Azure Devops: Implementing Devops Standard Guidelines

Introduction:

Over the years, many organizations have started adapting to the cloud culture. Their infrastructure has been migrated to cloud and without a doubt, Microsoft has contributed to one of the largest cloud providers: Azure. When we talk about cloud, the word DevOps comes into picture and Azure devops has been a popular tool for managing the devops practices. Azure DevOps supports a culture and set of processes that bring developers, project managers and contributors together to complete the software development. Azure DevOps provides developer services for support teams to plan their work, collaborate on code development and lastly, build and deploy applications.

This article elaborates on some of the standard guidelines you can follow to manage your project in Azure devops to adhere to security and better visibility at granular level.

Background:

After working on Azure devops for quite some time, I have come up with a set of standard guidelines to follow the devops culture which will be shown in the article below.

Below points are covered in this article:

1. Prerequisites
2. Guidelines
   A. Project Wiki
   B. Work Items
   C. Project Permissions
   D. Branching Strategies
   E. Managing Repositories
   F. Library Variable Groups

3. Advantages

4. Conclusion

5. References

1. Prerequisites:

• The prerequisites for this article include knowledge of using Azure Devops for creating the organization and setting up the project. But if you are completely unfamiliar with Azure Devops and want to get started, you can refer the Microsoft documentation: Sign up, sign in, invite teammates — Azure DevOps Services

2. Guidelines:

• This section details the standard guidelines that you can implement for your projects in Azure devops. The guidelines are brief about project management: branching strategies, project permissions, etc. Read through to know more about all the guidelines:

A. Project Wiki:

• Azure devops provides a way to write down detailed project documentation with a feature called “wiki”, a short for wikipedia, meaning everything you need to know about the project.
• You can write all the project details or an overview for the project in this wiki section. To add “wiki” to the project, select the overview tab and select wiki as shown below:

• Adding a wiki section to the project is a standard practise to maintain which helps the new members of the project to get an overview of the project.
• You can also add multiple sub-pages to the project wiki to have multi-layered documentation such as — Home, Introduction and Overview, etc. as shown below:

• Make sure to add some introduction section to the project wiki section as below:

B. Work Items:

• In Azure devops, the best way to track your work progress is through work items and Azure devops provides multiple types of work items to create from.

• A simple example of task type of work item is shown below, you can get as much detailed as you want to describe the task you are working on and even be very specific about details such as number of hours in total with the actual efforts:

C. Project Permissions:

• Azure devops provides a way to manage the permissions set to the project on groups or user levels.
• To manage permissions on project level go to Project settings (tab located inside the project as shown below):

• Inside the project settings, click on the permissions tab as shown below:

• On the permissions page, you can view the list of groups and users present in the current project. The better way to manage all the users who are part of the project is to add them to a custom team group. For creating a new team group click on the New Group button shown below:

• Once you create a new group, in this case its Developers team group, you can add all the developers’ email IDs to the team group. After that, you can set up permissions for that custom team group with the values: Not set / Allow / Deny. By default, all permissions are set to not set which means not allowed for that activity.
• The developers can be permitted to have allow permission for below activities:

• It is easier to manage multiple users when they are a part of the team group and we can set permissions on team group level.

D. Branching Strategies:

• It’s an ideal practice to create a separate branch based on the master(default) branch for adding new code and testing the code to finally merge it with the master branch.
• It is a general practice to create at least one new branch based on the master branch to test out the new code changes. To follow the best practice, you can create a branch named develop as shown below:

• It’s a good idea to have the branching policies set up against the default branches: master & develop. To set up branching policies, click on the more options button on the right corner of the branch and select branch policies as shown below:

• While setting up the branch policies, ensure to select appropriate number of reviewers to review the code committed to the branch:

• The code that gets checked-in to the branch needs to have a linked work item and whenever the reviewer provides comments for the pull request, those comments need to be resolved at the time of check-in. Both the policies can be enabled by setting up the following way:

• Whenever a pull request is created against the master or any parent branch, you can select the type in which the code will be merged to the parent branch. If there are bulk changes that are requested to be merged, it becomes difficult to track the history of commits. Based on the frequency of changes that get merge to the parent branch, you can select to limit the merge type:

• Azure devops also provides a feature to validate the code by pre-merging and creating the pull request. In the image shown below, we have added our CI pipeline to be triggered at the pre-merging step to validate the code before merging. Lastly, in the Automatically included reviewers, you can add the list of reviewers who will be reviewing the code pull requests:

• The branches who have policies applied will look as below:

E. Managing Repositories:

• Similar to branching policies, Azure Devops provides a way to manages the repositories created inside a project:

• Inside all repositories -> select the repository you want to manage. You can set up the repository policies provided by Azure devops. If you wish to filter out the commits to the repository based on developer email IDs, it can be done in below way:

• Inside the security tab for repository management, you can add the custom team group that you have created to enable the custom team group users to have access on the selected repository:

• For the developers team group, you need to set up user permissions. The developers should be able to contribute to the repository, pull requests and to create branches as they require. Below is the set of permissions that can be set for the custom team group that consists of developers:

• There are multiple ways to manage repositories but making sure to keep security checks is important.

F. Library Variable Groups:

• Last but not the least, Azure devops helps users to implement reusability in many different ways, one of them is the library of variable groups.

• Click on +variable group button to add a new variable group.

• A variable group is nothing but a set of variables that can be used throughout multiple build/release pipelines.
• The most important feature of using variable groups is that whenever the value of a variable needs to be updated, instead of updating all the places, you only need to update on place and that is the variable group.

• You can encrypt the variables which contain confidential information and maintain them at a single place with the help of library variables.

3. Advantages:

• Azure devops provides numerous features to help manage our projects
• Adding branching policies to the branches help developers to manage their code in a better way.
• Adding users to the team group makes it easier to manage a group of users to apply with the same set of permissions.
• There are many such Azure devops features that help users maintain their repositories in a reusable and secure way.

4. Conclusion:

This article explains how we can manage our repositories and branches inside the project which has multiple people working on it remotely. Azure devops help organizations to manage their code remotely in distributed environments. With the help of numerous features provided by Azure Devops, it has become efficient for developers to migrate their code to Azure devops. This article focused on few of the important features of Azure devops apart from the core build & release pipelines.

5. References:

• Add users or groups to a team or project — Azure DevOps | Microsoft Docs
• View permissions for yourself or others — Azure DevOps | Microsoft Docs