Learnings from Azure DevOps on Azure Labs — Part 1
A great way to learn Azure DevOps (even DevOps too) is to complete all the modules within Microsoft’s Learning website. There are around 27 modules from Beginner to Intermediate considering DevOps Engineer role.
You will need to have the below accounts (all of them are free accounts) for completing these modules:
- Microsoft account along with Azure account
- Azure DevOps
- GitHub
- Solar Cloud (using can use the free account as long as the selected GitHub repository is Public) with GitHub for authentication
- Whitesource Bolt
Steps to save time when performing the modules:
- At the beginning of each module, you will be asked to recreate the Azure Organization & project using a template. You can avoid these steps to retain the Azure Organization, Project and Pipeline.
- At the end of each module, you will be asked to either delete the project or disable pipeline. You can avoid this step too.
Additional installations:
- GitHub Desktop which also installs Git for windows
- VS Code
- Java SDK — (https://www.oracle.com/technetwork/java/javase/downloads/index.html)
- Sonar Package (using dotnet CLI)
Other than Azure DevOps (Repos, Pipelines, Test Plan, Dashboard etc.), you will also learn the following:
- Distributed Version Control along with using GitHub
- Git Commands using Git Bash
- Automated Unit Testing (NUnit) and Code Coverage
- Security scanning using SonarCloud (Static scanning) & Whitesource Bolt (Dynamic scanning)
- Build agents — MS vs Self hosted
- Automated testing using Selenium
In the first part of this series, I will be covering the issues that you might face (when performing the modules) along with the resolutions.
When performing “Scan code for vulnerabilities in Azure Pipelines” module
Issue 1 — When running the following script “MSYS2_ARG_CONV_EXCL=”*” $HOME/.dotnet/tools/dotnet-sonarscanner end /d:sonar.login=”$SONAR_LOGIN””, an error stating that the directory set in JAVA_HOME cannot be found is thrown. This happens as you might have installed the latest version of Java SE.
Instead of “C:\Program Files\Java\jdk-12.0.1”, set JAVA_HOME=”C:\Program Files\Java\jdk-13.0.1" (if you have version later than jdk-13.0.1, then replace with the latest version)
Issue 2— you will get the following error “You’re not authorized to run analysis. Please contact the project administrator.”. To resolve this error, perform the below steps :
- Provide “Execute Analysis” permission to the user under which the analysis is been performed. This can be done by following this path for a selected project — Administration > Permissions
- You will also need to create a .sonarcloud.properties file within the GitHub repository/branch of the project:
1. sonar.organizationKey=<organization name as in GitHub> or as seen in this image
2. sonar.host.url=https://sonarcloud.io
3. sonar.projectKey=<project key as found in the following path Administration > Update Key)
4. sonar.login=<Login Key — You will need to generate login key from the following path — My Account > Security. Since you cannot see the exiting keys, create one by putting “Project name” within “Enter Token Name”>
Issue 3— When running “$ git reset — hard upstream/master — ”, you might get following error “fatal: Failed to resolve ‘upstream/master’ as a valid revision” . To resolve this error, perform the below git commands :
# ensures current branch is master
git checkout master
# pulls all new commits made to upstream/master
git pull upstream master
# this will delete all your local changes to master
git reset — hard upstream/master
# take care, this will delete all your changes on your forked master
git push origin master — force
Issue 4— After applying the condition (in Azure pipeline YML file) for scanning the code only for “pull request”, you might end up with the following error — “Git fetch failed with exit code: 128”. The reason for this error — “the merge action was performed immediately after the raising the pull request”. To avoid this error, perform the below steps:
- In GitHub, raise a pull request against “master” branch
2. In Azure DevOps website, monitor and wait for the pipeline job to complete. You should see “PR automated” , and for this build security scan will be performed.
3.Once the build completes, then click on merge pull request. This cause the second pipeline job to run. You should now see “Individual CI” , and for this build security scan will be ignored.
When performing “Manage build dependencies with Azure Artifacts” module
You might encounter with the below errors –
- “##[warning]Could not create provenance session: {“statusCode”:500,”result”:{“$id”:”1",”innerException”:null,”message”:”Page not found.”,”typeName”:”Microsoft.VisualStudio.Services.Common.VssServiceException”
- “Unable to load the service index for source https://pkgs.dev.azure.com/rajivbhat/_packaging/Space%20Game%20-%20web%20-%20Dependencies%5CTailspin.SpaceGame.Web.Models1/nuget/v3/index.json. — -> System.Net.Http.HttpRequestException: Response status code does not indicate success: 404 (Not Found).”
To resolve the above error, perform the following:
- Create a Feed named “Tailspin.SpaceGame.Web.Models”
- In Azure Artifacts, goto Feed Settings > Permissions.
- Click on “…” and then select “Allow Project Scope Builds”
- If the above steps still doesn’t solve the issue, use your Organization scope feed in your azure pipeline YML file
When performing “Host your own build agent in Azure Pipelines” module
After activating the Azure Sandbox environment, connection to Azure Terminal (Azure Cloud Shell) might fail on Chrome/IE . On Chrome, you might see this error — “Failed to connect terminal: websocket cannot be established. Press “Enter” to reconnect”. On IE, you might see this pop up — “Revocation information for the security certificate for this site is not available”. To resolve the IE error , follow the below mentioned steps(for Chrome, i am yet to find the solution):
- In IE click Tools then Internet Options and Advanced
- Scroll down to Security and untick the option “Check for server certificate revocation”
- Restart IE.
