Ultimate Guide to Azure DevOps Certification Course: Pass the Exam with Confidence

hey this is Andrew Brown your favorite Cloud instructor bringing you another free Cloud certification course and this

time it's the a400 this is specifically for the Azure devops engineer um and we're making this available on free Camp

as always so the way we're going to get the certification is by doing labs in our own Azure account uh lecture content

and as always we provide you a free practice exam and I want to tell you that our exam simulator has case studies

which is the most important component when we're looking at these expert certifications with Azure um so if you

want to support more free courses like this one the best way to do that is to purchase the additional study materials

over on exampro doco that's where you get the cheat sheets additional practice exams uh the content is layered um and

again it helps produce these courses if you don't know me I've taught a lot of courses here um I've taught ads Azure

lots of azure uh gcp kubernetes terraform you name it I've taught it so you're in good hands and I will see you

soon okay hey this is Andrew Brown I just wanted to tell you that in this video course I am utilizing my synthetic

voice uh synthetic voices is when you utilize software that emulate your voice the reason why I utilize synthetic voice

is a couple reasons this is when uh the real Andrew not the synthetic voice Andrew has lost his voice and this

happens to me because I have muscle tension dysphonia and so if I use my voice a lot aggressively I can lose my

voice and so I have to uh be careful when I'm recording a considerable amount of content and right now when this video

is being made I am recording a lot of adus content and so you know I've ask my support team to just generate out my

words and Stitch the video together and this the reason for that is that I don't want my content to go stale so when I

create content it has to get shipped uh whether my voice is ready or not um so this is the case for the ac400 otherwise

this course would just go stale and you wouldn't get it for like 6 months to a year but um you know that's the

trade-off that we have when I'm a single content creator and I'm trying to get all this content out so I just want to

point out that the content is made by me it's just utilizing a synthetic voice so it's not like it's somebody else doing

100% everything else otherwhere but there you go okay hey this is Andrew Brown from exam

Pro and we'll be going over an introduction of the a400 certification the Azure devops Engineer Expert is an

expert level Microsoft certification for the pre-requisites you must earn at least one of the following the Microsoft

certified Azure administrator associate or the Microsoft certified Azure developer associate the key topics

covered in this course design and Implement processes and Communications such as GitHub flow and Azure boards

design and Implement traceability and flow of work configure collaboration and communication designed and Implement a

source control strategy such as branching strategies pull request workflows design and Implement build and

release pipelines design and Implement a package management strategy like GitHub packages develop a security and

compliance plan and Implement an instrumentation strategy like Azure Monitor and log analytics so who is this

certification for the certification is designed for individuals who are interested in learning how to design and

Implement devops practices for continuous integration continuous delivery and infrastructure is codee you

may consider this certification if you are new to devops and want to learn the fundamentals and benefits of devops

practices you are a software developer systems administrator or IT professional you want to understand the capabilities

of azure devops and GitHub including building pipelines implementing Source control strategies and managing security

and compliance you are a senior devops engineer or in a related role who needs to reset or refresh your knowledge after

working for multiple years so what's the Azure devops Engineer Expert road map like well the most common route that

people take to reach the devops Engineer Expert is to start at the Azure fundamentals it's not mandatory but it

helps build a solid foundation then you take the Azure developer associate for Designing building testing Azure

applications and eventually take the Azure Dev Ops Engineer Expert another common path is to take the Azure

administrator associate and then the Azure Solutions architect you can also take the Azure Solutions architect after

the devops Engineer Expert to further enhance your Microsoft Azure skills and widen your career prospects other

popular associate level certifications may include the aszure AI engineer Azure database administrator and the Azure

security engineer and many more so that's a general outlook on the road map to Azure devops Engineer Expert how long

this study to pass for beginners so if you've never used Microsoft Azure or any cloud provider have no prior experience

with devops practices or no Tech background or experience you're looking it around over 50 hours you shouldn't

take this exam if you're a beginner you'll need to pass the prerequisites and build a solid foundation if you're

experience with Microsoft Azure or any Cloud providers have experience with devops practices and tools and have a

strong background in technology you're looking at about 15 hours the average study time is about 25 hours you should

dedicate around 50% of the time to lecture in labs and 50% of the time to practice exams we recommended to study

around 1 to 2 hours a day for 20 days what does it take to pass the exam watch video lecture and memorize key

information do handson labs and follow along within your own account do paid online practice exams that simulate the

real exam sign up and redeem your free practice exam exam guide content outline the exam has a total of five domains

each domain has its own waiting this determines how many questions in a domain that will show up skills measured

design and Implement processes and communic ation design and Implement a source control strategy design and

Implement build and release pipelines which consists of 50 to 55% of the course develop a security and compliance

plan Implement an instrumentation strategy where do you take the exam you can take the exam at an inperson test

center or online from the convenience of your own home you can use CER aort or Pearson view a proctor is a supervisor

or person who monitors students during an examination the passing GR is about 700

out of 1,000 you need to get around 70% to pass Microsoft uses scaled scoring there are about 50 to 55 questions you

can afford to get roughly 12 to 14 questions wrong there is no penalty for wrong questions form bet of questions

multiple choice multiple answer drag and drop yes and no keep in mind that there's usually one labp with about

eight questions that you do on the Azure portal and the exam is open book but you can only access the Microsoft

documentation is the resource the exam duration is 2 hours you get about 2 minutes per question exam time is 120

Minutes C time is 150 minutes C time refers to the amount of that you should allocate for the exam it includes time

to review instructions Show online Proctor your workspace read and accept NDA complete the exam provide feedback

at the end the certification is valid for one year you can renew the certification for free Within 6 months

or before the expiration date so that's an introduction to the Azure devops engineer expert

[Music] certification hey this is Andrew Brown from exam Pro and we'll be going over a

quick overview of the exam guide you can find the exam guide by searching for study guide for exam a400 on Google so

as we scroll down it will show you the five domains covered and it'll be broken down into more sections I won't be able

to go through all of it so I'll just go through some of the key topics that I think you should focus on for the exam

design and Implement a structure for the flow of work including GitHub Flow Design and Implement integration for

tracking work including GitHub projects Azure boards and repositories you need to know the flow of work such as cycle

times time to recovery and lead time configure release documentation including release notes and API

documentation design and Implement a strategy for managing large files including get large file storage and get

fat recommend package management tools including GitHub packages registry and Azure

artifacts design and Implement quality and release Gates including security and governance select a deployment

automation solution including GitHub actions and Azure pipelines design a deployment strategy

including blue green Canary ring Progressive exposure feature flags and a b

testing Implement feature flag Flag by using azzure App configuration feature manager design and Implement desired

State configuration for environments including Azure automation State configuration Azure resource manager

bicep and Azure autom manage machine configuration Implement and manage GitHub authentication including GitHub

apps G token and personal access tokens Implement and manage Secrets keys and certificates by using Azure key Vault

automate container scanning including scanning container images and configuring an action to run codic L

analysis in a container configure Azure Monitor and log analytics to integrate with devops

tools configure collection of telemetry by using application insights VM insights container insights storage

insights and network insights inspect distributed tracing by using application insights interrogate logs using basic

custom query language queries so that's a quick overview of the exam guide for the a400

[Music] hey this is Andrew Brown from exam Pro and we'll be starting off asking the

most important question first what is devops devops is an approach that brings together software development and it

operations with the goal to enhance the speed and reliability of software delivery it focuses on continuous

Improvement Automation and collaboration between teams that were once siloed aiming to shorten the time from

development to operation the process includes frequent code versions which allows for for incremental improvements

to applications and systems the ultimate goal of devops is to create a culture and environment where building testing

and releasing software can happen rapidly frequently and more reliably so why devops devops eliminates the

inefficiencies miscommunications and delays that arise from the traditional gap between development and operations

teams it creates a collaborative culture that accelerates and improves software delivery some of the key challenges

addressed by devops include this communication and collaboration gaps enhances communication and collaboration

reducing misunderstandings and accelerating the release process conflicting goals aligns the goals of

Dev and Ops teams towards quick reliable and high-quality software delivery manual processes in Bottle X advocates

for automation to decrease manual effort errors and delays and streamline processes automation leads to fewer

errors shorter deployment times and improved software quality so what's the role of a devops engineer a devops

engineer facilitat this collaboration in automation focusing on continuous integration and continuous delivery

establishing pipelines that automate code integration testing and deployment ensuring rapid Reliable Software

releases infrastructure is code managing and provisioning infrastructure through code to increase efficiency and

consistency monitoring and operations implementing Monitoring Solutions to track application and infrastructure

performance ensuring High availability and reliability transition to Cloud infrastructure many organizations are

transitioning to Cloud infrastructure such as a WS Google cloud or Azure to cut costs and improve manageability

offering intuitive tools for network and security settings but necessitating knowledge of platform specific features

some of the tools and technologies that will be used in Dev Ops are Version Control such as get essential for

managing code changes and facilitating team collaboration agile and lean techniques for planning Sprint isolation

and capacity management containerization such as Docker enables scalable deployments with lightweight containers

that are faster and simpler to configure than traditional virtual machines orchestration like kubernetes

efficiently manages containerized applications that scale CI CD tools such as Jenkins and get lab CI automate the

software delivery process from code integration to deployment IAC tools like terraform and anible automate the

provisioning and management of infrastructure monitoring and logging such as Prometheus provides insights

into application performance and operational health and public and hybrid Cloud streamline operations offering

scalable infrastructure with iOS for Seamless app migration and platform as a service to enhance productivity through

sophisticated tools some examples of devops Technologies across the different devops stages mainly related to

Microsoft Azure include for planning we have Azure boards GitHub and alassian jira continuous integration Azure repos

GitHub repos sodar queet selenium owp new get and npm continuous delivery Azure pipelines GI Hub actions bicep

terraform Jenkins Red Hat anible chef and puppet operations Azure monitor Azure Automation and Microsoft powerbi

and for collaboration and feedback there's Azure devops wikis GitHub wikis GitHub discussions Microsoft teams and

slack overall devops revolutionizes it by merging development and operations enhancing delivery speed and fostering a

culture of Rapid continuous innovation [Music] the next topic we'll be covering are the

differences between devops and traditional it in terms of time devops teams spend onethird more time improving

systems to avoid Tech issues than traditional it less time is needed for administrative tasks because devops uses

more automated tools and helpful scripts this save time allows for a 33% increase in enhancing their Tech infrastructure

they also have 15% more time for Learning and training boosting their skills for Speed and data Dev op groups

are typically small and adaptable driven by creativity and speed one of the main goal of devops is agility aiming for

Swift completion of tasks traditional it operations typically have less feedback data focusing only on the immediate task

it operations often have to handle unexpected Downstream issues they didn't see coming cloud devops is more

effective in delivering business applications due to its quick Pace traditional it must strive to keep up

with the rapid changes and demands of the business World regard St ing recuperation and crunch time devops

teams focus on Readiness for failures and have strategies like ongoing testing and realtime alerts these strategies

mean they can address issues quickly and keep systems running smoothly traditional it may need more time to

recover from setbacks because they might not of these proactive measures in place fast recovery and devops has often

helped using automated systems and flexible infrastructure setups for software distribution devops teams take

roughly 37 minutes to deploy software traditional it operations typically need about 85 minutes for the same task this

indicates devops teams can release software more than twice as quickly as traditional it

teams next we'll quickly go over a few key aspects that devops has an advantage over traditional it product reliability

reduce likelihood of failure adaptability enhance flexibility and support Market responsiveness decrease

time to Market team productivity greater efficiency in teams Vision clarity more defined product Vision within teams so

that's an overview of devops versus traditional it the next topic will be covering is

agile and Agile development agile is a philosophy and software development that emphasizes incremental progress

collaboration and flexibility it revolves around the idea of breaking down large projects into smaller

manageable sections called iterations or Sprints teams work in these short bursts to produce tangible results regularly

allowing for frequent reassessment and adjustment this approach enables a quick response to change and promotes

continuous Improvement both in the product and the process used to create it the term agile methodology refers to

the specific Frameworks and practices that embody the agile philosophy such as scrum and campin these methodologies

provide the structure and tools for teams to execute agile principles effectively they include techniques for

planning and tracking progress such as standup meetings Sprints and visual boards all designed to enhance team

coordination and project transparency Agile development encompasses various methods that follow

the agile Manifesto core ideas it's about teams working together managing themselves and using practices that best

suit their Project's needs to gradually improve their software in Agile development teams aim to produce fully

working and highquality parts of the software at the end of every Sprint this means they must write code test it and

make sure everything is of good quality within each Sprint short time frame the key success factors for Agile

development teams include diligent backlog refinement integrating early and often and minimizing technical debt

diligent backlog refinement this means organizing the list of upcoming work prioritizing the most important tasks

and clarifying them product owners are key in preparing for future Sprints by providing clear goals integrating early

and often by using continuous integration continuous delivery teams automate their workflows which speeds up

coding testing and deployment this helps catch and fix problems early minimizing Tech technical debt just like unwanted

financial debt technical debt happens when taking shortcuts which may later require code fixes it's important to

find a good mix of adding new features and fixing these issues needing careful planning and discipline so that's an

overview of agile and Agile [Music] development hey this is Andrew Brown

from exam Pro and in this section we'll be going over two popular agile Frameworks or methodologies called scrum

and camben scrum is an agile framework designed for managing complex projects by breaking them down into small

manageable tasks completed in short phases called Sprints the key roles in scrum include a product owner guides

what and why the team builds prioritizes the work backlog a scrum Master facilitates scrum processes supports

team Improvement and removes obstacles and a development team Engineers the product ensuring its quality in scrum a

team self- manages its Sprint tasks with daily standup meetings to ensure progress and address impediments they

track work using a task board and a Sprint burndown chart and at the Sprint's end they showcase their

increment in a review and identify improvements in a retrospective scrum short repeatable Cycles facilitate

continuous learning and adaptation making it a practical framework for teams adopting agile

principles on the other hand campin is an agile methodology focused on visualizing work limiting work in

progress and maximizing efficiency Cam and boards are used to display work at various stages of the process using

cards to represents tasks and their stages highlighting work in progress and facilitating team flexibility cumulative

flow diagrams visually track a Project's workflow over time showing task distribution across stages the

horizontal axis represents time and the vertical axis represents task volume with each color marking at different

work stage cfds highlight Trends progress and bottlenecks parallel colored areas indicate balanced workflow

bulges suggest bottleneck needing attention for smooth project continuation let's go over a quick

comparison between scrum and cambon while broadly fitting Under the Umbrella of Agile development scrum and cin are

quite different scrum focuses on fixed length Sprints while cin is a continuous flow model scrum has defined roles while

cambon doesn't Define any team roles scrum uses velocity as a key metric while cin uses cycle time teams often

blend scrum and cambon features to optimize their workflow they continuously refine their approach to

find the best fit focusing on Simplicity and regular value delivery to us [Music]

the next topic we'll be covering are some of the key flow metrics you'll need to know for devops processes and for the

exam starting with velocity velocity and Azure devops is a metric that tracks the amount of work a team completes during a

Sprint helping teams estimate how much work they can handle in future Sprints it's represented in a chart that

visualizes work items completed over several Sprints offering insights into the team's work patterns efficiency and

consistency by analyzing velocity teams can adjust their planning for better predictability and productivity

consistent velocity metrics can help at identifying the impact of process changes and guiding strategic decisions

to enhance overall team performance next we have Sprint burndown chart the Sprint burndown is a graph

that plots the daily total of remaining work typically shown in hours the burndown chart provides a visual way of

showing whether the team is on track to complete all the work by the end of the Sprint it also helps in identifying any

bottlenecks or issues in the workflow that may need attention before the Sprints end moving on to lead time and

cycle time the lead time and cycle time widgets indicate how long it takes for work to flow through your development

pipeline lead time measures the total time elapse from the creation of work items to their completion cycle time

measures the time it takes for your team to complete work items once they begin actively working on them the following

diagram illustrates how lead time differs from cycle time lead time is calculated from work item creation to

entering a completed State cycle time is calculated from first entering an in progress or result State category to

entering a completed State category these measures help teams plan spot variations in efficiency and identify

potential process issues the lower the lead in cycle times the faster the throughput your team has so these are

some of the key flow metrics you'll need to know for the [Music]

exam hey this is Andrew Brown from exam Pro and in this section we'll be covering Azure board boards Azure boards

is a web-based service designed for planning tracking And discussing work throughout the development process

supporting agile methodologies for a customizable and efficient workflow key hubs and Azure boards Azure boards

include several key hubs each serving distinct project management needs work items Hub manage work items based on

specific criteria boards Hub visualize workflow using cards ideal for cambon the backlogs Hub plan and organize work

items including backlogs for project and portfol folio management Sprints Hub handle Sprint specific work items

incorporating scrum practices queries Hub generate custom work item lists and perform bulk updates delivery plans Hub

track cross team deliverables and dependencies in a calendar view analytics views Hub create powerbi

reports for detailed project analysis hey benefits of azure boards include scalable Simplicity easy to

start with predefined work item types scalable for growing teams visual tools VIs ual I progress with Canin boards

scrum boards and delivery plans customization configure boards task boards and plans including custom Fields

built-in communication capture real-time communication and decisions within work item forms cloud storage support for

Rich Text inline images attachments and comprehensive change history efficient search and notifications tools for quick

work item searching and customizable alerts dashboards and analytics access to dashboards and analytics service for

for reporting integration and support GitHub and office integration connects with GitHub repositories and supports

import export with Microsoft Office autonomous team support tailor to Independent teams integrates with

Microsoft teams in slack and offers a variety of marketplace extensions so that's an overview of azure

boards the next topic we'll cover is traceability traceability allows tracking connections and dependencies

among different parts of a software system it helps teams grasp the effects of changes handle risks and comply with

regulations defining and managing requirements a key part of traceability is documenting and overseeing

requirements effectively Azure devop says tools like Azure boards for handling requirements and tracking their

progress linking requirements to related items like tasks or bugs this tracking clarifies each requirements progress and

its influence on the project Version Control and change management for Trace ility a solid Version Control System to

monitor modifications to code in files is essential Azure Dev opsis get repositories let developers manage their

work efficiently by using branches for features or releases you can track changes and understand their role in the

Project's bigger picture building and release management traceability must include build and

release processes Azure pipelines facilitates building testing and deploying apps linking build artifacts

and code changes to specific tasks showing what changes made it into each build

test management and quality assurance for software quality traceability is crucial tools like Azure test plan

support detailed test management linking test cases to requirements or user stor shows how well the testing process

covers the initial needs ensuring thorough validation auditing in compliance traceability also supports

meeting standards and regulations Azure Dev ops's auditing features track and log changes providing details on who

changed what and when supporting accountability and Regulatory Compliance overall by setting up a clear

traceability system organizations can make sure that any changes during the software development process are

properly tracked recorded and [Music] checked hey this is Andrew Brown from

exampro and in this section we'll be going through how to get started with Azure devops and some of the basics of

azure boards so the first thing you want to do is search for Azure devops on Google then you want to click on the

link that leads you to the Azure devops page which is used the first link on this page you want to click on the TR

for free button I'm assuming everyone already has a Microsoft account or Microsoft Azure account already set up

otherwise you wouldn't be taking the a Z400 level expert certification if not you should create one before clicking

here so we'll enter in our email and click on sign in enter in our

password and enter in the authentication code if you have one now you'll want to sign up and

create your own Azure devops organization I'll be hosting the projects in

Canada I'll name the organization something like exam Pro one you can name this whatever you

like also enter in the Capt is requested then press continue the first thing they want you

to do is to create a project so we'll name this something like exam Pro test of course you can name this whatever you

want such as your name or or project and so on so now we're on the main page of the

exam Pro test project on Azure devops so here you can see the overview so we'll quickly go through

some of the blades starting off with Azure boards then we have

repos after that there's pipelines next is test plans and then there's

artifacts we'll be going through most of these in the course so that's how to get started with

Azure [Music] devops hey this is Andrew Brown from

exam Pro and in this section we'll be covering how to create or add new users in your Azure devops

organization the first thing you want to do is to go to organization settings after that you want to click on policies

under the security category under the user policies you want to toggle and turn on external

guest policies this will allow you to invite users from outside the organization to access and collaborate

on your Azure devops projects and resources after that you want to click on users under the general category on

the right side you want to click on ADD users here is where you can add new users or service principles so for

example We'll add Cindy at exam Pro . Co we'll keep the access level to basic we'll want to add the user to the exam

Pro test project we created earlier we can also set a role for the user such as project readers project

contributors or project administrators but we'll leave it at project contributor for now then click on ADD

after a short wait the user should be added to the organization the user is sent an invitation to join to org and

they'll have to accept to join We'll add another user this time it'll be Peter exampro

doco we can keep the access level at basic add the user to the exam Pro test project and this time we'll assign the

user the project administrator's role then click on add another thing you can do is add

members to a specific project so from the projects tab you can click on the project exam Pro

test click on teams click into exam Pro test after that click on the ad button

and we'll search for Peter exampro doco click on the user and then click on the save button

below and there we go the user is now added to the exam Pro test project team so that's a general overview on how you

add users to your organization in a specific project the next thing we'll be covering

is how to create work items so so first you'll need to be at the boards Tab and then you'll need to click on work items

on the top right here we'll click on new work item we have three options here there's epic issue and task epic is

simply a large body of work that can be broken down into smaller more manageable pieces of work this is also known as

user stories so we'll click on Epic as an example now we'll have to fill out some fields to define the work item so

starting with the title we'll call it something like test new login feature right below it we can assign people to

the item this can be one or many but we'll select only one for this example so let's choose Andrew Brown for the

state we'll leave it at to-do for the area it's already set at exam Pro test the iteration is set to exam Pro test

Sprint one we would want to give the work item a description to help understand what

it's about for this example we can write something simple like conduct a series of tests on the new login features

for the priority we can adjust the importance of the work item one being highest priority and four is the lowest

we'll keep it at two so it's about medium priority we can set a start date so we

can just use the current date as of this recording for the tags they already have some suggestions for us so we'll use

testing login feature and security which matches the item we don't really need to set the

link for this example so we'll click on the top right and hit save after that we can head back to the work

items page and we should see the work item we just created with all the information we provided for it such as

the title user assignment state area path and so on another thing we can do is click on

boards this is an easier way to visually view the items so we have three columns that work items can be placed in to do

doing and done which are all pretty self-explanatory on the top right here we can filter to epics or

issues and and we can drag and drop the work item from to-do to doing and eventually we can place it and done when

the item is complete so that's a general overview of how to create a work item in Azure

[Music] boards hey this is Andrew Brown from exam Pro and in this section we'll

quickly go over how to create a Sprint first on this page we have three work item examples that were created

beforehand and we'll want to click on the Sprint tab on the board section here we don't have any Sprints created yet so

we'll need to create a new Sprint by clicking on the top right we'll need to give the Sprint a name so let's just

call it Sprint one and we'll need to identify a start and end date for the Sprint so we'll start it on Monday April

15th 2024 and end the Sprint on Monday April 22nd 2024 so that's one week length then click on

create next we can click on the schedule work button from your product backlog or create new work

items on the right we have our Sprint one and we can drag and drop the work items to include them in a Sprint so

let's drag some of the work items created earlier into Sprint one we can also create new Sprints by

clicking on the new Sprint button below Sprint one so for this Sprint we can call this Sprint two and for the date

range we can set the start for Monday April 29th 2024 and end the Sprint on Monday May

6th 2024 then click on create we can do a quick refresh so

Sprint two appears let's add one of the work items to Sprint

two so if you click into Sprint one you can see that we added two of the work items on the backlog from

earlier if you want to delete a Sprint you can go to Project settings on the bottom

left under the board section click on Project configuration and as an example we'll delete Sprint 2 so we'll click on

the three dots next to Sprint two and keeping it at exam Pro test is fine then we'll click on

delete so after that we can go back to the backlogs or Sprints and we can simply add the other

work item into Sprint one when we go to Sprint there are additional tabs such as taskboard

backlog capacity and analytics we'll quickly go to capacity we can assign days off activity and capacity per day

we'll just assign an activity for both of the users such as deployment and design and for the analytics tab there's

the burndown trend that shows a visual graph of data such as the amount of work that has been completed in a project

versus the total amount of work that was planned so that's pretty much a quick overview of how to create a Sprint and a

few of its features [Music] the next thing we'll be covering is how

to connect Azure boards to GitHub first you want to click on the project you're working on then on the bottom you want

to click on Project settings and under the board section click on GitHub connections after that under the connect

GitHub with Azure boards click on connect your GitHub account next thing you'll need to do is to log into your

GitHub account so sign into account using your username or email address or password and click on side on

after confirming the information click on authorize Azure boards now you'll need to select a

GitHub repository that you may want to use with your Azure boards click save after choosing

that then after confirming all of this information click on approve install and authorize you can choose to add more

repositories or remove them you can remove connections as well you can also add new GitHub connections as well so

that's a really quick and simple walkthrough of connecting Azure boards to

[Music] GitHub hey this is Andrew Brown from exam Pro and in this section we'll be

going through an overview of custom Azure boards dashboards centralize with custom dashboards custom dashboards and

Azure boards are crucial for presenting a comprehensive overview of your project status and key metrics by tailoring

these dashboards to highlight crucial data your team can streamline workflows and improve decision- making customize

with widgets widgets are the heart of azure boards dashboards presenting diverse data from progress charts to

work item queries select and tailor widgets that best display the team's critical information ensuring essential

insights are readily accessible monitor backlogs with query widgets incorporate query widgets to filter and display work

items based on defined criteria like outstanding tasks per team member this enables efficient task management and

helps in setting clear priorities track progress with burndown charts use burndown chart widgets to graphically

track project progress helping to identify any delays regular review of these charts keeps the team's progress

aligned with project goals visualize performance with charts enrich your dashboard with charts that convey

performance metrics such as bug Trends or team velocity providing a clear picture of the team's Dynamics and

highlighting areas for improvement enhanced team engagement share dashboards with your team and

stakeholders to offer a live view of the project status fost a culture of transparency and Collective

accountability the image on the left shows an example of a dashboard customized to the way of the devops team

or stakeholders this shows information such as the velocity Sprint burnd down backlogs completed and active work items

and so on so that's an overview of custom Azure boards dashboards the next topic we'll be

covering is Wiki for documentation Wiki offers a collaborative space for team members to compile and share crucial

details about a devops project here's a simple guide to leveraging wikis for Effective project documentation start

with an overview page Begin by setting up an overview page this should introduce the project its goals and the

team working on it mention the Technologies tools and methods your project employs keeping it broad but

informative detail project requirements dedicate pages to outline the Project's requirements break down what the project

needs to do and how it should perform using clear and achievable language add user stories what needs to be true for

the project to be considered complete and any other elements that rely on each other architecture and design

documentation use the wiki to detail the project structure and design make a separate page for each part whether it's

a component a larger section or a service to help visualize how these parts interact include diagrams like uml

or system architecture sketches encourage team input get your team involved in the documentation process

allowing everyone to edit and update Wiki pages not only promotes teamwork but also helps keep the information

current make sure to use the wiki version tracking to monitor changes and roll back if

needed so let's take a quick look at where this is in Azure devops so at the overview section we'll need to click on

Wiki and we already created an example Wiki with proper documentation so this is what it'll pretty much look like

using markdown we can click on the edit button on the top right this will allow you to edit the wiki to your

fitting you can also create more than one Wiki if you want so we can name it like example Wiki

2 so that's an overview and guide to using Wiki for documentation the next thing will'll be

covering our process diagrams for documentation process diagrams are visual guides that show the steps in a

process making it easier to see how everything connects especially in devops projects here's a simplified guide on

using them effectively pinpoint essential processes first identify the main processes in your devops project

such as managing source code integrating changes continuously testing automatically deploying and monitoring

break down these processes into smaller parts make flowcharts or bpmn diagrams which stands for business process model

and notation use software like Microsoft Visio draw. or Lucid chart to create diagrams that map out the process these

diagrams should clearly show where the process starts and ends include decision-making points and outline the

steps in order these visual tools are effective for mapping out the workflow making complex processes easier to

understand and follow on the right we have a process diagram or flowchart that outlines the customer support procedure

it begins with a ticket submission followed by case assignment if during business hours the support team responds

otherwise and on call technician is alerted at assign tickets prompt reminders while assigned ones are

prioritized for review and resolution by the support team the process Cycles until issues are resolved culminating in

ticket closure and a follow-up email detail what goes in and comes out for every step in your process note down

what you need to start which are the inputs and what you expect to get out of it which are the outputs this might be

Code test results deployment packages or anything else relevant it's important to show how each step is linked to the next

clarify who does what make sure your diagrams indicate who is responsible for each step this removes confusion and

makes sure everyone knows their responsibilities so that's a quick overview of process diagrams for

documentation the next topic we'll be covering is configuring release documentation release documentation is a

Cornerstone for the successful deployment of software releases within Azure Dev Ops focusing on the non-code

aspects that Define the scope quality and functionality of the release here are the key elements of release

documentation release notes these should highlight what's new what is issues have been resolved and any enhancements made

as well as outline any modifications to settings and their effects on existing features installation guides provide

clear detailed instructions for the setup process including a list of required software and system

prerequisites and post installation actions configuration changes document updates to configuration settings

clarifying any default settings and essential changes change log keep an accurate record of commits or work items

in the release using a consistent tracking method roll back plan and have a clear predefined plan for reverting to

an earlier software version if necessary creating release documentation in Azure Dev Ops Azure repos store your

marked out or text files alongside your code Version Control your documentation for consistency and traceability Azure

pipelines automate the generation of change logs and other documentation during the build and release processes

artifacts attach generated documentation to specific builds or releases as downloadable artifacts Wiki utilize the

built-in Wiki to share detailed guides and notes with the team and stakeholders on the right we have an example of a

release notes entry in Azure devops which displays all of the key Elements shown earlier this includes the new

features enhancements configuration changes node issues and roll back plan so that's an overview of configuring

release [Music] documentation next while covering API

documentation properly configured API document m mentation is essential for developers and stakeholders in

understanding and interacting with software interfaces this guide highlights the key steps and best

practices for creating and managing API documentation in Microsoft devop Solutions steps to generate API

documentation generate documentation utilize Visual Studio to generate API documentation access this feature via

the bill menu use tools like Swagger Azure API management or open API for automatic documentation generation from

your codebase documenting endpoints clearly Define and describe each API endpoint detailing the purpose and

functionality include information on request and response formats as well as any authentication requirements

selecting formats and styles decide on your output format and style ensuring it's readable and accessible for your

target audience integration and automation integrate documentation generation into your continuous

integration and deployment pipelines within Azure Dev Ops on the right we have an example of an API

documentation this API documentation details two endpoints for version 1 two 3 of a service the first endpoint is

post API login which authenticates users and returns a token upon successful login it requires a username and

password in the request body the second in point is get API users which retrieves a list of users both in points

provide example responses indicating successful operations with a 200 okay status best practices for API

documentation consistency use a consistent format for all API and points to make the

documentation easy to follow Clarity ensure that descriptions are clear and concise avoiding ambiguity Version

Control manage your API documentation within Azure repos for versioning and historical tracking regular updates keep

the documentation current with every release deprecating outdated information prly feack mechanisms include a process

for developers and users to provide feedback on the documentation for continuous Improvement

by focusing on these elements your API documentation will be an invaluable resource for your team and stakeholders

supporting the effective use and integration of your software's API so that's an overview of API

documentation with the rise of devops and get stronghold inversion control the manual slog of updating docs is given

way to automation now developers can create Dynamic documentation straight from their G history here's a guide on

how how to automate documentation using Azure Dev op Solutions and its Azure pipelines feature three requisites a git

repository hosted on platforms like GitHub or Azure repos an Azure devops account connected to this repository

automating documentation with Azure pipelines step one set up your pipeline in Azure Dev Ops select pipelines from

the project menu and click new pipeline take your code repositories platform in the repository itself choose the main

branch as the source for your Docs tailor your pipeline settings pick the right agent and decide when this

pipeline should run add tasks for building the code and another for generating

docs step two build the code and insert a build task into your pipeline to compile your code this can be net core

node.js Python and many more fine-tune this task to match your project this might mean different commands or scripts

depending on what you're building confirm a successful build before moving on step three generate the documentation

post build selected tool like docx tailored for net projects to parse your G history into documentation add a new

task in your pipeline for docx set this up with the correct paths and configurations and Let It Craft your

docs step four publish your work once your documentation is ready pick a spot to publish it this could be Azure blob

storage an FTP server or Azure pipeline's own artifact storage add a publishing task to the pipeline and

configure it with the necessary details deploy this task and see your document ation go live step five make it

automatic to really put your feet up configure triggers and Azure pipelines to run your documentation job on

autopilot you can set these to activate on new commits merges or even on a schedule once set your documentation

updates as your code does no extra input needed so this is a simplified overview for automating get history documentation

with Azure Dev [Music] Ops hey this is Andrew Brown from exam

Pro and in this section we'll be going over what are web hooks web hooks are userdefined HTTP callbacks triggered by

specific events like code pushes or comments on a blog when an event occurs The Source site makes an HTTP request to

a configured URL this allows for automated actions such as data transfer notifications or initiating other

workflows how web books work event occurs a specific event triggers the webook this event could be an update a

deletion or some activity like a user action or system event http request the source site makes an HTTP request to the

web books URL this request can be a post which is the most common get or any other HTTP method depending on what was

configured action taken the server that receives the webbook does something with the information like updating a database

notifying users or initiating other workflows some of the common uses of web hooks include automating workflows web

hooks can automatically update a testing server deploy applications or update a backup notifications they can notify

other systems or services in real time when events happen for example if someone posts a comment on a Blog a

webook could automatically tweet the comment or send an email Integrations many services offer web hooks to

integrate with other services without requiring a custom interface for example PayPal uses web hooks to notify your

accounting software when you receive a payment advantages of web hooks efficiency web books offer a more

efficient method for receiving data than continually pulling a service for updates they push data as a becomes

available minimizing latency and reducing the amount of bandwidth used realtime processing web hooks can

facilitate real-time data processing by triggering a reaction immediately after the event occurs so that's a quick

overview of web [Music] hooks as we mentioned briefly earlier

webs and Azure devops trigger HTTP notifications to a URL for events like code updates or build completions

facilitating integration with other systems so let's go over some of the steps to configure notifications with

web hooks select the event navigate to the project settings and then to the notifications tab as shown in the image

on the right identify the event you want to track for instance if you're interested in when a bill completes you

would select that event new subscription click on new subscription to create a new webook select the specific event you

want such as build completes configure action define the action that should happen when the event occurs this

typically involves sending a notific to an external service customize your webook you can

customize what information you send along with the webook Azure devops allows you to send specific data related

to the event authentication if needed if your inpoint requires authentication you will need to configure the appropriate

headers or payload with authentication tokens or Keys test the subscription once configured it's crucial to test the

webook to ensure it works as expected Azure devops typically allows you to test it through the interface Monitor

and adjust after after setting up monitor the notifications and ensure they're firing correctly you might need

to troubleshoot or adjust settings if you're not receiving the notifications as expected so that's a quick and

general overview of how to configure notifications with web [Music]

hooks hey this is Andrew Brown and we are taking a look at Version Control Systems which are designed to track

changes or revisions to code and there's been a lot of software over the years that helped us do that we had CVS abers

mercal and get so back uh in 1990s when we got CVS though even though we had it I don't

think a lot of companies were using it it took some time to adopt if you ever heard of like Doom or Wolfenstein you'd

be uh interested to learn they didn't use Version Control Systems and what they would do is they would literally

copy files onto floppies and hope that they don't lose their files but of course a Version Control Systems makes

it really easy to not worry about losing floppies or CDs or drives because they keep track of all the history then came

sub version in 2000 but the real game Cher was in 2005 when we were introduced to a new type of version control system

and we had Mercurial and get um but the key difference between the old ones and the new ones was the old ones were

centralized and the new ones were decentralized and these decentralized ones became very popular for very

specific reasons they had full local history and complete control of the repo locally they were straightforward and

efficient for branching and merging which was a really big deal uh better performance improve fall tolerance

flexible workflows work fully offline um and out of the two git was the one that won and there are reasons for that we'll

talk about that when we look at version control services um but uh yeah git is the one that everybody is using today

and that's why we are taking this course I just want to point out they going to come across a lot of terms that sound

like trees tree trunk branches um the reason for this is that Version Control represents um uh the revisions or

changes in a graph-like structure you can even say a dag um if you're familiar with that and so uh you know you'll see

these terms and we're not talking about real trees we're talking about uh the components of a Version Control so there

you [Music] go hey this is Angie Brown and we are

taking a look at git so git is a distributed Version Control System a dvcs that's going to be hard to remember

and it's created by lonus Toral if you've ever seen that name before you might know that lonus is the creator of

the Linux kernel but he is also the creator of git and git right now resides with the Linux Foundation which I

believe is a nonprofit set up by Linus as well or has some part to do with it where a lot of open- source projects

reside um but you know I don't really want to focus on that I want to focus on the practicalities of git so the idea

with Git is that each change of your code a git commit can be captured and tracked through the history of your

project a git tree so I'm going to get my pen tool out here for just a second and so I just want to make this very

clear so we have over here a file and a get commit can or a commit can be made up of multiple files with multiple

changes in them and then they're represented over with a a a a message okay so here this is a single um git

commit and it can have multiple files and uh files and changes in that single one and then that's your tree okay so

hopefully that is clear if it's not don't worry we'll get Hands-On skills and we'll definitely be able to remember

them later I want to take a look at a bunch of common get terms um and it doesn't matter if you remember these now

but you will know what they are hopefully by the end of this course um and so there is this nice graphic here

that is provided by Wikipedia that gives an idea of how all of these terms uh work together um but let's go quickly

through them and see what we can make sense of so the first term is a repository this represents the logical

container holding the codebase in fact you you could interchange the word codebase repository and mostly mean the

same thing we have a Commit This represents a change of data in the local repository and so um that's pretty clear

then we have the tree this represents the entire history of a of a repo so when you see tree just think of that

graph we have remote uh this is a version of your project hosted else Ware used for exchanging commits uh some

people might be a bit uh picky about this because they might say remote is actually a remote reference to

repository so it's pointing it's a pointer but I'm just going to make it think that it's a remote uh repo it's

just somewhere else and there uh there are branches so these are Divergent path to development allowing isolated changes

you're absolutely going to know what branches are you're absolutely going to have to work with them quite a bit um

there is a branch known as main it was formerly known as Master uh the word was changed because it was not a popular

term anymore and so now main is the new name uh and this is usually the default Branch or the base

Branch uh if that makes sense there too so we have clone this creates a complete local copy of a repository including its

history so this will create like a little dogit folder um so it's not just the contents of the files but some

configuration around the git repo we have checkout so this switches between different branches or commits in your

repo we have poll so this downloads changes from a remote repository and merges them into your branch we have

push this uploads your local repository changes to a remote repository we have fetch this downloads data from a remote

repo without integrating it into your work um we have reset so undoes local changes without options to unstage

revert commits we have merge this combines multiple commit histories into one we have staging files this prepares

and organizes uh changes for commits it's not a command but like it's just where you would work with your files um

in the example here I'm just going to get my pen tool out again it's kind of over here it has to relate with this up

here as well and So within staging files we're going to have commits which we already talked about prior and then

there's that add command so adding things that will get committed so hopefully that makes sense and we'll see

you in the next one [Music] okay hey this is angre brown and we are

taking a look at version control services and if you're thinking that we already covered this it looks that way

but the other one was Version Control Systems this one is version control services and yes they have the same

initialism which is confusing but it's very important to make that distinction because those are two separate things so

version control services are fully managed cloud services that host your version controlled repositories these

Services often have additional functionality going Beyond just being a remote host for your repos get is the

most popular and often the only choice for a VCS and we often call these git only uh providers get providers um I

need to also point out that some people call version control services Version Control Systems and vice versa and it

just gets really confusing so I did my best to make that clear distinction between the two okay let's take a look

at some vcs's so the first here is GitHub and it's owned by Microsoft it's the most popular VCS uh due to offering

uh due to its ease of use offering and being around the longest at least forget um and they've always been very

developer focused and super friendly uh GitHub is primarily where open source projects are hosted and offer Rich

functionalities such as issue tracking automation pipelines and a host of other features I remember the day GitHub came

out and I signed up for it because I was so done with using subversion then came along gitlab so gitlab was an emerging

competitor to GitHub and at the time had unique features such as cicd Pipeline and improved security measures this is

no longer the case as GitHub is now on par with gitlab um but yeah at one point a lot of people were looking at gitlab

then there's bit bucket this one is owned by at laian you might have heard of laian before because they are uh the

same company that makes jira and jira is the most commonly used project manager uh for um people in Tech so you know

even though GitHub is really great for developers a lot of companies still use bitbucket and the interesting thing

about bitbucket was that they originally hosted Mercurial so remember I said back in 2005 mercal and get came out well

alatan adopted mercal GitHub adopted um git and git one and GitHub one and so what's really interesting is that

bitbucket then eventually added git and then sunsetted Mercurial so everything basically is get now there is another

provider called sourceforge they're one of the oldest places to host your source code they existed before GitHub um and

they were the first uh to provide free of charge um uh get repository hosting to open- Source projects um the only

thing about Source Forge is that they never really dominated because they just had so many ads and bad practices and so

it just didn't work out for them they are still around and a lot of Open Source projects like to only host there

they might mirror make a copy to other providers like GitHub um but for the most part everybody's on GitHub um but

there you [Music] go hey this is Angie Brown we are taking

a look at GitHub and this is a version controlled service that initially offered hosted manage remote get repos

and is expanded to provide other offerings around hosted code bases if you go look up what GitHub calls

themselves today they call themselves like an AI uh developer powered platform um it's really bizarre because they are

basically a host for uh for get repos with extra stuff on top of it but I guess since AI is so popular they got to

try right but let's take a look at all the functionality that they have so we have get repository hosting that is

their main bread and butter we have project management tools issue tracking PLL requests and code reviews GitHub

pages and wikis GitHub actions GitHub co-pilot GitHub code spaces GitHub Marketplace GitHub gists GitHub

discussions collaboration features for organization organizations and teams API access development so GitHub development

uh they have a GitHub CI they have sdks um we have security features like autod detecting credentials in repos

they have education specific things or course automation like GitHub classroom and I'm sure they have more uh we're

going to learn about all of these things because this is what the GitHub course is about to understand the full offering

of GitHub and to make best use of it and just a fun fact is that GitHub was originally built in Ruby on Rails Ruby

is my favorite language rails is my favorite framework so I've been uh uh on the the ride or the train since day one

with GitHub um so I know it pretty well but let's jump into it [Music]

okay hey this is angrew brown and in this fall along I want to show you how to create your own GitHub account every

single developer on the planet should have a GitHub account because it's a great way to Showcase your work uh we'll

talk about that later but you can see that I'm already logged in here so I already have a GitHub account and what

I'm going to do is log out and I'm going to create a new one from scratch so here we can see uh we can have multiple ones

um I'm going to just sign out of all of my accounts here and let's go ahead and create ourselves a new one so I'm not

sure remember I told earli I told you they're like the leading AI power developer platform which is such a silly

term but um let's go ahead and see if we can make a new one so just in case it's the future and they've changed this

homepage I'm going to go up to sign up and I'm going to see if I can make an account if I can find an email that has

not been used so far so I'm going to type Andre exam pro. if you're using Gmail so I can't use that one if you're

using Gmail you can use like plus signs to um create multiple ones so like my really really personal email don't email

me because I don't ever check this one is like omen gmail.com you'll learn that my username on GitHub is Omen King why

it is that I don't want to talk about it it's like forever ago I made this account like so long ago and I really

wish I could have got Andrew Brown as my username but that's not what it is and so I'm just going to go here and say alt

okay so this is a trick with Gmail that you can do you can put a plus alt on it or uh maybe a minus I'm not sure but

let's go ahead and see if that works and I need to create a password so I like to generate really strong passwords

um you can use whatever you want I like to use hold on here I like to use this site which is

the uh password generator plus password generator.net um I should make a disclaimer if this isn't insecure don't

use it blah blah blah but I'm pretty sure it's fine so I'll ually go like 24 and get a nice long password um and I'll

just generate a few different ones off screen here and I'm going to enter that in okay so just generate out a few and

I'm going to drop this in on here okay we're going to hit continue says it's strong that's good and then I got to

choose my username so I probably can't get Andrew Brown and um so I need like another name

I'm gonna try Dono not available that's like my game uh gamer uh tag on um steam so what's

another one that I could have uh we'll just say Andrew Cloud can I get that one so hard we'll just say Andrew WC Brown

can I get that there we go WC is my M middle initials it doesn't stand for water closet okay I know it looks like

that we'll go ahead and hit continue I hit continue again and so now what I need to do is do this verification

please solve this puzzle so we know you're a real person uh verify okay use the arrows to

rotate the object to the face in the direction of the hand okay use the arrows so I think I

have to make it face the same way match the angle okay uh this

way okay there we go create my

account and so now I need to open up that email just give me a moment okay all right so I've been waiting a few

minutes and I haven't seen anything and I resent the code so maybe it doesn't like emails that have that plus in there

it's totally possible so I might actually have to go ahead and create a new email which is quite the headache as

I ran out of emails here unless I can think of another one you know what I think I have another idea I'm going to

use uh a different one here so it looks like unverified can I change this I'm going to try um because you have an a

privacy a privacy email uh will be used for account related stuff yeah I'm not really sure what's

going on here I thought maybe my account even exists but it looks like it already does

exist so what I'm going to do is I'm just going to add another one I can do Andrew maybe at teacher seat.com we'll

try that oh it's already in use oh my goodness it's so hard to get an email

out here okay let me just think about this for a second all right all right another thing I'm going to try is I'm

going to try uh maybe Accounts at teer seat.com that's another one that I might be able to use

okay and I going to change this over here and save it great

and that should be my primary now right it really wants to send it to this one maybe what I can do is I can

click oh looks like we have both okay so we have this one um please verify that I'm going to get rid of this one here

because that one's not working I'm going to try Accounts at teacher city.com so that's in my Outlook so I'll go take a

look there and see if I get it all right so this is working out totally fine so over here we have um the confirmation

email so I can go ahead and just verify that email we can also just grab this link I kind of prefer using the link

here um because that just gives me kind of a guarantee and we'll go here and now we are in so this is exciting um it's

been a long time since I've made a new GitHub account so I'm not sure exactly what to expect but looks like we have

some places we can start stting a new project collaborate with your team learn how to use GitHub hey I'm already doing

that you don't need to do that GitHub let's go ahead and skip this for now and we should get back to our main dashboard

so we are now in and we have an account that we can use um so yeah that's all I wanted to show you in this video uh but

I'll see you in the next one okay [Music] ciao hey this is Angie Brown and this

fall along I just want to show you that I'm going to be setting up multiple accounts to quickly switch between them

um if you want to take full advantage of learning how to use GitHub you're going to need probably another account because

you're going to have to have somebody else to work with so I already have my primary account I already showed you how

to make an account so what I want you to do is make a secondary account I know it's a pain but go ahead and do that but

what I'm going to do in this video is show you how you can log into both and switch between the two and I'm also

going to set up a repository um that I'm going to put code examples in if we happen to put any in

there so what I'm going to do is go up here at the top right corner I'm going to go add account and so this is going

to allow me to log into my other account I can put in my username or my email so this one is um this is monsterbox

pro.com that's my old my old company that's not been around for a long time but I've never updated it and the exam

Pro email is on a another GitHub account but I'm going to go ahead and find the password so I can go log into this one

so just give me a moment I'm just trying to find it here it is there is the password I'm going to paste it in here

okay we'll hit sign in okay notice it says GitHub mobile so now it's my opportunity to show you

GitHub mobile so what I'm doing is I'm opening up my phone and right away it pops up it says uh you know new signin

request now it says reject or approve I'm going to hit approve it says authentication request was approved uh

the first time I I had to do that I had to enter in like a code like two numbers but now from then on I just have to do

that and it's very easy to uh to do that so if I want to switch between accounts we can go here and just switch between

them uh freely so that is really easy and so what I want to do is go to exam Pro this is my other organization you'll

learn about organizations in this um this here that didn't really help but what I want to do is create a new repo I

can create a new one up here in green or I can go up here I never notice these up here but this is another place to do

that anyway you're just watching you're not doing right now okay so I'm going to go ahead and hit new and in here I'm

going to go to exam Pro I'm going to say um GitHub examples so this will be the um

GitHub we'll say a repo containing GitHub examples for or Pro for programmatic examples for

programmatic examples this will be public because I want you to have access to it I want to have a read me I'm going

to create that repository and so this will crop up later in the course and you'll have to know where this this is

but just remember that is but the key part of this video was how to log into another account um and be able to switch

between them okay so we'll see you in the next one [Music]

ciao all right so what I want to do in this fall along is set up a GitHub organization and the reason we want to

do this is so that uh it's going to make it easier when we get to that section so what I'm going to do is go to the top

right corner and I want to I can make this in either or account I'm going to make it in the alternate account cuz I

already have a enough organizations in my main GitHub account and what I want to do is go over here to um maybe

organizations and here it says you are not a member of an organization we could turn this account into an organization I

don't want to do that or we can make a new org so I'm going to make a new org and notice right away it's going to hit

us with some pricing so um you know teams gives you the uh full functionality we just want to have the

free one uh which might have some limitations but um it should get us started if there's are things that we

can't do um then I'll switch over to our paid one that I have in my account for the most part we should be able to do um

pretty much everything as long as we're using a public GitHub um public GitHub repo so I'm going to go ahead and hit

create a free organization and so I need some kind of name for this organization um

so um I don't know but we'll just say uh GitHub Cloud Learners or

journeyers okay notice that's going to be the name of it I say Accounts at teachers

seat.com and this organization belongs to a personal account we could say uh business or institution but then we get

a little bit more details there so I'm going to just stick it to normal and go to personal account then down below we

need to solve our puzzle so we've seen this one before we'll rotate that out and we'll

submit okay and you'll have to name your organization whatever you have to name

it but that's what I'm calling mine you can put some numbers on the end here if that makes it easier you do like four

five six seven or something because these are going to be unique names just like your your username going to go

ahead and hit next and so now it says add organization members so we can go ahead and add some people so what I want

to do is I want to add um Omen king so I'm going to go ahead and do that please don't add me all right add your own

other account your two accounts okay we'll hit complete setup and so now this person has been invited

I'm not sure if they're instantly added um not yet but I believe that I was yeah here's the invitation so we'll go here

so the invite has been sent and we'll have to go look for that so I'm going to go over here and switch to my other

account okay and so now what I'll do is I'll click up here and maybe it's up here my

notifications no do I have invites here

no and um maybe I got an email I'll check my email no email and this is something

you'll learn about GitHub which is like invites are a pain and you always have to really figure it out so I'm just

trying to think about where that or that could be um what we could try to do is type in the organization name which I

thought we already did um so this one let's see my profile is

this yeah so the organization is going to be what was it Cloud oh I don't even

remember we'll switch back to the other one what a pain okay and we will look for that

organization GitHub Cloud journe so I'm just going to copy this URL I want the um view organization I

want to go to this page actually I'm going to copy it here I'm go switch back and I'll enter this

in and so now notice that it's showing me where the invitation is so it says Andrew Brown invited you to join this

organization view invitations okay and I I don't know if there is but I'm just going to double

check here because a lot of times GitHub will have like invitations invitations they might have a page for it they don't

GitHub if you're watching make a slin ation page so we can easily find them across them here so as you've been

invited to GitHub Cloud jors ask for GitHub co-pilot seat optional I guess this is kind of an upsell they're like

hey do you want to be able to use GitHub co-pilot but I'm going go ahead and join this organization and now I'm in there

so there's two people in here again we'll come back to this later I'm the member this is the

owner um and uh you know if your company is using GitHub they're likely going to be using using organization so it's good

to get some knowledge on that but I'll see you in the next one [Music]

ciao all right let's make sure we understand clearly the difference between git and GitHub I don't think

it's that confusing but it is in the study guide or exam outline so I'm just trying to make content that they want us

to know um so let's do a comparison and go through some things to make sure we understand the difference so git is a

distributed Version Control System a dbcs and GitHub is a version control as a service I called it a Version Control

service it can also be called a get provider or you can call it a version control as a service I'm just trying to

get you exposure to all those different terms you could call what GitHub is for functionality for Git it manages source

code history for GitHub it provides cloud storage for git repos of course it does more than that but that's its main

functionality um for Access you're doing this via your local system installation or it's basically wherever it's

installed the point is is that you're working on it on a machine on a server or some kind of compute uh and GitHub is

access through a web interface because it is a cloud service for the scope we're talking about local repository

management and then for GitHub we're actually talking about the online collaboration and remote hosting uh so

anything that has to do with remote or things around the repo the git repo itself for collaboration it's for local

changes requires manual sharing for GitHub it has integrated tools for collaboration ation like issues and PR

and a lot of other features for usage you're going to be using this primarily by the command line interface there's

definitely software out there that makes it a lot easier to use um we'll get into that but generally it's a command line

tool that you're using for GitHub it has a graphical interface and it also has its own CLI tool but most people are

interacting with it via the website okay so there you go ciao [Music]

so a git repo or repository is your git repo think of your local one that you push Upstream to GitHub to be uh hosted

remotely and GitHub allows you access to manage your repo uh with several functionalities so here is a screenshot

of a GitHub repo this is when I ran a boot camp in 2023 uh and so let's talk about what is

on this GitHub repo page I don't know what they want to call this page I just called the GitHub repo page for a

specific repo um but you can view different branches view tags view commit history explore repo files view releases

uh see codebase language breakdown view top level markdown files and so those top level files might be the readme the

license uh security other things like that you can perform actions from this page or quickly to it such as pinning

watching forking starring cloning so so uh a lot of stuff going on on this page and this is going to be we're going to

be spending a lot of time or going from here to somewhere else but that is a GitHub repo so there you

[Music] go all right in this follow along I just want to give you a tour of GitHub repos

so that you have a a general Fami familiarity uh so that when we start diving in a bit deeper we understand

what we're looking at so I'm on my dashboard I have a lot of different repositor

um and so I can go here and find a repository I can search stuff and say like if I'm looking for my boot camp I

can type in boot camp here and then make my way over here and find it um a lot of times when you are looking for stuff

you're going to use the global search so up here you could do that as well and I could find my own repos or other repos

um there are a lot of Open Source repos on GitHub and so um I know rails pretty well so I'll go ahead and type in rails

and so we have this rails repo I'm going to go open this open this up and take a look and see what we can see because

this is a very mature Li um uh GitHub repo and we'll make it very clear of all the functionality that's happening so

notice we have our main area this is where all of our files are uh we can actually view any of these files so I

can click into any of them so I can go into the gem file and it will show me the contents of the gem file what I like

about uh GitHub is that when you click into here then you kind of get this file explorer and it's extremely powerful uh

if I click this on the right hand side it will show me symbols that's not a very good example I might open up a ruby

file to show you what I mean so I'm just looking for a ruby file here and so this will show you like places you could jump

uh jump towards in your code um that's really nice you can see who did what by going to blame so we can see exactly

what somebody's doing by the way I'm going really quick here it's not important for you to remember any of

this I'm just giving you a tour of stuff so just relax and uh enjoy the information that we're learning here you

don't have to write it down if I wanted to find a file really quickly in this repo I go here and type something in so

maybe I'm looking for um something like View and so it's going to drop down and it has this fuzzy search if I want to

find a ruby file I could type this in we have a lot of them here I believe there's a hotkey here so if I hit T if

I'm over here and I hit T it will bring me over there I can switch branches really easily um does that let me add a

file it's not my repo but if I add a file I'd have to create a fork um the search brings that up there but we'll go

back over to code Okay so my point here is that you have all the files here and you can browse them um you can switch

branches you can go and take a look at all of your branches you can take a look at all your tags you can star you can

Fork you can watch here for code you could launch this up in code spaces which is a cloud developer environment I

normally have um G pod install so if I hit refresh that button might show up here this button you will not have this

button I installed this because it's like code spaces but different um on the the right hand side

you get a bunch of information about the repo like stars watching Fork uh some of these probably are conditional cuz I

don't remember seeing these on myos you have releases so maybe you are building up binaries like downloadable files that

people can uh utilize so some people they will host all their code here and they'll build the binaries for quick

downloads so that's somewhere else you can go to packages is probably similar to releases I don't I don't think I've

ever used packages ever in my life uh let's go over here and take a look browse browsing all packages yeah I

don't know what packages do we can see who's using it the contributors so people that are writing uh writing code

um we have the languages so you can see this is mostly a ruby LI or um repo which makes sense

because it's Ruby on Rails down below we get a preview of our readme file so that is in the top level directory they have

a codes of conduct I imagine that is a markdown file here and as well the license file I'm sure that's in here as

well the security policy as well um so yeah there's a lot going on in here and then there's all this stuff up here

these are features on top of your repo so lots and lots and lots of stuff if we want to see our commits we can go

here and click on commits and this is kind of like a tree it doesn't give you the full view because when you are

looking at um when you're looking at a tree uh there's branches and stuff so we're missing that information here but

the idea is you can go here and uh go to different branches and look at those commits and that's basically all I

wanted to do here we'll get into it a lot deeper later on but that is your tour of GitHub repos

[Music] ciao hey this is Angie Brown from exam Pro and we are taking a look at git

commits so we're going to take a look at a series of git components uh in this course um it's not really a focus on git

skills but more so GitHub but I want to make sure you still have some git skills so after we go through uh some of these

things I'll then do like a really quick and dirty uh git uh command crash course okay so a git commit represents

incremental changes to a codebase represented with a git tree so a graph at a specific time so here we can see

that git tree um this is in GitHub so it's not the full representation when we go into um vs code we will we can see a

better representation of it there are external tools for that but for the most part the idea is that you have um uh you

have get commits that are over a historical period of time then we have our uh git commit here is one within uh

GitHub that I clicked through and I looked at okay and from here a get commit contains additional modifications

deletions of files additions and deletions of file contents and it's not the whole file themselves and this is a

strategy to make the uh commits efficient because if you if you were to store full copies and every single

commit your repo will get really big really fast I'm going to repeat that again and we'll talk about the contents

of commit fils here just shortly uh each commit has a Shaw hash that acts as an ID so it looks something like this we

can use this uh to check out very specific commits which is very useful I want to repeat get does not store the

whole files in each commit but rather the state of changes this greatly reduces the file size so uh so for

developers to the developer you it will look like a whole file but really when you store it in in uh your G tree it's

not going to be like that um so what are the components of a get commit we talked a little bit about that but we have that

commit hash that is a unique Shaw one hash identifier for the commit I don't know if it's really Shaw one because I'm

not really familiar with all the different a Shaw but it's Shaw something uh we have the author information so we

have name and email often you have to configure git to say what email you're utilizing the name so that's attached to

the commit message U or the commit itself you have the commit message is is the description of uh the the Commit

This is we're going to be spending a lot of time when you are making commits because you want to write good commit

messages you have a timestamp so this is the date and time when the commit was made um you have the parent commit hash

this is a Shaw and hash of the commit this commit is based on I don't really understand that because I've never had

to bother with the parent one but it is something that's in there and the snapshot of the content a snapshot of

the project at the time of the commit not the actual files but references to them and the changes that are occurring

so if you had vs code open and we were taking a look at a um at uh changes that we have staged so they haven't been

committed yet but you can see here we have uh the commit message it says remove old comments we have files

changed that we plan on putting in the commit and you can see some deletions there on the right hand side we can have

additions so hopefully it's very clear what a uh a git commit is you are going to need to know these basic commands and

we will get a little bit practice again quick and dirty this is not a full-blown git course but it'll be enough to get

you buy so that you can do the GitHub stuff so we have a bunch of stuff there like get add get remove get Comm message

with the The Hyphen m flag to add a message hyphen a to automatically stage all track changes if you have a commit

and you haven't pushed it up uh to your uh your remote repo you can amend it um you can create empty commits uh you can

specify the author if you need to you can check out a very specific commit but yeah that is get commits in a nutshell

and I'll see you in the next one [Music] ciao hey this is Angie Brown and we are

taking taking a look at get Branch so get branch is a Divergence of the state of the repo there might be better uh

descriptions than that but that's the way I think of it you can think of branches as being copies of a point in

time that have been modified to be different and so what I want to do is Step you through what it would look like

working with get branches and this is going to be a little bit messy and it doesn't matter if you can remember or

make sense of all this because it will make more sense when we start working with it but do your best to follow along

here so imagine we have a git repo in that git repo we have a main branch and basically all git repos have a main

branch and that's pretty much the standard name for them now and we're going to also have a production Branch

the main branch is where we're going to have code uh that features and bugs will be um rolled up into and then when we're

ready to push it out for production it will go to the production branch and some cicd tool will push it out and

automatically deploy it so um let's imagine we already have a commit in the main branch uh maybe there are previous

versions in the production Branch we're not going to worry about it so uh you have developer a developer a needs to to

work on a very specific feature they're going to open up a feature branch and in there they're going to put in some

commits and they're working along uh meanwhile in the company somebody already has pushed some stuff into the

main branch it's not ready to go in production but that commit is now out so what's important to note here is that

feature Branch one is not aware of that new commit because things are happening asynchronous a in async manner in

different branches and this is the challenge with get is that you have to deal with all this async stuff and make

sure you bring those changes into yours deal with conflicts things like that now let's say we have developer B and

developer B is working on feature Branch 2 and when they started on their on their um uh their feature they decided

to branch from this point in time okay and so they start working on it and they get their feature uh done and um they

get they talk to their um uh the director of engineering and and they make a poll request the poll request

gets accepted it gets merged back into main okay and so developer a who's working on uh

feature Branch one has all these changes that they still don't have so let's remember that they're going to have to

deal with that at some point but anyway that feature got merged into Main and it looks like it's ready to go in

production so it gets merged into production and so this particular commit contains get my pen out here contains

all of this information right and it's all packed into here if that makes sense okay I'm just going to erase that here

and so that gets P production and it gets tagged a lot of cicd systems will trigger when a tag is applied that's

definitely how I do it but now coming back to developer a they're on feature Branch one and they have all the stuff

um that they need to get their Branch up to date so what they'll do is they'll merge back in in their Direction I know

it doesn't show a merge but they'll merge that information into feature Branch one so they are now up to date

and they have now finished their feature by doing a bit extra work and so they've merged back into into the main branch

and now their stuff is to be rolled out to production so it gets merged into production and then that gets Tagged so

hopefully that gives you kind of an idea of uh this kind of workflow this should have really been like that uh and this

actually has a very particular name it's called the GitHub flow now there are some variations of this so that's why I

say very close to it because in case I'm wrong I want to have that buffer to say that well I didn't say this is exactly

the GitHub workflow but this more or less is the GitHub workflow where you are creating branches feature branches

merging it back into some other branch and then you have a branch for production uh you can have branches for

all sorts of things you can have specific environment Branch branches like staging development production you

can have specific branches to developers so like based on their names you could have branches per features branches per

bugs it's going to be based on what your team wants to do all right uh there are definitely get Branch commands you

should absolutely know and we will do again a quick quick and dirty crash course so you are familiar with it this

is a extremely common pattern that you're going to find that you'll be doing which is is you'll be creating a

new Branch for a feature you can be adding changes you're going to be pushing it Upstream we might do this via

via's code using the git CLI we might be doing this using GitHub uh creating a branch from an issue but we'll

definitely be doing this because this is something that happens a lot um in professional um uh teams is that they're

creating feature branches so hopefully that makes sense and again if it doesn't wait till we go ahead and do it and then

it will make more sense then okay [Music] ciao hey this is Angie Brown and we are

taking a look at get repos so these represent the reference to a remote location where a copy of your repo is

hosted so when I say remote get remote I'm saying remote reference or remote ref you might see those terms uh used

all over the place uh you can have multiple remote entries uh or remote references for your git repo and the

most common one you're going to see is called origin it's almost always uh there uh everybody seems to use it it

indicates the central or golden repo everyone is working from and represents the source of Truth uh the remote

entries or references are stored in your dogit config we don't really talk about this dogit folder in any of the slides

but the dogit folder is how you know that your project is a uh has a a git repo in it because it needs that folder

uh to initialize a get repo we'll look at that in the quick and dirty crash course um so in here in the config file

you can see we have remote defined so this format of a file is called a toml file um so anytime you see those Square

braces and then definitions that's usually a toml file but I'm just going to get my pen tool out here the idea

here is we're saying we uh we have a remote named origin and the URL is pointing to our GitHub repo this part

says how it should fetch I'm not going to get into that right now and then down below we can see we have some branches

that we are tracking and they're pointing to remote origin and then they uh they're saying that we want to U

merge um uh there so hopefully that is clear notice remote names can be referenced so we have origin up here and

it's referencing this up here okay so I'm just going to clear my annotations here so this is a little bit more clear

here and there are a bunch of get remote commands you should know I don't remember the most like the git remote ad

I don't ever remember that one because often when you clone it's going to add them anyway and so usually you pull them

from GitHub but you should know push you should know pull you should know fetch uh and when you are creating branches

you should know um how to uh push upstream and we'll talk about upstream and downstream next okay

[Music] all right let's talk about the concepts of upstream and downstream so imagine we

have GitHub who is hosting our remote repository and then we have our local developer environment or Cloud developer

environment uh this is local basically where we are doing our work and so they both have a main repo because we know

that git is decentralized so we can have repos in more than one place we might already have some commits on the remote

side but what's going to glue these two together is going to be the remote and so we set up a remote tracking Branch

okay and and you'll see that term when you create uh and you push branches up because the idea is that it's tracking

uh the origin is pointing to main so this is the way we track them uh we saw that was stored in theg getconfig so

when we go ahead and we perform a poll from our local developer environment we call this Downstream we're pulling

Downstream so a repo that pulls or clones from another repo and just understand this is relative to the

direction or the perspective um of who's pulling so if the remote was pulling it would be Downstream it's it's anytime

you're pulling it's always Downstream and now imagine we have commits we've been working locally we want to push

those up to remote we would call that Upstream so this is when you are pushing changes so that's Upstream that's

Downstream and when we have a remote reference it is a tracking Branch so there you go

[Music] okay hey this is Andrew Brown we are taking a look at GitHub flow so this is

a lightweight workflow for multiple developers working on a single repo there's a lot of variations on this uh

so this is not a technically perfect description of it but there really isn't one and I want to show you a really old

graphic um I don't know how old this is but I've seen this and older ones maybe all the way back to 2008 at least and I

remember before GitHub flow because GitHub came or sorry G came out in 2005 and it took a few years to gain adoption

so for a long period for a few years we just had a mess of stuff and then somebody came up with this maybe it was

GitHub I'm not sure but uh it's called the GitHub flow and um here we have a bunch of branches and it looks very

similar to the one that I showed you in get branch it's a little bit different and so the big difference is that well

first of all uh we don't call it Master anymore we call it main but my main was the develop branch and then I would call

this Branch master I would have called it production because I think that makes more sense and a lot of people do that

these days but when it first came out this is how we were doing it okay so understand this variation but the idea

is that you have this one branch I call it main this is develop and it holds things that um that uh that hold feature

br branches or hot fixes and everything it's basically like rolls everything up but it's not in production yet and so

the idea is that when these things are ready for um production you can push them out into a release Branch a release

Branch could be also called staging that's normally what we call uh today and this could be where it would roll

out so once you push stuff here this could go out and execute a cicd pipeline and would set up a staging environment

so that QA could be done on it or kind of load balancing could be done on it or stress testing um there and the idea is

that as developers you would open up feature branches off of develop and as you complete them they would come back

in here uh and they would get merged in and then when things were really ready you take it take it from uh release

branches and push it out to your production branch which they're calling uh here uh Master if for whatever reason

you had a serious problem you had to fix really quickly you could uh uh create a branch off a master into the

hot fixes and then merge it back in skipping all the stuff down below uh you know again I wouldn't do it this way

anymore I would be surprised if companies are sticking uh to this method but this is the original way I just

wanted to show you that there is variation um and you know a lot of people do skip having a release branch

and they'll just deploy often and into production so it's going to be really dependent on your team so here we'll

just kind of Lo Loosely described GitHub flow you create a branch for each new task or feature create a new Branch off

the main branch add commits make changes and commits commit them to your branch open a poll request start a discussion

about your commits reviewing code in the poll request discuss a review share your poll request with teammates for feedback

deploy test your changes in production environment um so yeah oh and the last thing would be merge so once your

changes are verified merge them into the main Ranch so that's the general concepts of it and hopefully that makes

sense and we will see you in the next [Music] one hey this is angrew brown and we are

taking a look at the GitHub CLI so this is a command line interface to interact with your GitHub account you can quickly

perform common GitHub actions without leaving your developer environment and uh if you uh went through the quick and

dirty um get uh crash course then you definitely got some exposure to GitHub CLI but the idea is that you'd have to

log in you can perform AC there so we have something like creating a repo creating an issue uh reviewing a PR

there's a lot of uh CLI commands the good up CLI can be installed on Windows Linux or Mac OS um that's an example of

using Brew to install if you have it for um uh Dev containers you can specify it as a feature to get installed so that is

a very easy and quick way to have it uh installed there and just to give an idea of commands we have our core commands we

have a lot of additional commands and then we have one specific to GitHub uh actions command so we're definitely

going to get some exposure uh to GitHub CLI in this course but there you [Music]

go all right so in this follow along I want to take a look at the GitHub CLI and see if we can do a few different

things with it what I'm going to do is switch over to my other account um this is just my uh playaround account for for

GitHub and we should already have a repo in here called GitHub examples and what I want to do is I want to um you know

just do some things in the CLI so I need some kind of environment to work in and so what we'll do is launch up a code

space uh we do have this older one um I think what I'll do is make a new one I don't think it really matters if

we make an old or new one that other one is stopped so we'll open this one up and we'll see if the GitHub CLI is already

pre-installed it could be pre-installed on this because I would think that if well if I was GitHub I would have it

pre-installed so people start using my product right away but if it's not we'll definitely go ahead and take a look at

how to install it we did install it manually locally um in the uh git crash course the quick and dirty crash course

so uh you know if we don't have to show the install I'd rather skip that but we'll wait for this to spin up okay I

have no idea why but that took a little bit time to spin up um you know our goal isn't to really make anything just to

play around with the um the CLI here the Cod space is currently running in recovery mode due to configuration error

I didn't do anything I I don't care it's um I mean it's a new environment why should it be

recovering is there something it can't do yeah I'm not sure about this so what I'm going to do because I don't trust

this workspace is um this one is running here I don't know we'll just see what we

can do with it but it didn't pick up my settings when I told it to save it earlier so I don't know if it's because

it's in recovery mode or not but for the time being I'm going to go ahead and change the theme so I'm not upset there

we go that's a lot better and I want to see if we have um GH installed so it's not

installed which is totally fine um so what I'm going to do

is if we had this installed can we install through here sometimes you can install stuff through plugins

right and so I'm just curious if we could do that there no okay so that's fine we'll go ahead and install this and

I definitely know that Brew is installed or maybe it's not installed on this let's find out it is installed on git

pod but I'm not sure about GitHub it's not okay so what we'll do is we'll look up the GitHub CLI and we'll go ahead and

install it we already did this before but we'll do it again and what we're looking for is those install

instructions and we want it for um Linux okay so we'll go over into here into Linux and we'll grab this on line

command it looks like a lot but it's really just doing this update and this install like down here but it has to add

the repo so it knows where to install it from but I'm gon to grab that big thing there and we're going to go ahead and

paste that on in say allow and hit enter and um it failed it failed and I can't look at I can't see what I'm doing so

I'm gonna bump up this font I do not like GitHub code spaces I'm so sorry I really like gpod and we're going to go

here and say terminal font I'll try not to complain to much about it in the course but uh I can't

promise anything I'm going to copy that again and we'll try this again it an enter no such file directory okay

um yeah I don't know what you want so there's this line here

okay maybe because gpg gpg isn't installed sometimes you don't have to do a gpg check but we might have to with

this and um failure to right destination okay so

if that's not working maybe what we could do in an easier way is we could just add it um to the

uh uh to the that this file this code spaces file so we can just make a Dev container um and maybe that would be

less of an issue so what I'll do is I want to add a Dev container um we'll go up to here Dev container

like that we actually already have one from before and maybe we can just throw it in

here so grab this maybe we do want to commit this maybe this is a good idea um and so I'll put this

here and I need a comma there and so the idea here is that this should install the CLI into this environment and maybe

the reason why this thing messed up was because it wasn't specifying any base image and that's why I got upset because

when we did this in the tutorial earlier um it kind of complained or sorry like when we spun this up it complained but

we didn't specify a base image so I'm going to look up what the base imag is for Dev

container the base image for GitHub is and maybe that will help us if that doesn't help let's go let's

go ask chbt log in let me in let me in come on I P for this let me

in what is the what is the base image used for uh Dev container for GitHub code

spaces let's see if that can figure it out it's probably just going to go to the um the documentation but um I don't

remember where it is so if you don't specify one it will create in the default one okay that's

what I would rather it do so I'm going to leave it alone and what I want to do is rebuild uh this environment because

we've added this change before we do I need to commit this maybe so I'll just say um it should install the GitHub CLI

go ahead and do that and I'll say okay so it should sync it up good and so

let's see if we can find the rebuild I'm clicking up here rebuild that's no good we can open up the command pallet this

way command pallet has all the commands for for vs code and there should probably be something for codes space so

if I type in code spaces there's probably something here to rebuild there it is rebuild container so I'm going to

go ahead and rebuild that container I'm going to go ahead and hit rebuild and so I'm hoping that we'll install the CLI

and that avoids us having to install gpg or whatever it wants because that's a headache and I don't want to deal with

that so see you back here when this finishes building okay all right we're in it says the code space is currently

running in recovery mode due to a configuration please review the creation logs update your Dev container as needed

or rebuild the container so clearly doesn't like something about my file I'm not really sure because there's not a

whole lot in it um so we have command control shift p okay control shift p hey like learing learning right and uh we

want to view creation blogs oh that's just to open up the uh command pallet view creation log

and somewhere here it's messing up now I don't understand how it could be messing up because we literally have next to

nothing in it um yeah this is supposed to be an easy

easy GitHub CLI tutorial failed to C the container an error occurred unified containers error

creating fail doesn't even tell us why it's just like nope it doesn't work maybe it's up here

um no matching entries and P unable to find user Dev container okay maybe it's this okay let's take this out all right

and uh that's probably the reason why okay so we'll save that okay we'll have to

update that don't change remote user okay want Push to Main and I'm going to try

to rebuild this again I'll open up the command pallet down here below just in case and I want

to say rebuild um I want to do like a full rebuild

let's do a full rebuild that's fine let's rebuild and we'll get it going this next one okay

I'll see you back in a moment okay so I think that resolved the issue it took a while for that to

rebuild but what I want to see if the C is in here so I'm going to type in GH and there it is okay great so that's the

easy way to get in there as long as you don't make any mistakes in your Dev container uh Json or JS or Json Json

file and so let's go ahead and see what kind of actions we can perform so what I'll do is go over and type in GitHub

CLI and we'll take a look at the documentation and see that's not what I want I want the official documentation

so we can see what kind of commands we can get here it is okay so here's all of our Comm comms and the

question first is are we logged in because that's something we might need to do so let's go ahead and type in GH

login oh sorry JH off login to log the CLI and we have two options we'll do github.com it says the value of the

GitHub token environment is being used for authentication to uh okay so it sounds like we already are authenticated

because of um GitHub code spaces and it's loading some kind of temporary um token in here something we could check

here is to see if there actually is a token being set so I'm going to type in EnV grep and we'll type in

GH and I don't see anything there but apparently it seems to think that it is ready to utilize so maybe what we could

do is list out repos so I imagine if we go here there's probably something like list there is and we could try to list

our repos let's go ahead and try that GH repo list and we have a repo that's that's

actually a really nice display what else can we take a look at here um so again back over to the

repo list our repo what if we go to view what would that do let's take a look G repo

View and I was hoping that it would set it would select the current one but apparently it didn't but we can do uh GH

repo set default and I got to type it right maybe it'll let us choose the repo so we don't have

to goof around and so there it is we can choose one and apparently uh we have two exam Pro Co and the Andrew WC Brown

curious that it's showing forked ones but this is the one I want because this is the count I'm in right now and so

let's go ahead and type in GH repo View and so now we can see some stuff in here um not a lot of information it

looks like it's kind of the information about maybe the description or stuff like that so I

was hoping to see a little bit more there but that's okay let's go down here and see what else we can

do um we could edit our repo like we could change features turn things on or

off that's not that interesting something we might want to do is maybe we might want to uh maybe change our

labels let's go ahead and try that out so I'm going to go here and say GH labels list

um is it just label or labels label oh cool yeah we could see our codes can we add a new one in

here uh we'll go to create so GH label so we try this one here copy it paste it

in and there already is a bug so we can't have two so I'll go here and just say

um Danger something really not right we'll hit enter and so it looks

like we've created another label let's go ahead and hit up okay so that looks really good there bug isn't working good

um if we wanted to create a new repo sometimes what they'll do is they'll um they'll create like a uh a wizard in

here so if I typed in GH create repo and I said um GitHub

we'll just we'll just do this I bet it will prompt us oh I got to type it right I seem to

be typing everything wrong here today repo create and so it'll ask us some things

like create a repo from a template repository make a new one so I could do this I say

GitHub um repo GitHub CLI example and I'll just go ahead enter

here I'll just make this one private I could add a readme file we could add a Gore we could say what we want the get

ignore to be so maybe it's for C++ that let's add a license we could choose a POI

2.0 um we want to do this we'll say yes and it seems like it should have created but we get a resource not accessible by

integration for 403 so I'm not 100% sure as to why we're getting that it could be a permissions issue because everything

is based on um that token right and so maybe we have a personal access token that allows us to read but not right um

and we got a 403 right so 403 error is for forbidden meaning we don't have access to do it so what I'm thinking is

that we can probably create our own um personal access token and try to get around that so I'm going to go to

settings here I'm going to go all the way down develop for settings and we're going to go into personal access tokens

find grain tokens and we'll generate a new token again I don't know if this will work but I'm just going to try it

so we'll just say um uh repo access right let us create a repo and

I'm going to set this for tomorrow because I don't need it forever and if it's for all repos then that's a

challenge right but then how would you create a token this is public repos so here it

says this applies to current and future repos owned by this resource all all includes

public repos read only so the other question is is it because we tried to make it a private

repo but then why would it have it as an option if we can do that I mean we could also authenticate uh via SSH so I'm not

sure so I guess that's where I'm not 100% sure so maybe we'll just say all repos

here and we'll go to repo permissions and I'm looking specifically for repos

contents no and carefully looking here to try to find

that um account permissions maybe it feels closer to this type in

repo uh let's see here so what does this one do interaction limits uh interaction limits

on repos I don't think it's that and so I'm just carefully looking to figure

out what functionality we would have to provide managing repository environments it could be this read

write I would probably put this in just because that is the usual

um oh repo creation it's up here so I don't think we need these other ones I'm going to leave them on because they're

not that big of a deal um and this one says it's mandatory so sure we'll have that in there got it

added in there I'm going to go ahead and generate this token and so now we have this token I'm going to copy it I'm

going to go over to here I'm going to type in export GH token and I'm going to go ahead and paste this in and so the

idea is that when we use the um uh the CLI it should pick up this as opposed to what what else is on here so I'm typing

EnV hyphen grep because I want to make sure that this is actually set as our environment variable if you have other

tabs open here it might not show up so just stay on the current tab we'll go ahead and try this again another reason

why it might have not worked is because that name was already taken but I don't think so because it's scope based on our

user so we'll go ahead and try this again from scratch so we say GitHub CLI example and then we'll say uh we'll put

nothing in there we'll make it private and it was interesting there's a visib of internal I imagine that maybe that's

for Enterprises we'll say yes yes and it doesn't matter I'll just choose that one we'll say yes doesn't matter I'll choose

that one and we'll say yes let's see if it works now clone the repo locally yeah sure let's do that and so now it's

working so whatever key whatever personal access token that is somehow being loaded in there did not have the

correct permissions we were able to get around that so I don't really want this repo so I want to go ahead and delete it

um let's go take a look and see what actions we have there we have delete so I'm going to hope that it just will like

give me a wizard so I don't have to pick it so we'll say GH repo delete um and I don't want to delete our

current one so I'm going to hit contrl C because that's totally not what I want and we'll go back over to here and we'll

take a look and see what we can see for the uh repo I really wish they would list them up here maybe if we go to the

getting started or available commands yeah that's a little bit

easier it's not great but uh we'll go to repo here and we'll go to delete and we can put the repone name

here so we'll go back over to uh GitHub here we'll go to our names this is going to be Andrew WC

Brown and we should be able to see two repos in here there's our other one I'm going to

grab that name and I'm going to go back over here and I'm going to say that so do I want to

delete it so type the name again sure and we have to put in also uh the username in

front of it we'll hit enter and that repo should be now deleted we'll go back over to

here okay and it's deleted so that is in good shape so that's all good so I'm really happy with that I'm going to go

ahead and stop this uh code code space I'm just going to delete it and you know I'm gonna delete the

other one I'm just going to make sure I keep everything nice and clean and and not worry about overspend and what I

want to do is just merge this into my other account again you don't have to do this you can just watch me do this but

it's good to watch because this is something that people have to do a lot and actually what I should have done is

I should have gone over here and I should have done it from here first so I'm going to go here and

create a PR create create a new PR and we'll say create is going in the direction we want yes it is we'll hit

create um fix Dev container we'll create that pull request good we'll switch back over to

our other account and then I'm going to go into uh the same repo I'm going to accept it confirm it and we are in good

shape I'll see you in the next one ciao [Music] a common strategy for authenticating uh

to perform git operations on your remote GitHub repo is by using an SSH key uh you're definitely going to want to use

this because it is a great way um to work with Git uh in your local developer environment it's definitely the way that

I like to use it as opposed to using a personal access token but uh the way it works is you'll have to generate out

your own SSH uh key using a command like s key gen for Linux there's probably different ways but that's the way that I

know and specifically an RSA key I'm sure there's different kinds of keys that uh GitHub will take but that's the

one that I know and so the idea here is that we have our computer our local computer and then we have the server

which is a GitHub and the idea is that there will be a copy of the public and private key on your local computer and

then on GitHub you'll store that private key and so the the process of authenticating and authorizing is going

to go like this so the server checks to see if you have the same public key if you both have the same public key it's

going to send you a challenge message that challenge message contains the public key uh encrypted and so it's

going to send that on over and then uh the idea is that um the private key on the local computer will decrypt it and

then it will be able once it decrypts that message it will then take the private key and do something there and

then send back a well it won't do something it'll send back a signature um and then that signature will be sent to

GitHub and then they'll verify it and that will establish that connection allowing you to use SSH keys to get

clone or push or or things like that uh under your account settings SSH and gpg keys is where you'll be able to add the

public keys so here you can see I have a couple SSH keys in one of my GitHub accounts and it's there under SSH and

gpg keys and when you want to go use um or clone a a repo you're going to really want to use that SSH style address it

will not not work with the htps one or the GitHub CLI one technically will work at the GitHub CLI one but that's what

you're going to want to do there so there you [Music]

go in this video I just want to show you quickly how to create SSH Keys we did cover that in the quick and dirty uh git

crash course but it's good to do things more than once so that we really get good at them I'm going to open up a new

environment here in code spaces and we'll get that spun up so I'll see you back here when this is ready okay

all right so we have this environment spun up and it's just not remembering my uh settings whatsoever but you know

that's just how things go and I'm going to make a new folder in here I'm just going to call it um SSH

keys and I'm going to just go ahead and make a new read me file so normally what we'll use is

the SSH keyin command I realize that's small I'm just going to jump it up like that and

so we use T RSA to make an RSA um uh style key I would imagine that GitHub can support different kinds not

that I know much about the different kinds let's go take a look here and see what we can see so that's from local I'm

going to go ahead and delete that um because I don't need that right now if we go here you can see things like SSH

RSA sha 2 something like that so so be interesting to generate something else out so

ecd SSH key key gen ecd so I want to see if we can generate something that's a bit more

secure I I assume it's more secure is a relatively new crypto cryptographic solution um it's been around for 5

years okay so how do we make it and the way we make it it's probably by supplying this like that okay great

so what I'll do is go back over here and we'll change it from RSA to this one and see what happens I've never

done this before but I imagine it's super simple and I'm going to CD into the SSH

directory I'm going to go ahead and hit enter say allow yes I want to paste we'll hit enter and see if it can do

this and so we'll go ahead and hit enter um it will create it in the code space

directory so I suppose that's fine and we'll do that and that and so then we're going to get that key and

then the idea is that we can then go ahead here and then we could go and cat out the contents of

it right all right and so we could copy this and it's actually a lot shorter

that's actually really nice I like that and then we could go over here and then we could add it so just say uh Cloud

developer environment for CDE and we can add that key now I want to point out that you can add keys to

repo as well so we're not going to really test this to make sure it works I just wanted to generate out another one

and show you that but what we'll do is we'll go over to our repo because I want to show you where that deploy Keys

things is and if we're in a repo like this we can go to our settings and there should be deploy Keys down below and we

could add a deploy key and it's the same process you just paste it on in you save what it's from uh you can say whether

you want it to have right access and boom there you go but a lot of these um repos only need readon so especially if

you're building you're just cloning the repo so you don't need that but that's all I wanted to show you so going to go

ahead and Commit This okay so just say uh basic instructions for

SSH okay so that's all good I'll say okay and then what I'm going to do is

just switch into my other accounts and I probably can merge the other way too um if I try that so if we go here to PLL

requests we go to new PLL request and I could probably try to grab from that other repo so I want to bring in from

here from there yep I can do that and then I'm just basically allowing myself to pull the changes and without the

other Andrew having to uh put it forward okay there we go and we are emerged I will see you in the next

[Music] one so deploy Keys allow you to attach public Keys directly to a get repo and

the use case for deploy kees are if you're using let's say a build server or a c cicd third party service that needs

to clone the repo so they can perform a build or deploy or maybe single repo access so instead of using a shared key

pair for the uh for multiple repos you have a single key pair for single git uh git repo and another reason would be to

avoid using the personal access token um I'm going to tell you I've definitely used deploy Keys especially if you're

not using GitHub actions and you're using third party cicd tools which is pretty common with GitHub um you will

find yourself using deploy keys and I just want to make aware that's very similar to the other one with some

advantages so you have to decide in your use case where you're going to want to use it but it's as simple as that

[Music] okay hey this is Andrew Brown and we are taking a look at personal account access

tokens or specifically personal access tokens or Pat which is an alternative way of using a password for

authentication now Pats are not specific to GitHub but they do utilize them uh and the purpose of these tokens is to

give you access to the API um when you're making direct calls or using the command line or using the SDK uh GitHub

no longer supports the use uh of using a password directly with interacting with API they used to but now you have to use

an access token uh if you're coming from like the adus world it's kind of like your access secret um so it's giving you

that access uh there are two types of paths on um GitHub you have the classic token they're less secure and no longer

recommended for use customers with Legacy systems may still be using the classic token like some of my apps

uh then you have fine grain uh personal access tokens these Grant specific permissions they must have an expiry

date uh you can only access specific repos um or if you want all repos it'll probably only be readon you can only

access resources owned by a single user or organization you can find the stuff under the developer

settings um there are a few use cases where we'll use uh Pats it would be like logging in using get clone for

HPS and uh let's say we are using uh the GitHub CLI you could set a token or sorry a environment variable called GH

token to be used uh for for the GitHub CLI for the to pick that up uh if you're using SDK you're going to be supplying

your token I would imagine that the uh that these um sdks would pick up that environment variable as well but there

you [Music] go hey everyone it's Andrew Brown and

this fall along I want to take a look at personal access tokens yes we've already played around with them but let's play

around with them a little bit more okay and so what I'm going to do is go over to my repo and I might already have a

code space from before and it's already still active so I'm going to go ahead and open that to save myself some

trouble if you have to launch a new one you can absolutely go ahead and do that remember to close your codes places so

you are not using up your free tear usage uh you get so many hours per month I don't know what it is uh you can look

it up if you want to know or we'll find out when we make it over to the uh code spaces section in the course um and so

what I want to do here is I just want to uh work with personal access tokens now we might have one set from before so we

going to take a look here and see what we have so going type in EnV grep G and see if there's anything set and there's

nothing set here so that's great and what I want to do is go to the top left corner here go to settings and then down

below we'll go to our developer settings and we have our personal access tokens we have fine grain tokens and token

classic now something I would like to know I'm going to go ahead delete this one what I would like to know is can we

generate them out from the GitHub CLI you think you wouldn't be able to because then you need permissions to

have permissions but I'm going to take a look here and see what we have um because I'm just curious to see if it's

actually there or not and so I'm going to just type in token and there is a token so it says this command outputs

the authentication token for an account on a given GitHub host well that's really interesting so

what would happen if we wrote that in so I'm going to type in GH author token and see what we get and we actually get a

token back so I'm not sure if that means that um that's that token code but let's find

out if it is by generating out a new token another thing I might wonder is like what permissions do we have I'm not

sure if it would tell us I don't think so what's refresh refresh our token expand or fix the permission scope of

the store credentials that's kind of interesting like you go out and request to have more

permissions but I'm not sure exactly how that would work um but let's go ahead and generated a new token I'll just say

um create issues and I'm going to set this for one day okay and we'll go down below and

we're going to select it for a very specific repo this one here and I'm going to go to permissions and I'm

looking for issues we'll say yes to issues read and write and we'll go ahead and generate that token and so we can

see that's what this token looks like we're going to copy it bring it over here and I'm going to set it to this so

I'll say GH token equals and then a double quotation paste it in enter and so now it should

be set so if I type in E EnV grap uh GH we should see it there excellent so now let's type in Gs off token and see

if we get a different value notice that this is the one we have now it shows that we're using a personal access token

so this is getting load in loaded in by GitHub Hub how it's getting in there I don't know but this one looks exactly to

be the same as this one let's go test and see if we can make an issue so go down below

here and we will say create and I'll scroll down and grab an example so we'll do this and hopefully it'll just know to

create it in the current repo enter and we need to set a default repo so we'll go ahead and do

that I'll choose this one here and I'll try this again and so it's created

it oh this repo has um issues disabled that's interesting so we'd have to go ahead and enable that so I'm going to go

back to our repo here I'm going to go over to settings and we'll go down below and we'll turn on issues now we could do

this via the CLI but it's just easy to checkbox that and we'll go back to our environment and we'll hit

up and now it's created the issue so now the question is if I get rid of that token

like I unet it uh what would happen so what I'll do is I'll just hit up till we get to that set and I'm just going to

purposely set it blank okay and that way this shouldn't work and so now if I do GH list issues

list I wonder if I can get a list of them now remember this repo is public so it's going to work because it's public

but the question is can I delete the issue so I'm going to say delete and um it's expecting some args

if I type help will tell me how this works the number of it that's perfect so the number is two so that's easy and I

wonder if I could just put a two on this type two to confirm yes okay it deleted it now the thing is

is that yes I was able to delete it but just understand that this thing has some base uh access underneath that original

token and so it probably had permissions this one here to do that there's probably some things that this thing

can't do and we learned that before which was that uh being able to create a repo um but uh you know if if I did this

on Local Host I would assume that this would have not worked and that's totally fine I think that satisfies us for

learning about uh personal access tokens I'm going to go back to our personal access token go ahead and delete it and

we'll call this one done okay so I'm going to go ahead and go into personal access tokens and delete this and if you

want you can stop and delete your code spaces I'll see you in the next one [Music]

ciao let's quickly talk about read me files these are markdown files that provide documentation and structional

information and a repo a GitHub repo that has a readme.md or readme and all caps or readme and all caps. MD in the

projects route will be rendered on the homepage there's actually some other markdown files that will also be

rendered there but it's really important to remember the read me one as it will probably come up as an exam question and

they'll actually ask you like what uh where where should this be located it's always in the root that's what's going

to render yeah I don't think it renders anything else but that one and they might kindy to trick you there um you do

get this nice little table of contents on the right hand side so if you have uh headings it will figure that out for you

there I remember that wasn't there before so that's really nice um but yeah it's as simple as that okay

so GitHub wants you to know about basic repo navigation what that means I don't really know so I'm taking my best guest

to show you what that is uh So within a GitHub repo you will have a navigation bar with various features of your GitHub

repo and this is how you get to all the cool stuff and the main one is code this is where your codee's going to live um

such as files folders things like that um we have issues that's for tracking problems it's basically a ticket tracker

we have pull requests that's where we're going to be uh uh when we're managing collaboration

with other uh developers and they want to bring changes into our repo it's our opportunity to uh check that work before

it gets merged in we have actions that's for GitHub actions uh for projects that's for GitHub projects uh for wikis

that's the wiki security is like a a list or a um a checklist of things that you should do I think it changes if you

are looking at the context of a uh as a a user and you're not the owner of the repo you're going to see

maybe the security policy or different information but if you are the owner you're going to have a checklist of

things you should do and it basically mirrors kind of what's in the settings page under security so it's kind of

weird that they do that but that's how they do it then we have insights this provides uh statistics mostly in the

form of charts and graphs about the repo sometimes this information is public sometimes it's private then you have

settings this is where you control all the settings for your repo um the other thing is that when you are using at

least in the code section you can navigate around files so I showed you this in a a prior um follow along but

the idea is you can search stuff you can see the contents of file you can comment on code per line so there you

[Music] go so when you create a repo you can choose which owner you want it to be so

right now I have it set as uh my personal account but you could drop that down and you could also choose an

organization that you belong to repo names are scoped based on the account so you can have the same name uh

for different organizations other people can have the same name if they're a different user so just understand that

you can do that uh you need to choose an available GitHub name again based on that scope uh your repost can either be

public or private um pretty self-explanatory you can quickly add a readme file a doet ignore and license

it's very very important to remember those three because you might get an exam question asking about the three

things that you can quickly and easily add if you're using the CLI you can add it uh this way or create one we did this

earlier when we did the GitHub CLI kind of demonstration and we found out that repos require special additional

permissions or personal access token permissions um that the GitHub Cod spaces would not allow you to do but

yeah there you go that's a create a [Music] repo all right let's go ahead and create

ourselves a repo I know we already know how to do this but it gives us an opportunity to talk a little bit more

about uh some of the things that might appear on the exam you can create one up here in the top right corner and I have

this double click problem so it's getting a bit confused I can go to this new green button that's usually what I

do and we can have a new repo so I'm going to say my uh cool repo right we can provide a description um this repo

is amazing and we can set it as public or private I'm going to stick with private for now and we'll add a read me

we'll drop down get ignor we'll say maybe we're working with Ruby so we'll get that by default and we'll add a

license like MIT we'll go ahead and create that repo um I want to point out that you have other things that are

rendered here so that should be very clear um we have releases and packages which we should talk about at some point

I'm going to leave this repo around if we want to play around with it um but uh yeah it's pretty clear how to create a

repo it's not hard let's go take a look at a more popular repo like Ruby on Rails um so I'm just going to type this

up here type in rails and we'll take a look and see what they have um so if we go into here you'll notice there are

just more things we have codes of conduct right we have our MIT we have our security policy if we go up here to

the security tab this is what we can see um so we have the security policy being rendered out here and then it's showing

um possible uh exposures probably based on one of the scanners I'm not exactly sure which one is showing that um but

that is that there if we go back to our own repo we might be able to take a look at security here hold

on uh going back to wherever that one was we just made that repo it can be a little bit of pain to sometimes find

your own repos I'm not sure why they never made that easier but just how it is and if we go down we can find myel

repo here and there's this security Tab and notice that it's listing out uh things that you should do for your repo

it's important to know what these are because um well if you have this uh the exam is going to probably ask you like

what's what things can you access from here and this is just from the public repo if you have a private repo it's

going to be different sorry this is private public can be different so let's just open this up and make a comparison

and see what kind of difference there is here so if we go over to repo here and we go into this public one over here

what options do we get so we get a lot more going on here so so notice that this is the private

and that is the public probably because if you're if you had a paid version You' then get additional code scanning and

secret scanning for public repos you automatically get that stuff I just want to point out that all this stuff is also

under your settings under uh Security Options so they kind of just like repeat it there you know so it's just what they

do but hopefully that makes sense and that's all I wanted to show you so I'll see you in the next one ciao

[Music] let's talk about maintaining a repo now what's unusual about this slide content

It's Not Unusual but it's the fact that in the outline they have a whole section for GitHub Administration and uh for

whatever reason I have it over here as opposed into the other section because of the way the outline is designed so

understand that I'm not going to cover that stuff in that other section because it's just repeated um but anyway let's

continue on and look at maintaining repo so the first thing is your name so you can change the name of the repo if you

do not like it as long as the name is available you can absolutely do that and a reminder that repo names are scoped

based on personal or organizational accounts or organization accounts I I keep writing organizational but it means

the same thing uh you can change the base Branch the default Branch uh you can rename it um just so you know Maine

is the unspoken best practice for naming your base Branch everybody does it the old one was Master nobody calls it

Master anymore um you can opt in and opt out of some features feates for your GitHub repo I say some as a catch all

just in case there's features that do not show up or there's ones that are locked in um but that's pretty

straightforward you just check a box and you might have to do some additional configuration then there's the danger

zone which contains actions you need to think twice about because they cannot be undone if you make a big mistake and in

the danger zone we have the ability to change the repo visibility um it's important to understand what happens

when you make a a a repo from private to public the code will be visible to everyone who can visit at github.com

anyone can Fork your repo all push rule sets will be disabled your changes will be published as activity now will this

show up in the exam probably not I didn't see it but that is something to consider um you can disable Branch

protection rules uh so Branch protection rules are strict workflow rules uh uh that dis like will do something like

disallow someone from pushing to Main and uh you can temporarily disable them if you have to apply quick fixes and you

can't work around those rules easily you can transfer ownership to somebody else and they'll become the owner of the repo

you can archive the repo so it becomes read only you can delete the repo so there you

[Music] go all right time for some repo maintenance uh so what we're going to do

is I want to create a new repo I'm going to make it in my other account uh just because we're going to want to transfer

from one to another but I'm going to go here and just say say um uh under here Omen King and I'm going say my cool repo

2 okay and I'm going to just make this private and I'm going to add a read me here um I'm going to go ahead and create

this repo okay so now that this is REO created we can go over to our settings and let's say I didn't like the name two

I need it to be three because we already have another one called two in the other account I'm going to rename that and it

renames before we used to rename it used to take time now it's instantaneous which is really really great if we

scroll on down here we could change the main branch we could change the name to main two um there are some uh

limitations there because it's not showing all of our options as we don't have other branches apparently it

doesn't create it instantaneously but it will change it in a bit of time there it is so I think it has taken effect if we

go here and yeah it shows that it's been renamed so that sounds really good we're going to go back over to settings notice

that we can check box and uh checkbox on and off features let's get rid of issues let's get rid of projects if we go over

here to our code notice that they have vanished across the top so that is great we'll scroll on down um we have more

abilities somewhere here in the danger zone so we can change our visibility it will give us a warning about it I'm not

sure why it's making it so hard I'm going to make this public I'm going to say that I I accept the changes and

we're going to make it public and then apparently I have to confirm so I'm going to get out my phone and it wants

me to enter a number into my phone okay so 37 approve great and I'll wait a moment for it to

take effect there we go so now it is public um we can disable our Branch rules so I'm going to go ahead and do

that uh we can go ahead and transfer this repo I'm going to send it to um a specific person so this is going

to be I want to send it to Andrew WC Brown which is the other me

and then I got to type in the repo name so we'll go ahead and do that my cool repo 3 I

understand okay so now it should be transferred um and I think the other person has to

accept so I don't think it's instantaneous so if we go over here do I have the repo now if I go up here

in my notifications how do I see the repo transfer I'm not sure I'm going to go

check the email for this account and see if it shows up there okay all right so in my email we can see over here that uh

there is a repo transfer link so I'm going to go ahead and click [Music]

that GitHub repo templates is is a feature for public repos that allow other GitHub users to make a copy of the

contents of the template repo to use as a starting point for their own repo and I believe it's only for public I haven't

checked for private but I don't know why you'd want to use it for private we set a uh a repo as as a template by checking

box on the template repository and then you'll have this option to use the template and when you click use this

template it will then ask you to choose a new name and it'll say what do you want to include and then it'll show that

that was generated from that other template I use these in my boot camps because I will create a starter project

and then you will uh start from that template how are these how is this different from cloning or forking um the

idea here is that um you're starting with a clean repo you're not having all the baggage of of stuff that comes with

it it is a really clear a clean repo and so that's how you're going to go ahead and uh utilize it but that use case that

I explained for which is like you know you want to have something like a project that people are going to start

as a basis of that's where going to be using repo templates okay [Music]

ciao hey it's Angie Brown and this fall along we'll go ahead and make a repo template so um we have

here um let's go over here to our other repo trying to find it sometimes it's a bit hard to navigate

repos there we go that's a bit better and so we have this my cool repo what I want to do is convert this repo into a

public repo for now just so that we can utilize this feature I want to go to the top and see if we can make a template

actually it looks like we can I'm really surprised because what would be the point if um it's private you know what I

mean because we go here how's anyone going to click that button it doesn't make any sense so I really think that

that is a public feature and notice I actually checkbox it on and it turned off so I think it

is yeah it is nope okay it's on now all right I mean I guess you could use it to

make your own from it so I guess my thought was it was always about other people using it but I guess you could

make your own default template and use it for yourself so I guess it's not just a public feature but they're never going

to ask you on the exam so I'm not going to fix the slides because of that let's go ahead and uh create a new repository

from this template we'll just say my cool repo 2 and we'll make it private and also we can include other branches

but I don't want anything else and there we go so now we have this uh repo that is making a copy of we'll give it a

moment and here it is you can see it's generated from that one and there you go [Music]

ciao so in GitHub you can clone a repo programmatically three different ways uh we have the first which is https uh you

will have to supply a GitHub username and password on the Clone and you'll need to set uh get to cach the

credentials if you don't want to keep entering them in I didn't write it in here but when it says password we're

talking about the um personal access token because GitHub does not let you use passwords anymore um but in the

documentation it kind of suggests that you can use a password because it says password protected oh not here but under

here would it would it would say that um for SSH uh you can utilize that method you'll have to have an SSH key pair and

you'll have to upload that to your GitHub account then we have the GitHub CLI um so we can do that as well this is

going to use credentials uh when you do GitHub login it'll actually use either a personal access token or SSH we can also

clone repos in the GitHub desktop and we can just download a zip it's not really cloning but we can download the contents

of it um so that's pretty straightforward there sometimes you just want the the the codes repo um I want to

point out that we did all this in the quick and dirty git and GitHub crash course so if you're wondering how to do

these three make sure you have watched that video and you've done it all okay see you in the next one

[Music] ciao you can add files to your GitHub repo directly via the GitHub UI if you

drop down code you or sorry add file you'll have create new file upload files so it's great for both text and binary

files um and uh the idea here is that when you uh go ahead and add a file if you need to have folders you can put a

forward slash and it will end up creating as many folders as you want and then you put the name in and you just

create that file there when adding multiple files that you also need to edit you can also quickly use

in this course but uh there you [Music] go there are lots of ways of creating

branches in GitHub and git um something that you should really know how to do is to use this single line command get

checkout hyphen B to both create and check out or branch in one go you should absolutely know how to do get push

hyphen U origin staging which is basically The Hyphen U is short for hyphen hyphen setup stream I know look

like a single hyphen there but there's actually two uh for this flag you can create branches from issues um and then

the branching issue will be Associated and linked you can directly create branches in the GitHub UI you can create

branches in the GitHub desktop and I'm sure you can create branches in the GitHub CLI and uh yeah there you

[Music] go hey it's Angie Brown and this fall along I want to create some branches

nothing super difficult ult to do but um something that will take us just a moment I'm going to go ahead and use um

our my cool repo and what I want to do here is I want to go ahead actually I want to clean these up I don't want to

have a bunch of uh junk repos hanging around so actually I decided against that and I just want to keep things

clean and keep with our single repo even if it is um public so I'm going to go ahead and typ my cool repo here and

clean this up Andrew WC Brown or man gez Andrew WC brown brown my cool repo it's that auto

complete that's messing it up there we go and I'm just going to go ahead and also get rid of this one and then we'll

just be really focused on what we need to do at hand here just give me a moment

there we go okay so now let's just go back to our GitHub examples and there are a few ways that we can create issues

uh one is or sorry branches one way is to go to the branches Tab and I'm pretty sure we can just create them right here

so I can go here and just say uh feature uh cool one okay and we can say what we're branching

from so that's an example and and there it is uh another really useful way and something I really recommend is you

create an issue and we'll and we'll make a test and create a branch from an issue okay and then what we can do is

then go ahead and create a branch here in development in the bottom right corner no it's going to put the number

in here that's a very common pattern is to have whatever your issued number is and then a a a short name for the Branch

okay then saying like what should we do next code spaces locally I don't really want to do anything next I just want to

um do nothing but I'll go ahead and hit create branch and so then it gives us like a button where we could click to go

ahead and play around with it so that is something I do a lot when I teach boot camps I show this a lot this is a very

common workflow and something you should absolutely remember uh that you can do um let's go ahead and launch up this in

codee spaces so going to go here and we have this one here sure I'll launch up this old one sure why not and once this

is launched up we'll take a look and learn how to use a very cool shorthand for um

implementing uh checkout and creating a branch in one go okay so just back here when this is ready all

right all right so this is back up and running and notice that we are currently in the main branch we can type in get

Branch to get a list of branches and so what I want to do is I want to create myself a new Branch here

and actually there are other branches it's just not showing them if we do get poll um it might show us those other

branches there we go and now if we type in get Branch it still doesn't show them but

that doesn't mean we can't check them out but uh our um our uh program is aware of it we might also be able to

create branches within a git graph these were things that we installed earlier so they might have the option to do that

here I'm not 100% sure see create Branch so we could do that as well I'm not going to do that

but what I really want to show you is something that will show up in the exam I'm actually really surprised that it

did but it is a really good thing to to um uh to know is that normally when you create a branch you'd have to type in

get branch and I'd say my new Branch like this and then I'd have to do get check out my new

Branch okay okay and so that's something you can do but what is more efficient you can go

check out back to main is we can do that in one call we can see get checkout hyphen B for branch my new Branch 2 and

that's going to create that branch and check it out so really make sure you remember this one because it will

absolutely show up on your exam it's absolutely something you'll use every single day I strongly recommend it the

last thing um I want to go over is just pushing to origin so what we can do is is set um Upstream but I think that U is

a lot easier to do we say origin and we just say my new Branch here two and then that will push that Branch up there

because you really want to know how to set that origin so that's all I really wanted to show you and um yeah we can

just stop this environment so we'll go ahead to command pallet just say stop current code space and I'll see you in

the next one okay ciao [Music] so GitHub releases allows you to create

releases with release notes and linked assets such as zip sources or binaries for specific platforms so in a get repo

you'll see releases and from there you can read about the release and see all the stuff that has changed and there

might be the source code or binaries if you if this is something like um I'm trying to think of an example like let's

say you like to play video games and there's an emulator uh for like the PlayStation uh they'll have like builds

here for Windows Mac and um other things here uh maybe you make a video game in general you could distribute the binary

here it's anything where you're Distributing the binaries or the sour source code but you're making very clear

what has changed as a release um and often like when I'm having issues with something I will actually go through and

re read the releases when let's say um like react router have you ever used react router Dom and they change

versions I'm trying to understand like what compatibilities have changed what does not work anymore maybe I was

experiencing a bug and if they do a good job with the documentation it will be in there so there you

[Music] go hey everyone in this fall along I want to take a look at GitHub releases

as it is a very useful feature to let people know about changes that are happening in your repo um so before we

do let's go take a look at some other project that might have changes I'm trying to think of something interesting

like maybe an emulator um so I'm just typing emulator in here I'm just looking for one here's

a Nintendo switch emulator or maybe PS PS2 I'd rather do PS2 I feel like they might have good uh information about

changes like PCS pcsx2 and on the right hand side you can see we have releases and if we open up the

releases um they do not tell you much okay so that's not a great example so we'll go back to another one and we'll

try another uh video game emulator maybe we can just try putting the word emulator you know and people can write

whatever kind of releases they want this doesn't have releases uh we'll try the 3DS emulator

this one doesn't have releases we have this one here do they have

releases no well they do they do no just tags okay so I guess we're just going to not get really good ones here but I

guess we could just go to rails cuz they seem to always have enough for us but I just wanted something that was written a

little bit more uh nicer so you could see a good example of a release but here is one where um you know they're talking

about different versions I feel like if there was a release for a specific uh tag

version right that uh we get better information like when rails first came out like 700 probably would be a good

one so I'm just scrolling through here I mean these are pretty good but again I just want to try to find a major release

one is this this 1.0 seven I'm going just type in 7.0.0 might have to scroll a bit to get

it to load 08 there must be where is it what it just skips over

it okay well I mean 71 was pretty good so we'll go over back to 71 and uh yeah like here it's telling

you about all the libraries and things that are Chang this one's a bit better because it's showing examples of things

that have changed so you can put whatever you want to release and it's just to help communicate what the

differences are because a lot of times you just don't know so we did do some tagging and that's a great opportunity

for us to create our own release in our own repo so what I'm going to do is go back over to our home I'm going to find

this repo that we have I'm going to go over to releases and we're going to create ourselves our own release and

we'll just say version 1.0.0 ready for the world the the best GitHub example

materials around my hands are cold if if you can't tell I'm

uh sorry but I'm in like full snowsuit right now and I got the heater blowing so if you hear the heater I apologize

but it's just how it is right now in my office anyway we you can choose a tag which is great and then um you can then

attach the binary so the idea is we would download the zip and then reup loed again I'm not going to do that

because that's pretty straightforward we'll go ahead and do that and so there's our release and that's all I

really wanted to show you for releases apparently there's a compare button I didn't even know that so that might be

kind of cool to do but um yeah there you [Music] go so GitHub packages is a platform for

hosting and managing packages including containers and other dependencies and the things that it can uh host in terms

of its package registry or repository is Javascript packages ruby gems Java Maven and Gradle packages net packages and

Docker images and the last one I think is going to be the most common uh one that people can utilize um they have a

free tier they have a pay tier so you can start using this right away and we will go give it a go um probably the

easiest thing we could do would be to create a Docker uh container and then push it to GitHub packages so that's

kind of the code that we'll have to go through we can make a simple hello world Docker file run it make sure we build it

and uh GI up actions could be used to build and then publish I I wrote the word public but publish packages to

GitHub pages so there you [Music] go hey this is Angie Brown and this fall

along what I want to do is go ahead and create a GitHub package so what you're going to need to do is start up a code

space I actually already have mine running I think by this point you probably know how to do that I just uh

was working on the video earlier and I had to close out and restart so that's where we are now so anyway I'm going to

make a new folder in here and this will be for uh pack GitHub GitHub packages okay and you're going to try to spell s

if you hear a bit of noise in the background it's because I'm running the little space heater near my feet so my

feet don't freeze I'm in full snowsuit right now okay but anyway what we'll do is we'll go

into the package of directory and we'll make a new file and we'll call it Docker file okay and from here here um we want

to create this little Docker image so we'll say

Alpine uh latest this isn't a Docker course I'm not teaching all this but just follow along with me here or just

copy paste it from my repo whichever you want to do Echo we'll say

hello world okay so I'm going to go ahead and save that file and now what I want to do is go into that

directory and build it so what I'll do is run Docker build hyphen T hello world

period we'll build that okay and now we'll try to run it make

sure it works there we go that works okay and so we're in good shape uh the

other part here I would say is now that we have our Docker image built we want to now push that so I'm going to make a

new read me file so I just have a little bit of room to work with here and there's a few things we need to

do we need to set our username so I'm going to say username here I'm just going to set mine as what I am Andrew

Brown WC Brown that's the account that I have here okay and I'm going to put export in

front of it so I can export it and yeah I want allow pasting good and

we'll hit enter it actually double pasted it so I got to be careful there I imagine this is a bit hard to read so

I'm just going to bump up the font a bit and so that should be set the next thing is I'll need a personal access

token so I'm going to go over here and we've done personal access tokens quite a bit in this course and we'll go down

to developer settings and we'll make a new one and this one is going to well I guess we got to confirm with GitHub

mobile first get my phone out here and uh it wants me to enter a code

in one two okay this one's going to be for GitHub

packages oh I'm not registering an app whoa whoa whoa whoa whoa let's go back personal access tokens there we go

there's an old one I'm going to delete that and I'm going to generate out a new one we'll

say uh GitHub packages I want this only to be for a day just in case I forget it and someone

tries to take it and this is going to be for a specific

repo so we'll go down here and say this repo and then for permissions I'm

looking for packages packages it's under here

maybe packages let's search for it packages it says we need a personal access

[Music] token so I'm not seeing packages in here and this makes me think that we should

probably use a traditional one I don't normally do this but because I cannot find it I'm going to use a classic

token so that's what I'm going to do do um I'm going to go here I'm going to generate a new token really wants to

make make a new one and just say GitHub packages and so it's really similar um very similar to the other

one oh I want it to expire and I'm looking for packages here it is read and write

packages delete packages so I'm not sure where that new one is in the new one maybe it's not and we just have to use

the classic token we'll go ahead and generate that token out I now have this token I'm going to bring it on over to

uh uh here and I want to set this as our environment variables I'm going to say GH token and we're going to paste that

in okay and we'll copy this good I'll paste it in and hit enter so now that's set um I need to set the image

name I'm just going to keep putting the GH under it image name just so it's a bit easier for me to find them when I

want to find all the variables later hello world we'll go ahead and do that and copy that and paste it in hit

enter uh I'm going to put export in front of that just in case that didn't work and then I'm going to do export my

hands are really cold it's really cold in here uh I think it's

like7 it's because my shed uh has a um oil furnace or gas yeah o furnace and I have to go drive out to um The the

Reserve to get some gas and it's just really bad weather so I'm just trying to get this done so you folks can get this

course as quickly as possible so we've exported those values so that's really good I want to make sure that they're

set so I'm going to type in EnV GP G and there they are okay so now we need to write some code the first thing is we

need to log into Docker and so Docker somehow talks to GitHub I'm not sure how that works but we'll just go ahead and

work with it here so I'm going to say Docker login um we're going to say g c or say GHC so that's for GitHub

container repository I'm assuming hyphen U and then we'll say GH username and then we'll say password STD in okay so

that will pass the password that's what that pipe does and see if that works we'll hit

enter uh doesn't know what that flag is H did I type it wrong I did and we'll copy that and we'll paste

that there enter and so now we're logged in so that's step number one step number two is we need to tag our Docker

container so we'll say uh Docker tag and I want my image name and then my version uh this will be GH version and

this will be GH I mean we could just write it out if it's a bit simpler for everybody so

we just say hello world one0 and then on the other side be GHC doio and then that would be our

username so I could just type it in here it's up to you whether you want to use environment variables or not I'm just uh

I just want it to work so I'm just going to write it out in full even though we made environment variables up here for

this particular use case but that's okay one z z so the idea is we're going to tag um our Docker image we built is uh

for 1.0 to map to here okay we'll go ahead and copy that hit enter um no such image I mean there is

no tag called 1.0.0 on it we do Docker list or Docker images it's called latest so we'll

change this to be latest we can make the other tag latest as well but I I'm going to make it 1.0.0

I'm not sure why I'm just going to do that so how it's going to be we'll go ahead and enter and so now that's tagged

and so now we should be able to push it GHC r.i slash say Andrew WC Brown for slash hello

world colon 1.0.0 copy enter um so it says an image with the

tag does not locally exist with that tag so maybe I tag tagged it wrong T HC R IO I spelled it wrong yeah we could have

just copied this one here to get it all right hit enter and there it's pushing it okay so pretty

straightforward uh we could have even done this we could said like uh export um tag

name right and we could have done this right and then we could just done that

that and we could have done that I'm just cleaning it up doing that uh post post refactor here and um here we could

have just put these in as such so we could have done this and then this would have been

GH uh image name and then this would have been GH

version and so you get the idea there so that's pretty much it let's go take a look and see where this actually is I'm

done with this personal access token so I want to delete it so nobody else is using it

and um this revokes all personal access in class classic just in case I'm going to do this so I'm going to say Andrew WC

Brown I think they're all revoked but just in case or not let's do that anyway and we'll go over here and we'll take a

look at our profile because it might show up under packages here I'm not exactly sure how you set public packages

oh there it is it's private all right and I'm not sure if it's specific to a repo link this package to a repository

so I guess if we wanted to link it we would have had to apply a label and so I guess labels are what you think they are

they're labels and that way we could associate it I'm not going to do that here today I think that's fine but I

will copy this just in case anybody else wants to do that and

um we'll go ahead and save our changes okay and this really doesn't want to push here today I'm not sure why get

push what doesn't it like um oh push protection okay it detects something

here oh is my token in here wow that's cool it actually detected it so that because we turned on security scanning

earlier it would not let me do that that's awesome I wish we I I thought I was showing that earlier so

don't show token actually what we have to do uh is we can't even just push the old one we have to amend uh the last one

we had so if we go over here uh I'm going to have to go ahead and amend

this so I'm trying to figure figure out if there's a way I can just quickly amend um I'm going to get rid of this

change here first I'm just going to say discard this change and I'm going to type in get

commit hyphen hyphen amend and so now uh what I should be able to do is go

into here for all changes right and I should able just change

it actually no that'll just amend the message sorry that's not going to do what we want

uh what we actually need to do here is we out of amend mode I think we are yeah um I'm going to do get

reset uh soft head Tilda one and what that will do is bring the changes back into here

and so now I can go back and fix that but that's really good that uh I had the the secret scanner turned

on do not commit your GitHub token but we did also delete it so it's less of a problem as well

uh GitHub packages so just be really really careful with that stuff

okay and there you go so I'll see you the next one okay [Music]

ciao hey this is Angie Brown and we are taking a look at poll requests often abbreviated as PR and you'll see that a

lot it's very common uh is a formal process to put forth changes that can be manually or automatically reviewed

before it's accepted into your base Branch your main branch here so here are poll requests in GitHub and the benefits

of poll requests is collaboration review or collaborative review so enhances code quality through team discussions and

peer feedback CH it it tracks changes says change tracking but tracks changes provides a record of code changes and

related discussions automated testing enables integration with tools for automated checks and tests controlled

integration manages safe and reviewed merging of code changes open source friendly simplifies contributions and

collaboration at open source projects I want to point out that PO request is not necessarily A get feature but a a

workflow and GitHub has built a bunch of features around poll requests poll requests aren't unique to GitHub um it's

just part of the workflow and and whatever they want to build around it they can build around it and that has to

do with other tools that do the like jira and bitbucket or whatever other tools like git lab and stuff

[Music] okay so we can create pull requests using the GitHub CLI uh that's one

really cool way of doing it the other way is using uh the GitHub website so you go to the pull request tab in your

repo you create a new pull request and there it is I'm sure you know by now how to create a pull request because it's

almost impossible not to show you that 100 times over before we got to P requests here but that's how you create

them one thing I want to point out is um uh that we have to set a base this is who we're going to merge into and ahead

who uh the changes that we're going to pull into notice it says compare we'll talk about that in the next slide about

base and compare [Music] okay so base and compare determines the

direction of the merge for a PLL request and the idea is we have the base so is who you want to merge into this is

usually the main branch or an environment specific Branch doesn't have to be main but usually main is base

right um then we have compare this is what will be merg into base uh compare is choosing the head reference so notice

before I called it head and if you look very closely it says choose the head reference so that's what compare is this

is usually a bug or feature Branch another thing that I need to point out is that you can compare across Forks uh

this is useful if you're trying to contribute to an open source project so you're going to have the option to Cho

the base uh repository um and the HUD repository to different uh repos from different owners so there you

[Music] go so a draft pull request on GitHub is a feature that allows you to open a poll

request but Mark it as a work in progress uh the use cases for draft pull request would be indicating work in

progress so communicates the poll request is not ready for review or merging preventing premature merging

ensures incomplete work is not accidentally merged facilitating early feedback and collaboration so people can

talk about it continuous integration testing so maybe you want to just run uh a test code because when you have a PLL

request it's automatically going to start doing that transitioning to a ready state so easily switch from a

draft to a ready for final review and merging organizing work and priorities help in managing and tracking ongoing

work in large projects um draft requests draft pull request is a feature only for GitHub organization teams I believe you

can use it in the uh free um free organizations that are public so we'll take a look and see if that's even

possible uh if if I don't make a video then you know that it wasn't um there are two things you need to remember for

this for the exam uh draft pull requests cannot be merged code owners are not automatically requested to review draft

pull requests okay so remember those two things because they will show up on your exam ciao

hey this is Andrew Brown and in this fall along I want to take a look and see if we are able to open up a draft PLL

request in our GitHub organization free account that we created so what I'm going to do is make a new repo because

we're going to need to need we're going to need to have one in our um our one here and actually you know what I'm

going to do no no no I'm just going to uh I don't want to make it too complicated I'm just going to make a new

repo so just say uh like fun repo we'll say fun repo okay and this can be public we're going

to make it public so just in case we need to have that so we can have that functionality because a lot of times

public allows us to have um that paid functionality for free so what I want to do is take a look here and create a new

pull request and see if we have the option we don't have any code so we'll need to create ourselves a new Branch

I'm going to just do that in here in the UI and we'll just say uh Dev and we'll create that branch and then from here

we'll go over and I want to switch over to Dev and then I want to edit the read me here and I'm just going to put in

some exclamation marks we're going to commit that change looks good to me and then we're going to make our way over to

pull request and we'll make a new poll request and what I want to know is if I can make a draft pull request so we'll

say create new pull request and we'll drop this down and there it is okay so that's all it takes to create a draft

pull request if there are code owners assigned they can't touch it noce I cannot merge it I'm clicking like a

maniac it's not going to happen and that is draft pull requests so there you [Music]

go let's talk about linking activity within a poll request so you can link issues to a poll request so that the

state of the poll request will automatically close the issue we actually already did this before we

looked at issues during we looked at issues and we're looking at it again so the idea is that you go up to

development on that cost and you choose um the issue or sorry the poll request and then they're linked

okay so that will close it the other way is via those supported keywords so if you have any of those words you put in

the comment of the actual poll request um then that will close it it says the poll request must be on the default

Branch okay the PO poll request must be on the default Branch for it to work I don't know if that's true I mean it

worked for me when we did it but but um however we did I guess it was on the default Branch but um uh anyway that's

that I don't think there's any point of us showing this again because we've done it so many times but hopefully you know

that you can do that and the direction to which it happens you're putting it in the uh body the description of the Polar

Quest um so it links to the issue okay [Music] ciao let us take a look here at the

different statuses a poll request can be surprisingly this isn't an exam question but it's something you should know so

let's go through them all the first is open the default status when a pull request is created it's open for

discussion review draft indicates the pull request is a work in progress and not ready for review closed the pull

request has been closed without being merged this status is used when the proposed changes are no longer needed or

if the branch has been rejected merged the pull request changes has been merged into the target Branch the status

indicates a successful conclusion of the pull request process changes requested this status is used during the review

process when a reviewer requests changes before the poll request can be merged review required indicates that the poll

request requires a review before it can be merged this status is common in repos where uh reviews are mandatory part of

the workflow approved the pull request has been reviewed and approved for merging by the required number of VI of

reviewers conflict indicates that there are conflicts between the pull request branch and the target branch that needs

to be res resolved before merging ready for review a poll request initially marked as draft can be changed to this

status once it's ready for review so that gives you an idea of the functionality of it and you kind of

figure this out as you are working with PO requests but there you [Music]

go so the code owners file is a GitHub specific file that defines individuals or teams that are responsible for

specific code in a repo and so the idea is that they have the syntax that's similar to get ignore and when a polar

request is open that modifies any files matching a pattern in the code owner's file GitHub automatically re request a

review from the specified code owner the code owner files go in either the root project root. GitHub folder or docs

directory um and so yeah I think this is something that is a paid feature it probably could be in free if we're

talking about um organizations teams or sorry like free organizations that have to take a look but yeah it is a very

powerful feature [Music] okay so when you're merging a poll

request there are a few options so we have this drop down where we can either create a merge this will bring all

commits over into the repo we have squash emerge which will have one commit to be added we have rebase emerge which

will be added and then do a rebase the third one is a more complex one so if you're not familiar with rebase you're

probably going to be looking towards squash which is a good one the use case depends on your team's workflow they may

prefer only a single commit uh added and so that's why you would want to have squash or rebase um but you do have a

lot of options there for how you want to bring code in uh to your uh your base um your base

[Music] there required reviewers is a way for you to explicitly say hey these people

have to review this code otherwise it won't be accepted um and so you can assign or

allow multiple required reviewers before code gets into a repo and a lot of times you can say it can't be the same person

uh that submitted the code and it's not uncommon to have like four or five people that can be required reviewers

and two or three have to um look it over before it gets accepted so here um I would be assigning myself and saying

okay Omen King this this user has to um review the code and then from there as that user I would have to approve the

changes and then from there it would change it to saying okay Omen king or Andrew Brown approv the changes and so

now you'll be able to press that merge button okay so there you [Music]

go hey this is Andrew Brown in this video I want to uh do a little bit more with P requests in terms of code reviews

and maybe we could try to get that code owners file to work or um you know just things that we didn't get a chance to

really get Hands-On with as we have made pull requests quite a bit but not from a reviewing kind of code proper way so

what I want to do is I want to make my way over to our um uh our pretend organization and we're going to go ahead

and create ourselves a new repo unless we already have one like the fun repo does that still exist it does so what

we'll do is go ahead and use this one and what I want to do before we do anything else is I want

to add um or make sure that the collaborator is added to this repo here and so I'm going to go ahead and add

Omen King okay and there I am and I'm going to go ahead and say this person can maintain

this repo all right and now they're part of this repo so they're there and the reason I was able to add that very

quickly was because they were already part of of a team so or sorry they were already part of our organization so I

didn't have to send an invite and confirm they're not external from that so that was very easy

um the next thing I want to do is I want to go through and uh create a pull request it looks like we already have

one here so if we already have one I'm not going to make a new one if you have to you make a new one but here it says

this poll request oh this is that draft one right so we can't do anything with this one right now uh so I'm just going

to close that poll request I'm going to go over here the poll request I'm going to try

to make a new poll request because we still might have yes we do from earlier and I'm

going to go ahead and that pull request okay and so we'll create that one and I want to say that this has to

be reviewed by Omen King as soon as I do that notice we cannot proceed forward until that's uh ready and

there's another here that says ready for review so this P request is still a work in progress so it's suggesting that this

is a draft I guess I didn't notice but um it probably was still set to draft and so I ready for review

okay so now uh Omen King should know that they need to approve it for this to work okay another thing that we could do

is we could uh um require other things for approval so we could go ahead and add a Rule and Rule sets allow us to do

that so there might be some things in here that we could set um require status checks to pass so that

might be something that we might want to do and right now we don't actually have any

status checks and so that's the reason why we can't we can't add that there so if I go

back okay it would be nice to get some checks in here because that's the real value of

pull request is having some kind of automation thing in here but I suppose we'd have to have like GitHub actions or

something else so maybe we'll leave that for when we get to GitHub actions and integrate it there and we'll just

continue on with the reviewers here so um I'm going to switch to my other account

and I'm in this uh repon and saying oh I need to add a review so I can go here and let's say I don't like this change

I'm G to go here and say request changes I don't like it make it better and so if I do

this okay now it's saying in red hey you got to do something I like it's not allowed to go through um and by the way

it show it still shows merge pull request and I really don't want this to show up

unless I've accepted it so maybe there's a setting that we can do in here I thought it would been that rule set that

we could do that maybe there's something else that we can do to protect it always suggest updating the pull

request branch no operation options I might not be able to do it because I'm not the admin so

I'm going to go back and switch over to this I'll go back to settings and what I'm looking for is the option to say it

it requires uh reviewers or otherwise it can canot be

merged um and so that's what I'm looking for right now maybe it's under uh rules could be Branch protection as well

let's take a look here require a pull request before merging

um I really thought that there would have been a rule for this the reason I think that is because

I'm used to um I'm used to uh

using jira and and bit bucket and and they'll let you do that so maybe I can't set that I'm not sure restrict

creation yeah so I'm really surprised I can't find that maybe it's there but I can't find it and that's totally fine

let's go ahead and pretend uh you know we're going to go fix this issue so we go here and it says

I don't like it make it better so how can we um submit that fix right and the way we're going to do that is we'll

actually have to go to this branch and change something so we'll go here and make sure we're in the correct

branch and in here I'm just going to go ahead and change it again okay commit the change commit and

so now if we go back to the pull request we should be able to update this pull request so I'm trying to do that

here F's Chang normally what happens like and again it's because I'm thinking of jur and ATL

scene is that you'd open another pull request and it would be the same one the same spot so I'm not sure if we can do

that uh if I go Dev here because it's the same Branch right so if I do this it says view pull

request how do I do this um and again it's because I'm expecting it

to act like uh another piece of software and it's not doing what I think it's doing review changes I mean I could

review my own that makes no sense review in code space so I guess the way it's going to

work I really thought there'd be a back and forth there but I guess there's not is I suppose I would just have to go

here and then approve it looks great okay so yeah I guess there's less process there than I

thought and now that I'm happy with it I can go ahead and merge

it so next question is can we make a code owner file and see how that works because I think that would be kind

of unique to do sorry and so I believe that file is called code owners and uh what I'm going

to do is I'm going to go ahead and create myself a new file here we'll say new

file I'm going to say code owners and I'm just going to put an

Aston here and just say omen King and so the idea is that anytime anything changes it should

assign it to Omen king that's what I'm thinking anyway so what we'll do is we'll go ahead and commit these

changes and we'll do this again okay and the idea is that if anything changes

from that other person they they send a poll request I'm hoping that it's going to Auto assign now this might not work

because it might be only a paid feature I don't know but we're going to try anyway so I'm going to go in the de

branch and before I do anything I'm actually going to merge it the other way um I'm going to do that by opening

up uh code spaces on dev and I'm just going to merge it back in into the direction because I'm not going to make

a pull request that goes in the opposite direction I'm not going to do that that doesn't make sense P requests are

supposed to go into your main branch right so I'm just giving this a moment here and what I want to do is do get

whoops get merge main I'll do get pull I'll do get check out main get

pull just in case we'll say get check out main get merge main get push saying it's

all up to date I'm not sure if I I'm convinced so I'm going to double check uh it's not showing our tree here so

let's say get graph I really wish it would persist changes but hey it's code

spaces and I'll go back over to here do I have this now and show it shows that main is ahead

of death so it's totally lying to me they're definitely not in sync I knew this was not the case oh you know what I

merged when I was in main so that's probably why uh get check out um Dev get merge main it's always great to have

this open so we can see I'm going to go sync those changes okay just in case that didn't I

just get push just in case great that is in good shape I want to stop this environment stop

good we're stopping it okay I'll go ahead and close that Tab out so now I have confidence that this

code owners is in both I I just had a feeling I need to do that for some reason going to go ahead and just change

this and we'll do that I'm going to go ahead and create a new pull request and I want to see

whether it auto assigns we go here Dev create a pull request and look it auto assigned it so

it says awaiting request a review from Omen King Omen King is a code owner Omen King will be requested when this pull

request is created so that means the code owner file is working I don't need to create this pull request to know that

and I think that's sufficient um the only last thing I would say is that you know people can comment directly on

specific lines just remember that because they might ask you on the exam and that's about it we'll see you in the

next one okay [Music] ciao hey everyone this is Angie Brown

and this fall along I want to show you uh some of the more advanced options for poll requests um in terms of the merge

options and why you'd use one over the other um so what I'm going to do is we going to go into our GitHub examples and

in this case we do need to open up uh some kind of editor um I think we could get away with using

github.io on my keyboard and that's going to open up the editor we're still going to need the repo open so I'm going

to go here and wait for this to load and go to repo and so I I'm going to want to go over

here for a moment I'm going to get rid of this um P request so we're not getting mixed up and um I really want to

be on development and I actually don't even know if I'm on that so I'm actually

going to just close this stuff out I might have mucked this up and we'll close this out because I need to be on

the correct Branch for this to work and I mean we can do this and get up

examples I'm going to do this in our other repo sorry I know I'm all over the place but I want to go back to our home

and I want to go to our cool repo so I'm going to drop down our whoops our option here and I'm not sure why they don't

never show those on the right hand side they really should we'll go here and I'm going to now um open po request and a

new tab here and I'm going to go ahead and hit period And the reason why actually you know what we can't use uh

GitHub Dev sorry we're going to have to open up code spaces because what I need is that visualization tool so we can see

what we're doing so I'm going to go ahead and open up GitHub code spaces and we're going to have to wait a little

while for this to start up unless it's already running that'd be really nice I'll be back here in just a second

when it loads okay all right so now that is ready um we want to make this a little bit easier to look at so I'm

going to switch my theme as per usual we'll go to uh a darker theme there we go and um the

other thing that I want to do here is I want to switch out to the dev Branch so we say get check out Dev okay and

another thing we're going to need is a tree so I'm going to go ahead and go to extensions here we'll say get graph

because we need to make this really clear what's going on uh so I'm going to go here and install

this okay and hopefully that installs nice and quick is it here not

yet come on get graph install you can do get graph we want you there we go we want you here

get graph so the idea is that I want to put a bunch of commits here and then we're going to merge them and see what

it looks like when we do that and then we'll try a different merge option and we'll see how much cleaner it is uh

doing that another way so what I want to do is I want to go ahead and modify this file save it and go get commit hyphen M

change one and we're going to do ma to grab all of them in one go and then I want to get push okay and then we're

going to do this again save and I'm going to just do a semicolon so I can just get through this

a lot quicker so we'll do that again we'll do that again okay you're getting kind of the

idea what's going on here we're kind of crazy people are not going to be happy with all of our

commits okay great so now if we go back to our G graph here

we got a bunch of changes I guess we should have incremented them it just says 1111 uh we can demend those like

there's a way to rename them I don't really want to deal with that but let's just assume we didn't name it all dumb

like that we made 1 2 3 4 5 six seven or for the next one we'll we'll just name it two so the idea is that what will

happen the question is what will happen when we merge this in will we end up with one over here or all of these over

here and that's what we're going to find out so we'll create a pull request we'll make a new pull request we will merge

Dev to main we'll create that pull request I'm going to switch it back to normal we'll create that pull request

we're going to ignore our reviewers we're going to just review it ourself and notice we're on Create and

merge commit so we do this and what do we get we go back over to get graph and I'm going to go get fetch because

that'll upgrate the graph without pulling anything and now notice that all of these

commits um is up here now okay so that is there it didn't squash them all into one we still have

all of the history of them okay so just to make this clear I'm going to just go get checkout main get

pole get check out Dev get pull because I want to show you that they're all still

there okay oh sorry get merge m get pull and

refresh okay and I'll just do a get push for our Dev sorry but what I want to show you is that all of this history is

still here it's not gone right it's all still here so hopefully that is clear I know it's not the best visual but I'm

hoping that makes sense what I want to do now is I want to do a um I want to do a squash okay for the

branch so I'm going to just make a new Branch get checkout Dev

2 and actually I'm going to do get checkout hyphen B Dev 2 and then we'll do get um because we want to push this

Branch get push you origin Dev 2 and so now it's being remotely check tracked and I want to do something really

similar to what we were doing before so I'm going to go here and for each one I'm going to remove a line okay we'll

save it I'm looking for that one liner there we go and this will just be two this

time two and we'll go here save that this will be two and we'll go ahead and save this and this will be two and we'll

go ahead and save this and this will be two and we'll go ahead and save this and this will be

two all right let's go back to our G graph we have a bunch of this stuff here let's go over here and make a new pull

request this time we're going to Dev 2 and we're going to create that pull

request and we're going to say create pull request and this time we're going to say merge pull request squash and

merge squash and merge it's bringing all those commits in and now if we go back here and we

refresh okay um we're going to refresh here again oh I got to go fetch get fetch

that's so we don't see anything here get fetch we'll refresh and so notice now it doesn't

show like a merge line coming into here what it's done it's taken all of this stuff and it's squashed it into a new

commit and has it over here okay so it really depends on what you want do you want to keep all this history or do you

want to kind of have this like over here and this has a completely separated commit here um it's really up to you how

you want to do it I think this looks a lot cleaner um um but this is totally an option as well it's really what you want

to do and I will see you uh in the next one so before I do that I'm just going to stop my

workspace all right and see you later [Music] ciao poll request templates are similar

to issue templates they will populate the PO request text area with the specified markdown template so they it

is um I need to point out that uh it's in GitHub requestor template. MD that's

what you want to use technically there is a folder called pull request template that you can use but I found that you

really couldn't leverage it because there was no UI to select from it and the only way that you could do that was

via this URL you generated with a query string so um I would suggest that you use pull request template MD and not use

the folder uh and that's where it kind of feels like it's it's like uh where you have issue templates where they have

that older version of it PO requests still feel like that old kind of version if that makes sense so there you

[Music] go hey this is Andrew Brown from exam Pro and in this section we'll be

covering authentication methods credentials are specific to a user's identity for example their individual

username and password pin or biometric information every user including it administrators te teachers staff persons

and students as credentials an authentication method is the way a user proves their identity to a system for

example a user inputs their credentials in a sign in screen or via the Microsoft authenticator app in which they have set

up their account authentication methods can also be broken down into categories or types such as signed authentication

password reset authentication multifactor authentication authentication types

authentication methods vary widely from traditional to Advanced common types include passwords and pins common but

can be risky for security picture passwords and pattern locks offer memorability and simplicity biometric

authentication facial fingerprint retinol provide secure unique user identification passwordless

authentication emphasizes security and convenience by eliminating traditional passwords removing the hassle of

memorization and mitigating threats like fishing some of Microsoft's methods include Windows hello for business uses

Biometrics P for secure sign-ins and SSO Microsoft authenticator app enables phone verification with notifications

and Biometrics pin F2 security key allows password free logins with external internal

Keys password reset authentication self-service password reset with Microsoft enter ID lets users change

their own passwords without help desk assistance cutting down on support costs and improving security and efficiency

some of the key features include self-service users can change or reset their passwords without administrator or

help desk assistance security enhancement sspr improves organizational security by allowing users to promptly

address account lockouts or compromises compliance with password policies sspr enforces Microsoft enter password

policies regarding complexity length expiration and character use ensuring standardized security measures across

the board multiactor authentication MFA is a security measure that requires more than

one piece of evidence to confirm your identity when logging into an account like a code from your phone in addition

to your password some MFA methods include SMS text message a code sent to the user's phone phone voice call

answering a call to confirm identity Microsoft authenticator app a code or biometric verification through the app

and O aut hardware token using a physical token for authentication set up ooth for external

Services oo is a protocol for for authorization that lets users give thirdparty services like GitHub or

Jenkins permission to use their information without sharing their login details it ensures secure connections

making authentication and permissions straightforward use personal access tokens personal access tokens provide a

way for users to create special tokens to access devops tools they are especially handy for command line

interactions or scripts needing direct access to these Services apply role-based Access Control rule-based

Access Control sets up detailed access rules based on users roles and what they're allowed to do it makes sure

people have just the right access they need for their work keeping sensitive information secure so that's an overview

of the authentication and credential strategies the next topic we'll be covering is get lfs which stands for get

large file storage and get fat developers sometimes struggle with handling big files in a get repository

because it can make the repository work slower and use up too much space Microsoft has two tools to help with

this git lfs and get fat git lfs is an open source extension for git that helps handle large files more efficiently it

does this by using small text pointers in your git repository to represent the large files while keeping the real file

content stored elsewhere this method keeps your repository from getting too large and slowing down to get started

with G lfs you'll need to follow some of these steps install git lfs install go to the git lfs website download and

install the version B based on your operating system configure use the command G lfs install to set up G lfs on

your system setting up G lfs in your repository track large files decide which file types to manage as large

files for example use get lfs track. mpp4 for MP4 files add attributes file add the dog attributes file to your repo

with get add. attributes commit and push save the changes with Git commit Dash and configure git lfs and update the

remote repository using git push managing large files add files run get ad dot or get ad file name to Stage

large files commit and push use get commit dmad large file and get push to commit and send files to the remote repo

so that's an overview on how to get started with G [Music]

lfs get fat is another tool for managing large files and get repositories it's a python script that keeps large files

separate from your git repository while maintaining references to those files within the repository let's take a look

at how to get started with get fat setting up get fat install python make sure python is installed on your system

install get fat install get fat using Pip with Pip install get fat initializing get fat in your repository

initialize get fat run get fat in it in the root of your repository track files Define large file types in a dogit fat

file for example to track MP4 files you might add asteris MP4 to the file commit dogit fat add the dogit fat file to your

repo with get add. git fat and then commit it using get commit DM initialize git fat and track large files managing

large files with get fat add large files use get fat add file to Stage large files for get fat commit and push commit

with get commit Dash and add large file and upload with get Push Pull large files on a different machine after

cloning run get fat pool to download the large files so that's an overview of how to get started with get fat

[Music] git scaler is an extension that helps get efficiently manage large

repositories addressing the slowness and space issues associated with downloading a repository's entire history and files

git scaler solves this by allowing you to download only the files you need it works well with Git lfs to use git

scaler you'll first need to set up your repository with G lfs that enable git scaler for specific file paths you're

interested in configure git scaler for a specific path install G lfs install G lfs by following the steps provided in

its official documentation initialize G lfs in your repository and your repositories directory run git lfs

install create and configure.it attributes file in the root directory of your repository create a dogit

attributes file to enable git scaler for files under the my/ large SL files directory add the following line to

dogit attributes my/ llarge SL files asterisks filter equals diff equal lfs merge equal lfs D text this

configuration tells get lfs to manage files in my large files using git scaler for efficient handling commit and push

the dog attributes file commit the dogit attributes file to your repository with get add. attributes then git commit dasm

configure git lfs and git scaler for specific paths push the changes to your remote repository get push so that's an

overview of how to get started with get scaler [Music]

cross repository sharing with get sharing code across different repositories is common for reusing code

modularization or separating components of an application gate facilitates this with the following method sub modules

git subm modules let you integrate a separate git repository within another repository's directory structure it's

especially handy for incorporating a particular version of an external library or for sharing common libraries

across various projects to add a subm module you'll need to use the command get subm

module at repository URL path repository URL the get URL of the repository you want to add path the directory path

within your main project where the subm module will be placed here's an example get subm module at https github.com

example. externals some of the advantages of sub modules include manage shared code by

referencing specific commits and keeps the main project separate from external dependencies note that using git sub

modules requires managing updates individually and maintaining consistency across projects that share them overall

by using subm modules you can efficiently manage cross repository code sharing and get while maintaining clear

boundaries between different projects or components the next tool we'll be covering is get subtree git subtree is a

tool that helps you include code from one repository into a specific folder of another repository it's a simpler

alternative to subm modules which is another way to incorporate external code but can be a bit complex to handle with

get subtree you can both bring an external code and send updates back to the original code Source if needed to

add a subtree you use a command that looks like this get sub tree add-- prefix equals folder name repository URL

commit or Branch D- prefix equals folder name is where you specify the folder in your main project where you want to add

the external code Repository URL is the web address of the external code you're adding and commit or branch is the

specific version of the external code you ought to use which can be a commit ID or Branch name get subt Tre

streamlines project workflow by integrating external code directly ensuring it's immediately accessible

upon clothing without additional steps overall get subtree makes it easy to work with code share between different

projects while it simplifies some of the issues found with sub modules updating the code from the original repository

into your project can require a few extra steps [Music]

the next topic we'll be covering is workflow hooks workflow hooks are essential tools in the Microsoft devops

ecosystem designed to automate and refine development workflows leading to better efficiency and productivity

workflow hooks Act is triggers for executing actions or scripts at specific points in a devops workflow crucial for

maintaining code quality automated testing deployment and integrating external Services into the process in

the context of build and release Cycles workflow hooks are particularly valuable they enable developers to automate tasks

like unit testing documentation compilation or deployment to testing environments with each new build or

release streamlining these processes Azure devop stands out and offering comprehensive tools and

services for managing the devops life cycle including implementing workflow hooks through service hooks these

service hooks allow for connecting your devops pipeline with external services or initiating custom actions in response

to various events such as new bill completions work item updates or pull requests other tools and services for

workflow hooks besides Azure Dev Ops Microsoft offers other tools and services for implementing workflow hooks

including GitHub actions Azure logic apps and Azure functions the key to leveraging workflow hooks effectively is

to identify the crucial events and actions within your workflow and use the appropriate tools for

implementation here's a simplified step-by-step guide to creating a service hook in Azure Dev Ops for automating

actions such as notifications after a successful build Access Project settings open your project in Azure devops and

navigate to project settings at the bottom of the project sidebar open service hooks in the general section

find and click on service hooks create subscription initiate the creation process by clicking the plus create

subscription button select notification service pick the service for notifications like Microsoft teams or

slack and set the event trigger to Bill completed set trigger filters customize the trigger filters by setting the build

status to succeeded configure action details specify the notification message and destination such as the recipient

Channel and slack or an email address finalize and test save the service hook with the Finish button and conduct a

test to confirm it operates as expected after a build is successful so that's an overview of workflow

[Music] hooks hey this is Andrew Brown from exam Pro and in this section we'll be

covering the different types of Branch strategies starting with trunk based development or TBD TBD employs a single

Central Branch known as the trunk or Master focusing on frequent small updates for continuous integration and

stability steps to implement TBD why establish the trunk Define a single Branch also known as the trunk as the

central code path two direct commits encourage team members to commit small changes directly to the trunk frequently

three continuous integration per perform builds and tests on the trunk often to catch issues early for automate

deployment set up automatic deployment to streamline updates here's an example of how you can create a trunk Branch

using git git Branch trunk get checkout trunk another Branch strategy you can use as feature branches which enable

developers to work independently on new features or fixes keeping changes separate from the main code until

they're ready to merge this approach allows for focused development and testing of specific functionalities

without disruption steps to use feature branches why create feature Branch initiate a new Branch for each feature

or fix to naming conventions assign descriptive names reflecting each Branch's purpose three stay updated

merge updates from the main branch periodically for thorough testing conduct extensive tests before merging

back to the main branch here's an example of how you can create and switch to a feature Branch using get hit Branch

Feature slne Feature get checkout feature SL new feature the last Branch strategy we'll

be covering is release branches which help prepare and stabilize a codebase for a new release focusing on bud fixes

and final adjustments they are created from the main branch enabling ongoing development while ensuring the upcoming

releas is Thoroughly tested and Polished steps for managing release branches while create a release Branch start a

branch from the main branch for new releases two Focus adjustments make all necessary tweaks and Bug fixes on this

Branch three three ensure stability test thoroughly and maintain continuous integration four final merge merge the

release Branch back into the main branch once ready here's an example of how you can create a release Branch using get

get Branch relase sr- 1.0 get checkout relase sr-10 so that's a brief summary of the

key branching strategies that will be covered on the Azure devops exam call I are critical for maintaining

code quality and ensuring that changes meet certain standards before they are merged Branch policies in Microsoft

devop Solutions or rules that govern how code is contributed to a repository they enforce certain conditions that must be

met for poll requests to be merged ensuring that code is reviewed tested and linked to relevant project tasks key

Branch policies to implement require approving reviews mandate that each poll request receives at least one approving

review from designated reviewers before it can be completed this guarantees that all code changes are scrutinized by

another developer promoting better code quality and reducing the risk of Errors link work items ensure that every poll

request is associated with a corresponding work item this linkage provides traceability and accountability

making it easier to track why changes were made in ensuring they align with the Project's goals build validation

configure this policy to require that changes in a poll request successfully pass automated builds and tests this

helps to identify any compilation issues or test failures early prevent preventing problematic code from

reaching the production environment additional Branch policies for enhanced workflow en Force minimum

review time set a minimum period that poll requests must remain open before they can be merged this policy prevents

Rush reviews and ensures thorough evaluation requir task completion mandate the completion of specific tasks

before merging such as addressing all code comments or updating necessary documentation this ensures that all

critical aspects are handled before integration automate code for forting in style checks Implement tools like

linters to automatically enforce coding standards this minimizes manual review efforts and maintains consistent code

quality benefits of using Branch policies improve code quality automated checks and enforce review standards

significantly reduce the risk of introducing bugs and errors better team collaboration requiring reviews and

linking work items promotes effective collaboration and keeps team members aligned with project goals efficient

workflow management automating parts of the review process accelerates the development cycle while upholding high

quality standards so that's an overview of Branch policies the next topic we'll be

covering is Branch Protections in Azure Dev Ops Branch protections provide an additional layer of security by

enforcing rules on Branch manipulation preventing accidental modifications or unauthorized changes here are some of

the key Branch protections to implement require a minimum number of reviewers set branches to require a specific

number of reviewers for all changes this ensures multiple evaluations of the code which facilitates collaboration and

reduces the risk of defects restrict who can push to the branch limit direct push access to protected branches allowing

only authorized individuals or teams to make changes this control helps prevent unauthorized modifications and maintains

code integrity and force merge checks specify criteria that must be met before merging a poll request these include

build validation work item linking and Branch permissions compliance to ensure only approved changes merge P request

workflow with Branch policies and protections here's how you can structure a typical pull request workflow using

both Branch policies and protections create a feature Branch developers Branch off the main branch to work on

new features or fixes Implement changes and create a poll request developers commit changes to their branch and open

a pull request to merge them into the main branch assign reviewers and await feedback reviewers and inspect the code

provide feedback and approve Branch policies and sheer pull requests need the required approvals to proceed

address feedback and iterate developers respond to feedback update their code and Trigger the build validation process

reviewers reassess the updated changes complete the pull request after security approvals and passing merge

checks like work item linkage and build validation the pull request is completed and changes are merged so that's an

overview of Branch protection in Azure Dev Ops [Music]

hey this is Andrew Brown from exam Pro and in this section we'll be covering Azure pipelines Azure pipelines is a

cloud service that automates the CI CD pipeline for software development offering support for multiple languages

platforms and Cloud environments and integrating with a wide range of tools and services here are some of the key

features of azure pipelines automation for CI CD Azure pipelines provides a fully featured continuous integration

and continuous delivery service for applications platform and language agnostic supports any language platform

and Cloud that integrates with Azure o and gcp extensibility offers integration with popular tools and services in the

software development ecosystem supports open source and private projects available for projects hosted on GitHub

and other platforms Rich integration integrates with GitHub checks and offers extensive reporting capabilities

parallel jobs and environments allows running multiple jobs in parallel and deploying to multiple environments

including kubernetes VMS and Azure Services next we'll take a look at defining your pipeline yaml syntax as

your pipelines uses yaml syntax to Define build test and deployment tasks step-by-step process the documentation

Guides Through the process of setting up your first pipeline including initiating builds packaging applications and

deploying some of the key Concepts include pipelines a complete CI CD pipeline defined by stages jobs steps

and tasks stages a way to organize jobs typically used to separate build test and deploy processes jobs and steps jobs

group steps which are individual tasks like scripts or Azure pipeline tasks and tasks prepackaged scripts that perform

actions in your pipeline moving on to supported languages and framework wide language

support works with any language including net Java JavaScript node.js python PHP P Ruby C C++ and more

framework and platform support supports Windows Linux and maos builds can deploy to various platforms including Azure

kubernetes VMS and on premises servers extensibility Marketplace extensions a rich Marketplace of extensions to extend

the functionality of azure pipelines custom tasks developers can create custom tasks to meet unique requirements

pricing free tiers available offers free CI CD minutes to projects with additional minutes available for

purchase pricing varies based on Parallel job needs and Cloud providers so that's an overview of azure

pipelines the next topic we'll be covering is GitHub repos with Azure pipelines integrating GitHub

repositories with Azure pipelines can significantly enhance the automation of build and release processes within a

devops workflow this integration facilitates continuous integration and delivery promoting faster and more

reliable applic a deployments here's how to structure the setup process step one create a new project in Azure devops

create project click the new project button provide the necessary details for your project such as name and

description and then click on the create button to finalize the project creation step two connect your GitHub repository

to Azure pipelines access pipelines in your new Azure devops project navigate to the pipeline section initialize

pipeline click on the new pipeline button select Source choose GitHub as the source for your pipeline you will

need to authenticate and authorize aure pipelines to interact with your GitHub account configure pipeline select this

specific Branch or repository to build and deploy customize the pipeline settings based on your application

requirements activate after configuring click on the save and run button this action saves your pipeline configuration

and triggers the initial build step three build and deploy your application build configuration as your

pipelines will execute the build of your application according to the directives specified in your pipeline configuration

file which is usually a yl file this may include tasks like compiling code running tests and packaging artifacts

release tasks post build configure the pipeline to deploy your application to various environments such as staging or

production this can involve deploying to services like Azure app service or Azure kubernets service deployment

customization utilize features like environment variables secrets and approvals to tailor and secure your

deployment process benefits of integrating GitHub with Azure pipelines continuous

integration ensures that any changes in the connected GitHub repository trigger automatic builds keeping your

application updated and validated after every commit code visibility enhances traceability by linking GitHub pull

requests and commits directly to their respective build and release pipelines artifact management facilitates

management and storage of build artifacts in Azure pipelines or with external services such as Azure

artifacts and Docker Registries continuous delivery automates the deployment process across different

environments minimizing manual intervention and promoting consistent releases release approvals implements

controls and checks through configurable approvals before promoting bills to production environments so that's an

overview of GitHub repos with Azure pipelines the next thing we'll be covering is configuring the permissions

and Source control repo managing access ACC and security through permissions is critical in a devops environment to

ensure that team members have appropriate access for their roles configuring repository level permissions

one Access Project and as your devops navigate to your project and go to the repo section to repository settings

select your repository and click on the settings tab then repositories in the submenu three modify security choose the

repository you want to adjust and click on the security tab on the right for manage access at user users or groups to

the predefined security groups or create new ones five set permissions use the ad button to Grant the appropriate

permissions like read contribute and administer to selected users or groups Branch level permissions configuration

widen repository access open your repository in Azure Dev ops two branches go to the branches Tab and choose the

branch you need to configure three security settings click on security to manage permissions for that Branch for

Define permissions assign permissions to groups or users overriding repository level permissions if necessary

configuring file level permissions why locate file within the repository navigate to the specific file you want

to manage two file permissions click the three dot icon next to the file and choose manage permissions three control

access at groups or users and set the desired access levels just as you would at the repository or Branch level so

that's an overview of configuring the permissions in Source control repo [Music]

the next topic will be going over our tags and Source control repos tags and get serve as reference points to

specific commits making it easier to manage and track different versions of code in a repository step one repository

access log into Azure devops or another Microsoft devops Solutions platform verify you have the required repository

permissions step two navigate to the repository after logging in locate the repositories or Source control tab on

your dashboard this section contains all the repositories you have access to within the platform step three create a

tag identify the commit in the repository that you wish to tag tags are useful for marking releases or important

points in the Project's history select the desired commit from the commit history look for an option label create

tag or add tag usually available in the commits context menu step four provide tag details in

the tag creation dialogue enter the tag name a unique identif fire for the tag provide a description a brief note about

what this tag represents add any annotations or other metadata if necessary step five save the tag confirm

the details and save the tag this action attaches the tag to your specified commit marking it for future reference

step six View and manage tags after creating a tag you can view and manage it through the repository interface

access the tag section where all configured tags are listed here you can rename delete or reassign tags to

different commits if required so that's an overview of tags and Source control repos the next thing we'll be covering

is recovering data using git commands git is vital for Version Control and teamwork but sometimes mistakes occur

leading to data loss or overwrites it's important to know how to restore data using get commands in these situations

examining commit history check git log use the command git log to see a list of recent commits made in the Repository

this log includes the commit hash author date and the commit message to find a specific commit or to filter the log by

author date or content you can use git log author equals username git log since equals 2023

0401 git log GP equals keyword this helps in locating the exact commit hash of the changes you wish to restore

revert a specific commit use get revert commit underscore hash to undo the changes made in a specific commit while

preserving the history of changes this command creates a new commit that reverses the changes introduced by the

specified commit it's a safe way to undo changes as it doesn't alter the existing history for example get revert 1 a23 C4

recovering deleted commits use rlaw to recover lost commits if you've accidentally deleted or lost commits get

reflog can be a lifesaver it shows a log of where you're head and Branch references have been which includes

deleted or orphan commits you can find the commit hash of a loss commit and recover it by creating a new Branch from

it hit reflog hit Branch restore Branch Commit This restores the deleted commit in a new branch called restore Branch

allowing you to access the previously lost changes restoring deleted files restore deleted files if you've deleted

a file and want to recover it from history use get checkout commit uncore file uncore path this command restores

the file as it existed at the specified commit it's useful for quickly recovering loss work without affecting

other changes in the repository so that's an overview of recovering data using get

commands the next topic we'll be going over is purging data from Source control to optimize your Source control system

within Microsoft devops environments regular purging of unnecessary data is crucial this helps in improving system

performance and reducing clutter prerequisite checks communicate with Team ensure all team members are

informed of The Purge to avoid any disruption backup data confirm that backups are in place for all critical

dat data data replication check ensure essential data is replicated to Alternative repositories or backup

systems Azure devops rest API for data purging automate with API use the Azure devops rest API for automated data

deletion tasks delete files folders branches modify the delete API call is needed to Target and remove specific

items from the repository manual get garbage collection trigger garbage collection run get GC in

your local repository to start manual garbage collection non-production timing perform this operation when it won't

interfere with development activities get history compression access repository settings in Azure Dev Ops go

to the repository settings to find G configuration options enable compression check the option for compress kit

history to optimize storage removing unnecessary branches local branch deletion use git Branch D

Branch name to remove branches from your local machine Azure devops branch removal use the azure devops web

interface to locate and delete old or unused branches implementing data retention policies Define policies set

up rules for how long data should be retained in Azure Dev Ops automate purging configure automatic removal of

age data to streamline repository maintenance so that's a brief summary of purging data from Source

[Music] control hey this is Andrew Brown from exam Pro and in this section we'll be

covering integrating pipelines with external starting with dependency scanning dependency scanning helps you

track and manage the libraries and packages your codebase depends on this ensures that your applications use the

appropriate versions of these dependencies minimizing the risk of compatibility problems select from

various tools like oasp dependency check or retire. JS which help identify vulnerabilities and outdated libraries

in your projects dependencies choose one that best fits your Project's requirements configure the pipeline

integrate your selected dependency scan tool into Azure pipelines by setting up a task to run the scan before the build

or deployment phases to identify vulnerabilities at the earliest analyze the results post scan analyze the

results to identify and prioritize vulnerabilities or outdated dependencies highlighted in the scam report address

these issues to maintain the health and security of your application detection process each

change in the dependency graph or after code build initiates a new snapshot of your components vulnerable components

are logged and displayed as alerts in the advanc security tab based on advisories from the GitHub advisory

database these logs detail the severity component vulnerability title and cve managing alerts the advanced security

tab serves as a central hub for viewing and managing dependency alerts it allows filtering by Branch Pipeline and

severity and provides remediation steps alerts for dependency scans on PR branches are shown and any name changes

to pipelines or branches might take up to a day to reflect in the results so that's an overview of dependent

scanning the next topic we'll be covering is security scanning integrating security scanning tools into

your pipelines is a critical step to identify and address security vulnerabilities in your code there are

many security scanning tools available like sodar queet and Microsoft Defender for cloud these tools analyze your

codebase for security flaws coding standards violations and potential vulnerabilities choose the tool that

meets your Project's requirements sod queet is an open-source platform for continuous inspection of code quality it

performs automatic reviews to detect bugs vulnerabilities and cod smells in your code Microsoft Defender for cloud

formerly known as Microsoft Defender app offers Security Management and advanced threat Protection Services across hybrid

Cloud workloads set up your pipeline incorporate the security scanning tool

by adding the required tasks into your pipeline configuration for example in Azure pipelines you can add a task that

triggers the security scan during the build phase automating the security audit evaluate scam results after the

security scan is finished review the tools report it will highlight security gaps and code quality concerns address

these items promptly giving priority to the most critical issues to fortify your codebases security posture so that's a

quick overview of security scanning the next topic we'll be going over is code coverage code coverage

measures the percentage of your codebase tested by automated tests revealing how much code is exercised during testing to

ensure quality and detect uncovered areas select a code coverage tool select a tool like jaac for Java or Cobra to

for net ensure it integrates well with your Tech stack and test Frameworks configure the pipeline incorporate your

chosen tool into the pipeline to collect code coverage metrics during tests for example using Azure pipelines you can

use a published code coverage task to generate reports in popular formats like Cobra or

jaac analyze code coverage results review the coverage report post analysis to identify and improve areas with low

test coverage enhancing your codes robustness accessing coverage artifacts publish code coverage artifacts can be

viewed in the pipeline run summary under the summary tab offering a snapshot of test coverage for each build quality

metrics enforcement code quality assurance leverage code coverage metrics to continuously elevate your Project's

quality and verify the extent of testing for new code pull request integration Implement coverage data within pull

requests to ensure thorough testing and preemptively fill testing voids before integration setting code coverage

policies full versus diff coverage full coverage measures the total code basis test coverage ensuring overall quality

diff coverage focuses on the code changes in pull requests ensuring new or altered lines are tested so that's an

overview of code coverage [Music] the next topic we'll be covering are

quality Gates a quality gate acts as a benchmark for code quality that must be met prior to release and ideally before

the code is committed to Source control it ensures that only code that meets established standards progresses through

the development pipeline features of quality Gates automated code analysis tools like sonar kuet are integrated

into Azure pipelines to perform static code analysis identifying potential issues such as code smells

vulnerabilities and bugs performance metrics code quality metrics including code coverage complexity and

maintainability index are assessed compliance checks Gates ensure the code complies with security standards and

governance policies before proceeding in the pipeline best practices for implementing

quality Gates customization customize gate criteria to align with project demands and application type threshold

setting set clear thresholds for code coverage to Define pass fail conditions for the gate such as minimum code

coverage percentage feedback loop establish immediate feedback systems for developers upon gate failure for prompt

issue resolution integrating quality gates with Azure pipelines hypine configuration integrate quality checks

in your CI CD flow to control code progression using established metrics action on failure defined actions for

when code fails to meet the quality Gates criteria which may include halting the pipeline triggering alerts or

creating tasks for remediation visibility and reporting increased transparency through dashboards or

reports showing gate outcomes for ongoing Cod based Health monitoring so that's an overview of quality

Gates the next type of gates we'll be covering are security and governance Gates security gates are established to

verify that code complies with security protocols and is free of vulnerabilities before being pushed to production static

application security testing integrate a sast tool like sonar queet and white Source bolt into the build process to

scan for security flaws this proactive approach to Tex issues early reducing the risk of vulnerabilities reaching the

production environment Dynamic application security testing conduct D regularly on live applications to find

security weaknesses use tools like Azure web application firewall to guard against common threats like xss and SQL

injection governance gates are checkpoints to confirm that both code and deployment procedures are in line

with company policies and Industry regulations policy definition and enforcement identify and set governance

policies required by your organization apply these policies using tools such as Azure policy to automatically enforce

them throughout the development cycle automated compliance verification build automated compliance checks into your CI

CD Pipeline with Azure devops compliance or similar tools automating these checks ensures ongoing adherence to governance

standards without manual oversight so that's an overview of security and governance Gates

[Music] hey this is Andrew Brown from exam Pro and in this section we'll be going over

what are pipelines in devops a pipeline is a key framework that structures the software delivery process through

automated steps it ensures each phase of the software life cycle from integration to deployment is optimized for quick

development reliable releases and scalability it encompasses several components and features components of

devops pipelines while in source code repository the starting point where code is stored in Version Control

two build server automates the compilation building and preliminary testing of code three test server runs

various tests such as unit or integration to ensure code quality four deployment server manages the deployment

of code to various environments such as staging or production five feedback and monitoring tools that provide feedback

on deployment success and monitor application performance and production features of devops pipelines automation

every stage from code commit to production is automated minimizing manual tasks and errors continuous

integration and deployment ensures that changes to software are automatically tested and deployed improving speed and

quality modularity each component functions independently but collaboratively allowing for easier

troubleshooting and updates benefits of Dev Ops pipelines increased efficiency automation reduces the delivery Cycles

enabling faster releases improved reliability continuous integration and testing diminish the chances of defects

in production better scalability pipelines support scalable operations and management practices as

organizational needs grow so that's an overview of pipelines the next topic we'll be

covering is integrating automated testing into pipelines automated testing plays a vital role in ensuring the

quality and reliability of software products by incorporating automated tests into the pipeline you can detect

issues early in the development cycle streamline the release process and Achieve faster time to Market key steps

for integration Define test strategy outline what types of tests such as unit integration UI will be automated and set

the coverage criteria create test infrastructure use Azure Dev Ops for provisioning resources like VMS or

containers or utilize Azure test plans for executing tests choose a test framework depending on your text stack

select an appropriate framework like Ms test nunit or xunit write automated tests develop tests that address various

functional and integration aspects of your application for example in a shopping cart application you could

write a test to ensure items are added correctly the example shows a unit test in C using Ms test to verify that a

product when added to a shopping cart is correctly included this test checks the functionality of the add to cart feature

essential for e-commerce applications by asserting that the cart contains the added product Version Control manage

your test scripts and cbase in a get repository using Azure Dev Ops for Integrations like pull requests and

reviews configure CI pipeline set up a CI pipeline in Azure pipelines to automatically run tests upon commits

helping identify issues early incorporate test reporting utilize Azure Dev Ops for detailed test reporting and

tracking over time Implement CD pipeline after passing tests in CI deploy your application across different

environments using a CD pipeline so that's an overview of automated tests into Pipelines

[Music] the next topic we'll be covering our testing strategies local tests are

written by developers to test individual components or modules before they are integrated into the larger system they

ensure that each piece of code functions correctly in isolation there are various tools and Frameworks available for

writing local tests such as Ms test nunit or xunit for example using Ms test you might test a method in a class that

calculates the sum of two numbers the test checks whether the method Returns the correct result result when adding

two integers unit tests focus on validating the functionality of individual methods or classes in

isolation identifying bugs and ensuring code behaves as intended Microsoft devop solution supports Ms test and unit and

executed for these tests unit tests are narrowly focused while local tests can be broader or refer to the environment

in which a variety of tests are performed using nunit consider a test for a service that retrieves a list of

items the test verifies that the list is not empty and contains the expect number of items integration tests assess the

interaction between two or more components of the application to ensure they work together as expected these are

important for catching issues that unit tests might miss using nunit an integration test could check the

interaction between two Services where one service uses data provided by another load tests evaluate the

performance of the system under a significant load which could be simulated users or transactions they

help to identify the capacity limits and scalability of the application in the low test scenario in Azure Dev Ops you

could simulate multiple users accessing a service to test its performance and capacity so that's an overview of the

main types of testing strategies another type of testing is the UI testing UI testing is critical in

Microsoft devops for ensuring that the user interface of applications functions correctly and meets desired requirements

this testing confirms the UI functionality and behavior identifying early issues with user interactions

layout responsiveness and data management bug detection regular UI testing identifies bugs and errors early

improving user experience quality verification this testing confirms that the UI meets functional requirements and

performs as expected under various conditions Microsoft offers several tools that streamline UI testing in

devops environments first let's go over Microsoft test manager Microsoft test manager supports extensive UI testing

with capabilities tailored for managing test cases and tracking their execution setting up Begin by creating a new test

plan in Sweden MTM test cases add UI test cases to your Suite execution and Analysis use mtm's test Runner to

perform the tests and review results including screen shots and videos another one is Visual Studio coded UI

tests Visual Studio coded UI tests provide a code Centric approach to UI testing suitable for automation using C

or visual basic.net create a test project start a new project and add a coded UI test record and enhance

interact with your applications UI to record actions then add validation statements execution run your tests

locally or integrate them into your devops pipeline for continuous testing selenium web driver with C selenium web

driver is an open source framework ideal for automating web browsers and conducting cross-platform UI tests set

up install selenium web driver via the new get package in your Visual Studio solution create and configure start a

new C test project and set up selenium web driver develop and run tests write test methods to interact with the UI and

execute them locally or within your devops pipeline so that's an overview of UI

[Music] testing let's take a look at GitHub actions which is a cicd pipeline

directly integrated with GitHub repos and GitHub actions allows you to automate running test Suites Building

images specifically docker images compiling static sites deploying code to servers and more and we can access this

all through the actions tab in your GitHub repo uh when you first use GitHub actions there are some templates that

you can utilize and all these files are stored in your workflow directory in your GitHub folder as you can see

there's this kind of yaml file that we're going to utilize it's going to be important that we remember some of the

structure so I remember on the exam they wanted you to know that there was jobs on and steps uh you can have multiple

workflows in a repo triggered by different events so when you run GitHub actions you'll get a history of workflow

of runs where it will indicate if it was successful or failure how long it took to run so this is um for something

probably for um some one of the boot camps that we ran as we used GitHub actions to build the site if you want to

find the example repos because there are those little getting started but it's the same repo here at the starter

workflows and you can get the yaml files and get started really quickly there are different types of triggers uh that you

can use with GitHub actions that's going to go into that on area and GitHub there's about 35 GitHub actions I say

plus because in case there are more that I'm not aware of I'm covering my bases there examples of common GitHub actions

could be pushes pull requests issues releases schedule events and manual triggers the exam wants you to know that

you can trigger based on these things so make sure you remember this short little list here

[Music] okay hey this is Andrew Brown and in this follow along let's take a look at

GitHub actions so what I want to do is go over to our organization I'm going to go to our fund repo and here we have a

tab called actions where we can set up some GitHub actions now I don't use GitHub actions a whole lot maybe I will

if I go ahead and do that GitHub action cert uh certification course but uh we'll just have to kind of work our way

through through it it shouldn't be too hard so there's a lot of different things that we can utilize here I can

set up terraform which is kind of cool uh we have deployment to AWS to Azure to Alibaba Cloud we have some security

things that we can do here we have continuous integration automation a whole host of stuff and um you can even

do static compilation which is pretty cool as well so we're going to have to make make a decision in terms of

something that we want to use um I don't I think it's going to be deployment because that seems like a lot of work um

so I'm trying to make a decision here what we could utilize build lint and test a rails

application that seems pretty small or easy for me to do but maybe we should try to use one of these things down

below um labels pull requests based on files change let's go ahead and see if we can utilize that so I hit the

configure button and it's going to bring us into this action and I guess there's the marketplace

where we can get uh more stuff I didn't even realize there was a Marketplace for this looks like we got some

documentation here so customizing when workflows run based on trigger so here it says on push Branch so when we push

to specific ones we can trigger different stuff okay so that's kind of cool let's

take a look here and see if we can expand this and see what we're looking at so we have name labeler on pull

request Target jobs and then we have labels so run as Ubuntu so probably start a container as an Ubuntu with

permissions of contents to read and it can write pull requests and the step that we're going to have here it's going

to use the actions labeler version 4 and with the repo token it's going to bring in that token so it has authorization to

do so and we know about GitHub tokens um and I think I think we showed this uh for GitHub actions but not 100% sure so

carefully reading here the whole point of this is to apply labelers and the basically the way it's going to do that

is through these steps and so I'm assuming that this is kind of like a built-in step and if we go here and just

type it in maybe we'll go find it yeah and so they're talking about actions

here hold on here I guess it's just a repo so get documentation

and oh okay it's called actions all right and so this whole repo trans

actions all right and so it's coming from this one and so I'm just going to go into here and take a look at what

this looks like so just zoom out for a second and it kind of explains maybe how it

works um automatically labels new pull requests based on the paths of the files being changed on the branch the ability

to apply labels based on names of branches and things like that the bug related to the issue so create a GitHub

labeler yaml file this will list a uh a list of labels and config options to match and apply the label all right the

match object allows control over the matching options you can specify the label to be

applied based on the files that have been changed Etc like that and sounds a little bit

complicated but at least down here it's like showing us uh the flow it's interesting that this one is showing

version four we clearly there is a version five um there might have been warning up here saying that we should

use it doesn't say that we have to use version five or four or we're first to use

five um but let's see if we can figure this out so I'm going to go ahead and go down below and just look at the workflow

a little bit more here and it looks pretty much the same the only difference is that this one's using version five

it's not passing the width for the token so I'm not 100% sure if we actually really need to do that but I'm going to

go ahead and go commit changes and we'll commit that there okay so now we have that here if we go to

actions um we can see that we have labeler and it's only going to run what's going to trigger it let's go take

a look here um if we want to know how it triggers we should just take a look at

the code and whoops go back here and take a quick look so it says says pull pull request

Target so we pull request Target what does that mean we'll go search it

here um pull request Target so activity types assigned assigned labeled runs your workflow when activity

on a PLL request in the workflows repository occurs when activity on a pull request

in the workflow activity occurs so it's going to check on based on a lot of stuff so that's pretty broad but that

seems fine looks like we could even narrow it down to very specific types okay so I mean that's is how we could

play with triggers um and so basically when that triggers it's going to go ahead and then

start up Ubuntu for some reason maybe that's what it has to use to run this code that we saw from over

here okay and this looks like it's JavaScript or something and then we need that

file so we need to make sense of what this is so the base match object is defined as this any glob to any

file okay the key okay so what does this thing do automatically label new pull request based

on the path of the files being changed on uh changed or the branch name okay well I'd rather just do that

on the branch name so let's see if we can find that so it says change

files give me a moment just to try to make sense of this and then I'll just save you the trouble of me struggling

through it okay okay scrolling down we're getting better examples this is starting to make more sense it says add

an any change label to any changes within the entire repository Okay add documentation label

to any changes within the doc folder so maybe what we can do is give this one a go and uh we need to create a file

what's this file need to be called GitHub laer yaml so we'll go here and I'm going to add a new

file okay um add a file this will be

label. yaml we'll double check make sure that is correct I've been known to make mistakes

often and I'm going to paste that on in here and we're going to commit that change so

now we have our labeler yaml I'm going to go take a look here and see if the action got triggered it did um it failed

I mean there's nothing for it to check right now so no event triggers defined is on so not exactly sure what it's

saying there but that's totally fine for now and what I need to do is I need to create a poll request I mean it

shouldn't trigger unless we have a poll request right um but it did just happened now so I'm curious what would

happen if I went ahead and just uh made any kind of change because it shouldn't really

trigger unless it's a pull request we'll go here and go back to actions and it ran again so I'm really confused why is

this running what it should only happen on a poll request Target um we'll open it up again here

so no event trigger defin is on okay maybe there's something wrong with our our workflow

file let's see what they say you can trigger all branches just by using remove the hyphen your workflow

file seems fine have you checked all indentation so I mean we didn't make that file right it was generated for us

let's go take a look and see what we can do about that we have label and labeler

okay so this was the one that we wrote I mean everything looks fine here I'm going to open this up in codes

spaces or not codes spaces we'll open this up in that

um I don't know if we need this so I'm just going to take that out because the other one didn't have

it okay can expand this yeah it still has this here

and I'm not sure why this little red line is here maybe it's just superficial it's confused but this seems fine I'm

going to go ahead and update this and say update action the other question is do I have this in

the right folder because yeah it's in actions but labeler

yaml labeler yaml isn't supposed to be in the actions folder so I think what's happening here is that it thinks I think

I know what happened here um if we go back to our repo I think it thinks labeler is a an

action yeah so I think it's just we put that in the wrong folder so I'm going to go back and open up

and we're just going to move that back into the correct location okay so we're going to expand

that and this labeler is going to go into the GitHub folder there we go going to go ahead and add this all and

fix and we will commit and we will let that push and I'm going to go back over to

here all right and if we go back over to actions oh uh this is not the repo we'll go back over to our organization into

Fun repo it might have triggered one more time I don't know it has not so we are in good shape

can we delete this run y we can let's just delete this up to clean up so we can see what we're

doing and uh what I want to do is I want to trigger that uh polar request to get automatically labeled so

we're going to need a label called documentation for for this to work so we're going to go here to labels and

we'll make a new label there actually already is one called documentation I don't know if this is case sensitive so

I'm just going to change it to Capital D so it just works for us and we're going to go over here to code and I need a new

Branch so I'm going to go to Dev and in here I'm going to create myself

a um a docs directory so I'm going to make a new folder here and what I'll do do is I'll make

a new folder we'll call this docs and I'll say readme.md

read me okay we'll save that we'll go ahead and Commit This and we're in a branch right yeah

we're in a branch so commit we're like new docs directory and I know I spelled that wrong it's

okay nobody's watching here today there's no grading going on if I ever grade you I'll poke you for that but

right now it doesn't matter and I think that we made that in the dev Branch so we'll go over here and I want to go

ahead and create a new pull request so want to make sure that folder is there pull requests new pull requests we'll

drop down Dev we'll compare that over we'll say create pull request and the idea is that when we create this

it should label it if this worked as expected um and so what I want to do is go over to actions and see if it

triggered and it's running so it's queued it's going to think what to do it has to spin up compute so this is an

instantaneous in progress good we're watching it label complete success we'll go to

our pull request there we go look at that um and now we have a p a check that

passed and we overo to our checks and it shows that it passes so you know before we talked about like Branch rules we

could maybe tell it that it has to pass that before it could proceed not a really good example for this but we

could try it and it's just an opportunity to show off this Branch protection rule stuff so I'm just

looking here carefully for where that was uh it was like checks okay and I'm going to drop that

down and still doesn't show up here so maybe that doesn't work as expected but I was

hoping that maybe I could just choose that from there um because it's not like an

upfront check it's like something that happens after you do that but anyway that's get up actions in a nutshell um

it is very important that we understand how those files work so before I go I just want to uh pull up a link because

there was something that really explained the structure of these files really well it was understanding GitHub

actions okay so let this here learn GitHub actions understanding GitHub actions I think it was this one yeah and

so this one really helps explain this workflow file so let's go through it really quickly and make sure we

understand it so um first thing is the name so we're going to name it that's optional we have

run name so the workflow uh runs that generated from the workflow I guess it's going to be like the Run name we have on

so specify the trigger of this workflow so on triggers events jobs groups together all the jobs that

run then we have steps groups together all the steps that run uh in the check bats version notice we didn't have these

before runs on configures the run on the latest version of Ubuntu Linux Runner I imagine you could change this to other

things uses the uses keyword specifies the step that will run uh here and of course we found out those

are remote repos so that makes sense um and that's pretty much it so so steps jobs on remember those three on jobs and

steps okay and that's pretty much it so I'll see you in the next one okay

[Music] ciao hey this is Andrew Brown from exam Pro and in this section we'll be going

over package management package management refers to a systematic approach to handling the installation

upgrade configuration and removal of software packages within a computer system it simplifies the

process of managing software applications and their dependencies ensuring consistency and efficiency

across the development life cycle and system maintenance core functions and benefits automated handling automates

the management of software applications reducing time and effort for installation upgrades and removal

consistency across environments ensures uniform software management across various environments boosting efficiency

and reliability dependency and configuration management automates management of dependencies and

configurations ensuring compatibility and availability for stable performance scalability facilitates software

management across multiple systems easing updates and rollbacks he components package a bundle

containing software or libraries along with metadata that includes information like version dependencies and

configuration details repository a centralized storage location where packages are hosted allowing users to

search download and install packages package manager the tool that interfaces with repositories to manage the

installation upgrading and removal of packages based on dependencies and version requirements some tools and

examples include liux package managers dpkg such as Debian and auntu RPM such as red hat and Fedora language specific

managers and PM for JavaScript tip for Python and Maven for Java so that's an overview of package

management the next topic will be covering our package feeds at package feed is a repository hosting software

packages such as libraries Frameworks modules along with Associated metadata it supports dependency management and

various application scenarios through package versioning and organization types of package feeds public feeds

hosted by thirdparty providers like net.org and pjs.com and accessible to the broader development Community

private feeds internal repositories managed by organizations to store proprietary packages and control team

access designing a package feed key considerations storage select from local file systems network attached storage or

cloudbased Services organizational structure categorize packages by type purpose or technology versioning

Implement a versioning strategy typically semantic versioning AIS control set up authentication and

authorization me mechanisms for private feed security implementing a package feed tools and platforms Azure artifacts

a fully managed Microsoft Azure service supporting new get npm mavin and python packages it simplifies the creation

publication and management of package feeds GitHub packages supports various package formats integrates with GitHub

repositories and allows direct package publishing ideal for open source projects package management tools tools

like new get npm and mavin that offer capability ities to create in host feeds with command line or ID

integration using Upstream sources functionality Upstream sources extend the range of available packages by

linking additional feeds whether public private or both in Azure artifacts Upstream sources can include other Azure

feeds package Registries or public feeds this ensures that the latest package versions are always available

configuration configurable via the Azure devops portal or Azure CLI allowing Azure artifacts to Upstream sources for

packages not present locally so that's an overview of package [Music]

feeds let's take a look at dependency management dependency management automates the handling of software

dependencies to ensure projects run smoothly with all necessary external libraries Frameworks and modules key

components dependencies required external software components version specification defines compatible

dependency versions dependency graph shows relationships among dependencies package repository Central hub for

dependencies dependency resolver automates dependency resolution benefits streamline development automates

environment setup by managing dependencies consistent builds ensures uniform dependency versions across all

development stages reduce conflicts manages compatibility to prevent software component conflicts efficient

upgrades manages dependency versions for easy updates implementation configuration files

specify dependencies using files like package.json or pom.xml version locking uses lock files to maintain consistent

dependency versions automated tooling tools like npm Maven and pip automate dependency management tasks let's take a

look at a comparison between dependency versus package management purpose dependency management ensures

compatibility and resolves dependencies while package management handles package life cycle so Fus dependency management

targets component compatibility package management manages package storage and life cycle main function dependency

management automates resolution package management oversees handling and distribution tools both uspm and mavin

dependency management also uses pip while package management incorporates new get in others outcome dependency

management maintains functionality package management streamlines processes usage scenario dependency management is

essential for external Library Reliance package management is crucial for consistent management so that's an

overview of dependency management the next thing we'll be covering is an overview of azure

artifact Azure artifacts is a component of azure devop Services focused on package management and collaboration it

supports sharing versioning and integrating packages into CI CD workflows some of the features that

Azure artifacts provide are package management supports multiple package formats manages new get npm Maven Python

and Universal packages all in one place Version Control offers tools for managing package versions and

dependencies effectively integration and collaboration cic CD integration integrates with Azure devops pipelines

for streamline package creation and deployment shared feeds allows package sharing within teams or the entire

organization access control and security access control offers settings to control package access Main maintaining

security within projects secure hosting provides a secure environment for hosting and accessing packages getting

started with Azure artifacts and Azure subscription is required to use Azure artifacts creating a feed navigate to

your Azure devops organization or project select artifacts from the top right menu then create feed enter the

required information such as name and visibility options and create the feed after creating a feed you can publish

packages like new get mpm and mavic but we'll need to do a few things before that so first we'll need to ensure you

have the latest version of the Azure artifacts credential provider installed from the get the tools menu new get

configuration file you need to add a net config file to your project in the same folder as your CS project or HL in file

the configuration should specify the package source for Azure artifacts like the code shown here this will be

provided for you depending on the package you pick publishing command to publish a package provide the package

path an API key and the feed URL net.exe push Das Source exam Pro feed API ke a z package path replace package path with

the actual path to the package you intend to publish so that's an overview of azure

artifacts the next topic we'll be covering is new get and mpm new get is a popular package manager for net

applications it allows you to easily manage dependencies and distribute packages within your projects create

creating a new get package use the net.exe or net command line tool example using net navigate to your project

directory and Run net pac-- configuration release this generates a new get package from your project in the

release configuration publishing new get packages you can publish to Azure artifacts GitHub packages or host your

own new get feed using platforms like Azure devop server my get or pret for private distribution and PM is the

default package manager for note. JS and JavaScript applications it provides a vast ecosystem of packages that

developers can use within their projects creating an mpm package initialize a new project with npm in it follow the

prompts to generate a package. JSO and file that includes your package metadata publishing npm packages to publish to

the npm registry ensuring your package is available globally run npm publish this command uploads your package to the

npm registry for Public Access so so that's a short and simplified overview of new get and

npm the next thing we'll be covering are the main types of versioning versioning in devops refers to the practice of

assigning unique versions to code or artifacts to track changes and maintain historical records versioning strategy

options semantic versioning detailed structure indicating the nature of changes datebase versioning uses dates

offering a chronological timeline of updates sequential version simple incrementation providing clear change

order semantic versioning is a widely used method that helps manage changes in software libraries through three version

components major minor and Patch major version increases indicate backward and compatible changes minor version

increases are for Backward Compatible additions patch version increases apply to Backward Compatible bug fixes

guidelines for semantic versioning initial release start with one for stable software major changes increment

major version for breaking changes Miner editions increment Miner version for new features that maintain compatibility bug

fixes increment patch version for stability improvements without new features or breaking changes datebase

versioning uses the format YY yymmdd to reflect release dates offering a clear timeline of updates consistency maintain

a standardized date format major changes Mark significant updates in the version name EG 2022 0114 Alpha

combination with sver enhanced detail by combining with semantic versioning EG 2022 0114 alpha 1 2 3 sequential

versioning assigns a unique sequential number to each version of a pipeline artifact starting with version one each

update increments the version number progressively it's straightforward and clearly indicates the chronological

order of changes so that's an overview of the main types of versioning [Music]

hey this is Andrew Brown from exam Pro and in this section we'll be covering the key considerations when implementing

an agency infrastructure designing an implementing an agent infrastructure is crucial for a successful devop solution

key considerations include cost tool selection licenses conductivity and maintainability cost considerations

Azure pipelines agents hosted by Microsoft cost effective build base on Parallel pipelines self-hosted agents

more control but additional costs for Hardware maintenance and scalability tool selection Azure pipelines automates

build test and deployment across platforms supports various languages containerization with Docker Visual

Studio team Services predecessor of azure devops integrates with Azure pipelines features Source control work

item management and project planning licenses Azure pipelines free tier with limited concurrent pipelines and

duration paid tier for more scalability self-hosted agents requires licenses for the underlying operating system such as

Windows server or Azure VMS connectivity Azure pipelines agents secure internet communication using https fetches source

code executes tasks and reports results self-hosted agents network access to resources like Source control

repositories artifact feeds and Target environments within your infrastructure maintainability aure pipelines agents

automatically updated by Microsoft no manual effort required self-hosted agents regular updates needed for

compatibility with guidance provided by Microsoft so that's an overview of implementing an agency

infrastructure the next thing we'll be going through are pipeline trigger rules pipeline trigger rules Define conditions

under which a pipeline is automatically triggered optimizing resource usage and reducing unnecessary builds and

deployments Microsoft devop Solutions offer flexibility in designing custom trigger rules here are key scenarios

branch-based trigger trigger a pipeline only when changes are made to a specific Branch this triggers the pipeline for

changes in the main branch path-based trigger trigger a pipeline when changes occur within specific file paths this

triggers the pipeline for changes in the SRC directory schedule base trigger run pipelines at scheduled intervals

regardless of code changes this triggers the pipeline every day at midnight implementing pipeline trigger rules

navigate to your project and Azure Dev Ops open the yaml file that defin finds your pipeline locate the trigger section

within the yaml file Define the desired trigger rules based on the scenarios above or any custom rule save the yml

file benefits of pipeline trigger rules reduce resource consumption minimizes unnecessary usage leading to cost

savings and efficient resource utilization improved efficiency ensures actions are performed at the right time

streamlining development and deployment processes enhanced control provides developers with control over pipeline

execution improving management and coordination of development efforts so that's an overview of pipeline trigger

rules the next topic we'll be covering are the types of pipelines classic pipelines provide a graphical interface

for creating and configuring pipelines using a drag and drop approach this simplifies defining the stages of your

pipeline such as build test and deployment steps to create a classic pipeline widen select pipelines from the

left side menu two click new pipeline to start three choose the repository where your source code is located four select

a pipeline template based on your application type such as aspn node.js and Java five customize the pipeline

stages tasks and configurations add tasks like building the code running tests and deploying the application six

save and run the pipeline yl pipelines offer a flexible code Centric approach to defining pipelines pipeline

configurations are defined as code in yaml files which can be version controlled along with your source code

for easier collaboration and consistency across environments creating a yl pipeline why select the pipelines option

from the left side menu to click on the new pipeline button three choose the repository where your source code is

located four select the yl option when prompted to choose the pipeline configuration style five create a yl

file in your repository to Define your pipeline configuration the yaml file should contain stages jobs and tasks for

your requirements for example as shown on the image on the right six save the yl file in your repository and commit

the changes seven Azure devops will automatically detect the yaml file and create the pipeline base on the

configuration defined in the yaml file pay to save and run the pipeline to see it in action so that's an overview of

the types of Pipelines [Music] the failure rate of your pipeline

indicates the number of failed builds or deployments over a specific period monitoring the failure rate helps you

identify potential bottlenecks or issues in your pipeline Azure monitor can be used for this purpose Azure monitor

provides comprehensive monitoring for Azure resources including pipelines it collects data on Pipeline failures and

allows you to set up alerts based on specific failure thresholds these alerts help you address issues proactively

maintaining pipeline Health configuration enable metrics and diagnostic logs metrics include success

rate average duration and failure rate diagnostic logs capture detailed information about pipeline runs

including errors and warnings here's an example of how you can enable Azure monitor for a

pipeline duration monitoring monitoring the duration of your pipeline is crucial longer durations indicate performance

issues that can impact overall efficiency Azure Dev Ops provides built-in capabilities for this Azure

pipelines allows tracking the duration of individual pipeline runs identifying outliers and analyzing performance

Trends over time use the Azure pipeline's rest API to retrieve the duration of pipeline runs custom scripts

or Powershell can automate monitoring and Reporting here's an example of how you can retrieve the duration of

pipeline runs using the Azure pipeline's rest API flaky tests monitoring flaky tests

producing consistent results leading to false positives or false negatives monitoring and addressing flaky tests is

essential for pipel reliability Azure Dev op supports various test Frameworks and provides

tools to detect and monitor flaky tests Azure test plans can manage test cases track executions and identify flaky

tests group test cases and test Suites schedule test runs and capture results analyze results to identify and Mark

flaky tests built in reporting visualizes Trends and tracks improvements over time here is an

example of how you can Mark a test case as flaky using Azure test plans so that's an overview of monitoring

pipeline Health using various [Music] methods hey this is Andrew Brown from

exampro and in this section we'll be covering Azure container instances Azure container instances allow you to launch

containers without the need to worry about configuring or managing the underlying virtual machine Azure

container instances is designed for isolated containers they are tailored for simple applications task Automation

and tasks like build jobs containers can be provisioned within seconds whereas VMS can take several minutes containers

are built per second whereas VMS are buil per hour providing potential cost savings containers have granular and

custom sizing of vcpus memory and gpus whereas VM sizes are predetermined ACI can deploy both windows and Linux

containers you can persist storage with Azure files for your ACI containers once deployed aciis are accessible via a

fully qualified domain name like custom label. aure region . aure container. Azure provides quick start

images to start launching example applications but you can also Source containers from Azure container registry

Docker Hub or even privately hosted container registry container groups are collection

of containers that get scheduled on the same host machine the containers in a container group share life cycle

resources local network and storage volumes container groups are similar to a kubernetes pod multi-container groups

currently support only Linux containers there are two ways to deploy a multi-container group to deploy a

multi-container group you can use either a resource manager template if deploying additional Azure service resources or a

yaml file for deployments involving only container instances overall Azure container instances simplify container

deployment and scaling removing the complexities of infrastructure management the next topic we'll be going

over our container restart policies a container restart policy specifies what a container should do when their process

has completed these policies ensure that the container instances can handle different scenarios effectively based on

the specific requirements of the application or task Azure container instances has three restart policy

options always this policy ensures that the containers restart continuously regardless of whether they exit

successfully or not it's useful for applications that need to be constantly available such as web servers never with

this policy containers do not restart once they've completed their execution this is ideal for tasks that are

designed to run once and then terminate such as batch jobs or scheduled tasks on failure containers will only restart if

they stop due to an error or unexpected termination this ensures that if a container crashes or faces an unexpected

error it will try to restart and continue its operations overall choosing the appropriate restart policy is vital

for the stability and responsiveness of your applications [Music]

the next topic we'll be covering our container environment variables environment variables are key value

pairs that can be used to configure and manage the behavior of applications running inside containers environment

variables allow you to pass configuration details to your containers which can be critical in guiding

applications on how to connect to databases where to find certain resources or how to adjust their

behavior based on the environment they're running in in Azure you can easily set up these environment

variables for your containers using the Azure portal or poers shell secured environment

variables by default environment variables are stored in plain text to address this Azure offers the option to

secure your environment variables instead of storing them in plain text which could expose sensitive information

if breached you can Leverage The secure environment variables flag so that's a quick overview of container environment

variables the next topic we'll be covering is container troubleshooting troubleshooting containers in Azure

involves a series of commands that help diagnose and resolve issues as container logs this command lets you fetch logs

from your container these logs can provide insights into application behavior and possible errors as

container attach if you need diagnostic data during container startup use this command it helps in understanding issues

that might arise during the initialization phase of a container as container exec for a deeper dive into

the Container this command starts an interactive session this is useful for live debugging and to inspect the

container's current state as monitor metrics list this command gives you metrics related to your container such

as CPU usage which can be essential for performance tuning or identifying bottle X so these are the commonly used

commands for container [Music] troubleshooting hey this is Andrew Brown

from exam Pro and we're going to take a look at Azure container instances so here it is so all we got to do is go to

container instances we'll hit add and the nice thing is that Azure provides us with a Hello World one so it's very easy

for us to get started um it's a Linux machine and it looks like it's pretty inexpensive there so we'll stick with

that I'm going to create a new group here we're going to call it banana um and we'll name the container instance

banana and East Us 2 seems fine to me you'll notice we're on a quick start image if we wanted we could use

something from the docker Hub and provide our own link but we'll just stick with the quick uh start image for

today okay we're going to go ahead and hit next to networking just to see what we have as options you can make it

public or private we'll go to Advanced hold on here yep those are just the ports you can expose we'll go to advance

and for the restart policy we can set on failure always or never we can pass in environment variables and I covered this

a lot more in detail in the lecture content so we don't need to really dive deep into this um and we'll go ahead and

create this instance and so we'll have to wait a little while here and I'll see you back

in a moment okay and so after a short wait our container instance is ready we'll go to that resource there and take

a look around so on the left hand side we can go to our containers and there we can see it running we can see the events

down below of what's going on so you can see that it's pulled the image it successfully pulled it and it started

the container some properties nothing interesting there the logs if we wanted

to see stuff and if we wanted to connect to the instance we could also go here and hit connect which is kind of nice um

I don't have any purpose to do that right now so and it's also not going to work the way we're doing it but I just

wanted to show you you had those opportunities uh you can do identity so that means manage it with ro base access

controls but what I want to see is actually this uh hello world working I'm assuming that must be a a hello page

I've never looked at it before so we're going to go here grab the public IP address and paste it on in the top and

there we go so we have deployed a instance onto Azure container instances or a container I should say so nothing

super exciting to talk about here um but we do need to know the basics uh there um if we wanted to deploy other

containers it's just the one there so that's all you really need to do um but yeah so yeah hopefully that uh gives you

an idea there I'll just go back to the list here so we can see it and we'll go ahead and just uh delete that probably

do it for the vi the resources on the left hand side like I always like to do uh and we will go into banana

here and we will delete banana and there you go self-hosted agents and Azure devops

allow you to customize the agent environment to meet specific needs unlike Microsoft hosted agents

self-hosted agents run on your infrastructure giving you more control over the environment and the tools

installed on the agents use cases custom environments for specialized soft software or configurations not available

in Microsoft hosted agents sensitive data suitable for projects with stringent data security requirements

keeping data within your network resource intensive builds useful when builds require significant computational

resources or specific Hardware setups benefits customization tailor the environment to specific project needs

cost efficiency reduce costs by utilizing existing infrastructure consistent configurations ensure

consistent setups across agents through templates or contain anization scalability Scale based on workload by

provisioning new agents configuring self-hosted agents with VM templates create a virtual machine with the

necessary agent software save it as a template and use the template to provision additional agents for

consistent and simplified scaling create and configure a VM set up a virtual machine with the necessary operating

system and dependencies install and configure the Azure devops agent software create a VM template capture

the VM as a template including the agent software at its configuration provision new agents use the template to quickly

provision new agents ensuring each new VM has the same configuration and is ready to connect to Azure Dev Ops

managing self-hosted agents with containerization containerization involves creating Docker images that

include the necessary agent software and dependencies offering a flexible and scalable solution for managing

self-hosted agents create a container image develop a Docker image with the required agent software and dependencies

including configuration detail push to a container registry store the container image in a registry like Azure

container registry or Docker Hub deploy and scale containers use container orchestration tools to deploy and manage

agent containers scaling up or down based on workload demands so that's an overview of self-hosted

[Music] Agents hey this is Andrew Brown from exam Pro and in this section we'll be

covering the types of deployment strategies a successful deployment strategy is crucial for efficent

software delivery and minimizing user impact Microsoft devop Solutions offers various deployment patterns and

strategies for continuous delivery and high availability blue green deployment is a technique that reduces risk in

downtime by running two identical environments these environments are called blue and green only one of the

environments is live with the live environment serving all production traffic in blue green deployment blue is

live and green is set up for the new release deploy and test the new version in green without affecting blue after

testing switch traffic to Green making it live this minimizes downtime and allows for quick roll back to Blue if

issues arise enhancing reliability and user experience so that's an overview of blue green

[Music] deployment a canary release is a strategy where a new version is deployed

to a small subset of users or infrastructure first this helps identify unforeseen issues under real conditions

with limited impact by monitoring the initial deployments performance teams can decide whether to expand halt or

roll back the update based on real world feedback this phase approach ensures a safer and more controlled rollout

minimizing risks associated with new releases to execute a canary release feature toggles selective feature

activation traffic routing manage user access to the new version deployment slots version management these

techniques enable a gradual and monitored roll out allowing for adjustments based on user feedback and

system performance this method enhances application stability and user experience by addressing potential

issues before a full scale deployment so that's an overview of canary release ring deployment is a strategy

where users or infrastructure components are divided into multiple groups called Rings each ring receives updates

sequentially starting with the smallest group and gradually expanding to the entire user base this allows for

iterative releases starting with an internal ring and progressively reaching a wider audience this controlled roll

out facilitates early feedback from different user groups or components for example in a three-group production

setup canaries voluntarily Test new features as soon as they are available early adopters voluntarily preview

releases which are more refined than Canary versions users receive the final product after it has passed through

canaries and early adopters this approach ensures a safer step-by-step roll out of new features or updates so

that's the ring deployment strategy [Music] Progressive exposure is a deployment

technique that gradually increases the number of users exposed to a new release initially a small percentage of user

traffic is directed to the new release while its performance and behavior are monitored if the new release performs

well without issues the traffic is gradually increased this approach helps identify potential issues early and

minimizes user impact if problems arise continuous integration toe checkin developers check in code auto trigger CF

pipeline triggers automatically build artifact code is built generating an artifact continuous deployment build

version one approved and deployed to ring one for initial testing build version two approved and deployed to

ring two for early adopters build version three approved and deployed to ring three production environment ring

one Canary's Test new features Ring 2 early adopter preview refined releases ring three all users receive the final

product so that's the progressive exposure deployment strategy feature flags are conditional

statements that let you control which features or functions are visible and available in your application using

feature Flags you can enable or disable features dynamically without redeploying the application this allows for testing

new features gradual rollouts or quick deactivation if issues arise feature Flags also offer the flexibility to

Target specific user groups for testing or rolling out features new feature a new feature is introduced feature Flags

toggle switches control the visibility of the feature enabled the feature is enabled for specific customer groups

disabled the feature remains off for other customer groups customers different customer groups experience the

feature base on the feature flag settings this allows control targeted rollouts and quick adjustments of

feature availability without redeployment so that's an overview of the feature flag deployment strategy

[Music] a b testing is a method to compare two versions of a feature or user interface

to see which one performs better users are divided into two or more groups each group experiencing a different version

data on user Behavior engagement and other metrics are collected this approach helps make data driven

decisions and optimize feature usability before a full roll out to all users user groups users are divided into two groups

version a and version B each group is shown a different version of a feature or user interface for performance

comparison user behavior and performance metrics are collected and compared results the graph shows which version

performs better based on the collected data this helps in making informed decisions about which version to

implement for all users so that's an overview of a b testing Azure traffic manager operates

at the DNS layer to quickly and efficiently direct incoming DNS requests based on the routing method of your

choice routing methods performance rote traffic to nearby servers to reduce latency weighted distribute traffic

based on predefined weights priority route to a primary in point with fail over to backups if needed Geographic

Route traffic base on the user's location multivalue return multiple healthy in points and DNS responses

subnet route based on the user's IP address uses latency reduction route to nearby servers to minimize latency

failover switch traffic to backups if the primary system fails a B testing Route traffic to random VMS for testing

in this scenario we have an example of weighted routing where traffic is split 80% to production and 20% to Beta

environments so that's a quick overview of azure traffic [Music]

manager hey this is Andrew Brown from exampro and in this section we'll be covering Azure app service Azure app

service is an HTTP based platform for web apps re estall apis and mobile bin services is you can choose your

programming language in Python Java or any other language and run it in either a Windows or Linux environment it is a

platform is service so it's the Heroku equivalent for Azure Azure app service takes care of the following underlying

infrastructure OS and language security patches load balancing Auto scaling and infrastructure management Azure app

service makes it easy to implement common Integrations and features such as Azure Dev Ops for deployments GitHub and

dockerhub package Management Systems easy to set up staging environments custom domains and attaching TLS or SSL

certificates you pay based on an Azure app service plan shared tier includes free and shared options litex isn't

supported here dedicated tier includes basic standard premium premium to premium 3 and there's isolated tier as

your app service is versatile you can deploy single or multi-container Docker applications when you create your app

you have to choose a unique name since it becomes a fully qualified domain overall Azure app service simplifies

your web hosting needs ensuring you can focus on coding and let Azure do the heavy

lifting let's delve into runtimes and Azure app service so what is a runtime environment a runtime environment refers

to the software and settings needed for a program to run in a defined way at runtime a runtime generally means what

programming language and libraries and framework you are using a runtime for Azure app services will be a predefined

container that has your programming language and commonly Ed library for that language installed with Azure app

Services you're presented with a range of run times to choose from including net. net core Java Ruby node.js PHP and

python moreover Azure app Services generally supports multiple versions of each programming language for example

for Ruby you might find versions 2.6 and 2.7 it's worth noting that cloud providers including Azure May phase out

support for older versions over time this not only ensures that they're offering the latest and most efficient

tools but also promotes better security practices among users pushing them to keep up with the latest patches so

that's an overview of runtimes and Azure app service the next thing we'll be covering

are custom containers and Azure app service Azure app service gives you the flexibility to use custom containers for

both windows and Linux the primary reason you might opt for a custom container is to use a distinct runtime

that is natively supported or to incorporate specific packages and software here's a straightforward

process to get started with custom containers in Azure app service design your container Begin by creating a

Docker container tailored to your needs on your local machine push to Azure once your container is ready push it to the

Azure container registry this centralized repository ensures that your container is easily accessible within

Azure deploy and go live finally deploy your container image directly to the Azure app service once deployed Azure

takes care care of scaling maintenance and updates another advantage of custom containers in Azure app service is that

they offer more granular control over your environment you can fine-tune performance security and other aspects

of your application environment to suit your needs the next topic will be covering

our deployment slots in Azure app service deployment slots allow you to create different environments of your

web application Associated to a different host name this is useful when you require testing staging or QA

environment alongside your production setup deployment slots let you swiftly replicate your production setting for

various purposes ensuring consistent testing environments you can also swap environments this is useful for

executing blue green deployments by using swap you can promote your staging environment to production with these you

can promote our staging to production by swapping if something goes wrong you could swap them back this capability

ensures minimal downtime and enhances the user experience since you can introduce changes in a controlled manner

rolling them back if necessary in addition Azure ensures that when swapping the instances are warmed up

before traffic is routed resulting in zero downtime so that's a quick overview of deployment

slots the next topic we'll be covering is the app service environment in Azure app Service app service environment is

an Azure app service feature that provides a fully isolated and dedicated environment for securely running app

Service app apps at high scale this allow you to host windows and Linux web apps Docker containers mobile apps and

functions app service environments are appropriate for application workloads that require very high scale isolation

and secure network access and high memory utilization customers can create multiple ases within a single Azure

region or across multiple Azure regions making ases ideal for horizontally scaling stateless application tiers in

support of high requests per second workloads as's comes with its own pricing tier called the isolated tier

ases can be used to configure security architecture apps running on ases can have their access gated by Upstream

devices such as web application firewalls app service environments can be deployed into availability zones

using Zone pinning there are two deployment types for an app service environment external ass and

ilbs external ass exposes the ass hosted apps on an internet accessible IP address if the v-net is connected to

your on premises Network apps and your ass also have access to resources there without additional configuration because

the ass is within the v-net it can also access resources within the v-net without any additional

configuration ilbs exposes the ass hosted apps on an IP address inside your v-net the internal and point is an

internal load balancer so that's an overview of app service environment and Azure app

service the next thing we'll be going over is deployment in Azure app service so what is deployment well it's the

action of pushing changes or updates from a local environment or repository into a remote environment Azure app

Services provides many ways to deploy your applications including run from package deploy zip reward deploy VI FTP

deploy via Cloud sync such as Dropbox or one drive deploy continuously with GitHub bitbucket and Azure repos which

using kudu and Azure pipelines deploy using a custom container CI CD pipeline deploy from local git deploy using

GitHub actions deploy using GitHub actions containers and deploy with template run from a package is when the

files in the package are not copied to the WW root directory instead the zip package itself gets mounted directly as

the re only ww root directory all other deployment methods and app service have deployed to the following directory for

Windows deol we use back slashes home site ww root for Linux we use for/ home site ww rout since the same directory is

used by your app at runtime it's possible for deployment to fail because of file lock conflicts and for the app

to behave unpredictably because some of the files are not yet updated zip and War file deployment uses

the same kudu service that powers continuous integration based deployments kudu is the engine behind get

deployments in Azure app service it's an open-source project that can also read outside of azure kudu supports the

following functionality for zip file deployment deletion of files left over from a previous deployment option deter

on the default build process process which includes package restore deployment customization including

running deployment scripts deployment logs and a file size limit of 2,48 megabytes you can deploy using Azure CLI

Azure API via rest and Azure portal you can use file transfer protocol to upload files you will need

your own FTP client you just drag and upload your files go to the deployment Center get the FTP credentials for your

FTP client you can use Dropbox for one drive to deploy using a Cloud sync Dropbox is a third-party cloud storage

service one drive is Microsoft's cloud storage service you go to deployment Center configure for Dropbox or one

drive when you turn on sync it will create a folder in your Dropbox Cloud Drive one drive apps Azure web apps

Dropbox apps Azure this will sync with your home site ww root so you just update files in that folder in summary

Azure app service offers a range of deployment methods ensuring flexibility and easy for

developers the next thing we'll be covering is the Azure app service plan Azure app service plan determines the

region of the physical server where your web application will be hosted and defines the amount of storage RAM and

CPU your application will use it offers several pricing tiers shareed tiers there are two shared tiers free and

shared free tier provides this tier offers 1 gab of disk space supports up to 10 apps on a single shared instance

provides no availability SLA and allows each app to compute quot of 60 minutes per day share tier provides hosting

multiple apps up to 100 on a single shared instance no availability SLA is offered and each app gets a compute

quote of 240 minutes per day it's worth noting that Linux based instances are supported in this

tier dedicated tiers basic standard premium premium 2 Premium 3 basic offers more disk space unlimited apps three

levels in this tier that offer varying amounts of compute power memory and disc storage standard allows scaling out to

three dedicated instances guarantees 99.95% availability and also has three levels with varying resources premium

provides the ability to scale up to 10 dedicated instances and ensures 99.95% availability and it includes

multiple Hardware level options isolated tier dedicated Azure virtual Network full Network and compute

isolation scale to 100 instances and availability SLA of 99.95% so the Azure app service plan

lets you tailor your hosting environment and budget to fit your application [Music]

needs hey this is angrew Brown from exam Pro and we are going to be learning about Azure app services in this follow

along uh and it's a service that's supposed to make it easy for you to deploy web applications I say supposed

to because it really depends on your stack Azure has more synergies with other stacks and others so like if

you're like me and you like Ruby on Rails you're going to find a lot of friction with rails and Linux but if

you're using something like Windows servers or python orn net you're going to have a much easier time still really

great service just wish they'd make it a bit more broad there but let's hop into it so before we can go use that service

let's make sure that it's activated and so we'll go over here and we'll go to Azure subscription and then down below

we're going to go to Resource provider now you think what you could do is just type in app Services uh and you'd be

wrong because the the service is under a particular provider if you want to figure out what provider it is we can go

um Azure resource providers and they have a page on documentation here that lists them all

so if I search for Azure app Services it's under web and domain registration so we're going to make sure

this is registered if we're using a custom domain which we are not today we need this one activated so going back

here I will type in web and you can see it's registered so if yours is not registered go ahead and hit that I

believe this by default is generally registered with new Azure accounts so I don't think that is an issue for you but

we'll go back up here close these additional tabs and we will type in Azure app

services and we will look for that service so there it is and we'll go ahead and hit

add um and so I'm going to give it a new name I just made it a moment ago but I'm going to try again and try to use the

same name so we're going to call this Voyager Great and then I'm going to go ahead and name this Voyager and I

already know that that is taken so I'm going to type in Delta Flyer and these are fully qualified

domains so they are unique with Azure app Services you can run a Docker container we're doing code this time

around and what I like to use is a ruby um but again you know if I want to use the cicd I'm not going to be able to the

deployment center with Ruby so that is not possible um and so we're going to go with python and run either a flask or

ajango app I haven't decided yet I am in Canada so let's go to Canada east and uh down below here we have the plans

generally the plans will tell you the cost underneath look you'll notice that it's loading but I just want to show you

that there are some discrepancies in terms of pricing so if I was to go to Azure app Services

pricing and we were to pull this up here we can kind of see the pricing here okay and if we scroll on down right

now we're looking at a premium V2 uh and oh no I don't need help I'm okay you'll notice that it's 20 cents per hour so if

I go here and do that times 730 because there's 730 hours in the year that's $146 I believe this is showing me in USD

dollar yeah and in here it's showing me 103 Canadian which is lower um so it could be that because I'm running in a

Canada east region it's the price is different but you could imagine that if I had this at this cost at uh what did

we say here um at 146 USD to CAD I'd actually be paying $182 so you got to watch out for that

kind of stuff but I'm pretty sure this is what the cost is so just be aware that if you look stuff up in here it's

not necessarily reflective so you got to do a little bit more work to figure that out uh if we wanted to go here uh we

cannot choose the free tier when we're using Linux if we're using Windows I believe we can use it we're working with

Linux today so that's just how it's going to be um for the B1 this is totally fine but we want to utilize

deployment slots deployment slots is an advanced feature of uh the production version and that's the only way we're

going to be able to use it here this is 20 cents per hour again so I don't want to be doing this for too long but I

think what we'll do is before we do that we can just do an upgrade to Dev to prod so we can experience that I'm going to

go and just choose B1 okay so go next um we do not need any application insights for the time being and it will not let

us so it's okay we'll go next review and create and we'll go ahead and create this resource here and I will see you

back when this is done so um our resource Now set up we'll go to Resource and now that we're in here you'll notice

if we hit browse we're not going to see anything because we do not have anything deployed which makes sense right uh so

we're going to actually have to go ahead and deploy something so we are going to make our way over to the deployment

Center and uh it's just going to tell us that we have yet to configure anything and that's totally fine we're going to

go to settings it'll give it a moment and so the thing is is that we're going to need

something to deploy um I did not create an app but the great thing uh is in the Azure documentation they have a bunch of

quick starts here all right and apparently they have one for Ruby as well but today we are looking at python

uh and so they actually have an example repository for us here which is github.com asure samples python docs

hello world and I mean I could go make a repo for you but we might as well just use the one that is already provided to

us so I'm just going to pull this up to show you what's in it it's a very very simple application even if you don't

know anything about building web apps I'm going to walk you through it really easily here okay so we're going to open

up app.py so we are using flask if you've never heard of flask it is a very minimal python framework for creating

web apps uh very uninspiring uh homepage here but it gets the job done it's going to create a default route for us which

uh we have there we're going to call hello here and we're going to have hello world so that's all that's going on here

very very simple and we have our requirements this is our package manager I don't know why python uses txt files

it's very outdated to me but that's what they use and here we have flask all right so we're going to use that

repo and it's a public repo so it should be very easy for us to connect so we'll drop down go to

GitHub and uh the next thing we need to do is authorize GitHub all right so I ran into a bit of trouble there because

I could not uh authenticate my uh GitHub account but you know what I just made another GitHub account so that made it a

lot easier I'm going to go ahead here hit GitHub and we're going to try to authorize it and so now I'm logged into

this new one called exam Pro Dev and we'll go ahead and authorize this application and we're now in good shape

this repository doesn't have anything in it so um if I want to clone something I guess I'll probably have to Fork that

repo so we'll give it a moment to authorize and while that's going I think that's what I'm going to do I'm going to

go and uh Fork the example repo if I can find the link again here uh myself uh I believe

it is that's still authorizing over there I'm still looking for it so it was like

examples or something samples or examples all right so I found a way around the problem I just made a new uh

GitHub account so that's all I had to do um and I just won't be using my primary account until I get my phone back but um

so what we'll do is go hit connect I'll hit authorize and it didn't prompt me

because it already connected to this new one called exam Pro Dev you might have to put your CR itial in here and it's

going to ask me to select some things it's a new account so there are no organizations there are no repositories

there are no branches totally brand new so what I'm going to need to do is get a repo in there so we'll just go ahead and

Fork the Azure samples one so that is azure samples python docs hello

world and if I type that right we're in good shape I'm going to go ahead and Fork this

repository I'll say got it and then I'll move this off screen here this is now cloned you should see it

cloned here and we'll go back here and this probably isn't live so there's no refresh button here so we'll have to hit

discard and we will give this another go here and we will select our organization which is our name there is the

repository uh should be main branch is kind of outdated I'm sorry but it's called Master that's what it is not my

fault that's azure's fault okay um and I think that's it I don't know if we need a workflow configuration file I

don't think so just going to double check here no I don't think so and uh what we'll do is

we'll just go ahead and save that and so now we are set up for deployment

[Music] all right so now that that's all hooked up if we were to go to browse we're

actually still seeing the default page a deployment hasn't been triggered just yet uh so the way it works is it's using

GitHub actions so if we click into our call it main branch I know they got the wrong name but uh we're going to click

into our GitHub workflows and then below here we can see we have a yaml file uh and this is for GitHub actions

integration here and so what it's doing is it's specifying the branch uh what how it's going to uh build going to run

onto bunto latest the steps it's going to do it's going to check it out it's going to set up the python version it's

going to build it it's going to do that stuff and so in order for this to um take action we'd actually have to go

ahead and make some kind of manual change which we have yet to do so e so what we'll do is we'll go back to our

main here and uh it should be as simple as uh just changing something here so it's not

I'm not sure how it's supposed to know that it's supposed to be doing the hello we oh I guess yeah sorry so this means

it's going to Route over to here um so I'm just going to make any kind of change here doesn't matter what it is

just one space we'll go ahead and give it a commit and um if I go back to my latest

commits we should see that I made that change there it is we'll go back over here and this should be

deploying um so if we go over to logs here you can see one's in progress right now okay and so that's what we're

waiting we're just going to see that finish there we could probably open the logs and get some more information there

and so it just brings you back over to GitHub actions and so here's GitHub actions and it's performing the stuff

here so we're just going to give it time here and I'll see you back in a moment so we didn't have to wait too long it

only took 1 minute and 29 seconds if we go back over here um we might need to do a refresh and so we can see this is

reflected over here and so if we go back to it doesn't really matter if we go to settings or here but I'm going to hit

browse and see if my page is deployed it still is not so we do have a small little problem here and it's really

going to just have to do with how the app is serve so that's what we need to figure out next all right so our app is

not currently working and uh there's a few approaches we can take and the thing I can think right away is we should go

in SSH into that instance if you scroll on down here from developer tools you can go to SSH and click this button and

that's going to SSH you right into that machine right away you can also uh access SSH via the

um CLI command so I believe it's like it's like a web app um SSH it'll do the exact same thing

you do that from the cloud shell but that's not what we're doing today I give this an LS in here and we're in Linux we

can see we have our app here and uh what I would do is I would see what's running so I I would do a puma uh or sorry not

Puma PS Ox grep uh python and you can notice that we have a gunicorn that's running so that is where our python

instances are running so you're not looking for flas you're looking for python here and if we wanted to make

sure that was working we just type in curl Local Host um and so that is going to return

up Port 80 so that tells me that because like curl just means like let's go look at that page um it should return some

HTML like print out the HTML to us so that means the app is not running um so what you could do is run flask run and

it's going to start on Port 5000 right so what I can

do is I can go up uh back to my deployment Center here and I'm going to go get that link

here and just ignore the fact that it's working uh it's it's not working right now I know for certain it's not um but

if we do 5,000 that won't resolve because Port 5,000 isn't open so we can't really just uh put 5,000 in there

and the default server here would be 5,000 so if I stop this and I specify Port

80 right then this will start up the app on Port 80 and so now when you go

here okay it will work uh this is not a great way because of course as soon as you kill it here uh technically the S

should stop running um and so you'll run into that step uh so what we need to do is provide a configuration to gunicorn

which is a python thing again it's not so important that you know how like what these things are but the idea is that

you understand as administrator you want to make sure you have an app that runs after you do a deploy and so in this

particular one we need a startup. txt uh and interestingly enough there is a example code by the same author of the

other one we were looking at here I believe it's the same person or it might not be but uh they

have a startup txt right and so in here you can see that it binds on Port 0000 it starts up four workers starts up the

app all right um and so that's something that we can go ahead and do so uh what I

will do is I will go back to my GitHub repository that we have here and I can just go ahead and add a

new file so I'm going to say um add a file create a new file here we'll call it startup.

txt I'm going to copy this command here and paste it in there so gunicorn will bind the workers and startup on the app

um startup app is being ran by uh something here so if I go back here I think they have a startup High here and

that's all that it is doing um I think I want to I could do it this way I suppose let

me just see here there's is a slightly different eh so they actually have like a full app going on

here and I just want a very simple flask app so I think what I can do is put flask run

here Port 80 and that should start up the app there I'm going to go ahead and commit

that file okay and as since I commit that if I go back to my actions it created that

startup file there so it should trigger a build it's queued

up um and I'll just put this tab up here so we'll be back here in 2 seconds and if I give this a nice refresh yeah

you can see it deploys in progress so uh this doesn't take too long we'll just wait close that there we'll just wait a

few minutes we click logs it just opens it back up here and we'll see how that goes all right so uh your deploy may

have finished there but the thing is is that we're not going to really know if uh a change has taken effect unless we

actually go ahead and update our code so what I want you to do is go to your code tab go to your app.py we'll hit edit and

I'm going to go ahead and change this to Vulcan and then we'll scroll on down hit commit

changes and we'll make our way back over to our deployment Center and we'll give it a refresh here and we're just going

to wait until this one is complete and we will double check to make sure that that is changed if it is not we will

take action to fix that okay all right so we just waited a little while there for that deploy to happen and if we go

to our website here it is taking effect so that's all we had to do to get it working so that's pretty good um so that

is uh deployment [Music] so let's talk about deployment slots in

order to utilize this feature we're going to actually have to upgrade our account because we cannot utilize them

at this uh the basic plan here we got to go to standard or premium so let's go ahead and give that an

upgrade uh so here's the B1 we're going to go to production here um and I think yeah we're going to have to choose

this one here uh very expensive so the thing is we going to just upgrade it temporarily unless there's more options

down below that are cheaper yeah these are the standard tiers let's go with this one here

because it's only $80 again we're not going to be doing this for long but I want to show you how to do staging slots

and auto scaling okay so we'll go ahead and apply that there and now it says that it's applied

so if I go back to our app here and we click on deployment slots sometimes it doesn't show up right away if it doesn't

that's not a big deal you just wait a bit but today it's super fast so we're going to go ahead and add a new slot

we're going to call it uh staging we're going to deploy from our production Branch here and I'm going to go ahead

and create that there and we'll just wait until that's done

okay great so we waited a little bit there and uh our slot is created so I'm going to just hit close there and so now

let's go take a look and see if we can actually see the application here so I just clicked into it I click browse and

we're getting the default page so nothing is actually really deployed to it uh so how are we going to do that

that's the the main question here um so what I'm going to do is I'm going to make my way over to the deployment

Center and you can see that it's not configured for the slot so we are going to have to set it up all over again even

though it copied over configuration settings it didn't copy over the code so we go to GitHub we'll choose our

organization again I'm going to choose the repository we're going to choose that main branch again there we're going

to let it add a workflow and notice that this time it's going to call it staging yaml so there'll be a separate workflow

that gets created we're going to go ahead and save that there and what we can do is again click

onto our Branch name there and if we click into our workflows we'll not now notice that we have a staging example

it's the same thing um but it should be able to now deploy so the whole purpose of um these deployment branches is that

it helps us uh we can deploy different versions of our apps but also um it's just a place where we can uh uh view

things before we actually roll them out so we want to make sure 100% that they are working correctly um I don't think

this will automatically push out let me just go to my actions to see if this is deploying notice that we have two

workflows now we have staging here uh and yeah it looks like it's going to deploy here so we'll just wait a little

bit um but maybe what we can do is try to have a a slightly different version uh for each one here okay uh but we'll

just let that finish and I'll see you back in a moment all right so our deploy finished

there so now if we go back to our website here we go browse we should see that application it says hello Vulcan

and if we go and take out this we still have hello Vulcan so how can we have a uh a variant of this so that we can push

out to that so what I'm going to do is I'm going to go back to my application here I'm going to go to code and I'm

just going to make a minor change um I don't say also is that spelled right startup doesn't look correct to me um so

maybe I'll go ahead and adjust that file but it doesn't seem to be affecting anything which is I'm a bit surpris

there so what I'll do is I'm going to go and edit that file and give it the proper name can I rename this file yes I

can so we'll call that startup file I thought we need that for deploy I guess it just works without it which is

nice uh if we go back here I'm going to go and I actually just want to edit my um app here again and I'm going to go

and edit this and we'll say um hello Andor or hello andorians maybe and so if I go back to my actions

the question what is it deploying is it going to deploy the production or the staging and it looks like it's going

going to do both looks like it's doing both here the

one way we could tell is we can go to our logs here and we can see that um so we did to deploy so there's one change

here uh if we go back to our main application and our deployment Center here and we go over to our

logs you can see that they're both deploying so it doesn't seem like it's a great thing that that's how it works so

the question is is then how would we um facilitate that deploy right how could we do that I suppose what we could do is

just make a separate staging Branch um so if I go over to code here um I don't think we can just make

branches through here so what I'm going to have to do is go ahead and oh I can create a branch right here so we'll just

type in staging and we'll go create ourselves a new branch and now we are in this branch and

what I'm going to do is go ahead and modify this and we're just going to call this

um hello Klingons okay we'll go ahead and update that and so this should be a separate

Branch so you think what we could do is go in and just change our settings so that it deploys from that one uh we'll

go back to our deployment slots we'll click into staging here and we need to change our

configuration settings um I think we could just do it from um here hold on here I could have swore

it specified the branch if we go to deployment Center here I think it's set up on that other Branch there I think we

just adjust it here so yeah I think we could just um adjust these settings um we can't discard them but

maybe what we can do is just go in and modify that file so we will go into our code

here and and uh we will go ahead and click into here go into staging and we'll just change what the branch is

called so we'll just say staging and we'll hit start commit and we will save

that and we'll see if it actually reflects those changes there so we will go here and hit

refresh we'll see if it picks up staging now if we go to settings it's not picking it up so um I'm not

sure I don't think perform a redeploy operation we don't want to redeploy so maybe what we'll do is just we'll have

to do a disconnect here because it's collect it has the wrong one here so save workflow file

um okay we'll just go ahead and delete it it's not a big deal we'll just have to make a new one

here we'll go to GitHub we'll choose our uh organization again or repository our staging Branch this time around we'll

let it add one see it says we use an available workflow so we could have kept it there and added it there um and we'll

go ahead and save that so now we'll have two separate branches there and we'll give that some time to deploy because

that will now trigger a deploy off the bat and so I'll see you back here in a moment all right so after a short little

wait here it looks like our app is done deploying so we'll go over here we'll make sure that this is our staging

server is good and we want to see that our production is different perfect so we now have a way to deploy to each one

but imagine that we want to swap our traffic so we're happy with our staging server we want to roll that out to

production and that's where we can uh do some swapping so what we'll do is click the swap button and we're going to say

the source is the staging and this is our Target production and we're going to perform that swap uh right now we can't

do a preview because we don't have a particular setting set that's okay and it's kind of showing if there are any

changes so set of configuration changes we don't have any so that's totally fine as well we'll go ahead and hit

Swap and that's going to swap those two I believe it's has has zero downtime so we will be in good shape if that happens

there and we'll just give it a moment to do that great so after a short little wait

there the swap is complete and so uh if you remember clearly this was our production right

and so if I was to hit refresh it so now say Klingons and if I go to my staging server it should be the other way around

right right good so now imagine that I want to just split the traffic uh that's

something else that we can do um so notice over here we have these percentages here um not sure why it

won't let me change those so maybe I'll have to look into that so I'll be back into so I'm not

sure why it's not showing us that traffic slot there but what I'm going to do is just maybe try to trigger a deploy

back into our staging and maybe that's what it wants to see um so what I'm going to do is go back to my code here

we'll be in our staging Branch here I'm going to go ahead and uh edit this file here and we will just change this to

borans and we will hit update and we will let that go ahead and deploy so if we go to actions here we

can see that it is deploying um and we'll just give it some time okay so see you back here in a bit

I mean the other reason could be that we're just not at the main level hold on here uh if we go back back here to

deployment slots you know what I think it's just because I was clicked into here and then

I was clicked into deployment slots that they're both gray out yeah it is so we can actually do that top level there

doesn't hurt to do another deploy though so um we'll just wait for I'll wait for that deploy to finish and then we'll

come here and uh adjust that there okay all right so let's take a look at uh doing some traffic switching here so

right now we were to go to our production we have Klingons and if we were to uh go to our staging

we have Boran so imagine that we only want 50% of that traffic to show up so what we can do is put in

50% and what I'm going to do is um do I hit enter here or oh sorry save up here there we go um and so what's going to

happen is this should take effect I think right away yep uh and so now we have 50 50 50% chance of getting

something else here um so I'm just going to keep on hitting enter here if that doesn't work we can try an incognito tab

and there we go we got the opposite there and so this is serving up staging right uh and this is serving up

production but they're both on the production URL so that's a way you can split the traffic so uh that's pretty

much all I wanted to show you for deployment slots let's now talk about [Music]

scaling all right so let's take a look into how we can uh do some scaling with our app service this is only available

if you have Beyond standard and or standard and Beyond so standard and premium and Etc so if we just search for

scale we have two options here we have scale up and scale out so scale up is pretty straightforward that just means

to uh make our instance larger and so we already did that when we upgraded from our standard our our B1 over to our S1

here right so if I was to go here and I'm not going to do that but if I was to do that an upgrade um that would be

scaling up right and notice that we're talking about scaling so right now we're limited to 10 instances which is totally

fine but now let's take a look at scaling out so if we go to scale out here and go to Custom Auto scale what we

can do is we can Scale based on a metric so we can add or remove servers based on the demand of the current um web

applications traffic so we only paying for servers when we need them and so we have a minimum of one a maximum of two

that seems fine to me but we're going to add a rule here and I want to scale this on um the maximum time we're going to do

it on CPU uh percentage I just want to have a very easy way to trigger this so we can see a scaling event in action

here it has a maximum of 16% I might just lower that down even further will it let me type in there no so 16% is

what it's going to have to be it's not a big deal but I am going to reduce it down to actually I think sorry I don't

know why I was going here the the metric threshold to scale an action I'm going to put it at 10%

sorry okay so here's that line and so we have uh and I I like how you can drag it but you can kind of have an idea that we

have a high chance of having this um trigger I just want to do this so that we have a a good chance so if I was to

put it here you can notice that it's very easy for us to spike our traffic and and cause a scaling event now I'm

going to set the duration to 1 minute so we have a much higher chance of uh triggering that there okay set a

duration less than 5 minutes May generate uh transient spikes yeah that's fair but I mean I just want to show you

a trigger happen and we need a cool down time probably um and it's set to 5 minutes that's totally fine we're going

to add one and that looks fine to me I'm going to set this to maximum okay and so now we're very likely to trigger that

there we'll go ahead and hit add that uh instance there and so now that we have that we're going to go ahead and save

that and so now that that's there what we want to do is actually trigger a scaling event and so uh where we're

going to see that is under the monitoring tab so if we go to

monitoring and uh what we're going to do is go over to um it should be in sorry I forgot uh the place where we need to go

take a look here is actually in the Run history here so if we go here and check 1 hour we can see how many instances are

running uh and I think if I dial it back here it should show me over time as it changes we do have a scale up event that

has happened which happened I guess four minutes ago um so I guess it gives you kind of an idea of how many instances

are running which right now are two um so maybe our uh maybe our scaling event is not uh in the best uh use case there

because it's happening too frequently so what I'm going to do is go ahead and modify that scaling rule um and so I'm

just going to go back and click here and maybe we'll just make it so it is less aggressive so what I'm going to do is

just change it so it's over the duration of five minutes and I'm going to just put it

right above here so that it goes back to one okay and we'll go ahead and save

that and so now if we go back to our run history here uh it still shows that it has um two as you can see here but I

want to see this drop back down to one so it's going to check every 5 minutes or or within the span of 5 minutes so

what I'm going to do is just uh wait here I'll see you back in a bit until we see a scaling action happens uh here

okay yeah I'm just sitting here waiting for it to scale down and I don't see it going so it makes me think that I need

to go ahead and set a scale uh scale down action let's take look at the one that we currently have uh so this one is

set oh you can see it's still spiked we don't even have anything going on here but what I'm going to do is just be

really aggressive here and I'm going to say when it's um 50%

okay and so here we'll go back here and I'll save that and I just want to see if it scales

down I shouldn't have to set a scale down action should just go Um and what I'm actually going to do is be a little

bit more aggressive I know I'm setting a lot of stuff here but I'm going to just set it to duration of 1 minutes so we

can see this a lot sooner and uh we will go back to our run history here and we'll see if we observe

a scale down all right so um it's not scaling down here but uh I think it's probably because I need to scale out

action so what we'll do is go ahead and add a new rule uh this thing if we go here and we just look at

it um it's not going to decrease it unless we have a scale out action so I don't

think it's necessary for us to set one here I think you get the idea um but that's for scaling so we're all

done here with Azure app Services all we got to do is go ahead and go ahead and delete it so let's go ahead and delete

our app here okay um so there's a few different ways we can do it I'm going to do it via

resource groups um I believe we called it Voyager here so click into that and I'm going to go ahead and delete the

resource Group and here is all the related services and so I will type in Voyager

and there we go great and so yeah there we [Music]

go hey this is Andrew Brown from exam Pro and we are looking at what is infrastructure as code and before we

talk about that we need to talk about the problem with manual configuration so manually configuring your Cloud

infrastructure allows you to easily start using new cloud service offerings to quickly prototype architectures

however it comes with a few downsides so it's easy to misconfigure a service through human error it's hard to manage

the expected state of the configuration for compliance it's hard to transfer configuration knowledge to other team

members and so this is why uh infrastructure code is going to really help us out so um infrastructure is code

commonly abbreviated to IAC and you'll see that a lot in this course allows you to write a configuration script to

automate creating updating or destroying Cloud infrastructure notice I gave great emphasis on automate or aut ation

because that is really key to um infrastructure's code I can also be thought of as a blueprint of your

infrastructure I allows you to easily share version or inventory your Cloud infrastructure and just to kind of give

you a visualization imagine you write a script and that's going to uh provision uh and uh launch a bunch of cloud

services that are all interconnected [Music] okay hey this is Andrew Brown from exam

Pro and we'll be going over Azure automation State configuration Azure automation State configuration lets you

define and enforce the desired state of your Azure VMS uring consistency across multiple machines you can specify

configuration details such as installed software Windows features registry settings and file contents so let's take

a look at the example we have on the right configuration definition simple config the configuration named targeting

the node MVM file creation ensures a file named hello.txt with the content hello azzure exists in the C drive Ure

is equal to present by applying this configuration you ensure that any VM assigned to the MVM node will have the

hello.txt file with the specified content this helps maintain a consistent and desired State across your Azure VMS

so that's a quick overview of azure automation State [Music]

configuration hey this is Andrew Brown from exam Pro and in this section we'll be covering Azure resource manager Azure

resource manager is a service that allows you to manage Azure resources Azure resource manager is a collection

of services in the Azure portal so you can't simply type in Azure resource manager in the search tab it is a

management layer that allows you to create update or delete resources apply management features such as access

controls locks or tags and write infrastructure is code using Json templates we will be examining the

following key components that form the Azure resource manager layer we have subscription management groups resource

groups resource providers resource locks Azure blueprints as well as resource tags Access Control role based access

controls Azure policies and arm templates you can think of azure resource manager as a gatekeeper all of

the requests flow through arm and it decides whether that requests can be performed on a resource such as the

creation updating and deletion of a virtual machine and its arm's responsibility to authenticate and

authorize these requests arm uses azure's role-based Access Control to to determine whether a user has the

necessary permissions to carry out a request when a request is made arm checks the users assigned roles and the

permissions associated with those roles if the user has the necessary permissions the request is allowed

otherwise it is denied the next concept we'll go over is the scope for Azure resource manager

we've briefly covered scope in Azure policy and Azure rbac but we'll go into more detail with them in the following

sections for arm so scope is a boundary of control for Azure resources it is a way to

govern your resource by placing resources within a logical grouping and applying logical restrictions in the

form of rules management groups are a logical grouping of multiple subscriptions subscriptions Grant you

access to Azure Services based on a billing and support agreement resource groups are a logical grouping of

multiple resources and resources can be a specific Azure service such as Azure VMS so that's an overview of azure

resource manager [Music] hey this is Andrew Brown from exam Pro

and in this segment we'll be diving into arm templates so what exactly is infrastructure is code infrastructure as

code is the process of managing and provisioning computer data centers such as those in Azure using machine readable

definition files like JSO n files rather than depending on physical Hardware configuration or interactive

configuration tools you write a script that will set up cloud services for you there are two main approaches to IAC

decare erative here you describe your desired outcome and the system figures out how to achieve it imperative here

you provide Specific Instructions detailing exactly how to reach the desired State arm templates or JSO n

files that Define Azure resources you want to provision and Azure Services you want to configure with arm templates you

can ensure a declarative approach meaning you merely Define your intended setup and the system handles the rest

build remove or share entire architectures in minutes reduce configuration mistake

and know exactly what you have defined for a stack to establish an architecture Baseline for

compliance or over arm templates Empower you to establish an architecture Baseline for compliance achieve

modularity break up your architecture in multiple files and reuse them ensure extensibility add Powershell and Bash

scripts to your templates test using the arm template toolkit preview changes before you create infrastructure via

template see what it will create built-in validation will only deploy your temp templ if it passes track

deployments keep track of changes to architecture over time policy is code apply Azure policies to ensure you

remain compliant use Microsoft blueprints which Forge a connection between a resource and its template

integrate with CI CD pipelines utilize exportable code letting you capture the current state of resource groups and

individual resources and benefit from Advanced authoring tools for instance Visual Studio code offers sophisticated

features tailored for crafting arm templates so as you can see arm templates has quite a lot of

[Music] uses okay so now what I want to do is cover infrastructure as code for Azure

so there are two uh primary ways of doing infrastructures code we have arm templates the arm stands for Azure

resource manager and the other one is azure biceps we're going to focus on the first one infrastructure as a code is

the concept of um uh defining all your infrastructure as code uh and that might be confusing

because that might sound like s the SDK or the CLI and uh it is confusing until you start working with it but the key

difference is that when you use the CLI or the SDK uh to programmatically create resources they don't keep uh track of

the State uh and so that is the key difference between that whereas if you ran a CLI command to create uh let's say

a virtual machine and you ran it again with the same parameters and the same name it would

attempt to create a second um virtual machine whereas with infrastructure is a code if it's already there it's going to

either update it or say hey you can't update it there's already one that exists so the idea is that um uh it's

different in that process or in that sense uh there is a word for it um I believe the word is EP poent I always

have a hard time saying it but um that is the key difference between those programming methods and IC so what I

want to show you is uh arm templates and um arm again stands for Azure resource manager it's part of resource groups so

if we type in arm here we're not going to really get uh a service or anything like that we say Azure or Azure resource

manager okay you're just not going to uh exactly get that because um it is it is something that's there but it really is

talking about resource groups so when you deploy a resour group it will always create an arm template for you no matter

if you do click Ops um you'll always get an arm template and this is something that very different from other providers

so like when you use ads or gcp um when you launch a resource it doesn't necessarily will produce a a

template for you but Azure is very unique in that sense that they will do that so what I want to do is I want to

go ahead and uh explore some things with arm templates so you're very aware of how they work and I believe that uh

there is a way to uh deploy if we type in template here there should be something like deploy a custom template

whoops and that's how you would go about deploying a custom template and they actually already have some common

templates here so maybe we can uh take a look at one as a quick start and try to understand uh what these templates look

like another key difference between other cloud service providers is that it's not very common to write arm

templates by hand um in fact it's very tedious and you would not necessarily want to do it as opposed to ads where

you have cloud formation totally normal to do and that's why um having a layer on top of uh arm makes it so much easier

like using again Azure bicep or ter form but let's go ahead and create a Linux virtual machine here and notice that I

select the template and it has some options here so um what I want to show you here this looks like the usual

process for setting up a um a virtual machine but if we go here we can edit the template and then it's going to

allow us to see what this template looks like so arm templates this is what it look looks like and I believe that uh

they're only Jason I kind of forget Let's go ask chat GPT so are arm templates uh in Azure only Jason or can

they also be yaml the reason why I I don't remember is because I work with a lot of cloud service providers usually

they'll provide both options um but generally uh I always remember that arm templates are only Jason so there is no

yaml support uh for it but of course you could use yaml locally and then convert it over back to Json but anyway so if we

look at this here we have some things we have a schema that describes what the format of this Json should be um we have

some metadata which probably gets autogenerated or is additional U information to attach the template we uh

we have parameters so these are going to be values that we're inputting that allow us to uh make our template

reusable and if we scroll on down um yeah we got variables which is probably um the modification of

parameters and then we have our resources down below here and you know again if you've seen cloud formation

templates or uh deployment manager gcp deployment uh scripts these are going to look very very similar so we we Define

the type for the resource uh we have a name for it then it has its properties uh and then it can depend on other

resources to say what order uh they're performed in but anyway my point is is that uh this is a template and and we

can go ahead and actually uh deploy this template but I'm not that interested in that part of it because this is not that

exciting what's more exciting is what happens when you do click offs so I'm going to go over uh over here and uh

deploy a virtual machine um yeah I I mean we could do virtual machine I'm just trying to think

what's easier maybe we'll go ahead and actually do I've changed my mind we're going to actually go ahead and do uh

storage accounts again I'm still in the free tier and I'm just trying to make things easy for you as well

um and virtu virtual machines will spin up a lot of resources so maybe I don't want something that complicated uh for

this example but what I want to do is I want to launch a virtual uh a storage account and then I want to see how we

can look at the template and maybe we'll attempt to rein import the template and then delete the storage account and

recreate it so I'll go here and I'm going to hit create and we're going to create ourselves a new Resource Group

I'm going to call this Resource Group um o uh my uh arm RG so arm for Azure resource

manager and today it's really thinking I don't know if I'm having internet issues here or if it's just really complaining

or if Azure is slow azure's uh sometimes their UI is not always responsive and we have to give this a name of course we

have to make sure this is very unique so I'm going to say my um storage account a bunch of numbers and then my

initials and it probably has too many letters so it's complaining there we go and I'll just let it choose whatever

region wants we'll have it on standard that's totally fine I'm going to go ahead and go to review where we can see

all of our options looks fine to me we'll go down the bottom hit create and we'll give it a moment here to create so

I'll be back in just a second all right so that deployment is complete and what I'm interested in is checking out uh the

resource Group but notice that when we've deployed this we have our inputs it shows us what we've inputed and we

looked at the uh parameters of a template before so it is creating literally an arm template and then

inputting the parameters it's showing this the outputs of uh that arm template and then here's the template itself so

every time you deploy Azure resources it is creating uh these IAC code for you and that is one of the greatest

advantages of azure as much as I complain about Azure this is one of their really really good features and

there's a few things you could do like it looks like we can add this to our library we can download this we can

deploy it again let's go ahead I usually don't uh fiddle with these too much but we can um import this template and I can

say uh my Resource Group but just remember you could have a lot of resources and really make that uh uh ret

templated I'm going to choose the same um area here and this will just be version 1.0.0 down here I'm going to go

to next it shows me the template next uh we can do some tagging I'm going to ignore that for now review and

create and so now we have our own uh template so that's kind of cool um if we go back to here I'm not exactly sure

where they oh we have to hit create maybe first it's not super clear but uh so that is now uh template has been

saved but where did it save to uh just says it's a template spec it is really taking its time to

load here okay and so we have our template here I'm not sure if we if we typed in

templates here if they up here they I guess they show up under template specs uh we'll refresh this not sure why it

doesn't show up we know that we created it and you know I've said this in other videos where Azure doesn't always

propagate things right away and you have to wait so you have to have confidence and waiting for things to show up in

Azure so even though it's not here I know I created one okay so we go over here it says template uh spec succeeded

so it really really I think it would show up here um and I I really want to prove that it will will show up here

eventually so what I'm going to do is just take a break and I'm going to give it like 10 15 minutes I'm going to give

it a good chunk of time here and we'll come back and see if it appears um just to give you validation and confidence

that patience always uh pays off here in Azure okay all right so I've waited a good chunk of time was just talking to

Bo and um so I'm now I'm back and let's see if it is here we're going to give a refresh and look it's here so I told you

you got to be really really patient with Azure it is really known for being slow for uh some particular resources

and I when I say some I mean a lot so you know just have that patience there but anyway what I want to do is I'm

going to open up another tab we're going to go back over every time I open that new tab and wants me to log in that's

great um but what I want to do is go over to our resource groups and we're going to go into that new one that we

created and what I want to do is I just want to delete this resource here um and I want to see what happens if we attempt

to redeploy our uh template there I assume we're going to have to I mean we don't have to delete this one

but um I just want to move it completely and just try utilizing an arm template so we'll give it a moment there

and oh notice we have an upgrade button this is uh definitely new we might be going through our not sure why it's

appearing all of a sudden I've actually never seen that button before so it's really

interesting and nope I guess it's just maybe after a while they just kind of poke you and over here we're getting our

prompt so um it looks like we're starting to get some spend and you know I said earlier that Azure is really good

about telling us about um alerts and things like that much better than other providers um and so you know here it's

showing in Canadian dollars that uh we've already uh consumed half our spend not sure how I did that because I

haven't really done a whole lot but um what we'll do is we'll try to figure out where that that uh free spend has been

going um still again that's a lot um so maybe it's overestimating that or I left something running maybe that c cluster

is still running I don't think so let's go double check and but anyway I wanted that to

happen so I could go back and show a video of of that kind of stuff because all we created is a couple virtual

machines and some other things yeah we don't have anything else running that should be costing us spend but we'll go

take a look there and see what we can figure out so anyway I'm going to go back here give this a

refresh and um that resource is gone what's interesting is it also got rid of the template why did I get rid of the

template that that was something we created separately and so I guess it was linked to the resource Group and so that

kind of defeats the purpose of us uploading our arm template so that's a shame um I guess what we could do is we

could go and um I don't know uh we could go and use the custom provider and launch a

template but there's not much interest in that so uh I'm not really interested in doing

that yeah I think we're pretty much done here I think we've we' proved the point that Azure is really good at producing

These Arm templates you're not going to want to write them by hand um you can ask CH PT to do it but I again I would

probably not do that myself but I think that satisfies this video for arm templates so we'll see you in the next

one [Music] okay all right so we looked at uh

utilizing arm templates and I think it' also be really great to look at Azure bicep um because that is a more

productive way to write infrastructure as code um and honestly I really like Azure bicep I think it's really really

cool uh so what I want to do is I want to go ahead and go over back to GitHub we looked at creating a GitHub or

creating a repo in GitHub uh back in our SDK video that was a really messy video I'm really hoping that it's not as crazy

as that one but I don't like editing out any of the challenges uh here because I want to give you uh the full idea of of

what it looks like when trying to work through these things but I'm going to do is go over to GitHub and you should of

course go ahead and create yourself a GitHub account has a free tier uh and once you have your GitHub account we'll

make a new repo I'm going to uh drop down uh here and go to exam Pro and of course you'll just have one name here if

I have multiple accounts so there's a lot for me to create stuff in and what I'm going to do is make a new repo

called um Azure bicep example you can call yours whatever you like I'm going to make this public so that you can see

the code uh you can make yours priv private if uh private is available to you there but I going to make it public

because if you want to go find this repo at exampro here and copy it and work with it you can so we're going to go

ahead and use codes spaces and code spaces does have uh free credit usage you could do this locally um on your

local computer but you'd have to install a bunch of stuff uh I like using Cloud developer environments and Azure does

not have one built into their portal um most other ones do but I think the reason why Azure doesn't is because uh

Microsoft owns GitHub and so you could just go over here and use code spaces instead so this to me is like using

Azure okay so we're going to go ahead and create a uh code spaces on Main here and understand as long as the code space

is running we are consuming uh so if you want to stop it you could always go up to the command pallet here and we can

just say uh stop or uh it's code spaces it should be there should be

something here called stop um shut down down I did this the other uh the other

day when we did did that yeah it is code spaces oops it's loading so it's it's bumping things out here but if we go

code spaces there is an option to stop the current Works uh code space so I'm not doing that right now uh I want my

theme to be dark so I'm going to go to this Cog down here go to themes go to color and we'll switch to um GitHub

dark and we'll give it a moment to think because it's a bit slower loading I greatly greatly prefer git pod the

reason I'm using Code spaces is because um the extensions are going to use the official ones with Microsoft and it's

just going to be easier to show you this here in most other courses I use git pod um so anyway once that is loaded and

we uh changed our theme if that matters to you uh we're going to want to do some Azure bicep stuff so on the left hand

side I want you to go to extensions and we're going to search Azure bicep I don't use Azure bicep a lot but I

definitely know how to use it when we need to so I know they have a really good extension for it and it's like it

writes code for you it was it's the nicest experience I've ever had with a um an I uh

tool and this is the thing because Microsoft um built Visual Studio code and you know their they own GitHub they

can have really amazing synergies for developers um so a lot of times I find it easier to work in vs code and use

their extensions to interact with Azure than it is to use Azure portal itself and there are specific services like

Azure functions where you really have to use Visual Studio code so it's it's essential that you get used to using uh

Visual Studio code whether it's local or in a cloud developer environment so I'm installing that this Azure bicep um

extension and this thing will help us write a lot of uh code um uh and it has like templates and other stuff like that

so that's what I want to uh take advantage of it um I don't remember the extension for Azure bicep file so we'll

just go to the Azure bicep website I'm sure they'll have like a quick start and we'll work through it here

together so I want to go here and I just want to know what the extension is it's bicep so that's what it is so we're

going to go here and make a new file we're going to call it main. bicep and something we didn't do before

and this is what I wanted to do in the SDK one but we didn't actually have a use for it is there's probably like an

Azure um like kit Azure tools there we go and this is something you all might want to install a lot of these down

below here see how there's like one for databases resources functions if you install tools it installs all these

other ones you even have one for C tools and um it's possible that uh yeah see like this this one will autocomplete

Azure commands it'll do all sorts of fun stuff even for Azure storage and everything there's something but the

reason we want Azure tools is because we can Azure accounts and this will allow us to quickly log in to our Azure

account remember before we typed in a login and then we had to get a device code and plug that in uh well if we have

this installed uh we can just use the command pallet and log in very quickly and that's what I want to do here so I'm

going to go to the bottom left corner I'm going to pull up command pallet and we'll try to do Azure

signin now to be fair I mean this is not going to do much difference down here but I think it installed the um the C

for us before we had to manually install it right so we'll go here and we're going to have to choose device code we

have signed into Azure Cloud let's try this one first see if that works and then we're going to say uh

just so you know Azure has different ones there's like Azure China Azure Germany Azure US Government so generally

we always want to choose Azure unless you live in one of these other regions and you have to use that one and this is

going to open up and we will sign in we can now close this window and I believe we are now logged into

Azure also notice on the left hand side we have this little Azure icon here in the left hand side it will allow us to

see our resources we can also sign in from here we should be signed in maybe it didn't work I'll try this one more

time extension as your resources wants to sign in we'll say allow maybe it has to sign in separately I don't know we'll

close this there we are so now we see our subscription we are in here which is

great and we can see a bunch of our services um so you know if we had

storage accounts and we do have some storage accounts we can see them here this one I think is for our uh Cloud

shell that's why it starts with cs and it has a random number afterwards if we had virtual machines and other things we

could see them here but yeah working with functions you often use them here um we could also probably right click

this and create a resource and so here there's a lot of ways to uh uh create some stuff we create a resource Group

and and some other particular things but uh yeah that's that's interesting I also wonder if like these are these are

obviously uh things that were installed there could be other extensions that we didn't install like Azure uh machine

learning service or other stuff that could end up showing up there on the left hand

side so I'm just kind of scrolling through here and seeing what might not be installed so Azure container apps was

not installed or maybe it was and it's these other ones that have these little

install words on here but anyway enough about that let's stay on track here and let's write some Azure

biceps so now that we have uh that installed we want to start writing it so I just need to see a little bit of code

to get a reminder here um so yeah if we start typing it should start suggesting and that's is what we want to do is make

a storage account so let's go ahead and start typing that in so I'm going to type in resource uh and so already

notice that it is autocom completing and then uh let's just go check here so the next thing is going to be storage

account and it should autocomplete so yeah I remember this being really good at Auto completing just give me two

seconds and let's go figure that out one sec yeah so I'm looking at it here and it's supposed to just start

autocompleting when we type so I'm not sure why it's not exactly doing that we'll go back here sometimes Visual

Studio code doesn't do what we want it to do which is totally fine storage account and it's not really autocomp

completing so I'm going to go ahead and save this for a second well there it's autocom

completing so resource storage am I typing it wrong is it supposed to be uh with the resources

no no it's this so it's really interesting that it's not autoc completing but we could just copy this

in here okay I just wanted to show you how

powerful it was cuz I was so impressed the first time I I saw it uh writing all the code for me which is um not what the

other ones do that's for sure so we'll just paste this in here and I put a period

here yeah I guess I was expecting a little bit more from it um but uh whatever I guess we'd have to work with

it a bit more to find out again I don't work with it every single day but I am always very excited to use it um but you

know the thing that I want to uh take a look at is let's look at where the actual reference documentation is and so

we'll go to Resource reference here on the left left hand side and I'm really interested to

see uh where everything is so if you know the resource type you can just type it here in the left hand side that's

fine so we have all our resources here on the left and so we are trying to create a storage

account so we can go over here and look for storage account so that be storage and storage

accounts and so here it says to create create a uh to create a resource add the following to your Azure bicep so um just

kind of getting familiar with it it looks like this is going to be its logical name and this is actually going

to define the resource itself and these are all its properties and it looks like there are

some that are required and some that are not so it looks like I think that if we can find this tab back

I think we can name this whatever we want here this doesn't actually have to be called storage account so we can go

here it's just a logical name that we reference within this resource so I can go here and say like storage account AB

it shouldn't matter um what's really interesting up here is that it's going to looks like

it's going to grab the resource Group ID and then what does it do here creates a deterministic hash based on the string

so it uses the resource ID to make a random string and then it's going to say toy launch in the front of it so I don't

want toy launch I'm just going to put in here bicep and so um I think we can do hyphens actually I don't think we can

and so we should get in Azure storage account that's going to be bicep and some random value after this and then up

here this is going to pull in the resource Group now what's interesting is we haven't created a resource Group it

says return the current Resource Group scope so I'm not sure how this is going to work if we don't have an existing

Resource Group but anyway we've written our Azure bicep and we probably want to go ahead and uh deploy this now so we

could probably just type in bicep down below that's probably what the command is nope that's not what it is

um maybe it's what is it I don't know so let's go over to um back over here for a second and let's see what the CLI

commands are oh boy we'll say bicep CLI what is the commands just tell me

what the commands are please we could use the command pallet because they're probably all there like if we're if we

were to go into the command pallet and type in bicep like we get all those commands but I I

really want to know what the um CLI commands are I really thought it would be bicep it is a z bicep of course so

looks like we can do um a bicep and then just specify the template probably main is the default so if we do nothing it

probably will pick that up I'm going to go ahead and type in that and so it's interesting we installed the extension

and we were able to log in but we still don't actually have uh the CLI so it looks like we do actually have to

install the Azure CLI in here which is fine it's always great to get more practice so we'll go ahead and type in

Azure CLI install we'll go to the Microsoft learn website we will scroll to uh Linux we'll go to auntu Debian um

because that's generally what get pod or code spaces or what have you will be using we'll go down look for that one

liner and we'll copy it we'll go back over to um code spaces we'll paste this in hit enter and that'll go ahead and

install the uh Azure CLI now we are logged in in this um uh invidual Studio code and it could be storing the same

credential files wherever on the local machine um so maybe we don't have to necessarily log in twice it might be

also interesting to see where that um that file is so maybe we can go ask chat gbt where does um where does okay so

when you log into the Azure CLI where does store the credentials what folder and file on the

Linux machine that's what we want to know and uh the only thing I don't like

about chbt is that you can't go away from uh this tab while it's generating and then sometimes it just uh

gets a bit slow but it goes out to the Internet so I think that's the reason why it's uh been slower than previous I

like previous mod models where it wasn't out on the internet because it could generate out

faster but uh yeah this one's hanging on me so let's

go to 3.5 let's just ask this one I want it fast okay so it's saying it's in the

Azure folder so that's something that we might want to take a quick look at the Azure CLI is installed I'm going to just

type in a um account um account list and see if we can list our accounts

okay so we are not logged in so us logging in here uh wherever it's storing it's definitely not storing in the same

place but let's go take a look at that Azure profile directory so I'm going to bump up the font a bit I realize it's

really small and I'm going to go ahead and say CD and then make a Tilda that is above your tab key and you have to press

shift to make it it's called a Tilda it's like a little squiggly we'll do a for slash I'm going to do period for a

hidden folder and we're start start typing Azure and so that folder is there we'll hit enter I'm going to do LS to

list out the contents and we have stuff here I can do LS hyphen LA to list it in a nice beautiful list and uh if we don't

want no that looks fine and so I'm kind of interested where it's storing uh that configuration probably in the config

directory so I'm going to just CD into config uh oh maybe it's not a folder I thought that was a folder it is not a

folder Okay so let's do cat to print out the contents cat stands for C Cate I think

and so that doesn't store it does a does the a Json file have it NOP that doesn't have it but to be fair we haven't logged

in yet so maybe the file will appear after we log in so that's okay what I'm going to do is go ahead and type in a

login and we'll say use device code because I believe that's the flag we have to use and we'll go ahead and copy

this link we'll go to the top here and paste it in to one of our available tabs if we have to go back and uh provide

this code and we'll go click next and we'll click on our account we'll say continue

we'll go back over to here and we'll give it a moment to think there we go we are logged in so now what I want to do

is type in LS and looks like there's more stuff there it looks like there is and did we have this before uh

um let's see here 1 two 3 four five six seven 8 nine 10 1 two 3 four 5 6 7 8 9 10 11 12 yeah there's definitely more

stuff here um the new thing that's here is Cloud's config so I'm just going to cat that let's see what's in there so Le

tells us this is our default subscription so we at least know where that's coming from let's cat the config

let's see if anything's Chang in there that's the same let's cat a Jason Json there's still nothing in

there so it'd be really nice to know exactly where it is normally other ones will tell you exactly where they are uh

and you can literally open them up and see see the information there I guess we could also just cat out the session no

nothing so anyway it is stored somewhere where it is I don't know does it really matter no but it's nice to

know exactly where it is so that uh let's say you wanted to delete it off your computer or something but it's

stored somewhere where anyway um we are we should now be logged into Azure so we'll go ahead and type in Azure a bicep

I still feel like it should have told us the commands even if we weren't logged in and I was hoping that it would print

us out the sub commands let's try to do help and see if it actually does that okay so it does you just have to give it

the help flag and so we have a few options we can do build a bicep file um build the bicep pramp file

decompile so like we already have an arm template we could turn it back into a bicep file that sounds really cool I

like that idea format a bicep file you know if there's something wrong with it it could tell us as the format's correct

install uh the bicep CLI which I thought it already was installed let's go ahead and try that first because maybe that's

why I couldn't just type in bicep okay so now what happens if I type in

bicep no so why did I install it if it was already like that um bicep I'm hitting tab autocomplete to see if

anything's there bicep CLI well whatever I mean we kind of still already have it so that's totally

fine so we'll go ahead and type in bicep a uh uh a bicep build and it wants a file totally fine

so we're going to give it a file U build the file build a file and print all of its outputs to SD

out I don't think it matters if we print them out so before we do that I just did control C to uh break that we need to

get back to our main folders I'm doing CD dot dot and I'm doing LS where is this

folder CD for uh Aster for uh forward slash I'm so used to using git pod I can't remember where uh this directory

is I'm just going to scroll up here and take a look it is workspaces okay so to get back to this

folder okay we're going to go to cd/ workspaces I'm hitting tab to autocomplete

and then this one's called Azure bicep um is really not autoc comp completing

here today oh I spelled Azure wrong okay that explains that I'll go fix that in the um the git pod I'll just rename it

but now we're back into here so um typing clear so we're going to go Azure bicep file and we're going to provide it

main TF or I'm thinking terraform bicep we'll hit enter and so that's going to go ahead and build it um is misspelled

or does not recognize is not recognized by the system um okay we'll type in LS I mean

it's right there let's go back and and take a look at the documentation and see what it wants sometimes it might want um

uh like the file information but I don't think so it just shows main bicep I'll copy this command

oh I forgot the word build up here that's why so um it looks like it's now built and so we now have a main Json

we'll take a look here and it's generated us an arm template at least that's what it looks

like yep that's what it is so that looks pretty good um I'm noticing that yeah we have parameters up here so

now we can go ahead and deploy this so builds it see here uh we can build our build pram

file not interested in that generate prams and install the commands to your CLI oh publish maybe that's it the

publish command adds a module to the registry the Azure container registry exists I'm not sure if that's useful I

think that's if we want to reuse a template for later kind of like how we had those template specs I think

okay so if as your bicep just generates out the files I'd imagine that we just probably deployed the regular way using

arm templates so I'll be back in just a moment most other I tools like they'll let you build end deploy but maybe Azure

bicep just compiles out templates just give me a moment yeah so I just quickly asked um chat gbt and yes it did confirm

it I my suspicions were correct AZ your bicep is just draining out the resource template and it looks like we're going

to have to deploy it the regular uh or oldfashioned way here um so now here's a question could we actually use um Visual

Studio code to deploy this so if I right click this um could we deploy somewhere with

this so that's what I'm really curious about let me go find all right so I believe there's a few ways we can do

this of course we could go and just deploy the uh the fashion way by using this a deployment group um I was looking

around myself and I just typed in bicep here and I also noticed that they had um uh a deploy step so maybe it can do a

direct deploy not maybe not through the CLI but maybe it can do it through Visual St the code there should be one

for arm templates in here it's not showing up I mean chat gbt seems to think that it can but maybe there is a

another extension we're missing so let's type in uh azure so we have Azure tools is there one for

developer um let's go back here and take a look so there's one here it says Azure

resource manager oh it's an extens well I thought that'd be installed ready then that would be a really useful one to

have here so we'll say Azure resource manager I thought it was there but I didn't see it on the side so this seems

like a really good plugin this is probably something I'd want to have let's go ahead and install this one 1.5

million views yeah I believe so it's by Microsoft I'm surprised it doesn't get installed with the tools oh it's in

preview okay so I imagine when this is out of preview I bet when you install Azure tools it will uh be installed

there now I've said previously if there's a preview tool you should try to avoid it because it might not be there

in the future um this one I think we can kind of get away with utilizing it it might be the future and it's no longer

in preview so we'll go over back over to here and do we have any changes

here no but if we go into our Command pallet let's type in arm deploy now it was saying that uh that something

we could do aure resource manager uh install this extension type in arm deploy in our

Command pallet did that yeah so it doesn't show up so you know preview feature uh chbt might be

telling us something else we are using 3.5 so it might not be telling us the full truth there and I don't really see

any changes on here so I guess we're not going to worry about that but I would like to try the um the bicep deploy so

we'll type in just deploy here and scroll on down we we have deploy bicep file let's see what happens

if we do that and so please enter the name of the deployment sure we have to name the

deployment good um create a resource Group because remember that we didn't specify Resource Group so we'll have to

create one on the Fly here so let's do that we'll call this my bicep RG RG for Resource Group it's now going to go

ahead and deploy that it says deploy failed uh provider description does not have the resource type resource

groups okay that is something I was not expecting let's

go let's go ask Chacha BT and try to save us some time says check your bicep template file

ensure that you have defined the resources correctly that is not useful um maybe it's because it's not

registered so maybe when we use the CL uh when we use the the UI it will automatically register things when we

use it but we create resource groups all the time so it's kind of surprising if that wouldn't be registered so we'll go

over to our subscription and I'm just going to double check this here but I'm not sure

if it's going to make a difference we'll go over to our yeah we're in our

subscription I'm looking for providers there it is resource providers

sometimes there's like another extra um blade they call these blades over here by the way and so I was getting a bit

confused and so Chachi BT is suggesting maybe resources is not registered which to me seems

crazy oh it is it's right there uh so I'm not exactly sure what it's complaining about the other thing is

that maybe as your BP isn't logged in so I mean that seems like a possible option so maybe we'll just go stick with uh the

usual way which is using the Azure um the this Azure deploy method so I'm going to scroll back up here and we have

this command now we did install in here uh in extensions or I think it it came installed was the Azure CLI and what

that will do is it when we write it out Azure CLI commands I believe it will autocomplete for

us so here's scrapbooks for developing running commands with a CLI create an Azure CLI files and use the following

features oh okay okay so there's actually a thing called an Azure CLI file that's new to

me um but what we'll do is we'll go ahead and we'll just say um new file so we just say

commands and I'll just put that there rename that like that that's what it's saying to do and so you'll say uh deploy

an arm template and we'll go back over here and we'll see if it starts to autocomplete

so we have a uh deploy it's not really completing correctly as just demonstrated we'll go

back over here and take a look at that again so yeah this one says demo. asli they're

making a comment so intellisense for commands and their arguments s and

commands scrapbooks for uh developing running commands in the Azure CLI okay then work properly please maybe

it's not installed oh we have to install it sorry I thought we already had it installed

that's why so we'll go back over here and so now our common is showing up so we'll type a

deployment um I mean we probably want to create right it will have to have a name so

we'll just say my RG my bicep um deployment they'll probably have to have a location

so let's just say probably should place it in the same place as this one this does not have a

particular location so probably default to wherever the resource Group is yep so we say um it's East us there we go

there's probably something else we need I'm not really sure let's go back and see what chat GPT was asking for uh the

template of course um we'll say template and it technically is a

file so we'll go here and say main J Json and by the way we could bring these down onto new lines with this backlash

that allows us to have multiple lines in our bash terminal okay and it also probably wants

the resource groups so we'll go here and type in resource it can't do multi-line

it is not autocomp completing anymore Resource Group maybe we just hit

the limit of it there uh so I I assume that it could handle multi-line but I guess when we're

doing multi-line then uh the Intel sense the auto completion is it can't handle it so we'll go back over to here and I

just forgot what we called that Resource Group we actually did did create one uh but Azure bicep did fail the deploy

because of some kind of permissions or settings so I just want to go quickly find that name again notice that

sometimes in Azure you have to be patient super super super common uh to wait around for Azure um because of

propagations in their UI super common my internet's totally fine it's it's Azure and it's back here says an

error occurred when trying to fetch resources additional details from the underlying API might be help helpful are

we having an issue with service so sometimes that happens so we could like uh Microsoft status

page sometimes that happens and I got to walk away come back to my computer but uh maybe it's not because

my internet seems to be funny so but if that's the case then oh yeah it's me I'll be back in a

moment okay all right so uh my internet should be back here I'm just reopening my

connection here to my code spaces and I'm going to go back over to here and we'll give it a refresh and so I guess

that Resource Group did not create so we do definitely have to create a resource Group first otherwise it's not going to

know what to deploy into and I'm hoping that this uh reconnects or it's still

running so but uh what I'll do here while we're waiting is I'm going to create a new res group I'm going to call

this one my bicep RG and we'll go ahead and review and

create and we'll go ahead and create that we'll go back over to our other tab here I would really like it to reopen

here I'm not sure what it's doing to figure this out going to go at the top just type in

it seems real mucked up here so I'm G have to go back and we'll just have to type in

bicep here it's under exam Pro so I'll drop that down of course you'll only have one

so we'll go into here and let's see if I can find that that previously working code space environment so it's here it

is active I'm going to go back and say open in the browser notice you can launch this IND Visual Studio code

locally or if you want to use Jupiter Labs let's say you're doing something with a or something or machine learning

you could do that so this should open back up our environment there we go that's

great and um so we created that new Resource Group that's called this here so I'm going to go ahead and copy that

and I'm going to paste it into here sometimes it's good to put double quotations around these things I'm not

doing that unless that gives us problems so I think this is everything we need we need to know um the resource Group uh

it's probably recommended to provide it a name we'll have our location and our template file so I'm going to go ahead

and copy this and fingers cross this works uh of course we didn't really look anything up um oh this one says a

deployment group create so maybe we should make sure that's correct but it did autocomplete create

so maybe maybe that's okay well wait why is one deployment group wouldn't that

create hold on we can hover over here and get some stuff manage the AER resource template uh deployment at the

resource Group okay oh that's really cool if you hover over it tells you everything

there well what happens if I take this name out then does this still complete starts a deployment at the

subscription scope so maybe both both Works let's just see what happens it's really nice that it shows everything

like that I really like that we'll go ahead and paste that in we'll hit enter and um it's showing we're missing

an argument Resource Group argument it doesn't like that one starts a deployment creates a

deployment the resource Group okay so here we have a create and then we have starts a deployment the

subscription scope creates a deployment at the resource Group from a local file template so it looks like if we already

have one maybe this one would have created a resource Group for us so what we're going to do is take this one out

as I really thought we needed to have it but I'm going to go and see what happens if we do

this the template resource location at line 12 uh line 17 is not is invalid the template function Resource Group is not

expected at this location um okay it's it's not there I didn't put it in the

template so okay well what I'm going to do is undo and type in group so I guess you

got to be really careful when entering stuff in because it's going to give you some trouble and this one looks a little

bit more normal with the group create so we have template file Resource Group I don't know if it needs a

name so maybe I'll just take the name out and then we'll try this one and we'll hit

enter and unrecognized arguments no location well I mean this one has it and

this one doesn't okay we'll take the location out we'll try this well I guess we don't have to specify a location

because we've already created the resource Group that's why so we'll try this

again making a lot of trouble here but it's a good way to learn this is how you should learn and this is this

is what Cloud's like just goofing around till get till we get it to work and then hopefully it's it's the right way um so

this is going to go ahead and run and we'll wait here I'm not going to make you uh watch watch it here I'll be back

uh here in a moment okay all right after a little bit of waiting um our terminal has produced some stuff for us so it's

suggesting it probably created the resource so we're in good shape let's go back over to Azure and we're going to go

into our bicep RG and we now have our resource so we've success successfully used um Azure biceps so let's go ahead

and delete this Resource Group we are all done here um we're going to go ahead and commit what we have so that uh any

future folks that are trying to do the same thing as us can just go get that code base uh good stuff here go ahead

hit commit sync the changes we'll say okay that will push the changes excellent and I'm going to want to stop

this workspace we'll open up the command pallet we'll say stop uh so say code spaces stop code

spaces stop current workspace there we go and that will stop the current workspace so that is all good right

there um and I'm going to fix the name here because it really should be named correctly so that you can easily find it

in the future just be more patient and make sure you don't make mistakes and try to

fix them the best you can but yeah that is azure bicep and we'll see you in the next one

[Music] okay hey this is Andrew Brown from exam Pro in this segment we'll delve deep

into Azure key Vault a pivotal tool to ensure the security of your Cloud applications and services Azure key

helps you Safeguard cryptographic keys and other Secrets used by Cloud apps and services Azure key VA focuses on three

things certificate management this feature allows for easy provision management and deployment of both public

and private SSL certificates these certificates can be used with Azure and internally connected resources Key

Management this enables the creation and control of encryption Keys used to encrypt your data Secrets management

here you have a secure space to store and tightly control access to tokens passwords certificates API keys and

other Secrets note that certificates contain a key pair which is a combination of a key and a secret this

should not be confused with key management and secrets management which are distinct

functionalities moving forward let's talk about hsms or Hardware security modules these are dedicated Hardware

devices specifically designed to securely store encryption Keys when it comes to adhering to standards we

reference the federal information processing standard or fips this is a guideline recognized by the US and

Canadian government that specifies the security requirements for cryptographic modules that protect sensitive

information in line with fips we have two levels of compliance for hsms fips 104 diminus 2 level two compliant this

compliance level is for multi-tenant hsms where multiple customers are virtually isolated on a single HSM fips

104 minutus 2 level 3 compliant this level on the other hand pertains to single tenant hsms where One customer

utilizes a dedicated HSM in essence as your key vault is an indispensable tool for ensuring that your cloud data

remains both accessible and secure whether you're working with certificates encryption keys or various Secrets Azure

key Vault has you [Music] covered all right let's dive into the

core of azure key Vault The Vault itself a vault is where your secrets and keys reside safeguarded either by software or

by hsms validated to the standards of fips 1004 toin 2 level two Azure key vaults provides two types of containers

vaults these containers support both software and HSM back Keys HSM pools these are specialized containers solely

for HSM back keys to activate your HSM you will need to provide a minimum of three RSA key pairs up to a maximum of

10 and specify the minimum number of keys required to decrypt the security domain called a quorum you do not choose

the container on creation you just choose between standard and premium when you choose premium and create enough RSA

key pairs you will begin to use a HSM pools diving a bit into technicalities Azure key Vault rest API is used for

programmatically managing Azure key Vault resources allowing you to perform operations such as create a key or

secret import a key or secret revoke a key or secret delete a key or secret authorize user or apps to access its

keys or secrets and monitor and manage key usage Azure key Vault rest API supports three different types of

authentication managed identities and identity managed by a a d recommended as best practice service principle and

certificate this method uses a certificate for authentication Service principle and secret a combination of a

user identity and a secret key one feature to note is the soft delete functionality soft delete allows you to

recover or permanently delete a key vault in secrets for the duration of the retention period this feature is enabled

by default on creation mandatory retention period prevents the permanent deletion of key vaults or Secrets prior

to the retention period elaps furthermore enabling Purge protection safeguards your secrets from being

prematurely purged either by users or by Microsoft bolstering the security of your

[Music] Vault next up on our agenda is breaking down the pricing of azure key Vault

knowing how your bill for this service can help you make informed decisions and optimize your costs Azure key Vault

offers two pricing tiers standard and premium the notable distinction between the two is that while both tiers support

software protected Keys only the premium tier allows for HSM protected Keys here's a closer look at the pricing

tiers first 250 Keys regardless of whether you're on the standard or premium tier you'll be built $5 per key

every month 25115 Keys the price drops to $2.50 per key monthly again consistent across both

tiers 1501 to 4,000 Keys the cost further reduces to 90 cents for each key every month 4,000 1 plus keys for larger

key volumes Beyond this point you'll be charged at a rate of 40 cents per key per month Secrets operations both tiers

are priced at three cents for every 10,000 transactions involving Secrets certificate operations exclusive to the

premium tier each certificate renewal request is build at $3 managed Azure storage account key rotation this

service only available in the premium tier is priced at $1 per renewal HSM protected Keys specifically for HSM

protected Keys the pricing is further broken down based on the key types for RSA 2048-bit Keys the cost is $1 per key

per month along with an additional charge of 3 cents per 10,000 transactions for RSA 3072 bit and

4096-bit keys as well as ECC Keys the first 250 keys are priced at $5 per key per month so that's an overview of the

pricing model for Azure key Vault the next topic we'll be covering is double encryption for Azure key Vault

before we dive in let's quickly recap infrastructure encryption for storage accounts by default Azure ensures that

your storage account data is encrypted when it's at rest infrastructure encryption adds a second layer of

encryption to your storage accounts data now let's jump into Azure diss double encryption double encryption is

precisely what it sounds like it's where two or more independent layers of encryption are enabled to protect

against compromises of any one layer of encryption this strategy ensures that even if one encryption layer is

compromised the data remains protected by the other Microsoft has a two-layered approach both for data at rest and data

in transit for data at rest disk encryption this is achieved using customer managed keys and infrastructure

encryption this uses platform managed Keys strengthening the base layer and for data in Transit Transit encryption

using transport layer security 1.2 to safeguard data as it travels through networks and an additional layer of

encryption provided at the infrastructure layer so that's a quick overview of double encryption for Azure

key vault in this section we'll go into detail on the keys and Azure key Vault

when it comes to creating a key in Azure you have three primary choices generate Azure will generate the key for you

import import an existing RSA key that you already possess and restore backup restore a key from backup for Keys

generated by Azure you can use either RSA or EC RSA or rivest shamier Adelman this supports key sizes of 2048 3072 and

4096 bits EC or elliptic curve cryptography here you can select from p256 P 384 p521 or p256 k for Keys

generated by Azure you can set an activation and expiration date additionally you're not bound to a

static version of a key you can create new versions of keys you can also download backups of keys but remember

that backups can only be restored within the same Azure subscription and within Azure key Vault when you have a premium

Vault you'll key options for HSM you can generate either an RSA or EC specifically for HSM or import an RSA

key for HSM as shown in the example now let's talk about Key Management types Microsoft managed key

or Keys managed by Microsoft they do not appear in your Vault and in most cases are used by default for many Azure

services customer managed key are Keys you create in aure key Vault you need to select a key from a vault for various

Services sometimes customer manage means that the customer has imported cryptographic material and any generated

or imported keys are considered cmk and Azure in order to use a key an Azure service needs an identity established

with an Azure ad for permission to access the key from The Vault Additionally you have the option to

implement infrastructure encryption while Azure already encrypt storage account data at Rest by default opting

for infrastructure encryption adds a second layer of security for ifying your storage accounts data even

further the next topic we'll be covering our secrets in Azure key Vault Azure key Vault Secrets provide Secure Storage of

generic Secrets such as passwords and database connection strings key Vault AP has accept and return secret values as

strings internally key Vault stores and manages Secrets as sequences of octets with each secret having a maximum size

of 25k bytes the key Vault service does doesn't provide semantics for Secrets it accepts the data encrypts it stores it

and returns a secret identifier for highly sensitive data clients should consider additional layers of protection

for data for example encrypting your data using a separate protection key before storing it in the key Vault heal

also supports a content type field for Secrets allowing clients to specify the content type of a secret to assist in

interpreting the secret data when it's retrieved note that the maximum length of this field is 255 characters

every secret stored in your key vault is encrypted key vault encrypt Secrets at rest with a hierarchy of encryption Keys

all keys in that hierarchy are protected by modules that are fips 104in 2 compliant the encryption Leaf key is

unique to each key Vault while the root key is unique to the entire security world the protection level may vary

between regions for example chid uses fips 1004 diminus 2 level one and all other regions use level two are higher

diving into secret attributes we have X this is the expiration time after which the secret data should not be retrieved

NBF not before default value is now this defines the time before which the secret data should not be retrieved enable this

tells us whether the secret data can be retrieved or not with its default set to True additionally there are readon

attributes for created an update in order to access Secrets within your application code you can would use the

Azure SDK for example we have a net example in this image here another option is is to use tools like Azure CLI

so that about covers the important details of secrets in Azure key [Music]

Vault hey this is Andrew Brown from exam Pro and in this fall along we're going to be learning all about Azure Vault so

let's get to it so what I want you to do is go on the top here and type in key Vault and here we'll have to go ahead

and create ourselves a new Vault and so from there we're going to create a new Resource Group I'm going to call this

Resource Group my example Vault and then we will make a vault key here so I'll say My Vault example which

is kind of funny because this one's slightly different so you've seen I've done this before so I'm going to do my

example vault as the name here and for the region Us East is fine for pricing we'll keep it at standard soft delete is

enabled um and then there's the option for Purge protection so we are going to enable Purge protection and uh this is

going to play into other follow alongs we'll explain that as it goes but Purge protection does not allow you to uh

Purge things uh easily once it's enabled so what we'll do is go ahead and review and

create and we'll go ahead and go review create and we'll give it a moment here and we'll just wait till it's done

deploying okay all right so after a short little wait our vault is created and so what I want you is go to the

resource and we're going to be using this Vault a little bit in some of the Fall alongs and in some cases not so

much okay [Music] hey this is Andrew Brown and this fall

along we're going to be doing some things with uh keys with an Azure key Vault so what I want you to do is make

your way over to the Keys blade on the left hand side here we're going to generate or slimport a new key we're

going to choose the generate option in terms of naming we're going to call this my dis

key and we are going to choose RSA 2048 that seems totally fine to me everything else seems okay so we'll go ahead and

create that key so we'll give it a moment to create doesn't take too long and then what we're going to do is go on

the left hand side to I am access controls and what we're want going to want to do is add a new Ro assignment so

we can go ahead and start using this uh key so what I want you to do is go and look for key Vault administrator which

is here and we'll go ahead and hit next and then for our uh user we will choose ourself so under user I'm going to

select the members I'm looking for the account I'm using there I am and your brown go ahead and select that there and

so that is all we need to assign it so that we can actually uh work with that key so I think a good idea is to use a

key uh to encrypt a disk so what we'll do is make our way over to dis encryption sets because before you can

encrypt a dis you need to have an encryption set so we'll go ahead and create ourselves a new encryption set

we'll call we'll use the uh sorry the same um resource Crypt so it's very easy cleanup afterwards we'll call this my

disk encrypt set here and in terms of the encryption type we're going to use double encryption because that's much

better you have two keys that encrypted so that's a lot better we are going to choose our vault so we have my example

Vault there's only one option here and in terms of of the key we'll select my dis key terms of the version uh we'll

select the current version we'll go ahead and hit review create and then we will go and create

that and we'll give it a moment to create that encryption set shouldn't take too long here and after a short

little wait uh our resource should be deployed only it took about a minute for me and if we go here it's going to have

this message up here it's very small but it says to associate disk image snapshot this dis encryption set you must Grant

permissions to key Vault so all we have to do is click that alert and will grant permissions and so

now we are able uh to use that key um or like to to we're going to have the permissions issues is solve so what

we'll do is go to type and create a new disk and so we can apply this key to that encryption so we go ahead and

create we're going to choose the same Resource Group here I'm going to call this my example Vault and um or sorry my

example uh dis so that's a little bit more clear than uh that and for the availability Zone doesn't matter for the

source type um it doesn't matter as well in terms of the size we want this to be cheap we're not really using this for

real so we'll use standard HDD and we'll say okay in terms of encryption this is where things get fun we go to double

encryption we choose our key here we'll go ahead review and create and we'll just give it a moment

for that to oh we'll hit create and we'll have to wait a little while here for that create that resource so we'll

just wait until that is created okay and after a very short while the dis is ready so we'll go to that resource we'll

go to the encryption tab to see that encryption is applied so that's all it takes to use a key to encrypt a disk so

we are going to still use some of these accounts there's no clean up yet we go back here and I'll see you in the next

[Music] one hey this is Andrew Brown and this fall along we're learn about backup and

restore key so what I want you to do is go back into the uh Resource Group that we just recently created and we're going

to make our way over to keys so I'm just or sorry we got to get into the Vault first then we'll go over to keys and the

idea is that we have this key here and so um you can see that we have this current version so you can add

additional versions but what's going to happen if we try to back this up so when you back this up you're going to get

this file here and if you open up this file it's going to look like a bunch of gobbly goo so I'm just going to try to

open it here um I have it up off screen here so I'm just trying to open it up within uh Visual Studio code so I'm just

going to open up visual studio code again doing this offc screen here just give me a

moment all right and so this is the file um that we encrypted uh and you take a look here and it's it's doesn't look

like anything but the idea is that it is our backup of our key so that we can repport

that and just taking a look at the key name this is what it looks like so it says my example Vault my dis key then

there's this um uh date and that's key backup so just recognize that's the format and the date is very useful to

indicate when you backed it up so let's go ahead and delete this key because the idea is we want to uh restore that

backup and so we have deleted that key there and uh what we're going to do is we're going to attempt a Resto so I'm

going to go ahead and go occurred while restoring the key the key you're trying to restore already exists

why would it throw that error we've clearly deleted it and the reason why is that we have Purge protection on we did

that in the um first uh first part when we set up this actual Vault here I'm going to just see if we can find the

settings wherever that Purge protection is I'm trying to remember where it is Purge protection is enabled so we can go

here and once you enable it you cannot turn it off it's going to retain it for a certain amount of days um and so all

you can do is soft delete keys so this key is not actually delete yet if you go to manage deleted Keys you can see the

key is over here and if you try to click on Purge it is disabled because we cannot remove the key because we have

Purge protection on but we can recover the key so we'll go ahead and recover uh and so that will allow us to

recover the key and if we refresh here it's going to take a little bit time for that key to

restore so we'll just have to uh wait a little bit and then it will show up here's one other thing I wanted to

show you was under policies because you know um if you go under where's policies here um or access policies if you look

under our user here and we look at the key permissions um there is an option to purge and we don't actually have that uh

turned on right now but if we were to save this and we were to still go to that Purge option it would still say the

same thing so even if you have Purge permissions it does not matter if Purge protections turned on it still will not

let you purge but you would need a combination of those in order to uh you know be able to do things there so to

really show you how to do that recovery I think what we should do I'm just going to delete our old key here because we

don't care about it but we are going to well I guess we could try to import it into the other ones I'm just going to

undo that for a second but we are going to go ahead and create ourselves another Vault so I'm going to go and type in

Vault at the top here and we're going to be a little bit more careful when we create this Vault so we'll go here and

we will choose um my example Vault I'm going to say My Vault no protect and the pricing tier will be

standard one day we're going to leave it or well seven is the lowest and we'll say disable Purge protection because we

don't want to have that enabled and we'll see if we can import the key into another Vault I'm not sure

if we can do that worst case we'll make a new key download the key reupload it but I'm just curious what would happen

if we tried to upload the same key as it's still in another Vault I'm not exactly

sure all right so this deployment is successful I'm going to go to this resource I'm going to go ahead to go to

create and we're going to restore from backup and we're going to take this key and see if we can actually import it

here so it looks like we can take a key and it can exist in multiple vaults I'm going to go ahead and delete this key

and we're going to say are you sure you want to delete this key I'm going to say yes and if we go to manage

Keys We refresh it takes a little bit of time here so we'll just wait a moment for this to uh

prist and after a short little wait like about 2 minutes I refresh and the key is here so if I go here you'll notice the

purges option is still not available we can obviously recover um but we don't have Purge um protection on so if we go

to access policies over here and we'll go ahead and scroll down and select Purge and save our changes we can then

go back to Keys we'll give it a moment to save we go back to Keys we'll refresh it we'll manage our keys and we'll go

ahead and Purge it and that will permanently Purge it there so that's all it takes uh to do that so there you

[Music] go hey Andre Brown and we are talking about encrypted Secret so encrypted

secrets are variables that allow you to pass sensitive information to your GitHub action workflows secrets are

access via the secrets context so that's secret St and then whatever you want your secret is and it has a few

different levels we have the organizational level the repo level and the environment level what you need to

understand is that the lower the level the more it overrides the ones from the top level so if you have a secret called

hello at the organization level and one at the environment level called hello the one at the environment level value

will overtake secret names can only contain alpha numeric characters underscores no spaces so that example

there would be the the case you can't prefix it with GitHub in all caps with an

underscore names must start with numbers sorry I felt like a rumble in my office and that's why I paused uh I think there

was just a big train that went by anyway sorry about that um H there we go names are case insensitive names must be

unique at the level they are created at people don't know I live right beside a train station and my office is in a shed

uh behind my house and the idea is that I have multiple layers to avoid from the train but sometimes there's nothing you

can do about it uh but anyway so we have passing Secrets as input so you can pass Secrets as inputs by using Secrets

context so that is an example there um but I mean like the point is is that you know you could interpolate whatever you

want there to pass it into a custom action and we'll talk about custom actions another video you can pass

Secrets as Nars so that is another way that you could uh do that and why would you do um inputs versus Nars it just

really depends on uh your use case so maybe you have something that is uh a program you're using and it can only use

narss whereas uh with Secrets it's okay to do that on left hand side because of the the way it works but I just want to

point out here we did this in another video but if you want to make that an Nar you'd have to map it like that I

think we did that for something earlier but uh hopefully you know what that is so about how you set a secret so you can

use the uh GitHub CLI so we have a GH secret set which is probably how we're going to do it then we have GH secret

set for a specific environment or at the org level so depending on how you do a flag it's going to be different the

default apparently is repository and you can also specify the repo which we have here you could do that up here as well

if you want to uh but there you go [Music] hey this is Andrew Brown we are taking a

look at the GitHub token secret so the start of each workflow job GitHub automatically creates a unique GitHub

token secret to use in your workflow you can use the GitHub token to authenticate uh in the workflow job uh sounds a bit

repetitive there but let's take a look here and see what we're talking about so I'm going get my pen tool out so it's

very clear um and what I want you to see is that we can say secrets. GitHub token and we can get that GitHub token I also

believe that we can do dollar sign GitHub token for uh environment variables and it will show up as well um

if not we can just map it over as we are doing here if you notice here we're doing that um when you enable GitHub

actions GitHub installs a GitHub app on your repository the GitHub token secret is a GitHub app installation access

token so hopefully that is clear you can also use it with the rest API so here's another example and notice we are

calling Secrets GitHub token with uh this way of interpolating that um so there you

[Music] go hey this is Andrew Brown from exam Pro and in this section we'll be

covering Azure monitor so Azure monitor is a comprehensive solution for collecting analyzing and acting on

Telemetry from your cloud and on premises environments it serves as the backbone for gaining insight into the

performance and health of your applications infrastructure and even the network he features visual dashboards A

visual representation of your data smart alerts intelligent notifications based on specific conditions automated actions

set automation based on certain triggers log monitoring track and analyze event logs many Azure Services by default are

already sending Telemetry data to Azure monitor what is observability it's the ability to measure and understand how

internal systems work in order to answer questions regarding performance tolerance security and faults with a

system or application to obtain observability you need to use metrics logs and traces you have to use them

together using them in isolation does not gain you observability metrics a number that is measured over a period of

time for example if we measured the CPU usage and aggregated it over a period of time we could have an average CPU metric

logs a text file where each line contains event data about what happened at a certain time traces a history of

request that travels through multiple apps or services so we can pinpoint performance or failure look like they

should have called it the Triforce of observability the sources of common monitoring data to populate data stores

order by highest to lowest application operating system Azure resources Azure subscription Azure tenant custom sources

the two fundamental data stores are metrics and logs Azure monitor functionalities insights this can be for

applications containers VMS or other Monitoring Solutions visualize using dashboards views power RBI and workbooks

you can create Rich visual presentations of your data Analyze This involves delving deep into metrics analytics and

log analytics respond Based on data Azure monitor can alert you or even autoscale resources integrate extend the

capabilities by using logic apps or export API for more flexibility overall Azure monitor is a comprehensive

solution vital for ensuring that your applications and services run optimally and any issues are detected and dealt

with properly [Music] the next topic we'll be covering are the

various sources from which Azure monitor collects data application code Azure monitors application insights offers

robust metrics about the performance and functionality of your applications and code you'll get performance traces

application logs and even user Telemetry you'll need to install instrumentation package in your application to collect

data for application insights availability tests measure your application's responsiveness from

different locations on the public internet this helps in assessing the reliability and uptime of your services

nric descriptive data regarding your applications performance operation and custom metrics log store operational

data about your application including page views application requests exceptions and traces you can send

application data to Azure storage for archiving view the details of availability test stored and debug

snapshot data that is captured for a subset of exceptions is stored in Azure storage log analytics agent is installed

for comprehensive monitoring dependency agent collects discovered data about processes running on the virtual machine

and external process dependencies agents can be installed on the OS for VMS running in Azure on premises or other

Cloud providers Diagnostics extension collect performance counters and store them in metrics application insights

logs collect logs and performance counters from the compute resources supporting your application allowing

them to be analyzed alongside other application data the Azure Diagnostics extension always writes to an Azure

storage account while Azure monitor for VMS uses the log analytics agent to store Health State information in a

custom location the Diagnostics extension can also stream data to other locations using aent hubs resource logs

provide insights into the internal operation of an Azure resource and are automatically created however you must

create a diagnostic setting to specify a destination for each resource platform metrics will write to the Azure monitor

metrics database with no configuration you can access platform metrics from metrics Explorer for trending and other

analyzes use log analytics copy platform metrics to logs send resource logs to Azure storage for archiving stream

metrics to other locations using aent hubs Azure subscription this includes Telemetry related to the health and

operation of your Azure subscription Azure service Health provides information about the health of the

Azure services and your subscription that your application and resources rely on

Telemetry related to your Azure tenant is collected from tenant wide services such as Azure active directory Azure

active directory reporting contains the history of sign and activity and audit trail of changes made within a

particular tenant for resources that cannot be monitored using the other data sources write this data to either

metrics or logs using an Azure monitor API this will allow you to collect log data from any rest client and store it

in log analytics in the Azure monitor metrics database [Music]

Azure monitor is integral to maintaining the health and performance of your applications and resources collecting

two fundamental types of data logs and metrics Azure monitor logs collects and organizes log in performance data from a

variety of monitored resources data consolidation logs can be pulled from diverse sources such as platform logs

from Azure services log and performance data from Agents on Virtual machines and usage and performance data from

applications workspaces all these logs are organized into workspaces providing a centralized repository for in-depth

analysis query language Azure monitor logs offers a sophisticated query language which can quickly analyze

millions of Records making it an ideal choice for complex data analytics log analytics you can interactively work

with log queries and their results using azure's log Analytics tool in contrast Azure monitor metrics collects numeric

data and organizes it into a Time series database here's why that's important numeric dat data metrics are numerical

values captured at regular intervals they are a snapshot that describes a particular aspect of a system at a

specific Moment In Time lightweight metrics are designed to be lightweight allowing for near realtime data analysis

this makes them particularly useful for alerting and the rapid detection of issues metrics Explorer the metrics

Explorer tool allows for interactive analysis of metric data providing a more immediate understanding of your system's

performance and health [Music] the next topic we'll cover are the data

retention and archive policies of azure monitor logs this is an important aspect of your monitoring strategy as it allows

you to control how long your data remains stored and accessible by default in the Azure portal you can set this

retention time anywhere from 30 to 730 days for the whole workspace if you want you can also specify different storage

durations for certain tables within your workspace letting you manage different types of data as needed this gives you

the flexibility to meet any business or regulatory rules about data storage however note that to tweak these

retention settings you have to be on the PID tier of azure monitor logs to set retention and archive policy by table

why navigate to the Azure portal and go to the log analytics workspace where the data is stored two under the settings

section select usage and estimated cost three then select data retention for in the data retention blade you can modify

the retention period for each table by default fault it is set to 31 days but you can extend it up to 730 days five

for archiving data you can use Azure data Explorer which lets you retain data beyond the 2-year limit and gives you a

highly scalable analytic service so that's an overview of the data retention and archive policies of azure monitor

logs you'll most likely encounter a question related to this on the exam so be sure to know

[Music] this hey this is Andrew Brown from exam Pro and in this section we'll be

covering Azure log analytics so log analytics is a tool in the Azure portal used to edit and run log queries with

data in Azure monitor logs log analytics processes data from various sources and transforms it into actionable insights

it ingests data from Azure monitor windows and Linux agents Azure services and other sources once the data is

collected you can use log analytics query language to retrieve consolidate and analyze the data log analytics uses

a query language kql now we'll go over some of the benefits of log analytics centralized

log management collect and analyze data from multiple sources both on premises and in the cloud in a centralized

location powerful analytics utilize the custo query language to run Advanced analytics on large amounts of fast

streaming data in real time custom dashboards create custom dashboards and visualizations to display real time data

and Trends integration seamless integration with other Azure services and Microsoft solution Solutions such as

powerbi and Azure Automation and alerting set up alerts based on specific criteria to proactively identify and

respond to potential issues before they affect your users log analytics workspace is a

unique environment for Azure monitor log data each workspace has its own data repository and configuration and data

sources and solutions are configured to store their data in a particular workspace so that's an overview of azure

log Analytics [Music] the log analytics agent is a lightweight

agent that can be installed on Windows and Linux machines to collect and send log data to Azure monitor it provides a

way to centralize logs from various sources and enables the analysis of the data using tools like Azure monitor logs

Azure dashboards and Azure monitor workbooks the agent can collect logs from various sources including Windows

event logs custom logs performance counters and CIS log it supports both agent-based and agentless data

collection ction and can be configured to collect data from on premises and cloud-based

environments the log analytics agent is set up to monitor certain Windows event logs like security system or application

logs the data from these logs is then gathered and sent to log analytics for analysis using queries and

visualizations the log analytics agent is set up to monitor CIS log servers or network devices it collects data from

these sources and sends it to log analytics allowing for detailed analysis and troubleshooting both methods for

colle cting log data allow for centralized management and Analysis of log data from multiple sources which can

help to improve visibility and streamline troubleshooting and issue resolution you can expect to see a

question related to log analytics agents and choosing either Windows event logs for a Windows agent or CIS loock for

Linux agent on the exam the next topic will be covering our application insights application

insights is an application performance Management Service and it's a subservice of azure monitor APM is all about the

monitoring and management of performance and availability of software apps it strives to detect and diagnose complex

application performance problems to maintain an expected level of service so why use application insights automatic

detection of performance anomalies application insights automatically identifies performance anomalies in your

system powerful analytics tools it comes with robust analytics tools to help you diagnose issues and understand what

users do with your app continuous Improvement it is designed to help you continuously improve performance and

usability of your applications platform agnostic it works for apps on net node.js Java and python hosted on

premises hybrid or any public Cloud devops integration it can be integrated into your devops process and mobile app

monitoring it can monitor and analyze Telemetry from mobile apps by integrating with visual studio app

center to use application insights you need to instrument your application this involves installing the instrument

package or enabling application insights using the application insights agents were supported there are many ways to

view your Telemetry data apps can be instrumented from anywhere when you set up application insights monitoring for

your web app you create an application insights resource in Microsoft Azure you open this resource in the Azure portal

in order to see and analyze the Telemetry collected from your app the resource is identified by an

instrumentation key what does application insights monitor request rates response times and

failure rates dependency rates response times and failure rates exceptions page views and low performance aex calls user

and session counts performance counters post Diagnostics diagnostic Trace logs and custom events and

metrics where do I see my Telemetry smart detection and manual alerts application map profiler usage analysis

diagnostic search for in data metric Explorer for aurated data dashboards live stream metrics analytics Visual

Studio ET overall application insights is a comprehensive APM service that offers

automatic detection of performance anomalies powerful analytics tools and is designed to help you continuously

improve performance and [Music] usability in this segment we'll delve

into the topic of application insights instrumentation so what is instrumentation in simple terms it's a

way to make your application smarter by adding a few lines of code or in some cases none at all you can monitor how

your app performs and where it might be running into issues you instrument your application by adding the Azure

application insights SDK and implementing traces in the case of a node.js application you can install the

Azure application insights SDK using mpm with the following command and PM install application insights hyphen save

application insights this is the name of the package you are installing which is azure SDK for application insights pyth

and save this flag saves the package as a dependency in your package.json n file here this piece of code lets you

configure what you want to collect Azure supports the following languages net Java python node.js

JavaScript Auto instrumentation allows you to enable application monitoring with application insights without

changing your code this table shows which Azure Services support application ins sites and in what programming

languages the services range from Azure app service on Windows and Linux to Azure functions Azure spring Cloud Azure

kubernetes service and more GA General availability meaning it's fully supported and ready to use public

preview still being tested but you can use it not supported you can't use application insights here through agent

you need to install a special piece of software to use this service o NBD on by default meaning the feature is

automatically enabled through extension available but needs an extension to work we won't go through the entire table but

we'll give a few examples for applications written in.net and hosted on Azure app service on Windows

application insights is generally available and enabled by default for applications written in Python and

hosted on Azure functions application insights is available and enabled by default but for dependencies monitoring

you will need to use an extension so that's an overview of application insights instrumentation

[Music] hey this is Andrew Brown from exampro and in this section we'll be covering

Microsoft Sentinel formerly known as Azure Sentinel Microsoft Sentinel is a scalable Cloud native solution that

encompasses two key functionalities security information event management this is all about

collecting and analyzing security related data to provide real-time analysis of security alerts generated by

applications and network Hardware security orchestration automated response

this refers to the collection of tools that enable an organization to Define standardize measure and automate

responses to security events Microsoft Sentinel delivers intelligent security analytics and threat intelligence across

the Enterprise providing a single solution for alert detection threat visibility proactive hunting and threat

response with Microsoft Sentinel you can collect data Cloud scale across all users devices applications and

infrastructure both on premises and in multiple cloud clouds detect previously undetected threats and minimize false

positives using Microsoft's analytics and unparalleled threat intelligence investigate threats with

artificial intelligence and hunt for suspicious activities at scale tapping into years of cyber security work at

Microsoft respond to incidents rapidly with built-in orchestration in automation of common

tasks Microsoft Sentinel comes with a number of connectors for Microsoft Solutions such as Microsoft 365 defender

office 3 365 Azure ad or Microsoft enter ID Microsoft Defender for identity and Microsoft Defender for cloud apps you

can use common event formats CIS logit rest API Windows event logs common event format and trusted automated the

exchange of indicator information one notable feature of Microsoft Sentinel is the ability to

create Azure monitor workbooks workbooks provide a flexible canvas for data analysis and the creation of rich visual

reports within the Azure portal they allow you to tap into multiple data sources from across Azure and combine

them into unified interactive experiences it tells a story about the performance and availability about your

applications and services workbooks are temporary workspaces to define a document like format with visualization

intertwined to help investigate and discuss performance Microsoft Sentinel uses

analytics to correlate alerts into incidents incidents are groups of related alerts that together create an

actionable possible threat that you can investigate and resolve Microsoft Sentinels Automation

and orchestration solution provides a highly extensible architecture that enables scalable automation as new

technologies and threats emerge built on the foundation of azure logic apps includes 200 plus connectors for

services Microsoft Sentinel also offers deep investigation tools that help you to understand the scope and find the

root cause of a potential security threat you can choose an entity on the interactive graph to ask interest in

questions for a specific entity and drill down into that entity and its connections to get to the root cause of

the threat additionally Microsoft Sentinels powerful hunting search and query tools

based on the miter framework enable you to proactively hunt for security threats across your organization's data sources

before an alert is triggered after you discover which hunting query provides high value

insights into possible attacks you can also create custom detection rules based on your query and service those insights

as alerts to your security incident responders while hunting you can create bookmarks

for interesting events enabling you to return to them later share them with others and group them with other

correlating events to create a compelling incident for investigation lastly let's talk about

pricing Microsoft Sentinel has two different pricing models capacity reservations this involves being build a

fixed fee base on the selected tier enabling a predictable total cost for Microsoft Sentinal pay as you go with

this option Bill per gigabyte for the volume of data ingested for analysis in Microsoft Sentinel and stored in the

Azure monitor log analytics workspace and there you have it a comprehensive look at Microsoft Sentinel

a robust seam and Source solution that can help protect your organization's infrastructure applications and

[Music] data let's take a closer look at custo and it's query language so Azure monor

logs is based off of the Azure data Explorer and Along came with it is the custo query language also known as kql

and this is the way we're going to uh filter and uh sort and do things with our logs so custo is based on a

relational database management system and it supports entities such as database tables and columns as also has

this thing called clusters and uh kql actually has a lot of utility in Azure because it's not just in monitor logs

and data Explorer you can use it in log analytics log alert rules workbooks dashboards

logic apps Powershell Azure monitor log API so it's definitely something you're going to be using across the board in

Azure and so they have some basic operators um uh or they have lots of operators that you can use so you can do

calculated columns searching and filterings on rows Group by agates join functions and we're going to be looking

at a lot of the operators in more detail after this slide here uh but anyway uh the queries execute in the context of a

custo database that is attached to a custo cluster and we will we'll talk about clusters database tables and

columns up [Music] next let's take a look at what makes up

um something for custo and so we have a bunch of entities here clusters database tables columns and functions and so I

have this nice visual to help us uh kind of see how they all work together so at the top we have clusters and these are

entities that hold multiple databases you can also have multiple clusters um but it's just not being shown there in

that graphic then you have the databases themselves these are named entities that hold tables and store functions you have

tables these are named entities that hold data and a table has an ordered set of columns and zero or more rows of data

each row holding one data value for each of the columns of the table then there are the columns themselves and these are

named identities that have a scalar data type columns are referen in the query relative to the tabular data stream and

that is the context of the specific op operator referencing them then we have stored functions and these are named

entities that allow reuse of custo queries or query Parts uh and then you got these external tables and these are

tables that uh live outside of your cluster uh I think that they're uh you're referencing them from uh storage

accounts and they're in Blob storage so they I think they could be like CSV files and stuff like that but these

external tables are used for exporting data from custo to external storage so storage uh storage accounts as for

quering external data without ingesting it actually into custo so hopefully that gives you an idea the lay of the Land

There

Ultimate Guide to Azure DevOps Certification Course: Pass the Exam with Confidence

Introduction

What is Azure DevOps?

Key Features of Azure DevOps

Course Content Overview

The Certification Pathway

Recommended Study Plan

The Exam Structure

Tips for Passing the Exam

Conclusion

Related Summaries

Unlocking Azure DevOps with the A400 Certification: A Comprehensive Guide

Essential Tips for Passing the Excel 2019 Exam

Docker for Beginners: A Comprehensive Guide to Containerization

Unlock Your Career Potential: Six Companies 30 Days Challenge for Job Seekers

Unlocking the Power of Go: A Comprehensive Programming Course for Beginners

Most Viewed Summaries

Mastering Inpainting with Stable Diffusion: Fix Mistakes and Enhance Your Images

A Comprehensive Guide to Using Stable Diffusion Forge UI

How to Use ChatGPT to Summarize YouTube Videos Efficiently

Ultimate Guide to Installing Forge UI and Flowing with Flux Models

Pamaraan at Patakarang Kolonyal ng mga Espanyol sa Pilipinas

Start Taking Better Notes Today