Recently I’ve been on a journey, one with many twists and turns, and one with an elusive destination…
It is a fifth dimension,
Adapted from the TV Series “The Twilight Zone”
beyond that which is known to developers.
It is a dimension as vast as space,
and as timeless as infinity.
It is the middle ground between light and shadow,
between science and superstition,
and it lies between the pit of developer’s fears
and the summit of their knowledge.
This is the is the dimension of imagination.
It is an area we call “Secure DevOps Nirvana”.
Of course, it’s nothing as dramatic as that, with very little in plot twists compared to that show. But possibly entertaining and certainly informative, nonetheless…
I started with what I knew fairly well (or at least what I thought I knew…). I’m a big fan of Azure and have been using it since the very early days of Azure. So much so that this year I took a position as a Sr. Cloud Solutions Architect at Microsoft. So – am I biased? Yes, but I was pretty biased towards Azure before I took the position at Microsoft. I’ve been using Azure for over 12 years now and I have also been trained and done some development in AWS. AWS is great if you love configuring servers and settings and really want to get down and dirty, but most of the time, I want focus on writing code and just have it deploy and work well. IMHO, Azure is much easier for a developer to use. (Your experience may vary, of course!)
Azure DevOps Pipelines and Bicep Templates seemed like a very good place to start as I had several good fairly battle tested pipelines that I could use. I created a project which had several different types of Azure resources, added some Bicep files and pipelines, and called it good. But as every programmer knows — a program is never finished – you just stop working on it. I continued to improve on it gradually and over time, I came to a pretty good working model that I really like for my pipelines.
I’ll walk through this process in a series of posts, breaking each into a bite-sized chunk of info, tips, and tricks.
- Intro
- What is Bicep, anyway?
- Creating Bicep files
- Naming things is hard!
- Using a Bicep Container Registry
- Azure DevOps Pipeline Layers
- What is “azd” and why should I care?
- Adding PSRule Validation
- Adding an Azure DevOps Security Scan
- Convert Azure DevOps Pipeline to a GitHub Actions using the Pipeline Importer
First up — What is Bicep, anyway?
Lyle's Blog 