In azure api-->Inbound Processing-->Policies
Some of our developers changing these policies and we have no LOG or approval (PR) mechanism.
We want to a Pull request or a similar mechanism to that area.
If any developer changes policies, It should be approved before going live.
Can you give me some Keywords or information if possible.
I don't know how to search for it.
You can establish CI/CD for API Management using Azure Resource Manager templates.
After API developers have finished developing and testing an API, and have generated the API templates, they can submit a pull request
to merge the changes to the publisher repository.
API publishers can validate the pull request and make sure the changes are safe and compliant. For example, they can check if only
HTTPS is allowed to communicate with the API. Most validations can be
automated as a step in the CI/CD pipeline.
Once the changes are approved and merged successfully, API publishers can choose to deploy them to the Production instance either
on schedule or on demand. The deployment of the templates can be
automated using GitHub Actions, Azure Pipelines, Azure PowerShell,
Azure CLI, or other tools.
Azure API Management DevOps Resource Kit is a great place to start with.
Related
We're trying to setup a Github Action that will deploy our software to Azure. Our software is not multi-tenant-aware, so we deploy a replica of the software into a fresh Azure Resource Group for each tenant. So far this has been no problem. Our Github Action has an event input into which we can provide the resource group name and from there it can deploy to that resource group.
With Static Web Apps, though, the Azure API token is generated behind a black box, as is the deployment process. I don't want to have a Github Action workflow and repository secret for each tenant that we want to deploy to.
It looks to me like the auto-generated secret likely somehow specifies which resource group to deploy to, since I see no other way for the "Azure/static-web-apps-deploy#v0.0.1-preview" Github Action to know where it is to be deploying to.
The Azure Portal automatically creates this secret token and adds it with a name like: AZURE_STATIC_WEB_APPS_API_TOKEN_LEMON_WAVE_00AD12A10
Obviously there is a way to create this token, but has that been discussed or outlined anywhere?
Ideally, I'd be able to create that token as-needed and perform a manual deploy using the Azure Static Web Apps Deploy Github Action into any resource group that I need, without duplicating workflows and github secrets.
The service itself seems great and like a clear upgrade over Azure Storage static web apps. The current deployment options are terrible though - why only from a specific github repo and to a specific Azure Resource Group? Why not expose the ability to deploy to anywhere as needed?
Any ideas?
The API token is not tied to a specific repo or branch, but is the permission to deploy to a particular Static Web App. Likewise, it has no tie to a particular resource group, it has a 1-1 relationship with a particular Static Web app.
It sounds like you want to have a single API token that can deploy to all of your Static Web Apps? This is not a good security model and is not recommended.
You can call an API today to retrieve a new API token and invalidate the old one.
To benefit the community posting the answer from our discussion on Microsoft Q&A thread.
I am decided to restrict transaction between two states in azure devops server in inherited process
but i donot know support or not?
if support , how to do it?
i read this link but not found in my azure devops web admin
I am afraid this release has not been updated to the azure devops server. I also did not find the "Restrict the transaction to state" in the Actions on my side.
The release of this feature is currently only for azure devops service. For the release note of Azure DevOps Server, please follow this.
I am working on Azure Analysis service directly from portal.azure.com. Instead i want AAS be save as some file in git repo and deployed is managed through Azure DevOps. Not sure if this possible? How to proceed further on this
Currently, Azure Analysis Service don’t support implementing using Azure Devops.
I would request you to provide the feedback here:
https://feedback.azure.com/forums/556165-azure-analysis-services
All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
You could have a script task make a REST call to Azure from Azure DevOps, building the URL and payload from code, say passing in parameters, or by utilising a variable group.
Anyone know if it's possible to upload custom policies via an Azure DevOps task?
The release pipeline might look like this:
Staging Environment - Deploy from Git to IEF, add suffix _staging
Block pipeline for manual testing
Prod Environment - Deploy to IEF
without the staging suffix
It is possible through MS Graph API for Programmatic access to Custom Policies and Keysets.
You can use Graph API requests to create, update and delete custom policies. These are Graph API requests so you can integrate these in your pipeline but you need to manage the access token.
The MS Graph API is indeed the way to go. For a complete solution look here.
Details on integrating with a DevOps pipeline are here.
Reference 1. Check this blogpost on Custom Policies release automation with Azure DevOps
Reference 2. this extension is available in Azure DevOps marketplace, do the work somewhat similar
Reference 3. Here is Documentation from Azure, Deploy custom policies with Azure Pipelines
I am trying to create Resources group, WebApp plan service, Webapp through the Rest Api of microsoft azure,
I have created above services from RestApi of microsoft Azure,
but i am unable to find, How to create Deployment center.
not getting any thing.
The Deployment Center is a centralized overview for all the deployment methods supported by your app and a guided experience for configuring continuous integration/continuous deployment. It's a service under Azure App Service.
Go to your Azure App page in the portal, you will be able to see Deployment Center, click it then choose GitHub and configure it.
And don't forget go to Github setting page Authorized OAuth Apps. For more details, you could refer to the official tutorial:Deploy continuously from GitHub.
For now, no REST api to configure Continuous deployment. If you are looking for other ways to configure the Continuous deployment, you could refer to the Continuous deployment wiki page, there are other ways to implement it.