Overview of CI/CD leveraging Microsoft Azure Technologies
Introduction
Continuous technological advancements are affecting the design and development of automation tools to lower the burden on software engineers and developers. Automation makes the software development process more efficient in terms of cost and time because resource allocation depends on technical consideration, creative thinking, and effort. Partial or full-scale automation adoption decreases the time dedicated to repeated, menial tasks, ultimately reducing operational costs. The continuous integration and deployment (CI/CD) pipeline helps realize these benefits by providing users with updated software versions (Shahin et al., 2017). Also, it affords developers peace of mind because they can guarantee that each release build aligns with the intended code quality after undergoing the CI/CD pipeline processes. These tools significantly lower the delivery process intricacies, decrease the chance of human errors, and enhance the efficiency of the development process. The developers can achieve continuous updates and maintenance efforts due to the shorter action cycles (Mowad et al., 2022). The iterations provide consistent, minor modifications to the development process, which are easier to manage and pose fewer disruptions, with less adverse impact on the delivery and deployment phases. Various Microsoft Azure Technologies have incorporated the CI/CD pipelines to realize automated deployment, artifact publishing, production deployment, approval gate, code commit, enhanced testing, and automated build, leading to a hastened feedback loop and faster, continuous, and more reliable code deployment.
Overview of CI/CD
CI/CD is a Continuous Integration (CI) and Continuous Deployment (CD) pipeline. It is a DevOps practice that automates the software delivery process. Continuous integration highlights the frequent updates to the central branch, where a developer adds the latest working copies of the software for every commit or at selected intervals throughout the day. Typically, build servers support the CI by ascertaining every merge automatically, running unit tests, and reporting the findings to developers (Vasilescu et al., 2014). The CI concept had already gained massive traction as a “synch-and-stabilize” or “nightly build” in 1997, albeit only gaining world recognition in 2000 through Martin Fowler’s blog entry (Vasilescu et al., 2014). CI is an advocated best practice of agile software development approaches such as eXtreme Programming. The ongoing deployment of quality control measures seeks to speed up the buying process and enhance software quality by decreasing the implementation issues among collaborative software developers. As a quality control check in collaborative, distributed environments, CI has garnered massive integration and success in commercial contacts like Microsoft and open-source alternatives like Mozilla.
While there is massive adoption of CI in the industry, the evolution of CD aids in attaining short-cycle releases. After building software, the CD automatically and continuously implements it in client settings (Weber et al., 2016). It aims to routinely and progressively deploy each alteration into the production environment. There are no manual steps in CD; a change gets deployed to the production environment via the pipeline instantly after the developers make it. It employs a push-based approach with frequent and automated releases, consistently continuing the CI processes (Shahin et al., 2017). Together, the CI/CD pipeline provides the software engineering industry with wide-ranging benefits, including defect discovery, sped-up releases, and enhancements in developer productivity.
Microsoft Technologies for CI/CD
Azure DevOps
Azure is among the leading platforms for process automatization in software building and deployment. The platform provides various free and paid services, depending on an entity’s needs. Azure DevOps is a set of development tools that can build, test, and deploy a solution in any language on-premises or cloud (Zeeshan & Zeeshan, 2020). It supports the whole software development complex and encompasses multiple components, including Azure Repos, Azure Pipelines, Azure Artifacts, Axure Test Plans, and Azure Boards.
1. Azure Repos. Azure Repos offers cloud-hosted private Git repos and version control tools to manage code. The code management is steered through code reviews, pull requests, and branches. Developers review the code with their teams to ensure that modifications pass the tests before deployment. Integration with CI commits and connects the pipelines, instigating builds and tests to validate the changes. They create a pull request, link work items to the created pull requests, establish branch policies, squash merge pull requests, Git branch and pull request workflow, and vote on alterations or leave comments. They also use pull request status to extend pull request workflows and isolate the code with forks. Only a pull request can carry the sharing of new branches, folders, or files after a fork has been created. Otherwise, it is impossible. Azure Repos also backs a centralized version control system called the “Team Foundation Version Control” (TFVC) (Chandrasekara & Herath, 2019). The team members usually possess only a single version of each file of the development systems because the server stores all the historical data, which creates path-based branches.
2. Azure Pipelines. Azure pipelines allow developers to build, test, pack, and release infrastructure code and applications. They encompass three different pipelines: the pull request (PR) pipeline, the CI pipeline, and the CD pipeline. PR pipelines validate the code, enabling the integration of a pull request through linting, developing, and unit testing (Zampetti et al., 2019). The CI pipelines come in after incorporating the code, which conducts similar validation as PR pipelines but supplements it with implementation testing and publishes artifacts upon the success of all processes. Lastly, CD pipelines implement the build artifacts, run acceptance tests, and release to production environments (Soni et al., 2015). This provision allows for the ready deployment of tested code. The Azure pipelines can support wide-ranging platforms and languages such as Python, Node.js, and Java. They can also develop and implement Docker containers. YAML is employed to define the pipelines, enable code-like, version-controlled configurations, augment collaboration, and streamline the review and monitoring of pipeline alterations like code changes.
3. Azure Artifacts. The Azure Artifact Feeds allows one to manage and share various software packages, including NuGet, npm, and Maven (Seremet & Rakic, 2021). They manage the package lifecycle, encompassing versioning, reciting, and promoting packages. These affordances ensure the development team leverages the most secure, up-to-date package version. Merging CI/CD pipelines with package management automatically absorbs and publishes packages, ascertaining efficient management of dependencies. As a result, custom package forms will align with specified requirements.
4. Azure Test Plans. Azure Test Plans are tested handling and execution toolsets provided by Microsoft as part of the Azure DevOps services to aid software developers in managing their testing efforts during the development lifecycle. The Test Plans ensure software quality and afford flexibility regarding automated and manual testing (Hundhausen, 2021). Their integration with CI/CD pipelines allows developers to automate test case execution when building and releasing the pipeline. It stimulates load on applications to evaluate scalability and performance and affords valuable and actionable insights into the test findings, aiding in promptly identifying and handling issues. This merger and resulting improvements make testing an integral part of the development process.
5. Azure Boards. Azure Boards are customizable and interactive avenues for enhancing social engineering and development undertakings. These boards encompass inherent support for Agile, Kanban, and Scrum processes, calendar views, integrated reporting, and configurable dashboards. Given their scalability, Azure Boards are perfect for dynamic business environments (Gundu et al., 2020). Integration with the CI/CD pipeline facilitates work tracking by managing projects with dashboards, backlogs, and Agile tools. Besides, developers can link their work items with code commits, releases, and builds to ensure end-to-end detectability.
GitHub Actions
1. Workflow Automation. GitHub Actions is centrally fashioned to assist in simplifying workflows with adaptable automation and provide easy-to-use CI/CD abilities by and for developers. These abilities include integration of CI into the GitHub flow with customized templates for and by the developers. It also allows the creation of individual CI and CD workflows. Compared with other automation tools, GitHub Actions provides developers with native capacities in their GitHub flow, streamlining and leveraging the thousands of pre-built and tested automation. They also allow developers to employ the CI/CD actions in the GitHub Marketplace and the capability of writing individual code with YAML files (Saroar & Nayebi, 2023). The developers can employ the YAML files to define their custom workflows, indicating the sequence of execution steps. Every step can include examining code, building artifacts, running tests, or deploying to production. Also, GitHub Actions reacts to webhook events (Heller, 2021). This response highlights the possibility of using a GitHub event or any third-party instrument to automate any workflow from a webhook trigger in the repository. Incorporating third-party services will enable the inclusion of various tasks, such as interaction with cloud services, updating issues, or sending notifications.
2. Extensibility. GitHub Actions solicit various pre-built actions from the Action Marketplace. These actions capture standards, tools, and tasks, allowing developers to incorporate them seamlessly into workflows. Developers can leverage the pre-built actions to create custom actions. The Marketplace also comprises vast community contributions that can prove helpful in diverse tasks. Moreover, the GitHub Actions Extension is an official VS Code extension that assists in managing and running tasks (Vishwakarma, 2023). The VS Code’s validation and completion can aid in building the correct syntax and avoiding errors during the development process.
3. Integration with Azure. The CI/CD masterminds specifically designed a pipeline that employs GitHub Actions for repository hosting microservices. The novel CI/CD pipeline leverages targeted building, testing, and dynamic parallelization to afford developers swiftly delivered value. Moreover, it developed Docker images and deployed them to the Azure Container Registry, making them readily available for instant utilization by developers seeking to test their modifications. Deployment of the containers takes place to the hosts or Kubernetes. One of the pipelines’ most significant characteristics is its affordance of automatic versioning of the constructed Docker images, enabling ensuing pipelines to leverage similar, already built and tested images. This process saves time by eliminating unnecessary rebuilds and alleviating inconsistencies between the examined and implemented versions. In addition to the Azure Integration, the CI/CD pipeline provides an avenue for augmented security through GitHub’s security features. Thus, it is possible to leverage security components like secret management to uphold the safety of workflow credentials.
Benefits of CI/CD
Faster Defect Identification and Resolution: The CI/CD pipeline allows developers to develop appropriate quality checks during development and testing (Singh & Mansotra, 2021). This merit creates a fast, instantaneous feedback loop that ensures early identification and resolution of arising defects in the development cycle.
Scalability: The CI/CD pipeline allows Microsoft technologies to scale up to meet the demands of a dynamic business environment in the technologically savvy era. The GitHub Actions and Azure DevOps can expand their functionalities to align with the strategic objectives of small development teams and established enterprises.
Decreased Assumptions: The second benefit of the CI/CD pipeline to Microsoft technologies is massive knowledge that can replace testing assumptions. As a result, developers act on factual information instead of educated guesses, eliminating cross-platform errors during the development stage.
Enhanced Quality Assurance: The traditional development and test processes are plagued with unforeseen problems during any stage of the development cycle, leading to significant delays in release and deployment (Singh & Mansotra, 2021). The automation abilities in the CI/CD pipeline and quality checks allow the quality assurance team to deploy the software seamlessly and overcome the issues associated with the conventional approach.
Software Health Quantifiability: Given the robust integration and deployment features, the CI/CD pipeline establishes ongoing testing as an automated deployment procedure (Singh & Mansotra, 2021). This capability allows tracking software health attributes, even those too intricate.
Reduced Overhead Cost: As discussed above, the CI/CD pipelines enable developers to identify and resolve system defects at the development stage, streamlining the entire cycle.
Early capturing of the bugs substantially reduces the overhead costs involved in fixing them if they emerge in any other environment.
Security: Integrating the CI/CD pipeline offers vast benefits in terms of enhanced security features in software engineering. These security affordances encompass compliance with industry regulations, secrets management, and role-based access control.
Conclusion
Microsoft’s development team leverages the CI/CD pipelines for its various Microsoft Azure DevOps services for automated operations, advanced testing, and production deployment. For instance, the developers commit code to an Azure Repos branch, which instigates Azure pipelines to create a framework for code compilation, unit testing, and artifact building. The building artifact undergoes publishing and deployment into a production environment. Additionally, the developers leverage GitHub Actions to build custom CI/CD workflows. Therefore, Microsoft Azure technologies have benefitted from CI/CD pipelines through encased scalability, security, and quality assurance.
References
Chandrasekara, C., & Herath, P. (2019). Hands-on Azure Repos: Understanding Centralized and Distributed Version Control in Azure DevOps Services. Apress.
Gundu, S. R., Panem, C. A., & Thimmapuram, A. (2020). The Dynamic Computational Model and the New Era of Cloud Computation Using Microsoft Azure. SN Computer Science, 1(5), 264. https://doi.org/10.1007/s42979-020-00276-y
Heller, P. (2021). Automating Workflows with GitHub Actions: Automate software development workflows and seamlessly deploy your applications using GitHub Actions. Packt Publishing Ltd.
Hundhausen, R. (2021). Professional Scrum Development with Azure DevOps. Microsoft Press.
Mowad, A. M., Fawareh, H., & Hassan, M. A. (2022, November). Effect of using continuous integration (ci) and continuous delivery (cd) deployment in DevOps to reduce the gap between developer and operation. In 2022 International Arab Conference on Information Technology (ACIT) (pp. 1-8). IEEE. https://doi.org/10.1109/ACIT57182.2022.9994139
Saroar, S. G., & Nayebi, M. (2023, June). Developers’ perception of GitHub Actions: A survey analysis. In Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering (pp. 121-130). https://doi.org/10.1145/3593434.3593475
Seremet, Z., & Rakic, K. (2021). Best approach to security in Azure DevOps. DAAAM International Scientific Book.
Shahin, M., Babar, M. A., & Zhu, L. (2017). Continuous integration, delivery, and deployment: A systematic review on approaches, tools, challenges, and practices. IEEE Access, 5, 3909-3943. http://dx.doi.org/10.1109/ACCESS.2017.2685629
Singh, A., & Mansotra, V. (2021). A Comparison on Continuous Integration and Continuous Deployment (CI/CD) on Cloud Based on Various Deployment and Testing Strategies. International Journal for Research in Applied Science and Engineering Technology, 9(VI), 4968-4977.
Soni, M. (2015, November). End-to-end automation on cloud with build pipeline: the case for DevOps in insurance industry, continuous integration, continuous testing, and continuous delivery. In 2015 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM) (pp. 85-89). IEEE. https://doi.org/10.1109/CCEM.2015.29
Vasilescu, B., Van Schuylenburg, S., Wulms, J., Serebrenik, A., & van den Brand, M. G. (2014, September). Continuous integration in a social-coding world: Empirical evidence from GitHub. In 2014 IEEE International Conference on Software Maintenance and Evolution (pp. 401-405). IEEE. https://doi.org/10.1109/ICSME.2014.62
Vishwakarma, S. (2023). Introduction to GitHub Actions: Streamlining CI/CD Pipelines. Documatic. https://dev.to/documatic/introduction-to-github-actions-streamlining-cicd-pipelines-1fkf
Weber, I., Nepal, S., & Zhu, L. (2016). Developing dependable and secure cloud applications. IEEE Internet Computing, 20(3), 74-79. http://dx.doi.org/10.1109/MIC.2016.67
Zampetti, F., Bavota, G., Canfora, G., & Di Penta, M. (2019, February). A study on the interplay between pull request review and continuous integration builds. In 2019 IEEE 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER) (pp. 38-48). IEEE. https://doi.org/10.1109/SANER.2019.8667996
Zeeshan, A. A., & Zeeshan, A. A. (2020). Securing Build Systems for DevOps. DevSecOps for. NET Core: Securing Modern Software Applications, 163-214. https://doi.org/10.1007/978-1-4842-5850-7_5
