Search Tutorials


AZ-400 - Design and Implement Release Pipelines | JavaInUse

AZ-400 - Design and Implement Release Pipelines

1. Continuous Delivery (CD) Concepts

Continuous Delivery is the practice of keeping code in a deployable state at all times. Every change that passes automated testing is a release candidate. Continuous Deployment goes further by automatically deploying every validated change to production.

CD vs Continuous Deployment

Key Difference

Continuous Delivery means every change is ready to deploy but requires a manual approval step before going to production. Continuous Deployment automates the full pipeline from commit to production without manual intervention. Most organizations start with Continuous Delivery and evolve toward Continuous Deployment as confidence in their pipeline grows.

2. Azure Release Pipelines

Azure Release Pipelines (classic) provide a visual interface for defining deployment workflows with stages, approval gates, and artifact sources. Multi-stage YAML pipelines are the modern alternative that defines both build and release in a single YAML file.

Stages and Environments

Release Pipeline Structure

A classic release pipeline consists of: Artifacts (build outputs that trigger the release), Stages (Dev, QA, Staging, Production), Pre-deployment conditions (triggers, approvals, gates), Tasks (deployment steps within a stage), and Post-deployment conditions (approvals and gates after deployment). Each stage represents a target environment.

Approvals and Gates

Approval Workflows

Pre-deployment approvals require designated approvers to authorize deployment before it begins. Post-deployment approvals require sign-off after deployment completes. Approvers can be individual users or groups. Features include: timeout policies, sequential vs parallel approval order, and the ability for the deployer to approve their own deployments (configurable).

Gates

Gates are automated checks that run periodically until they pass or time out. Built-in gates include: Invoke Azure Function (call a function and check result), Query Azure Monitor alerts (ensure no active alerts), Invoke REST API (call an external endpoint), Query Work Items (ensure no open critical bugs), and Security and Compliance Assessment. Gates enable data-driven deployment decisions without manual intervention.

3. Deployment Groups

What Are Deployment Groups?

Deployment groups are logical sets of target machines with agents installed. They enable deploying to multiple servers (on-premises or cloud VMs) in parallel or rolling fashion. Each machine in a deployment group runs the Azure Pipelines agent and can be tagged (e.g., web, db, app) to target specific roles during deployment.

4. Containers and Docker

Docker Fundamentals

Docker Concepts

A Dockerfile defines how to build a container image layer by layer. Images are immutable templates for creating containers. Containers are running instances of images. Multi-stage builds use multiple FROM statements to create smaller production images by separating build-time and runtime dependencies.

Azure Container Registry (ACR)

ACR Features

ACR is a managed Docker registry service in Azure. Key features include: Geo-replication for multi-region deployments, ACR Tasks for automated image building on code commit or base image update, Content trust for image signing, Service tiers (Basic, Standard, Premium), and integration with AKS, App Service, and Azure Pipelines. ACR supports both Docker images and OCI (Open Container Initiative) artifacts.

Azure Container Instances (ACI)

ACI Overview

ACI provides serverless containers that can run without managing VMs or orchestrators. Use cases include burst workloads, short-lived tasks, CI/CD build agents, and event-driven processing. ACI supports container groups (multiple containers sharing a host, network, and lifecycle), similar to Kubernetes pods. ACI can be integrated with Azure Virtual Network for private networking.

Azure Kubernetes Service (AKS)

AKS Deploy from Azure Pipelines

AKS is a managed Kubernetes cluster. Azure Pipelines deploys to AKS using the KubernetesManifest task or HelmDeploy task. Deployment strategies include: Rolling updates (default), Blue-green (using multiple deployments with service switch), and Canary (using SMI or Kubernetes manifests). Azure Pipelines Environments can model AKS namespaces with approval gates.

5. Multi-Stage YAML Pipelines

Unified Build and Release

Multi-stage YAML pipelines combine build and deployment in a single YAML file. Each stage can depend on previous stages, have its own variables, and target different environments. Deployment jobs use the deployment keyword and can reference environments with approval checks defined in Azure DevOps. This provides full pipeline-as-code with version control and PR-based review of deployment changes.

Container Jobs

Container jobs run pipeline steps inside a Docker container, ensuring a consistent build environment regardless of the host agent. You specify the container image in the YAML file. This is useful for ensuring specific tool versions and avoiding agent configuration drift. Container jobs can pull images from ACR or Docker Hub.

Exam Tip: Know the difference between classic release pipelines and multi-stage YAML. Understand approvals vs gates (manual vs automated). Know when to use deployment groups vs AKS vs ACI. Remember that multi-stage YAML is the recommended approach for new pipelines. Understand Docker multi-stage builds for creating optimized container images.

← Back to AZ-400 Preparation Topics


Popular Posts

1Z0-830 Java SE 21 Developer Certification Prepare with Notes and Real Time Practice Tests 1Z0-819 Java SE 11 Developer Certification Prepare with Notes and Real Time Practice Tests 1Z0-829 Java SE 17 Developer Certification Prepare with Notes and Real Time Practice Tests AWS AI Practitioner Certification Prepare with Notes and Real Time Practice Tests AZ-204 Azure Developer Associate Certification Prepare with Notes and Real Time Practice Tests AZ-305 Azure Solutions Architect Expert Certification Prepare with Notes and Real Time Practice Tests AZ-400 Azure DevOps Engineer Expert Certification Prepare with Notes and Real Time Practice Tests DP-100 Azure Data Scientist Associate Certification Prepare with Notes and Real Time Practice Tests AZ-900 Azure Fundamentals Certification Prepare with Notes and Real Time Practice Tests PL-300 Power BI Data Analyst Certification Prepare with Notes and Real Time Practice Tests Spring Professional Certification Prepare with Notes and Real Time Practice Tests Azure AI Foundry Hello World What is Azure AI Foundry Azure AI Agent Hello World Set up and run your first agent Foundry vs Hub Projects When to choose Foundry or hub-based Build Agents with SDK Threads, messages, runs in Python Bing Web Search Agent Ground agents with real-time data Function Calling Agent Custom functions & tool integration Spring Boot + Azure Key Vault Hello World Example Fetch secrets from Azure Key Vault in Spring Boot Spring Boot + Elasticsearch + Azure Key Vault Example Secure Elasticsearch config using Azure Key Vault Spring Boot Azure AD (Entra ID) OAuth 2.0 Authentication Connect Spring Boot to Azure AD using OAuth2 Deploy Spring Boot App to Azure App Service Host Spring Boot application on Azure App Service Secure Azure App Service using Azure API Management Protect deployed Spring Boot app with API Management Deploy Spring Boot JAR to Azure App Service Deploy executable JAR directly to Azure Deploy Spring Boot + MySQL to Azure App Service Host Spring Boot with MySQL database on Azure Spring Boot + Azure Managed Identity Example Access Azure Key Vault using Managed Identity Secure Spring Boot Azure Web App with Managed Identity + App Registration Secure Spring Boot app via Azure Portal configuration Elasticsearch 8 Security - Integrate Azure AD OIDC Integrate Azure AD OIDC with Elasticsearch & Kibana