How to Leverage the Strength of Branch Policies

Create branch policies to tie your branch, pull requests, and build into a powerful automated experience

Branch policies can act as a sort of glue to combine a branch, a build, and pull requests. Many options are available to you when configuring branch policies. First, make sure you require a pull request. Next, you’ll need to create a build in Azure DevOps to leverage when configuring a build policy.

Make sure you have at least one reviewer:

Require a minimum number of reviewers for pull requests
Require a minimum number of reviewers for pull requests

Pull Requests are required and at least one approval is needed to complete them.

A build policy can be added too. Let’s do that. Click the Add build policy button and fill in the form:

Add build policy
Add build policy

The build pipeline is specified. The trigger should be Automatic. The build should be required and have an expiration. Give your build policy a name that describes its purpose. In this case, I called it Develop-Build-Policy.

Now, let’s look at other configuration options. One option is to Limit merge types. I will choose Squash Merge to help keep my Git history clean. I’ll also add myself as an automatically included code reviewer.

Branch policies setup
Branch policy setup

With a build policy added, we have an automated build set up to run after a pull request is created. When a feature branch needs to merge to develop, a pull request is required. When a pull request is created, the automated build will run. The pull request cannot be completed (which would cause a merge to the develop branch) until it receives approval from at least one required approver and the automated build succeeds.

Pull Request Policy status
Pull Request Policy status

Assuming the in-progress build succeeds, I could approve this pull request which would allow it to complete. After completing the pull request, the code in my feature branch would merge to the develop branch.

How to Create Build Pipelines in Azure DevOps

How to create build pipelines in Azure DevOps

DevOps has been a Huge advantage when creating enterprise software but, even small projects can benefit from DevOps. This article will describe how to create build pipelines in Azure DevOps.

DevOps is the union of people, process, and technology to continually provide value to customers.

Microsoft, What is DevOps?

Microsoft’s Azure DevOps can make it super simple. It not only includes source code repositories and a superior bug tracker. Leverage powerful pipelines to build and deploy applications. They can be configured to trigger a build on each code repository check-in. Azure DevOps makes it a simple process to leverage continuous integration options for small projects.

First, you will need to set up your branch in Azure Repos. Not sure how? Check out the previous post about how to require pull requests in Azure Repos.

Create a New Pipeline

We have Azure Repos set up with a master branch and a develop branch. The develop branch requires a pull request. The next thing we’ll do is create a build.

First, we need to create a new pipeline. Navigating to Azure Repos > Pipelines we can see there are no pipelines:

new Build Pipelines in Azure DevOps
New pipeline

Click the New pipeline button to start the process of creating a new pipeline. First is the Connect tab where you need to tell Azure DevOps where your code is located:

Where is your code?
Where is your code?

Select Azure Repos Git for this example since our code is in a Git Repository in Azure Repos.

After the connection is set up, the workflow will move to the Select step where you need to select a repository:

Select a repository
Select a repository

This one is easy for me – I only have one set up. Choose the desired repository. The repository should include the code that you wish to build with this pipeline.

After selecting a repository, you must configure your pipeline. There are a lot of templates available. Here is just a few:

Configure your pipeline
Configure your pipeline

I created a React app and will use the npm tool to run npm scripts. After selecting the tool, the yaml file will display. I made changes to it to support running the necessary npm scripts in my react app:

trigger:
- develop

pool:
  vmImage: 'ubuntu-latest'

steps:

- task: Npm@1
  inputs:
    command: 'install'
    workingDir: '$(Build.SourcesDirectory)/react-app/'

- task: Npm@1
  inputs:
    command: 'custom'
    workingDir: '$(Build.SourcesDirectory)/react-app/'
    customCommand: 'run build-test-ci'

Now click the blue Save and run button to the upper-right. This will display a form:

Save and run a build
Save and run a new build

This will add the azure-pipelines.yml file to the develop branch and run the build.

Azure DevOps Pipelines build in progress
Azure DevOps Pipelines build in progress

Assuming the build succeeds, you have a build that you can leverage in various automation scenarios.

A Simple Overview of Azure’s Global Infrastructure

View the basics of Azure’s Global Infrastructure including geographies, regions, and availability zones from Microsoft Learning

Azure's Global Infrastructure including Geographies, regions, and availability zones
Learn more from Microsoft Learning

Require Pull Requests in Azure Repos

Pull requests offer another layer of defense against poor quality code. Enforcing them with Azure Repos is easy. Here’s how.

Git Repository

First, set up a Git repository in Azure DevOps. The user interface is generally straightforward but Microsoft describes how to create a new Git repo if one has not already been created for you.

Cloning the repository takes the usual steps – using the command line or GUI tools in Visual Studio or VS Code.

Now you are ready for your first commit.

A default branch is available with Azure Repos. It is called master. You’ll want at least one more. You will push code to the new branch during development.

To create the branch, navigate to Branches in Azure DevOps and select the button New branch:

A form will appear where further information about the branch can be specified:

  1. You’ll be able to name it. I would call it dev or develop – something that describes the nature of the branch and its purpose without being too long.
  2. It needs a Based on branch – the contents in the branch will be copied to your new branch.
  3. You may have the opportunity to link a work item. This is optional but worth it for tracking purposes.

Pull Requests

Don’t push code without it being reviewed. Pull Requests are the next line of defense before code enters a branch.

This is simple to set up in Azure DevOps. From the branches list in Azure Repos, click the ellipses next to the desired branch (in this case, develop) and select Branch Policies.

You will be taken to a screen with a lot of options. There is one checkbox to require pull requests:

From now on code will be entering the branch through a pull request.

Before writing code, create a feature branch off develop. Perform commits and push your feature branch. When you are ready to add your code to develop, create a new pull request and choose your feature branch. Make sure you create a pull request for the develop branch.

To do that, make sure the develop branch is selected in Azure Repos. Your new feature branch should display with a note that it’s available to add to develop with a pull request:

Simply click the Create a pull request link to start the process. Any automated build can run if a Build Policy is set for the develop branch. We’ll discuss that in a separate article.

On Multiple Deploy Environments

Why deploying to multiple environments is a must for enterprise software systems to leverage software automations with docker deployment environments in Azure

Azure makes it easy to create multiple deployment environments. Each environment should be as close to the production environment as possible. Which Azure can help with too.

The pairing of developers and operations (DevOps) is key to success. Doing what is necessary to create this pairing is largely a cultural concern – if folks won’t get along, the pairing will be less than fruitful. Also, if an organization doesn’t encourage cooperation, there’s no hope.

Culture isn’t the only battle. Finding the balance between responsibilities can be a challenge for many organizations just starting to apply DevOps principles. One straightforward way to look at it is: operations is an end-user of a developer’s deliverable. This means, while operations need to do their part in setting up a viable environment, developers need to be able to deliver a system that will work with that environment.

A great way to do this is by testing. It sounds simple enough to me. But when it comes to execution, it can be challenging. Developer machines are rarely equivalent to the environments a system is deployed to. Environments are often different between testing and production.

How can this be overcome?

Creating multiple deploy environments is key. This means getting developers and operations in sync as early as possible. Using deployable containers such as what is available with Docker can help reduce the differences between environments to practically zero. Creating deployment environments can further strengthen the trust between developers and operations. Read more about how you can get started by creating a static website using Docker.

What environments should be created?

There are three areas that need to be covered: Development, Testing, and Availability. This is best represented using five environments.

Development

When developers make their changes locally, they should be testing locally. This is a typical process that should be happening multiple times per day. However, with a development environment, changes can be deployed to a server for development testing. This could be nightly or better yet, each time a pull request is submitted. Testing a pull request is important before it can be approved.

QA

When a pull request is approved, it will likely not continue directly through to the QA environment. There should be a gate controlled by the QA (Quality Assurance) team. If they are ready, they can open the gate allowing deployment to the QA environment. This is where testers will dig into the site manually and run their own automated tests to ensure the system is ready for user acceptance testing.

UAT

UAT (User Acceptance Testing) is a testing phase that includes real users using the system in real-world scenarios. During this phase, the users will need an environment of their own. When the changes are approved, the system is deployed to the Staging environment.

UAT is often combined with either QA or Staging environments. In this article, we separate them. Learn more about the Staging environment next.

Staging

The Staging environment is where the last preparations are made for a move to production. Final checks – and double-checks – are made here. With certain deployment setups, this environment is actually the new production environment. Flipping the switch would make this environment the new production environment, and the old production environment would then be the new staging environment.

Production

When the system is in production we are far past the point of no return. The code is “in the wild” and real users are using it in real situations that have real impacts. In some deployment setups, this may be the old staging environment.

It is important that these are distinct environments meaning each environment has the correct version of the system and that the operations and data are separated from other environments. For example, we don’t want to push a button in Staging and cause code in QA to execute and modify data in UAT. This is a severe example and Azure makes it easy to avoid.

It is also important that each environment (Development, QA, UAT, Staging) is as similar as possible to the production environment. We want our systems to be tested thoroughly to be sure users in production receive as much of the business value as we invested in the system. “Similar” means machine resources are similar, system distribution is similar, etc. While each environment may have slightly different code as development progresses, they are otherwise the same. Again, this is easier to accomplish with container technologies such as Docker.

Azure makes it easier to set up and manage these environments. Create guarded continuous integration pipelines that allow safe code to enter production.