Set Up New Environment
Part 1: Set up a pipeline
To be able to deploy the code automatically when one commit the code to the repository, we need to create a pipeline that auto deploy the code, we use a Docker image to the new environment.
...
| Code Block |
|---|
$(date:yyyyMMdd)$(rev:.r) |
...
19. Save the pipeline and run it. At this point all should be running correctly and the code should be in the container registry under Repository.
Pipeline on IIS Special consideration:
The following pipelines are using these configurations: CAMIS-SIMAC-API, CAMMS-SMMAC-Publisher and the CAMMS-SMMAC-Ocelot.
Configurations:
We add a File Transform task as in the picture
...
2. Add pipeline variables:
...
3. Add Variable groups and link them to the pipeline
...
4. All Variable groups are created and stored in the Library
...
Part 2: Set up and configure Azure AD
< Azure Portal configurations etc >Setting up Azure portal involved few steps:
Activate your Developer role in order to configure Azure AD
In order to configure and view some features in Azure AD we need to activate our Developer role for the day or for few hours. To do that go to Azure Ad Privileged Identity Management
...
Click on My roles
...
Click on Activate
...
Give a reason for activating your role and click continue
...
Once your role is activated you can continue to configure the other steps.
Configure App registrations
To do ..
How to set up app reg.
How to set up app roles
and all the other configurations under app reg.
...
API permissions
In API permission, our clients that don’t have the role “Application Developer” in Azure can have an error to open the website.
...
So, we need to grant TC/TC and admin consent required for all permissions.
...
Configure Groups
To do..
Why do we need a group
How to configure
What is the link with the other services on Azure AD like the app reg. groups etc.
...
Configure Container registries
Under Container registries we have 3 existing containers for Development, Test and Acceptance.
ncdsafsecsurcr → Development
nctsafsecsurcr → Test
ncasafsecsurcr → Acceptance
...
The repository holds all the images that are pushed to this Development environment
...
Configure App Services
Go to App Services and click on Create
...
Click Next: Docker to set up the Docker container with the correct image.
...
No more changes required, click Review + create.
Once created → We need to configure the following in app services:
Go to Configuration and create 3 new application settings with the correct value depending on the Environment:
ASPNETCORE_ENVIRONMENT
ASPNETCORE_FORWARDEDHEADERS_ENABLED
ENVIRONMENT
...
Go to TLS/SSL settings and click on “On” to enable HTTPS only
...
Go to Deployment center to verify that the settings are correct
...
Go to Identity to verify that the Status is ON
...
You will need the Object ID to search our App service for the Key vault.
Lastly, we can go to Overview to restart the app service and see the URL for our new environment
...
Configure Key vaults
To DO…
Configure the access policies
...
Click on he correct environment under Key vault.
Go to Access polices and add a new Access Policy
...
Select Get and List for all Secret permissions, Certificate permissions. Then click on None selected under Select principal to configure the Principal.
Enter the Object Id from the Identity under the App Service in order to find your Principal
...