project or Solution:  We have a single database but need multiple  schemas in our database, and each scheme will have a group of entities.  We have Multiple databases and our project needs to connect them to do its operations.  We will take the first situation as our code example. Creating Our models Let's assume we have a si...
Read more